On Jun 30, 11:32 pm, Graham Dumpleton <[email protected]> wrote: > 2009/7/1 Adam Yee <[email protected]>: > > > > > > >> If that is all you have for the configuration, then the VirtualHost is > >> probably redundant. This is because you don't have ServerName and so > >> host based URLs wouldn't map to the VirtualHost anyway. The only it > >> would map to that is if that was the only VirtualHost in the > >> configuration and as such was being treated as the default virtual > >> host for the server when host based names don't match to any actual > >> VirtualHost. > > > Ok. > > >> Anyway, for starters, I would suggest you disable SELinux altogether > >> as if that is not configured properly, likely that nothing will work. > >> So, do that and see what happens. Or at least confirm when it is > >> disabled or not. It is mentioned in logs though. > > >> Graham > > > I did disable SELinux after a first try of setting SELINUX=permissive, > > but that didn't work. Further investigation, suEXEC also deals with > > security of scripts and user permissions. I found out that I needed > > to change the USER and GROUP for the server (same thing if in > > virtualhost, declare USER and GROUP as the user instead of 'apache'). > > After that, the script was accessible. Just out of curiosity, I tried > > re-enabling SELinux (enforcing policy), but that gave me a 500 error > > instead of 403. In the end, it will work with either permissive or > > disabled. > > The mod_wsgi module doesn't use suExec. That you had to change > User/Group possibly means that Apache user didn't have permission to > read directory where WSGI script file was located. > > You should probably put back User/Group to what they were and make > sure the WSGI script file directory and script file itself readable to > others. Any parent directories back up to root would also need to be > readable to Apache user. > > Graham
You're right, /adam wasn't allowed readable or executable for others --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "modwsgi" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/modwsgi?hl=en -~----------~----~----~----~------~----~------~--~---
