Re: SuspiciousOperation exception on ImageField upload
Here you're trying to upload to a directory, whose path starts with a / : /images. On *nix, / means system root. Obviously your django process does not have permission to write there unless you set that up so. You should remove the leading slash in your upload to path. Your files will then upload to your media root. Then make sure that your Web process has: . write access to the MEDIA_ROOT/images directory (unless the user is the owner of MEDIA_ROOT, it won't have permission to create a directory.) . Execution permission on all the directories (not the files in there) leading to MEDIA_ROOT: Execution permission on a directory means traversal permission. Don't just chmod -R 777 your way out of this kind of problem, you're going to create major security holes. Le 18 juil. 2012 17:39, "Sithembewena Lloyd Dube" a écrit : > Hi Binny, > > Your problem sounds like one I had months ago. I got this response at the > time: > > You need to make sure that the same process running your python > interpreter has write permissions to your media directory. > > From StackOverflow: > "The process that is running your Python interpreter doesn't have > permission to write into the media directory. You'll need to either chgrp > or chrown the media directory to the same group as your Python process, > and ensure you have at least g+rwx on directories and g+rw on files." > > http://stackoverflow.com/questions/5543641/django-media-upload-errno-13-permission-denied > > > > On Wed, Jul 18, 2012 at 9:12 AM, binny wrote: > >> But i want to upload to following path.. >> >> /usr/local/apache2/htdocs/goibibo/travelibibo/static/refundsReports/%Y%m%d >> >> And the first back slash is must. I can't remove that. So please let me >> know how can i handle this case. >> >> Thanks, >> Binny >> >> >> On Tuesday, August 19, 2008 6:17:16 PM UTC+5:30, Jon Atkinson wrote: >>> >>> Hello, >>> >>> I'm trying to work with a model which accepts a logo image upload via >>> an ImageField. My a cut down version of my model is below: >>> >>> class Promoter(models.Model): >>> name = models.CharField(max_length=**100) >>> logo = models.ImageField(upload_to="/** >>> images/promoters/%Y/%m/%d/") >>> >>> When I try to upload the logo via the built-in admin interface, I get >>> the following error: >>> >>> SuspiciousOperation at /admin/promoters/promoter/add/ >>> Attempted access to '/images/promoters/2008/08/19/**kitten.jpg' denied. >>> >>> In settings.py, my MEDIA_ROOT is set to an accessible directory in my >>> home folder: '/home/username/projectname/**media/', and this folder has >>> it's permissions set to 777. >>> >>> I'm currently using the ./manage.py webserver, which (I assume) runs >>> as the same user which starts the process; this is the same user as >>> owns the folder specified above. >>> >>> Any ideas what I'm doing wrong here? >>> >>> --Jon >>> >>> -- >> You received this message because you are subscribed to the Google Groups >> "Django users" group. >> To view this discussion on the web visit >> https://groups.google.com/d/msg/django-users/-/5DiLmGCf_E0J. >> To post to this group, send email to django-users@googlegroups.com. >> To unsubscribe from this group, send email to >> django-users+unsubscr...@googlegroups.com. >> For more options, visit this group at >> http://groups.google.com/group/django-users?hl=en. >> > > > > -- > Regards, > Sithembewena Lloyd Dube > > -- > You received this message because you are subscribed to the Google Groups > "Django users" group. > To post to this group, send email to django-users@googlegroups.com. > To unsubscribe from this group, send email to > django-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/django-users?hl=en. > -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: SuspiciousOperation exception on ImageField upload
Hi Binny, Your problem sounds like one I had months ago. I got this response at the time: You need to make sure that the same process running your python interpreter has write permissions to your media directory. >From StackOverflow: "The process that is running your Python interpreter doesn't have permission to write into the media directory. You'll need to either chgrp or chrown the media directory to the same group as your Python process, and ensure you have at least g+rwx on directories and g+rw on files." http://stackoverflow.com/questions/5543641/django-media-upload-errno-13-permission-denied On Wed, Jul 18, 2012 at 9:12 AM, binny wrote: > But i want to upload to following path.. > > /usr/local/apache2/htdocs/goibibo/travelibibo/static/refundsReports/%Y%m%d > > And the first back slash is must. I can't remove that. So please let me > know how can i handle this case. > > Thanks, > Binny > > > On Tuesday, August 19, 2008 6:17:16 PM UTC+5:30, Jon Atkinson wrote: >> >> Hello, >> >> I'm trying to work with a model which accepts a logo image upload via >> an ImageField. My a cut down version of my model is below: >> >> class Promoter(models.Model): >> name = models.CharField(max_length=**100) >> logo = models.ImageField(upload_to="/** >> images/promoters/%Y/%m/%d/") >> >> When I try to upload the logo via the built-in admin interface, I get >> the following error: >> >> SuspiciousOperation at /admin/promoters/promoter/add/ >> Attempted access to '/images/promoters/2008/08/19/**kitten.jpg' denied. >> >> In settings.py, my MEDIA_ROOT is set to an accessible directory in my >> home folder: '/home/username/projectname/**media/', and this folder has >> it's permissions set to 777. >> >> I'm currently using the ./manage.py webserver, which (I assume) runs >> as the same user which starts the process; this is the same user as >> owns the folder specified above. >> >> Any ideas what I'm doing wrong here? >> >> --Jon >> >> -- > You received this message because you are subscribed to the Google Groups > "Django users" group. > To view this discussion on the web visit > https://groups.google.com/d/msg/django-users/-/5DiLmGCf_E0J. > To post to this group, send email to django-users@googlegroups.com. > To unsubscribe from this group, send email to > django-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/django-users?hl=en. > -- Regards, Sithembewena Lloyd Dube -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: SuspiciousOperation exception on ImageField upload
But i want to upload to following path.. /usr/local/apache2/htdocs/goibibo/travelibibo/static/refundsReports/%Y%m%d And the first back slash is must. I can't remove that. So please let me know how can i handle this case. Thanks, Binny On Tuesday, August 19, 2008 6:17:16 PM UTC+5:30, Jon Atkinson wrote: > > Hello, > > I'm trying to work with a model which accepts a logo image upload via > an ImageField. My a cut down version of my model is below: > > class Promoter(models.Model): > name = models.CharField(max_length=100) > logo = models.ImageField(upload_to="/images/promoters/%Y/%m/%d/") > > When I try to upload the logo via the built-in admin interface, I get > the following error: > > SuspiciousOperation at /admin/promoters/promoter/add/ > Attempted access to '/images/promoters/2008/08/19/kitten.jpg' denied. > > In settings.py, my MEDIA_ROOT is set to an accessible directory in my > home folder: '/home/username/projectname/media/', and this folder has > it's permissions set to 777. > > I'm currently using the ./manage.py webserver, which (I assume) runs > as the same user which starts the process; this is the same user as > owns the folder specified above. > > Any ideas what I'm doing wrong here? > > --Jon > > -- You received this message because you are subscribed to the Google Groups "Django users" group. To view this discussion on the web visit https://groups.google.com/d/msg/django-users/-/5DiLmGCf_E0J. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: SuspiciousOperation exception on ImageField upload
Marty, That was the problem, thank you for you help. --Jon On Tue, Aug 19, 2008 at 2:13 PM, Marty Alchin <[EMAIL PROTECTED]> wrote: > > On Tue, Aug 19, 2008 at 8:47 AM, Jon Atkinson <[EMAIL PROTECTED]> wrote: >> I'm trying to work with a model which accepts a logo image upload via >> an ImageField. My a cut down version of my model is below: >> >> class Promoter(models.Model): >>name = models.CharField(max_length=100) >>logo = models.ImageField(upload_to="/images/promoters/%Y/%m/%d/") > > Drop the first slash in your path name. > >> When I try to upload the logo via the built-in admin interface, I get >> the following error: >> >> SuspiciousOperation at /admin/promoters/promoter/add/ >> Attempted access to '/images/promoters/2008/08/19/kitten.jpg' denied. >> >> In settings.py, my MEDIA_ROOT is set to an accessible directory in my >> home folder: '/home/username/projectname/media/', and this folder has >> it's permissions set to 777. > > But with that leading slash, you're trying to save to > /images/promotors/%Y/%m/%d/, not > /home/username/projectname/media/images/promotors/%Y/%m/%d/ like you > want. That path probably doesn't exist, and Django would need > unrestricted access to your system in order to create it for you. > Needless to say, not a good situation. > > That SuspiciousOperation is in place to help prevent Django from > trying to accidentally read or write from places on your filesystem it > shouldn't have access to. Just drop the first slash in the path name > (so it reads upload_to="images/promoters/%Y/%m/%d/") and you'll be all > set. > > -Gul > > > > --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: SuspiciousOperation exception on ImageField upload
On Tue, Aug 19, 2008 at 8:47 AM, Jon Atkinson <[EMAIL PROTECTED]> wrote: > I'm trying to work with a model which accepts a logo image upload via > an ImageField. My a cut down version of my model is below: > > class Promoter(models.Model): >name = models.CharField(max_length=100) >logo = models.ImageField(upload_to="/images/promoters/%Y/%m/%d/") Drop the first slash in your path name. > When I try to upload the logo via the built-in admin interface, I get > the following error: > > SuspiciousOperation at /admin/promoters/promoter/add/ > Attempted access to '/images/promoters/2008/08/19/kitten.jpg' denied. > > In settings.py, my MEDIA_ROOT is set to an accessible directory in my > home folder: '/home/username/projectname/media/', and this folder has > it's permissions set to 777. But with that leading slash, you're trying to save to /images/promotors/%Y/%m/%d/, not /home/username/projectname/media/images/promotors/%Y/%m/%d/ like you want. That path probably doesn't exist, and Django would need unrestricted access to your system in order to create it for you. Needless to say, not a good situation. That SuspiciousOperation is in place to help prevent Django from trying to accidentally read or write from places on your filesystem it shouldn't have access to. Just drop the first slash in the path name (so it reads upload_to="images/promoters/%Y/%m/%d/") and you'll be all set. -Gul --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
