第一遍这么输入的:uwsgi --socket :8001 --wsgi-file test.py
没有问题
第二遍输入:uwsgi --socket mysite.sock --wsgi-file test.py
就不对了
bind(): Operation not permitted [core/socket.c line 230]
第二遍用新的参数重新启动uwsgi的时候出上面的报错
uwsgi --socket mysite.sock --wsgi-file test.py --chmod-socket=666
这样也不行
项目文件夹的读写权限如下:
drwxr-xr-x 1 vagrant vagrant 374 Feb 3 07:32 mysite/
显然写权限只属于vagrant用户。
那么我是否把整个项目文件夹的写权限全部允许给uwsgi就可以了?
Using Unix sockets instead of ports
So far we have used a TCP port socket, because it’s simpler, but in fact it’s better to use Unix sockets than ports - there’s less overhead.
Edit mysite_nginx.conf, changing it to match:
server unix:///path/to/your/mysite/mysite.sock; # for a file socket # server 127.0.0.1:8001; # for a web port socket (we'll use this first) and restart nginx.
Run uWSGI again:
uwsgi --socket mysite.sock --wsgi-file test.py
This time the socket option tells uWSGI which file to use.
Try http://example.com:8000/ in the browser.
If that doesn’t work
Check your nginx error log(/var/log/nginx/error.log). If you see something like:
connect() to unix:///path/to/your/mysite/mysite.sock failed (13: Permission denied)
then probably you need to manage the permissions on the socket so that nginx is allowed to use it.
Try:
uwsgi --socket mysite.sock --wsgi-file test.py --chmod-socket=666 # (very permissive)
or:
uwsgi --socket mysite.sock --wsgi-file test.py --chmod-socket=664 # (more sensible)
You may also have to add your user to nginx’s group (which is probably www-data), or vice-versa, so that nginx can read and write to your socket properly.
It’s worth keeping the output of the nginx log running in a terminal window so you can easily refer to it while troubleshooting.
我为这个问题折腾了一个星期
进程
nginx
- root (master)
- www-data (worker)
uwsgi
- root (emperor)
- www-data (worker)
目录/文件
www/
config/
log/
application/
socket/
uwsgi_sock
nginx 和 uwsgi 都要以 root 权限启动,在配置文件中设置 worker 进程的用户
sock 文件
要 nginx_worker 可读 r
要 uwsgi_worker 可读可写 rx
sock 文件所在目录
要 nginx_worker 可读 r
要 uwsgi_worker 可新建文件(可读可写) rx
application 目录的所有者最好是 worker 进程的用户
静态目录/文件 要 nginx_worker 可读 r
所有目录/文件 要 uwsgi_worker 可读可写 rw
log 目录/文件
nginx 和 uwsgi 都是以 root 身份写日志,日志文件的所有者是 root
uwsgi 需要对你指定的 socket 文件所在的目录有写权限,这样才能成功创建 socket 文件。你可以为 uwsgi 专门建个目录,也可以把 socket 放到比如 /var/run 或者 /tmp 下。
另外不要给不必要的人权限,会是个安全隐患。