I have a CentOS server on which I have Apache, Django, Django CMS and mod_wsgi. My Django project files are stored in the /srv
directory and I have SELinux turned on for security reasons.
I've managed to successfully integrate Django-CMS into Django and when I visit the local IP, I see my pages. However, when I try to visit /admin (where I can start making use of the CMS functionality), I get DatabaseError at /admin/ attempt to write a readonly database
.
Okay.
So, since I have a .sqlite
file in my project folder, I ran a ls -l
on it which returned:
-rw-r--r--. 1 root root 133120 Jan 5 11:53 DATABASE.sqlite
Okay, so I figured perhaps Apache couldn't read that file due to some permissions reasons so after a bunch of research on similar problems on Stackoverflow, I ran:
> chmod 664 DATABASE.sqlite
> chown apache /srv/mysite
> chown apache /srv/mysite/DATABASE.sqlite
Now, the ls -l
output reads:
-rw-rw-r--. 1 apache root 133120 Jan 5 11:53 DATABASE.sqlite
Unfortunately, I still get the same error when trying to access /admin on my Django app. Any help would be greatly appreciated! Probably something to do with SELinux permissions but I have no idea where to start in diagnosing what permissions issue is going on.
EDIT:
I ran
> chown apache:apache /srv/mysite
> chown apache:apache /srv/mysite/DATABASE.sqlite
and a quick ls -l
reveals that the owner of the mysite
directory and the .sqlite
file is now apache
. However, I still get errors when trying to visit the /admin
page. I chmod
ed the /srv/mysite
directory to 757 and DATABASE.sqlite
file to 756 because that's the best I can do to get the permissions to work out. I was told that this is a security risk but I can't seem to figure out how to give it less permissions and get pass by unable to read/open database file
errors. Is it because of SELinux?
FYI, I'm operating under a regular user account in CentOS and sudo whenever I need to elevate:
[noblerare@localhost ]$
You have to add writing rights to the directory in which your sqlite database is stored. So running chmod 664 /srv/mysite
should help.
This is a security risk, so better solution is to change the owner of your database to www-data
:
chown www-data:www-data /srv/mysite
chown www-data:www-data /srv/mysite/DATABASE.sqlite