我正在Debian Jessie上工作。 作为用户opuser我创build了一个文件,我拥有它:
opuser@mymachine: $ ls -lash /webapps/myapp/run/gunicorn.sock 0 srwxrwxrwx 1 opuser webapps 0 Sep 1 18:50 /webapps/myapp/run/gunicorn.sock
现在,如果我尝试打开文件写入它:
opuser@mymachine: $ vi /webapps/myapp/run/gunicorn.sock
vi在底部显示一个错误: "~/run/gunicorn.sock" [Permission Denied] 。
为什么我不能打开一个文件来写它,当我拥有它,文件权限表明它是世界可写的?
更新:
该文件是通过运行gunicorn创build的,我debugging的原因是gunicorn用户无法写入:
gunicorn openprescribing.wsgi:application --name myapp_prod --workers 3 --bind=unix:/webapps/webapps/run/gunicorn.sock --user opuser --group webapps --log-level=debug
这是完整的错误:
[2015-09-01 11:18:36 +0000] [9439] [DEBUG] Current configuration: proxy_protocol: False worker_connections: 1000 statsd_host: None max_requests_jitter: 0 post_fork: <function post_fork at 0x7efebefd2230> pythonpath: None enable_stdio_inheritance: False worker_class: sync ssl_version: 3 suppress_ragged_eofs: True syslog: False syslog_facility: user when_ready: <function when_ready at 0x7efebefc6ed8> pre_fork: <function pre_fork at 0x7efebefd20c8> cert_reqs: 0 preload_app: False keepalive: 2 accesslog: None group: 999 graceful_timeout: 30 do_handshake_on_connect: False spew: False workers: 3 proc_name: myapp_prod sendfile: True pidfile: None umask: 0 on_reload: <function on_reload at 0x7efebefc6d70> pre_exec: <function pre_exec at 0x7efebefd27d0> worker_tmp_dir: None post_worker_init: <function post_worker_init at 0x7efebefd2398> limit_request_fields: 100 on_exit: <function on_exit at 0x7efebefd2e60> config: None secure_scheme_headers: {'X-FORWARDED-PROTOCOL': 'ssl', 'X-FORWARDED-PROTO': 'https', 'X-FORWARDED-SSL': 'on'} proxy_allow_ips: ['127.0.0.1'] pre_request: <function pre_request at 0x7efebefd2938> post_request: <function post_request at 0x7efebefd2a28> user: 999 forwarded_allow_ips: ['127.0.0.1'] worker_int: <function worker_int at 0x7efebefd2500> threads: 1 max_requests: 0 limit_request_line: 4094 access_log_format: %(h)s %(l)s %(u)s %(t)s "%(r)s" %(s)s %(b)s "%(f)s" "%(a)s" certfile: None worker_exit: <function worker_exit at 0x7efebefd2b90> chdir: /webapps/myapp/myapp paste: None default_proc_name: myapp.wsgi:application errorlog: - loglevel: debug logconfig: None syslog_addr: udp://localhost:514 syslog_prefix: None daemon: False ciphers: TLSv1 on_starting: <function on_starting at 0x7efebefc6c08> worker_abort: <function worker_abort at 0x7efebefd2668> bind: ['unix:/webapps/myapp/run/gunicorn.sock'] raw_env: [] reload: False check_config: False limit_request_field_size: 8190 nworkers_changed: <function nworkers_changed at 0x7efebefd2cf8> timeout: 30 ca_certs: None django_settings: None tmp_upload_dir: None keyfile: None backlog: 2048 logger_class: gunicorn.glogging.Logger statsd_prefix: [2015-09-01 11:18:36 +0000] [9439] [INFO] Starting gunicorn 19.3.0 Traceback (most recent call last): File "/home/anna/.virtualenvs/myapp/bin/gunicorn", line 11, in <module> sys.exit(run()) File "/home/anna/.virtualenvs/myapp/local/lib/python2.7/site-packages/gunicorn/app/wsgiapp.py", line 74, in run WSGIApplication("%(prog)s [OPTIONS] [APP_MODULE]").run() File "/home/anna/.virtualenvs/myapp/local/lib/python2.7/site-packages/gunicorn/app/base.py", line 189, in run super(Application, self).run() File "/home/anna/.virtualenvs/myapp/local/lib/python2.7/site-packages/gunicorn/app/base.py", line 72, in run Arbiter(self).run() File "/home/anna/.virtualenvs/myapp/local/lib/python2.7/site-packages/gunicorn/arbiter.py", line 171, in run self.start() File "/home/anna/.virtualenvs/myapp/local/lib/python2.7/site-packages/gunicorn/arbiter.py", line 130, in start self.LISTENERS = create_sockets(self.cfg, self.log) File "/home/anna/.virtualenvs/myapp/local/lib/python2.7/site-packages/gunicorn/sock.py", line 211, in create_sockets sock = sock_type(addr, conf, log) File "/home/anna/.virtualenvs/myapp/local/lib/python2.7/site-packages/gunicorn/sock.py", line 104, in __init__ os.remove(addr) OSError: [Errno 13] Permission denied: '/webapps/myapp/run/gunicorn.sock'
您尝试打开的节点是套接字。 更精确地说,一个unix域套接字(权限标志中的s表示这个信号)。 open(2)按正常方式open(2)套接字(这是vi(1)失败的原因vi(1) 。必须使用socket(PF_UNIX, ...)系统调用(请参阅unix(7) )获取它们,然后bind(2)在文件系统中编辑一个正确的路径(这是什么使它们出现在文件系统的层次结构中)。
一旦你得到了这种类型的套接字,你必须connect(2)它connect(2)到另一个套接字(或者accept(2)因为它已经绑定到文件系统节点),以允许从一个套接字到另一个套接字的通信。
有关套接字api编程(和UNIX域套接字)的介绍,请参阅着名的RWStevens书籍“ Unix网络编程”,第1卷:套接字网络API(第3版) 。
你的文件类型是一个套接字。 它被读取一次/写入一次。 不知道你可以用普通的文本编辑器打开它。