0

I have django running on apache2 server.

my settings.py looks like this:

WSGI_APPLICATION = 'my_app.wsgi.application'
...

LOGGING = {
'version': 1,
'disable_existing_loggers': False,
'formatters': {
    'verbose': {
        'format': '%(levelname)s %(asctime)s %(module)s: %(message)s'
    }
},
'handlers': {
    'file': {
        'level': 'INFO',
        'class': 'logging.handlers.RotatingFileHandler',
        'filename': '../django.log',
        'formatter': 'verbose',
        'maxBytes': 1024 * 1024 * 5,  # 5 MB
        'backupCount': 5,
    },
},
'loggers': {
    'my_app': {
        'handlers': ['file'],
        'level': 'INFO',
        'propagate': True,
    },
},

}

My idea was basically to create a log that all the components of my django app will write to, with level INFO.

The issue I am facing is, when running the server, the log is created with root permissions:

 ll ../django.log 
 -rw-r--r-- 1 root root 0 Jan  9 10:17 ../django.log

And so, what happens when I try to log to it is:

/var/log/apache2/error.log

[Wed Jan 09 11:37:43.677755 2019] [:error] [pid 1457:tid 140554321598208] [remote 192.168.254.52:60257] ValueError: Unable to configure handler 'file': [Errno 13] Permission denied: '../django.log'

I did find those issues: Permission Denied when writing log file and Django: Setup an efficient logging system for a website in production.

and if I change the permissions of the file to be owned by www-data and not root, it works.

My question is - where is the right place to set this in production? should it be changing it manually? maybe somewhere in the settings.py or the apache2-config?

I am looking for the best practice of django logging.

EDIT: ps aux | grep apache2 shows:

root      1444  0.0  0.0  97916  7452 ?        Ss   13:22   0:00 /usr/sbin/apache2 -k start

ps aux | grep wsgi shows:

www-data  1447  0.0  0.2 510528 23692 ?        Sl   13:22   0:00 (wsgi:name -k start

Thanks!

Ofek Agmon
  • 5,040
  • 14
  • 57
  • 101
  • What permission level are you running your django application? You should avoid this being root, btw. – CoolestNerdIII Jan 09 '19 at 12:32
  • edited my question. I think apache2 is ran with root, but django is ran with www-data – Ofek Agmon Jan 09 '19 at 13:37
  • Ok here's my suggestion, and I can move this to an answer afterwards. You should create a logs folder (before running the app) and create the permission for that as www-data. In your logging config, pass the complete path to this folder (ie: `'filename': os.path.join(BASE_DIR, 'logs')`), then try and see if this works for you. – CoolestNerdIII Jan 09 '19 at 13:44

1 Answers1

0

Create a logs folder with permission to www-data in the server beforehand and save the path to it in a environment variable, use python's os.getenv('LOG_PATH') in the settings.py file to use the path.

r_nab
  • 29
  • 1
  • 2