IntelOwl
IntelOwl copied to clipboard
unable to start celery container with permission denied error
What happened
with latest version, try to start all containers. Celery failed to start
got below permission denied error
PermissionError: [Errno 13] Permission denied: '/opt/deploy/intel_owl/configuration/analyzer_config.json'
2022-02-22 03:54:02,268 - celery.utils.dispatch.signal - send - ERROR - Signal handler <bound method DjangoFixup.on_import_modules of <celery.fixups.django.DjangoFixup object at 0x7f5f79825f10>> raised: PermissionError(13, 'Permission denied')
Traceback (most recent call last):
File "/usr/local/lib/python3.9/site-packages/celery/utils/dispatch/signal.py", line 276, in send
response = receiver(signal=self, sender=sender, **named)
File "/usr/local/lib/python3.9/site-packages/celery/fixups/django.py", line 82, in on_import_modules
self.worker_fixup.validate_models()
File "/usr/local/lib/python3.9/site-packages/celery/fixups/django.py", line 120, in validate_models
self.django_setup()
File "/usr/local/lib/python3.9/site-packages/celery/fixups/django.py", line 116, in django_setup
django.setup()
File "/usr/local/lib/python3.9/site-packages/django/init.py", line 24, in setup
apps.populate(settings.INSTALLED_APPS)
File "/usr/local/lib/python3.9/site-packages/django/apps/registry.py", line 122, in populate
app_config.ready()
File "/opt/deploy/intel_owl/api_app/analyzers_manager/apps.py", line 15, in ready
AnalyzerConfigSerializer.read_and_verify_config()
File "/usr/local/lib/python3.9/site-packages/cache_memoize/init.py", line 127, in inner
cache_key = _make_cache_key(*args, **kwargs)
File "/usr/local/lib/python3.9/site-packages/cache_memoize/init.py", line 104, in _default_make_cache_key
(quote(str(x)) for x in args_rewrite(*args)),
File "/opt/deploy/intel_owl/api_app/core/serializers.py", line 168, in
Environment
- OS: Redhat7
- IntelOwl version: v3.3.1
Error messages and logs
hey, thanks for reporting this.
Some questions:
- did you install the new version from scratch or you did upgrade from a previous version? In case, which one?
- did you manually change the file with that error?
analyzer_config.json
. This is pretty common to customize the analyzers configuration. Can you please check the permissions on that file? go to your IntelOwl installation directory, then into theconfiguration
folder and you'll find it - how did you start the containers? did you use the startup script as stated in the documentation?
The point is that I can't reproduce your error. So it is most probably some error on your deployment side.
Thanks for your quick response
Some questions:
- did you install the new version from scratch or you did upgrade from a previous version? In case, which one? It is a new installation.
- did you manually change the file with that error?
analyzer_config.json
. This is pretty common to customize the analyzers configuration. Can you please check the permissions on that file? go to your IntelOwl installation directory, then into theconfiguration
folder and you'll find it
I didn't change the file. Tried to change file permission to fix it, but failed. Used to be root permission, now as below.
![image](https://user-images.githubusercontent.com/53101764/156661454-badd366c-af22-4889-8541-585466873c3d.png)
- how did you start the containers? did you use the startup script as stated in the documentation?
Start with the startup script.
python3 start.py prod up
Feels like it is the json file permission issue, any advise will be great.
The good permissions should be www-data:www-data
. Could you try to set the values to that user/group and restart the application?
The good permissions should be
www-data:www-data
. Could you try to set the values to that user/group and restart the application?
set values to apache:apache, still same permission error. It is running on redhat server
but the application run with the www-data
user so if the files are not set with those permissions the application is not able to get them. It does not matter where you deployed this. Please give that a chance
but the application run with the
www-data
user so if the files are not set with those permissions the application is not able to get them. It does not matter where you deployed this. Please give that a chance
Tried this and got same error
I am crying 😢 . It is so difficult to help remotely for this kind of non-reproducible errors.
Have you restarted the application after that change? python3 start.py prod down && python3 start.py prod up
Did you mention that this occured with a first clean installation? Cause I'd suggest you to just re-try to install everything from a clean OS. Then, we have not tested on RedHat specifically (we test on Debian-like) but should not be a problem considering that everything runs inside Docker
If you can't run the app under www-data (which is not recommended), I have found this workaround :
chmod 755 configuration/
chmod 666 configuration/*.*
And in intel_owl.ini remove the specification to run as www-data user&group:
#chown = www-data:www-data
...
#uid = www-data
#gid = www-data
If you can't run the app under www-data (which is not recommended), I have found this workaround :
chmod 755 configuration/ chmod 666 configuration/*.*
And in intel_owl.ini remove the specification to run as www-data user&group:
#chown = www-data:www-data ... #uid = www-data #gid = www-data
Thanks, chmod 755 configuration/ solved this problem.