Ubuntu – Permission denied to a 777 file

I have a Django app which is configured to write db queries into a /tmp/db.log file.

        "debug_console_to_file": {
            "level": "DEBUG",
            "filters": ["require_debug_true"],
            "class": "logging.FileHandler",
            "filename": "/tmp/db.log",
        },

The application usually starts from a uwsgi server using www-data as a user.
However, sometimes I manually run it (with python manage.py) via my user – tvelichkov.

The problem is that when I try to start it from my user, I got a Permission denied error to /tmp/db.log file since www-data has already created it (removing the file can temporary fix the issue, but then the server will receive the same error, since now my user owns the file).

    PermissionError: [Errno 13] Permission denied: '/tmp/db.log'

I've tried to add my user to www-data group

    $ members www-data
    www-data tvelichkov

I've also tried to give 777 file permissions to the file.

    $ ls -l /tmp/db.log 
    -rwxrwsrwx 1 www-data www-data 22102 юли 30 15:25 /tmp/db.log

But I still keep getting this Permission denied error. Any help would be appreciated.

Note: I used to have no issues with this setup in Ubuntu 18.04, but now I have it in Ubuntu 20.04.

UPDATE: Here are the permissions of the /tmp/ folder, but note that this is after I ran chown root:root /tmp and chmod 777 /tmp as suggested by @adrian vera, BTW after this change seems like chmod 777 /tmp/db.log is working, because I no more get the Permission denied error. Is it possible that Ubuntu changed something for the /tmp/ folder between versions 18.04 and 20.04 ? Because I'm pretty sure I didn't change anything to this folder before running into this issue?

    $ ls -l / | grep tmp
    drwxrwxrwx  24 root root       4096 авг  3 10:19 tmp

Note2: I have one more machine with clean Ubuntu 20.04 install where I have this issue too, I will double check the permissions there too once I got home.

UPDATE2: So on a clean Ubuntu 20.04 install the permissions of the /tmp/ folder are:

    $ ls -l / | grep tmp
    drwxrwxrwt  23 root root      12288 авг  3 16:41 tmp

And this is how the /tmp/db.log look like:

    $ ls -l /tmp/db.log 
    -rw-r--r-- 1 www-data www-data 0 авг  3 16:54 /tmp/db.log

    $ sudo chmod 777 /tmp/db.log 
    $ ls -l /tmp/db.log 
    -rwxrwxrwx 1 www-data www-data 0 авг  3 16:54 /tmp/db.log

    $ lsattr /tmp/db.log 
    --------------e----- /tmp/db.log

    $ whoami
    tvelichkov

    $ getent group www-data
    www-data:x:33:tvelichkov

    $ python manage.py test --settings=cs.settings.test
    Traceback (most recent call last):
      File "/home/tvelichkov/.pyenv/versions/3.6.10/lib/python3.6/logging/config.py", line 565, in configure
        handler = self.configure_handler(handlers[name])
      File "/home/tvelichkov/.pyenv/versions/3.6.10/lib/python3.6/logging/config.py", line 738, in configure_handler
        result = factory(**kwargs)
      File "/home/tvelichkov/.pyenv/versions/3.6.10/lib/python3.6/logging/__init__.py", line 1032, in __init__
        StreamHandler.__init__(self, self._open())
      File "/home/tvelichkov/.pyenv/versions/3.6.10/lib/python3.6/logging/__init__.py", line 1061, in _open
        return open(self.baseFilename, self.mode, encoding=self.encoding)
    PermissionError: [Errno 13] Permission denied: '/tmp/db.log'

Best Answer

Probably, instead of deal with the permissions, in this case, it is a better idea to execute the script as the www-data user. This is standard approach which we use to run the maintenance scripts of some web apps like NextClud, MediaWiki, etc. You can do that by the help of the sudo command:

sudo -u www-data python manage.py

Best Answer

Related Solutions

Ubuntu – Default file permissions for php user www-data

Related Question