Socket guid is not set from config

[adborden]

I'm using nginx in front of uWSGI. uWSGI is running under a local user while nginx is running under www-data. I've set the follwing config:

[uwsgi]
...
chmod-socket = 664
socket = /tmp/summit.sock
uid = summit
gid = www-data

but the socket is created with uid summit, gid summit. And therefore nginx gets permission denied. I would expect the gid on the socket to be www-data in this case.

I'm using 1.9.17.1 on Ubuntu 14.04

[unbit]

Can you paste the whole startup log ? It should show your permissions status

[adborden]

[uWSGI] getting INI configuration from /etc/uwsgi/apps-enabled/summit.ini
*** Starting uWSGI 1.9.17.1-debian (64bit) on [Sun Sep  7 06:25:56 2014] ***
compiled with version: 4.8.2 on 23 March 2014 17:15:32
os: Linux-3.13.0-29-generic #53-Ubuntu SMP Wed Jun 4 21:00:20 UTC 2014
nodename: ip-172-31-10-139
machine: x86_64
clock source: unix
pcre jit disabled
detected number of CPU cores: 1
current working directory: /
writing pidfile to /tmp/summit.pid
detected binary path: /usr/bin/uwsgi-core
your processes number limit is 4537
your memory page size is 4096 bytes
 *** WARNING: you have enabled harakiri without post buffering. Slow upload could be rejected on post-unbuffered webservers ***
detected max file descriptor number: 1024
lock engine: pthread robust mutexes
thunder lock: disabled (you can enable it with --thunder-lock)
uwsgi socket 0 bound to UNIX address /tmp/summit.sock fd 3
Python version: 2.7.6 (default, Mar 22 2014, 23:03:41)  [GCC 4.8.2]
Set PythonHome to /home/summit/app/env
*** Python threads support is disabled. You can enable it with --enable-threads ***
Python main interpreter initialized at 0x21afe20
your server socket listen backlog is limited to 100 connections
your mercy for graceful operations on workers is 60 seconds
mapped 218376 bytes (213 KB) for 2 cores
*** Operational MODE: preforking ***
WSGI app 0 (mountpoint='') ready in 0 seconds on interpreter 0x21afe20 pid: 8168 (default app)
*** uWSGI is running in multiple interpreter mode ***
spawned uWSGI master process (pid: 8168)
spawned uWSGI worker 1 (pid: 8169, cores: 1)
spawned uWSGI worker 2 (pid: 8170, cores: 1)

[unbit]

There is no privileges drop in this instance, it is already running as summit:summit.

[adborden]

Ack, I'm running uwsgi under supervisor and specifying a user there. If I allow supervisor to start uwsgi as root, uwsgi sets the permissions correctly on the socket.

Is there a warning somewhere I missed? Would've been helpful to know I was specifying uid/gid when the effective uid isn't privileged enough for that to work.

[unbit]

If i do the same on a stable release the instance exit with an error. 1.9 is a development tree it is hard to tell what happened. Having said that i strongly suggest you to give a look at the Emperor instead of relying on supervisor (unless you already use it for something else)

[adborden]

Cool, thanks for the help.