Apache Flask Error 13, permission denied

Question

I deployed a Flask application using Apache on AWS for the first time. The HTML pages load, however things like uploading files, writing files and reading files do not seem to work. In the below example I'm calling this specific function that writes data received from a URL. But here, I have disabled that, and the code merely has to read the file that is already there. So, export_po_list.xml is already there, and I have checked this from the terminal. This same code runs just fine locally in my PC.

Checking /var/log/apache2/error.log reveals

IOError: [Errno 13] Permission denied: 'export_po_list.xml'

I did chmod 777 -R to the whole folder that has this flask application. It still doesn't work.

 def po_data(a,b,c):

    array0 = []
    array1 = []
    array2 = []
    array3 = []
    array4 = []
    array5 = []
    array6 = []
    array7 = []
    array8 = []
    array9 = []
    array10 = []
    array11 = []
    array12 = []
    array13 = []
    array14 = []
    array15 = []
    array16 = []
    array17 = []
    array18 = []
    array19 = []
    array20 = []

    url_begin = "https://34.239.8.24:44300/sap/opu/odata/sap/ZRECEASY_ALL_OPEN_PO_SRV/ZRECEASY_ALL_OPEN_POSet?$filter=ImBstyp eq '"
    url_mid_1 = "' and ImBsart eq '"
    url_mid_2 = "' and ImErnam eq '"
    url_end = "'"
    final_url = url_begin + a + url_mid_1 + b + url_mid_2 + c + url_end
    print "\n\n"
    print final_url
    print "\n\n"
    auth_get_po_data ='S4H_FIN','Welcome1'
    headers_get_po_data = {"Content-type":'application/json;charset=utf-8'}
    final_url = "https://34.239.8.24:44300/sap/opu/odata/sap/ZRECEASY_ALL_OPEN_PO_SRV/ZRECEASY_ALL_OPEN_POSet?$filter=ImBstyp eq 'F' and ImBsart eq 'NB' and ImErnam eq 'S4H_MM'"

    #Post data back
    # final_url = "https://34.239.8.24:44300/sap/opu/odata/sap/ZRECEASY_ALL_OPEN_PO_SRV/ZRECEASY_ALL_OPEN_POSet?
   # r_get_po_data = requests.get(final_url,headers=headers_get_po_data,auth=auth_get_po_data, verify=False)
   # print r_get_po_data.text
    print os.getcwd()

# Write temporary XML file to work on parsing
#   file = open('export_po_list.xml', 'w')
#   file.write(r_get_po_data.text)
#   file.close()

# Read XML file
    print os.getcwd()
    tree = ET.parse('export_po_list.xml')
    root = tree.getroot()

#Extract relevant info
    for child in root:
        for child2 in child:
            for child3 in child2:
                counter = 1
                for child4 in child3:
                    # 5 24
                    if (counter == 5):
                        array0.append(str(child4.text))
                    elif (counter == 6):
                        array1.append(str(child4.text))
                    elif (counter == 7):
                        array2.append(str(child4.text))
                    elif (counter == 8):
                        array3.append(str(child4.text))
                    elif (counter == 9):
                        array4.append(str(child4.text))
                    elif (counter == 10):
                        array5.append(str(child4.text))
                    elif (counter == 11):
                        array6.append(str(child4.text))
                    elif (counter == 12):
                        array7.append(str(child4.text))
                    elif (counter == 13):
                        array8.append(str(child4.text))
                    elif (counter == 14):
                        array9.append(str(child4.text))
                    elif (counter == 15):
                        array10.append(str(child4.text))
                    elif (counter == 16):
                        array11.append(str(child4.text))
                    elif (counter == 17):
                        array12.append(str(child4.text))
                    elif (counter == 18):
                        array13.append(str(child4.text))
                    elif (counter == 19):
                        array14.append(str(child4.text))
                    elif (counter == 20):
                        array15.append(str(child4.text))
                    elif (counter == 21):
                        array16.append(str(child4.text))
                    elif (counter == 22):
                        array17.append(str(child4.text))
                    elif (counter == 23):
                        array18.append(str(child4.text))
                    elif (counter == 24):
                        array19.append(str(child4.text))
                    elif (counter == 25):
                        array20.append(str(child4.text))
                    counter = counter + 1

    return array0, array1, array2, array3, array4, array5, array6, array7, array8, array9, array10, array11, array12, array13, array14, array15, array16, array17, array18, array19, array20

Answer 1

Don't use a relative path name for the file, you need to calculate an absolute path and ensure the location is a writable directory. This is necessary as the current working directory for Apache is usually the root directory, which isn't writable to the user your code runs as.

For more details see the mod_wsgi documentation at:

• http://modwsgi.readthedocs.io/en/develop/user-guides/application-issues.html#application-working-directory
• http://modwsgi.readthedocs.io/en/develop/user-guides/application-issues.html#access-rights-of-apache-user