Ansible Tower Permission denied: '/var/lib/awx/projects' 即使有访问权限

Ansible Tower Permission denied: '/var/lib/awx/projects' even when has access

当我尝试登录 Ansible Tower 或四处导航时,出现 500 错误。 /var/log/tower.log 显示:

2016-12-20 14:34:59,659 ERROR    django.request Internal Server Error: /api/v1/config/
Traceback (most recent call last):
  File "/var/lib/awx/venv/tower/lib/python2.7/site-packages/django/core/handlers/base.py", line 132, in get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
  File "/var/lib/awx/venv/tower/lib/python2.7/site-packages/django/utils/decorators.py", line 145, in inner
    return func(*args, **kwargs)
  File "/var/lib/awx/venv/tower/lib/python2.7/site-packages/django/views/decorators/csrf.py", line 58, in wrapped_view
    return view_func(*args, **kwargs)
  File "/var/lib/awx/venv/tower/lib/python2.7/site-packages/django/views/generic/base.py", line 71, in view
    return self.dispatch(request, *args, **kwargs)
  File "/var/lib/awx/venv/tower/lib/python2.7/site-packages/rest_framework/views.py", line 466, in dispatch
    response = self.handle_exception(exc)
  File "/var/lib/awx/venv/tower/lib/python2.7/site-packages/rest_framework/views.py", line 463, in dispatch
    response = handler(request, *args, **kwargs)
  File "/lib/python2.7/site-packages/awx/api/views.py", line 234, in get
  File "/lib/python2.7/site-packages/awx/main/models/projects.py", line 57, in get_local_path_choices
OSError: [Errno 13] Permission denied: '/var/lib/awx/projects'

但是 /var/lib/awx/projects 目录完全属于 awx 用户。

$ ls -la /var/lib/awx/projects/
total 4
drwxr-xr-x. 2 awx awx    6 Dec 19 16:01 .
drwxr-xr-x. 9 awx awx 4096 Dec 20 10:38 ..

有没有人遇到过这种情况?修复的方法是什么?谢谢!

您已启用 SElinux 并阻止访问该文件。注意末尾的点:

drwxr-xr-x.

查看详情ls -Z /var/lib/awx/projects/

参考 SELinux - Contexts Labeling Files. Also this answer on Unix.SE 可能会有帮助。