1

当通过 cli 启动我的 python 脚本时,它使用位于包 azure.storage.blob 中的 BlockBlobService 运行完美,但是当通过 udev 规则启动时,它显示以下消息:

azure.common.AzureException: Cannot allocate write+execute memory for ffi.callback().
You might be running on a system that prevents this.
For more information, see https://cffi.readthedocs.io/en/latest/using.html#callbacks

我已经检查过 SELinux 或 PaX 等安全模块是否会阻止内存分配。

user@hostname:~$ getenforce
Disabled

root@hostname:/# sysctl -a | grep pax
sysctl: reading key "net.ipv6.conf.all.stable_secret"
sysctl: reading key "net.ipv6.conf.br-d8bcb5699c15.stable_secret"
sysctl: reading key "net.ipv6.conf.default.stable_secret"
sysctl: reading key "net.ipv6.conf.docker0.stable_secret"
sysctl: reading key "net.ipv6.conf.eno1.stable_secret"
sysctl: reading key "net.ipv6.conf.eno2.stable_secret"
sysctl: reading key "net.ipv6.conf.eno3.stable_secret"
sysctl: reading key "net.ipv6.conf.eno4.stable_secret"
sysctl: reading key "net.ipv6.conf.enp134s0f0.stable_secret"
sysctl: reading key "net.ipv6.conf.enp134s0f1.stable_secret"
sysctl: reading key "net.ipv6.conf.enp134s0f2.stable_secret"
sysctl: reading key "net.ipv6.conf.enp134s0f3.stable_secret"
sysctl: reading key "net.ipv6.conf.lo.stable_secret"
sysctl: reading key "net.ipv6.conf.veth8b380d4.stable_secret"
sysctl: reading key "net.ipv6.conf.veth94be59b.stable_secret"

查看 BlockBlobStorage 代码。文件的以下片段中引发了异常:azure.storage.common.storageclient.py:

415: logger.error("%s Retry policy did not allow for a retry: "
                  "%s, HTTP status code=%s, Exception=%s.",
                   client_request_id_prefix,
                   timestamp_and_request_id,
                   status_code,
                   exception_str_in_one_line)
     raise ex

在查看 cffi 代码时。以下片段似乎格式化了消息:文件:cffi/_cffi_backend.c

#ifdef CFFI_TRUST_LIBFFI
    closure = ffi_closure_alloc(sizeof(ffi_closure), &closure_exec);
#else
    closure = cffi_closure_alloc();
    closure_exec = closure;
#endif
    if (closure == NULL) {
        Py_DECREF(infotuple);
        PyErr_SetString(PyExc_MemoryError,
            "Cannot allocate write+execute memory for ffi.callback(). "
            "You might be running on a system that prevents this. "
            "For more information, see "
            "https://cffi.readthedocs.io/en/latest/using.html#callbacks");
        return NULL;
    }

当由 udev 规则启动时,如何使该脚本运行?

4

1 回答 1

0

在我的情况下,上述错误是因为 selinux 增强的安全配置。该错误指向 django 应用程序使用的 cffi 模块。我通过运行以下命令解决了该错误。希望能帮助到你。

sudo setsebool -P httpd_execmem 1

确保为您打算使用的服务查找 selinux bool 设置并启用正确的配置。以下命令将列出您的服务的可用设置,并告诉它是打开还是关闭:

sudo getsebool -a | grep <service>
于 2020-05-28T06:16:07.067 回答