Access denied on wwwroot after DevOps deployment

时间:2019-04-08 12:57:28

标签: azure azure-devops kudu

I've deployed a .Net Core web application to Azure App Service using Azure DevOps. Now, when I try to create file in 'D:\home\site\wwwroot' using Kudu it says:

409 Conflict: Could not write to local resource 'D:\home\site\wwwroot\anc' >due to error 'Could not find file 'D:\home\site\wwwroot\anc'.'.

I've noticed that the persmissions on the 'D:\home\site\wwwroot' directory are different than in a similar web app that I deployed using Publish Profile

Get-Acl result on the problematic app:

PS D:\home\site\wwwroot> Get-Acl "D:\home\site\wwwroot"
Get-Acl "D:\home\site\wwwroot"




    Directory: D:\home\site





Path    Owner                   Access                                         

----    -----                   ------                                         

wwwroot IIS APPPOOL\luncher-dev NT AUTHORITY\SYSTEM Allow  FullControl...

Get-Acl result on other similar app:

PS D:\home\site\wwwroot> Get-Acl "D:\home\site\wwwroot"
Get-Acl "D:\home\site\wwwroot"




    Directory: D:\home\site





Path    Owner                  Access                                          

----    -----                  ------                                          

wwwroot BUILTIN\Administrators Everyone Allow  DeleteSubdirectoriesAndFiles,...

Corresponding Release pipeline from Azure DevOps

Dev Ops Pipeline

How can I make the wwwroot directory writable?

4 个答案:

答案 0 :(得分:11)

更改此应用设置键

WEBSITE_RUN_FROM_PACKAGE = 1 to 0

此设置使wwwroot成为只读文件系统。

对于“从程序包运行”,当wwwroot文件夹变为只读时,将严格执行此操作

答案 1 :(得分:1)

Do not write

any file to wwwroot when you are in cloud. Because Azure can change your machine/server and thay will just move your publish gfiles. Not the files that you added after publish. So you will lost them.

答案 2 :(得分:0)

以zip部署时,无法编辑文件系统。

https://tomasherceg.com/blog/post/azure-app-service-cannot-create-directories-and-write-to-filesystem-when-deployed-using-azure-devops下方引用

我完全不了解此功能,而且,该设置隐藏在VSTS任务中,因此我没有注意到。您需要展开“其他部署选项”部分,然后单击“选择部署方法”复选框,默认情况下未选中该复选框。只有单击两次后,您才能看到包含部署方法的下拉列表-ZipDeploy是默认方法。

我需要对其进行更改以使用WebDeploy,以便将应用程序文件存储为普通文件,并且该应用程序可以像以前一样在文件系统中进行写入。

答案 3 :(得分:0)

遇到了同样的问题,并让我永远弄清楚。

查看链接:https://theazureissues.blogspot.com/2019/04/409-conflict-could-not-write-to-local.html

  

应用程序的应用程序设置“ WEBSITE_RUN_FROM_PACKAGE = 1”   服务将应用程序的wwwroot文件夹设置为只读。

我只是将其设置为0,重新启动了我的应用,一切恢复正常。

我找到了另一个链接:https://azureappservices.blogspot.com/2018/06/unable-to-editdelete-files-through-kudu.html 它处理特定的文件属性,但是,从devop部署后,我什至无法编辑属性。因此,我认为这是针对特定文件标记为只读的修复程序。

OR

检查此链接:https://tomasherceg.com/blog/post/azure-app-service-cannot-create-directories-and-write-to-filesystem-when-deployed-using-azure-devops 也可能是

  

WEBSITE_RUN_FROM_ZIP

设置。 (这不是我的问题)

相关问题
最新问题