(sqlite3.OperationalError) attempt to write a readonly database

Dear all,

Spend most of today installing Privacyidea on Centos 7, unfortunately I’ve hit a roadblock with the error

“(raised as a result of Query-invoked autoflush; consider using a session.no_autoflush block if this flush is occurring prematurely) (sqlite3.OperationalError) attempt to write a readonly database [SQL: INSERT INTO realm (name, “default”, option) VALUES (?, ?, ?)] [parameters: (u’undefined’, 0, u’’)] (Background on this error at: http://sqlalche.me/e/e3q8)”

I get this after I login to the web gui and try and create a realm.

I’ve tried various chmod on the /etc/privacyidea and data.sqlite file without success.

Any pointers is much appriciated.



Appears to be a permissions issue with the database, not any files in the file system. Log into the sql instance and check to make sure whatever user is connecting to the database has write permissions and that the database is not read-only. I’m not sure what the package looks like for CentOS, but for uBuntu, it’s mysql for the database and the user is pi. You can check what the user is in your pi.cfg file.

thanks for your reply, I had the sqlite entry for the SQLALCHEMY_DATABASE_URI line:

SQLALCHEMY_DATABASE_URI = ‘sqlite:////etc/privacyidea/data.sqlite’

have now changed to:

SQLALCHEMY_DATABASE_URI = ‘mysql+pymysql://pi:@localhost/pi’

and it now lets me create a realm.

Not totally sure one I should be using!

What do you think?

What you changed it to looks correct, at least from memory on an ubuntu installation. That string is used to connect to the database and the initial entry isn’t a connection string i’ve seen before. Did you make any changes to this setting before? Maybe blow away and start from scratch, see if the incorrect setting replicates. @cornelinux would be the best guy to chime in on this since you’re using a very different distro of Linux from what I know.

this is the only change that I have made that made a difference!


On CentOS you need to configure the system yourself. We have a guide around how to do this. Ready made RPM packages are only available via an enterprise edition.

However, you could run privacyIDEA with many different databases. In theory sqlite could work, but this would never be recommended for a productive installation. Unless you handle a handful of users on a raspberry pi.

As you can see the database driver (mysql+pymysql, sqlite or pgoslqsXXX) specify if you are using MySQL, Postgres or which ever other database.
Go with MySQL/MariaDB and you are fine.

Thanks for the information and great product by the way.

1 Like