以非root用户身份运行Nginx [英] Running Nginx as non root user

问题描述

我使用Ansible安装了Nginx.要在Centos7上安装，我使用了yum软件包，因此默认情况下它以 root 用户身份运行.我希望它以其他用户(例如- nginx 用户)的身份在Centos框中启动和运行.当我尝试用其他用户运行它时，出现以下错误:

I installed Nginx using Ansible. To install on Centos7 I used the yum package so it by default was run as root user. I want it to start and run as a different user (ex - nginx user) in the Centos box. When I try to run it with a different user I get the following error:

nginx.service的作业失败，因为控制进程退出 错误代码.请参阅"systemctl状态nginx.service"和"journalctl -xe" 有关详细信息.

Job for nginx.service failed because the control process exited with error code. See "systemctl status nginx.service" and "journalctl -xe" for details.

我知道不建议以root身份运行.因此，我该如何解决这个问题，并以非root用户身份运行nginx.谢谢

I know it's not advisable to run as root. So how do I get around this and run nginx as a non root user. Thanks

推荐答案

在您的/etc/nginx/nginx.conf中添加/更改以下内容:

Add/Change the following in your /etc/nginx/nginx.conf:

user nginx;

您应该创建用户并递归授予webroot目录的权限.

You should create the user and grant permissions on the webroot directories recursively.

这样，仅主进程以root的身份运行. 原因::只有root进程才能侦听1024以下的端口.Web服务器通常在端口80和/或443上运行.这意味着它需要以root身份启动.

This way only master process runs as root. Because: Only root processes can listen to ports below 1024. A webserver typically runs at port 80 and/or 443. That means it needs to be started as root.

要以非root用户身份运行主进程:

更改以下内容的所有权:

Change the ownership of the following:

• error_log
• access_log
• pid
• client_body_temp_path
• fastcgi_temp_path
• proxy_temp_path
• scgi_temp_path
• uwsgi_temp_path

将listen指令更改为1024以上的端口，以所需用户身份登录，并通过nginx -c /path/to/nginx.conf

Change the listen directives to ports above 1024, log in as desired user and run nginx by nginx -c /path/to/nginx.conf

这篇关于以非root用户身份运行Nginx的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！