即使正确设置了所有权限,为什么Nginx仍返回403? [英] Why does Nginx return a 403 even though all permissions are set properly?
问题描述
我已经安装了Nginx并正确显示了测试页.如果我尝试更改根路径,即使所有权限都相同,也会收到403 Forbidden错误.另外,nginx用户存在.
I have Nginx setup and displaying the test page properly. If I try to change the root path, I get a 403 Forbidden error, even though all permissions are identical. Additionally, the nginx user exists.
nginx.conf:
nginx.conf:
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
events {
worker_connections 1024;
}
http {
index index.html index.htm;
server {
listen 80;
server_name localhost;
root /var/www/html; #changed from the default /usr/share/nginx/html
}
}
namei -om/usr/share/nginx/html/index.html
namei -om /usr/share/nginx/html/index.html
f: /usr/share/nginx/html/index.html
dr-xr-xr-x root root /
drwxr-xr-x root root usr
drwxr-xr-x root root share
drwxr-xr-x root root nginx
drwxr-xr-x root root html
-rw-r--r-- root root index.html
namei -om/var/www/html/index.html
namei -om /var/www/html/index.html
f: /var/www/html/index.html
dr-xr-xr-x root root /
drwxr-xr-x root root var
drwxr-xr-x root root www
drwxr-xr-x root root html
-rw-r--r-- root root index.html
错误日志
2014/03/23 12:45:08 [错误] 5490#0:* 13 open() "/var/www/html/index.html"失败(13:权限被拒绝),客户端: XXX.XX.XXX.XXX,服务器:本地主机,请求:"GET/index.html HTTP/1.1",主机:"ec2-XXX-XX-XXX-XXX.compute-1.amazonaws.com"
2014/03/23 12:45:08 [error] 5490#0: *13 open() "/var/www/html/index.html" failed (13: Permission denied), client: XXX.XX.XXX.XXX, server: localhost, request: "GET /index.html HTTP/1.1", host: "ec2-XXX-XX-XXX-XXX.compute-1.amazonaws.com"
推荐答案
我遇到了同样的问题,这是由于 SELinux 造成的.
I experienced the same problem and it was due to SELinux.
要检查SELinux是否正在运行:
To check if SELinux is running:
# getenforce
要禁用SELinux,直到下次重启:
To disable SELinux until next reboot:
# setenforce Permissive
重新启动Nginx,然后查看问题是否仍然存在.如果您想永久更改设置,可以编辑/etc/sysconfig/selinux
Restart Nginx and see if the problem persists. If you would like to permanently alter the settings you can edit /etc/sysconfig/selinux
如果SELinux是您的问题,则可以运行以下命令以允许nginx服务您的www目录(请确保在测试前重新打开SELinux.即# setenforce Enforcing
)
If SELinux is your problem you can run the following to allow nginx to serve your www directory (make sure you turn SELinux back on before testing this. i.e, # setenforce Enforcing
)
# chcon -Rt httpd_sys_content_t /path/to/www
如果仍然遇到问题,请查看getsebool -a
中的布尔标志,尤其是您可能需要打开httpd_can_network_connect
进行网络访问
If you're still having issues take a look at the boolean flags in getsebool -a
, in particular you may need to turn on httpd_can_network_connect
for network access
# setsebool -P httpd_can_network_connect on
对我来说,允许http服务我的www目录就足够了.
For me it was enough to allow http to serve my www directory.
这篇关于即使正确设置了所有权限,为什么Nginx仍返回403?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!