即使正确设置了所有权限，为什么Nginx仍返回403? [英] Why does Nginx return a 403 even though all permissions are set properly?

问题描述

我已经安装了Nginx并正确显示了测试页.如果我尝试更改根路径，即使所有权限都相同，也会收到403 Forbidden错误.另外，nginx用户存在.

I have Nginx setup and displaying the test page properly. If I try to change the root path, I get a 403 Forbidden error, even though all permissions are identical. Additionally, the nginx user exists.

nginx.conf:

nginx.conf:

user nginx;
worker_processes  1;

error_log  /var/log/nginx/error.log;

pid        /run/nginx.pid;

events {
    worker_connections  1024;
}

http {
    index   index.html index.htm;

    server {
        listen       80;
        server_name  localhost;
        root         /var/www/html; #changed from the default /usr/share/nginx/html
    }
}

namei -om/usr/share/nginx/html/index.html

namei -om /usr/share/nginx/html/index.html

f: /usr/share/nginx/html/index.html
dr-xr-xr-x root root /
drwxr-xr-x root root usr
drwxr-xr-x root root share
drwxr-xr-x root root nginx
drwxr-xr-x root root html
-rw-r--r-- root root index.html

namei -om/var/www/html/index.html

namei -om /var/www/html/index.html

f: /var/www/html/index.html
dr-xr-xr-x root root /
drwxr-xr-x root root var
drwxr-xr-x root root www
drwxr-xr-x root root html
-rw-r--r-- root root index.html

错误日志

2014/03/23 12:45:08 [错误] 5490#0:* 13 open() "/var/www/html/index.html"失败(13:权限被拒绝)，客户端: XXX.XX.XXX.XXX，服务器:本地主机，请求:"GET/index.html HTTP/1.1"，主机:"ec2-XXX-XX-XXX-XXX.compute-1.amazonaws.com"

2014/03/23 12:45:08 [error] 5490#0: *13 open() "/var/www/html/index.html" failed (13: Permission denied), client: XXX.XX.XXX.XXX, server: localhost, request: "GET /index.html HTTP/1.1", host: "ec2-XXX-XX-XXX-XXX.compute-1.amazonaws.com"

推荐答案

我遇到了同样的问题，这是由于 SELinux 造成的.

I experienced the same problem and it was due to SELinux.

要检查SELinux是否正在运行:

To check if SELinux is running:

# getenforce

要禁用SELinux，直到下次重启:

To disable SELinux until next reboot:

# setenforce Permissive

重新启动Nginx，然后查看问题是否仍然存在.如果您想永久更改设置，可以编辑/etc/sysconfig/selinux

Restart Nginx and see if the problem persists. If you would like to permanently alter the settings you can edit /etc/sysconfig/selinux

如果SELinux是您的问题，则可以运行以下命令以允许nginx服务您的www目录(请确保在测试前重新打开SELinux.即# setenforce Enforcing)

If SELinux is your problem you can run the following to allow nginx to serve your www directory (make sure you turn SELinux back on before testing this. i.e, # setenforce Enforcing)

# chcon -Rt httpd_sys_content_t /path/to/www

如果仍然遇到问题，请查看getsebool -a中的布尔标志，尤其是您可能需要打开httpd_can_network_connect进行网络访问

If you're still having issues take a look at the boolean flags in getsebool -a, in particular you may need to turn on httpd_can_network_connect for network access

# setsebool -P httpd_can_network_connect on

对我来说，允许http服务我的www目录就足够了.

For me it was enough to allow http to serve my www directory.

这篇关于即使正确设置了所有权限，为什么Nginx仍返回403?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！