Permissions on a folder stopping Nginx from starting
Clash Royale CLAN TAG#URR8PPP
up vote
1
down vote
favorite
I am fairly new to Linux. I have a couple of websites that I want to host on my CentOS 7 VPS with Nginx.
Nginx ought to start on start up, but it is failing due to some permissions issue, I know what file has the issue, but I don't know what the permissions should be in order to make Nginx happy.
I've captured what is happening in a screencast.
What am I missing? As you can see from the screencast, nginx:nginx is the set user and group for all the files within the site's directory.
I assume I do not need a www-data user and group, because Nginx has its own user and group (nginx:nginx)?
centos nginx selinux
edited Apr 29 at 10:17
sebasth
5,81121640
asked Apr 27 at 7:43
Ciwan
1216
add a comment |Â
up vote
1
down vote
favorite
I am fairly new to Linux. I have a couple of websites that I want to host on my CentOS 7 VPS with Nginx.
Nginx ought to start on start up, but it is failing due to some permissions issue, I know what file has the issue, but I don't know what the permissions should be in order to make Nginx happy.
I've captured what is happening in a screencast.
What am I missing? As you can see from the screencast, nginx:nginx is the set user and group for all the files within the site's directory.
I assume I do not need a www-data user and group, because Nginx has its own user and group (nginx:nginx)?
centos nginx selinux
edited Apr 29 at 10:17
sebasth
5,81121640
asked Apr 27 at 7:43
Ciwan
1216
add a comment |Â
up vote
1
down vote
favorite
up vote
1
down vote
favorite
I am fairly new to Linux. I have a couple of websites that I want to host on my CentOS 7 VPS with Nginx.
Nginx ought to start on start up, but it is failing due to some permissions issue, I know what file has the issue, but I don't know what the permissions should be in order to make Nginx happy.
I've captured what is happening in a screencast.
What am I missing? As you can see from the screencast, nginx:nginx is the set user and group for all the files within the site's directory.
I assume I do not need a www-data user and group, because Nginx has its own user and group (nginx:nginx)?
centos nginx selinux
edited Apr 29 at 10:17
sebasth
5,81121640
asked Apr 27 at 7:43
Ciwan
1216
I am fairly new to Linux. I have a couple of websites that I want to host on my CentOS 7 VPS with Nginx.
Nginx ought to start on start up, but it is failing due to some permissions issue, I know what file has the issue, but I don't know what the permissions should be in order to make Nginx happy.
I've captured what is happening in a screencast.
What am I missing? As you can see from the screencast, nginx:nginx is the set user and group for all the files within the site's directory.
I assume I do not need a www-data user and group, because Nginx has its own user and group (nginx:nginx)?
centos nginx selinux
edited Apr 29 at 10:17
sebasth
5,81121640
asked Apr 27 at 7:43
Ciwan
1216
edited Apr 29 at 10:17
sebasth
5,81121640
edited Apr 29 at 10:17
sebasth
5,81121640
edited Apr 29 at 10:17
sebasth
5,81121640
5,81121640
asked Apr 27 at 7:43
Ciwan
1216
asked Apr 27 at 7:43
Ciwan
1216
asked Apr 27 at 7:43
Ciwan
1216
1216
add a comment |Â
add a comment |Â
1 Answer
1
active
oldest
votes
up vote
1
down vote
accepted
CentOS uses SELinux to confine http server. When you use non-default configuration (log files in non-typical locations, enable server side scripting, etc.) you likely need to tune SELinux policy.
SELinux logs policy access denials in audit log (/var/log/audit/audit.log) and default tools for suggestions and policy generation include audit2why and audit2allow.
Usual steps for solving SELinux permission issues include tuning policy booleans or(/and) add and apply file labeling rules.
I've explained the topic more generally and in detail for question:
Configure SELinux to allow daemons to use files in non-default locations.
I recommend checking what audit2allow suggests. Your issue might be solved by enabling a boolean policy option. If boolean tuning isn't enough, you need to add file labeling rules. For right file contexts consult httpd_selinux man page.
answered Apr 29 at 10:16
sebasth
5,81121640
add a comment |Â
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
1
down vote
accepted
CentOS uses SELinux to confine http server. When you use non-default configuration (log files in non-typical locations, enable server side scripting, etc.) you likely need to tune SELinux policy.
SELinux logs policy access denials in audit log (/var/log/audit/audit.log) and default tools for suggestions and policy generation include audit2why and audit2allow.
Usual steps for solving SELinux permission issues include tuning policy booleans or(/and) add and apply file labeling rules.
I've explained the topic more generally and in detail for question:
Configure SELinux to allow daemons to use files in non-default locations.
I recommend checking what audit2allow suggests. Your issue might be solved by enabling a boolean policy option. If boolean tuning isn't enough, you need to add file labeling rules. For right file contexts consult httpd_selinux man page.
answered Apr 29 at 10:16
sebasth
5,81121640
add a comment |Â
up vote
1
down vote
accepted
CentOS uses SELinux to confine http server. When you use non-default configuration (log files in non-typical locations, enable server side scripting, etc.) you likely need to tune SELinux policy.
SELinux logs policy access denials in audit log (/var/log/audit/audit.log) and default tools for suggestions and policy generation include audit2why and audit2allow.
Usual steps for solving SELinux permission issues include tuning policy booleans or(/and) add and apply file labeling rules.
I've explained the topic more generally and in detail for question:
Configure SELinux to allow daemons to use files in non-default locations.
I recommend checking what audit2allow suggests. Your issue might be solved by enabling a boolean policy option. If boolean tuning isn't enough, you need to add file labeling rules. For right file contexts consult httpd_selinux man page.
answered Apr 29 at 10:16
sebasth
5,81121640
add a comment |Â
up vote
1
down vote
accepted
up vote
1
down vote
accepted
CentOS uses SELinux to confine http server. When you use non-default configuration (log files in non-typical locations, enable server side scripting, etc.) you likely need to tune SELinux policy.
SELinux logs policy access denials in audit log (/var/log/audit/audit.log) and default tools for suggestions and policy generation include audit2why and audit2allow.
Usual steps for solving SELinux permission issues include tuning policy booleans or(/and) add and apply file labeling rules.
I've explained the topic more generally and in detail for question:
Configure SELinux to allow daemons to use files in non-default locations.
I recommend checking what audit2allow suggests. Your issue might be solved by enabling a boolean policy option. If boolean tuning isn't enough, you need to add file labeling rules. For right file contexts consult httpd_selinux man page.
answered Apr 29 at 10:16
sebasth
5,81121640
CentOS uses SELinux to confine http server. When you use non-default configuration (log files in non-typical locations, enable server side scripting, etc.) you likely need to tune SELinux policy.
SELinux logs policy access denials in audit log (/var/log/audit/audit.log) and default tools for suggestions and policy generation include audit2why and audit2allow.
Usual steps for solving SELinux permission issues include tuning policy booleans or(/and) add and apply file labeling rules.
I've explained the topic more generally and in detail for question:
Configure SELinux to allow daemons to use files in non-default locations.
I recommend checking what audit2allow suggests. Your issue might be solved by enabling a boolean policy option. If boolean tuning isn't enough, you need to add file labeling rules. For right file contexts consult httpd_selinux man page.
answered Apr 29 at 10:16
sebasth
5,81121640
answered Apr 29 at 10:16
sebasth
5,81121640
answered Apr 29 at 10:16
sebasth
5,81121640
answered Apr 29 at 10:16
sebasth
5,81121640
5,81121640
add a comment |Â
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f440356%2fpermissions-on-a-folder-stopping-nginx-from-starting%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
