Erro de permissão executando o NGINX como serviço do usuário no diretório do usuário

2

Em execução: CentOS 7, NGINX 1.10.0

Estou recebendo um erro de permissão ao executar o NGINX como "usuário {nome de usuário};" com a seguinte estrutura de pastas e permissões atribuídas:

/ home / {username}

drwxr-xr-x. 4 {username} {username}  88 Sep 28 04:21 .
drwxr-xr-x. 4 {username} {username}  30 Sep 28 04:21 example.com

/ home / {username} /example.com

drwxr-xr-x. 2 {username} {username}  6 Sep 28 07:15 logs --currently empty
drwxr-xr-x. 2 {username} {username}  6 Sep 28 04:21 public --currently empty

sudo nginx -t

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

sudo systemctl status nginx

nginx.service - The nginx HTTP and reverse proxy server
  Loaded: loaded (/usr/lib/systemd/system/nginx.service; disabled; vendor preset: disabled)
  Active: failed (Result: exit-code) since Wed 2016-09-28 07:16:15 UTC; 17min ago
Process: 1520 ExecStartPre=/usr/sbin/nginx -t (code=exited, status=1/FAILURE)
Process: 1519 ExecStartPre=/usr/bin/rm -f /run/nginx.pid (code=exited, status=0/SUCCESS)

Starting The nginx HTTP and reverse proxy server...
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: [emerg] open() "/home/{username}/example.com/logs/access.log" failed (13: Permission denied)
nginx: configuration file /etc/nginx/nginx.conf test failed
nginx.service: control process exited, code=exited status=1
Failed to start The nginx HTTP and reverse proxy server.
Unit nginx.service entered failed state.
nginx.service failed.
    
por Ryan Prentiss 28.09.2016 / 09:45

1 resposta

2
# install semanage if you don't already have it:
yum install policycoreutils-python

# check if SELinux is running:
sestatus

# check output for:     Current mode: enforcing.



# give your content and logs directory a new default context.
semanage fcontext -a -t httpd_sys_rw_content_t "/home/{username}/public(/.*)?"
semanage fcontext -a -t httpd_log_t "/home/{username}/logs(/.*)?"

# apply the default context to the directory
restorecon -R /home/{username}
    
por 28.09.2016 / 20:04