OK, I didn’t expect this, but a good installation of
nginx has me very confused. How does a perfectly fine installation not be able to complete the test of its own master
[2022_Aug_3 22:35:17 user3@server_f ~] nginx -t -c /etc/nginx/nginx.conf
nginx: [alert] could not open error log file: open() "/var/log/nginx/error.log" failed (13: Permission denied)
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
2022/08/03 22:35:23 [emerg] 58683#0: open() "/run/nginx.pid" failed (13: Permission denied)
nginx: configuration file /etc/nginx/nginx.conf test failed
nginx couldn’t run its very own test for
Passenger can’t write files it needs:
2022/08/03 19:24:34 [alert] 55601#0: *3 Error opening '/home/user3/sites/Passengerfile.json' for reading: Permission denied (errno=13);
This error means that the Nginx worker process (PID 55601, running as UID 992) does not have permission to access this file.
I can only think that the distro is the culprit here. I’ve never seen such permissions issues on a vetted and managed installation.
Does anybody know how I can alleviate this? This is hugely annoying. It appears the install scripts make choices that stand in the way of the user.
You are running the command as user3. user3 does not have access to the files.
sudo nginx -t -c /etc/nginx/nginx.conf
Does the nginx user have access to /home/user3/sites/Passengerfile.json ?
ls -la /home/user3/sites/Passengerfile.json
You are trying to serve files outside the default /usr/share/nginx/html. Check the selinux logs to make sure it is not being blocked there.
sudo ausearch -m AVC,USER_AVC -ts recent
Yes, user3 is my normal user (me).
sudo works, but my user is a member of the
nginx group. As for
Passengerfile.json, there is no file. Here is what happened:
$ sudo ausearch -m AVC,USER_AVC -ts recent
I changed the
selinux directives and now the box won’t start up:
[FAILED] Failed to start Authorization Manager.
See 'systemct1 status polkit.service' for details
[DEPEND] Dependency failed for Dymamic System Tuning Daemon.
FAILED] Failed to start System Security Services Daemon.
Now I have to resurrect this system. Can I do that without mounting this on another machine to change those two directives on
Why did you change the selinux directive??? Can you boot to rescue mode to make the changes?
Because I wanted it to report and not act on what was tripping the system. I’m now trying to get into it with a USB drive. Boot menu
rescue won’t load.
And we’re back. So that output was empty.
sudo to my
scripts so they work now. But I’m now facing
Passenger issues with
permissions on files that don’t exist.