At my job we are moving to Nginx for the load balancing of our sites. Nginx is a very powerful load balancing/proxy server tool. It allows weighting, ssl acceleration, among other functionality while remaining light weight and easy to configure.

In preperation for a large web services launch, I began to analyze some logs and keep an eye on the system. I noticed one of the sites that we’ve already deployed was hammering our error messages in /var/log/nginx/error.log reading:

2009/06/23 12:38:22 [crit] 808#0: *724154 open() “/var/nginx/tmp/proxy_temp/4/83/0000002834″ failed (13: Permission denied) while reading upstream, client: XXX.XXX.XXX.XXX, server: xxx.host.com, request: “GET /dir/page.php”, upstream: “http://backendserverip/dir/page.php”, host: “host.com”, referrer: “http://referrer.com/apage.php”

Upon reviewing the site I noticed some (not all) of the pages were only partially loading. The issue is exactly what the log says. Permission denied = Permission issue.

Check your /etc/nginx/nginx.conf (OpenBSD) file for the user nginx processes will run as:

user  nobody;

Or, do:

# ps aux | grep “nginx: worker process” | awk ‘{print $1}’ nobody

In both cases you see that I’m running the nginx worker process as user nobody. Now we need to check our permissions on: /var/nginx/tmp/proxy_temp

# ls -l /var/nginx/tmp/ | grep proxy_temp drwxrwx—  12 nobody  _nginx  512 Jun 23 13:10 proxy_temp

Looks good. The directory is owned by nobody and is writeable by both nobody and the group _nginx. What could the issue be? Lets move up a level and check the permissions.

# ls -l /var/nginx | grep tmp drwx——  5 _nginx  _nginx  512 May  7 11:54 tmp

Ah ha! The parent directory is owned my _nginx:_nginx and is only writeable for that user. Our user ‘nobody’ therefore does not have the permissions to write in here. So, we can do a few things. Either make the entire directory writeable by everyone or change the ownership.

# chmod 777 /var/nginx/tmp

or

# chown nobody:_nginx /var/nginx/tmp

This should cure your permissions issues and all pages should load completely (at least mine do!)

Nginx 权限问题的更多相关文章

  1. nginx权限问题failed(13:Permission denied)

    nginx权限问题failed(13:Permission denied) 环境配置  nginx Permission denied 问题: 使用nginx代理uwsgi,出现500错误,查看ngi ...

  2. ubuntu 14.04中Elasticsearch 2.3 中 Nginx 权限认证

    前言:本文实现了nginx简单保护elasticsearch,类似的保护也可以采用elasticsearch 官方插件shield 一.准备密码 1.确认htpasswd是否已经安装 which ht ...

  3. 详解nginx、php-fpm和mysql用户权限

    通常情况下,我们运行web应用的服务器有CentOS.Ubuntu.Debian等等的Linux发行版本.这时候,构成服务架构所必须的Nginx.php和MySQL等应用的权限控制就显得非常重要,各个 ...

  4. tomcat用root权限也起不来

    昨晚把服务器弄的启动不了了,先来还原一下作案现场, 错误操作过程:替换classes目录下的某个目录,比如com,由于替换了classes文件,所以需要重启tomcat,在bin目录下执行sh sta ...

  5. Nginx快速入门菜鸟笔记

    Nginx快速入门-菜鸟笔记   1.编译安装nginx 编译安装nginx 必须先安装pcre库. (1)uname -a 确定环境 Linux localhost.localdomain 2.6. ...

  6. nginx网站架构优化思路(原)

    本人接触的优化主要分为三大类 黑体的为本模块下的重点  ---------------安全优化 安全在生产场景中是第一位的 1.1 站点目录权限的优化 (修改权限755 644 所属用户root,需要 ...

  7. 跨过Nginx上基于uWSGI部署Django项目的坑

    先说说他们的关系,Nginx和uWSGI都是Web服务器,Nginx负责静态内容,uWSGI负责Python这样的动态内容,二者配合共同提供Web服务以实现提高效率和负载均衡等目的.uWSGI实现了多 ...

  8. 前端页面JS和CSS以及图片加载nginx报错:net::ERR_CONTENT_LENGTH_MISMATCH的解决与检查

    首先检查nginx权限 具体可参考地址https://www.cnblogs.com/hooly/p/9951748.html 或者百度其他方法 还有种情况,之前是可以用的,突然出现这种加载报错的情况 ...

  9. Ubuntu安装设置nginx和nohup常用操作

    nginx安装 Ubuntu直接从常规源中安装 apt-get install nginx 安装的目录 配置文件:/etc/nginx/ 主程序文件:/usr/sbin/nginx Web默认目录:/ ...

随机推荐

  1. ajax done和always区别

    jQuery中Ajax有done和always这两个回调方法:done:成功时执行,异常时不会执行.always:不论成功与否都会执行.

  2. Docker命令分类及使用场景分布(脑图)

    常见的Docker命令分类主要有 不同使用场景下的命令分布 有疑问可到官方文档查询: https://docs.docker.com/engine/reference/commandline/dock ...

  3. oracle加密-des 简单举例.

    Declare  v_seed Raw(128);  v_key_1 Raw(64);  v_key_2 Raw(64);    v_Text_for_encrypted Raw(64);  v_mw ...

  4. linux创建用户名密码等操作

    转自: https://www.linuxidc.com/Linux/2017-06/144916.htm 与大家分享下Linux系统中创建用户.设置密码.修改用户.删除用户的命令,希望对你有所帮助. ...

  5. git的几个操作

    git reference https://git-scm.com/docs 克隆 从远程仓库克隆一个项目到本地文件夹,命令如下:$ git clone https://github.com/libg ...

  6. 极客先锋 如何生成git的公钥和私钥

    一. Git windows 客服端(MsysGit)下载 下载地址:http://code.google.com/p/msysgit/ 二.从开始菜单中找到Git 点击Git Bash 弹出命令行窗 ...

  7. MongoDB Linux环境安装及配置[转]

    CentOS 6.5系统中使用yum安装MongoDB 2.6 教程 CentOS 6.5系统中使用yum安装MongoDB 2.6 教程,本文共分5个步骤完成MongoDB的安装.下面我们在Cent ...

  8. DSYMTools App Bug 分析工具

    1.DSYMTools 简介 DSYMTools 是一个可以解析 iOS Crash 文件的工具. GitHub 下载地址 DSYMTools 其它下载地址 DSYMTools v1.0.5 for ...

  9. linux创建root也不能访问的文件夹

    就像在windows下创建两个点以上的文件无法删除一样,linux下也可以有同样的技巧: [root@localhost ~]# touch test/.immutable [root@localho ...

  10. mysql数据库热备份

    使用Percona XtraBackup 先安装依赖包 yum install -y perl-DBD-MySQL perl-DBI perl-Time-HiRes libaio* 到Percona官 ...