Question

我正在使用Puma运行我的rails应用程序，并且我正在尝试使我的nginx配置指向它。我的nginx错误日志中出现以下错误：

2016/05/15 15:18:41 [crit] 1611#0: *31 stat() "/home/rails/acceptable-trader/current/public//index.html" failed (13: Permission denied), client: 66.253.181.206, server: , request: "GET / HTTP/1.1", host: "trade.acceptableice.com"
2016/05/15 15:18:41 [crit] 1611#0: *31 stat() "/home/rails/acceptable-trader/current/public/" failed (13: Permission denied), client: 66.253.181.206, server: , request: "GET / HTTP/1.1", host: "trade.acceptableice.com"
2016/05/15 15:18:41 [crit] 1611#0: *31 connect() to unix:///home/rails/acceptable-trader/shared/tmp/sockets/acceptable-trader-puma.sock failed (13: Permission denied) while connecting to upstream, client: 66.253.181.206, server: , request: "GET / HTTP/1.1", upstream: "http://unix:///home/rails/acceptable-trader/shared/tmp/sockets/acceptable-trader-puma.sock:/", host: "trade.acceptableice.com"
2016/05/15 15:18:41 [crit] 1611#0: *31 stat() "/home/rails/acceptable-trader/current/public/500.html/index.html" failed (13: Permission denied), client: 66.253.181.206, server: , request: "GET / HTTP/1.1", upstream: "http://unix:///home/rails/acceptable-trader/shared/tmp/sockets/acceptable-trader-puma.sock/", host: "trade.acceptableice.com"
2016/05/15 15:18:41 [crit] 1611#0: *31 stat() "/home/rails/acceptable-trader/current/public/500.html" failed (13: Permission denied), client: 66.253.181.206, server: , request: "GET / HTTP/1.1", upstream: "http://unix:///home/rails/acceptable-trader/shared/tmp/sockets/acceptable-trader-puma.sock/", host: "trade.acceptableice.com"
2016/05/15 15:18:41 [crit] 1611#0: *31 connect() to unix:///home/rails/acceptable-trader/shared/tmp/sockets/acceptable-trader-puma.sock failed (13: Permission denied) while connecting to upstream, client: 66.253.181.206, server: , request: "GET / HTTP/1.1", upstream: "http://unix:///home/rails/acceptable-trader/shared/tmp/sockets/acceptable-trader-puma.sock:/500.html", host: "trade.acceptableice.com"
2016/05/15 15:18:41 [crit] 1611#0: *31 stat() "/home/rails/acceptable-trader/current/public//index.html" failed (13: Permission denied), client: 66.253.181.206, server: , request: "GET / HTTP/1.1", host: "trade.acceptableice.com"
2016/05/15 15:18:41 [crit] 1611#0: *31 stat() "/home/rails/acceptable-trader/current/public/" failed (13: Permission denied), client: 66.253.181.206, server: , request: "GET / HTTP/1.1", host: "trade.acceptableice.com"
2016/05/15 15:18:41 [crit] 1611#0: *31 connect() to unix:///home/rails/acceptable-trader/shared/tmp/sockets/acceptable-trader-puma.sock failed (13: Permission denied) while connecting to upstream, client: 66.253.181.206, server: , request: "GET / HTTP/1.1", upstream: "http://unix:///home/rails/acceptable-trader/shared/tmp/sockets/acceptable-trader-puma.sock:/", host: "trade.acceptableice.com"
2016/05/15 15:18:41 [crit] 1611#0: *31 stat() "/home/rails/acceptable-trader/current/public/500.html/index.html" failed (13: Permission denied), client: 66.253.181.206, server: , request: "GET / HTTP/1.1", upstream: "http://unix:///home/rails/acceptable-trader/shared/tmp/sockets/acceptable-trader-puma.sock/", host: "trade.acceptableice.com"
2016/05/15 15:18:41 [crit] 1611#0: *31 stat() "/home/rails/acceptable-trader/current/public/500.html" failed (13: Permission denied), client: 66.253.181.206, server: , request: "GET / HTTP/1.1", upstream: "http://unix:///home/rails/acceptable-trader/shared/tmp/sockets/acceptable-trader-puma.sock/", host: "trade.acceptableice.com"
2016/05/15 15:18:41 [crit] 1611#0: *31 connect() to unix:///home/rails/acceptable-trader/shared/tmp/sockets/acceptable-trader-puma.sock failed (13: Permission denied) while connecting to upstream, client: 66.253.181.206, server: , request: "GET / HTTP/1.1", upstream: "http://unix:///home/rails/acceptable-trader/shared/tmp/sockets/acceptable-trader-puma.sock:/500.html", host: "trade.acceptableice.com"

我已经尝试将accepted-trader-puma.sock及其父文件夹更改为由www-data拥有，但似乎没有做任何事情。

我的nginx网站文件是：

upstream puma {
  server unix:///home/rails/acceptable-trader/shared/tmp/sockets/acceptable-trader-puma.sock;
}

server {
  listen 80 default_server deferred;
  # server_name example.com;

  root /home/rails/acceptable-trader/current/public;
  access_log /home/rails/acceptable-trader/current/log/nginx.access.log;
  error_log /home/rails/acceptable-trader/current/log/nginx.error.log info;

  location ^~ /assets/ {
    gzip_static on;
    expires max;
    add_header Cache-Control public;
  }

  try_files $uri/index.html $uri @puma;
  location @puma {
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;
    proxy_redirect off;

    proxy_pass http://puma;
  }

  error_page 500 502 503 504 /500.html;
  client_max_body_size 10M;
  keepalive_timeout 10;
}

Answer 1

由于nginx无权访问这些文件夹，导致这些错误。如果您通过

更改了用户

chown -R nginx：nginx / folder / path

但仍然不起作用，那么它更可能是SELinux错误。作为快速解决方法，您可以尝试

setenforce permissive

这不是推荐的，但它是测试天气是否与SELinux相关的测试。如果之后有效，则需要编辑SELinux策略以允许nginx具有访问这些文件夹的正确权限。这里的链接不是美洲狮，但仍然很好地阅读如何解决此错误： nginx error 13

Answer 2

面临同样的问题。解决了以下问题

然后使用setenforce 0设置许可模式添加nginx semodule并使用setenforce 1再次启用SELinux；

sudo setenforce 0 sudo yum install -y policycoreutils-{python,devel} sudo grep nginx /var/log/audit/audit.log | audit2allow -M nginx sudo semodule -i nginx.pp sudo setenforce 1

尝试访问Puma套接字时，nginx权限被拒绝

2 个答案: