日志中的Nginx + php-fpm输出：[错误]失败（13：权限被拒绝），nginx和php-fpm作为用户流浪者运行

Question

Nginx在浏览器中返回页面

  

403 Forbidden

是我的数据：

/etc/nginx/sites-enabled/lar.template

upstream phpapp {
    server 127.0.0.1:9000;
}
server {
    listen 80;
    server_name www.lar.app lar.app;
    root /home/vagrant/lar/public;
    location / {
        index  index.php index.html index.htm;
    }

    location ~ \.php$ {
    fastcgi_pass   phpapp;
    fastcgi_index  index.php;
    fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
    include        fastcgi_params;
    }

   error_log /var/log/nginx/lar_error.log;
   access_log /var/log/nginx/lar_access.log;
}

/etc/nginx/nginx.conf

user  vagrant;
worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*.*;
}

/etc/opt/remi/php71/php-fpm.d/www.conf

; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
;       will be used.
; RPM: apache Choosed to be able to access some dir as httpd
user = vagrant
; RPM: Keep a group allowed to write in log dir.
group = vagrant


listen = 127.0.0.1:9000

; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server.
; Default Values: user and group are set as the running user
;                 mode is set to 0660
listen.owner = vagrant
listen.group = vagrant

$ ls -l / home / vagrant / lar

＆＃13;

＆＃13;

drwxrwxr-x. 1 vagrant vagrant   4096 дек  3 09:03 app
-rwxrwxr-x. 1 vagrant vagrant   1646 дек  3 09:03 artisan
drwxrwxr-x. 1 vagrant vagrant   4096 дек  3 09:03 bootstrap
-rw-rw-r--. 1 vagrant vagrant   1283 дек  3 09:03 composer.json
-rw-rw-r--. 1 vagrant vagrant 124490 дек  3 09:15 composer.lock
drwxrwxr-x. 1 vagrant vagrant   4096 дек  3 09:03 config
drwxrwxr-x. 1 vagrant vagrant   4096 дек  3 09:03 database
-rw-rw-r--. 1 vagrant vagrant    558 дек  3 09:03 gulpfile.js
-rw-rw-r--. 1 vagrant vagrant    401 дек  3 09:03 package.json
-rw-rw-r--. 1 vagrant vagrant    930 дек  3 09:03 phpunit.xml
drwxrwxr-x. 1 vagrant vagrant   4096 дек  3 09:03 public
-rw-rw-r--. 1 vagrant vagrant   1918 дек  3 09:03 readme.md
drwxrwxr-x. 1 vagrant vagrant   4096 дек  3 09:03 resources
drwxrwxr-x. 1 vagrant vagrant   4096 дек  3 09:03 routes
-rw-rw-r--. 1 vagrant vagrant    563 дек  3 09:03 server.php
drwxrwxr-x. 1 vagrant vagrant   4096 дек  3 09:03 storage
drwxrwxr-x. 1 vagrant vagrant   4096 дек  3 09:03 tests
drwxrwxr-x. 1 vagrant vagrant   4096 дек  3 09:15 vendor

＆＃13;

＆＃13;

＆＃13;

ps -aux | grep php

＆＃13;

＆＃13;

root      1080  0.0  1.9 578248 37264 ?        Ss   09:40   0:01 php-fpm: master process (/etc/opt/remi/php71/php-fpm.conf)
vagrant   2334  0.0  0.5 578248  9752 ?        S    09:40   0:00 php-fpm: pool www
vagrant   2335  0.0  0.5 578248  9752 ?        S    09:40   0:00 php-fpm: pool www
vagrant   2336  0.0  0.5 578248  9752 ?        S    09:40   0:00 php-fpm: pool www
vagrant   2337  0.0  0.5 578248  9752 ?        S    09:40   0:00 php-fpm: pool www
vagrant   2338  0.0  0.5 578248  9756 ?        S    09:40   0:00 php-fpm: pool www
vagrant   6838  0.0  0.0 112672   972 pts/0    D+   11:53   0:00 grep --color=auto php

＆＃13;

＆＃13;

＆＃13;

ps -aux | grep nginx

＆＃13;

＆＃13;

root      1617  0.0  0.0  47792  1232 ?        Ss   09:40   0:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
vagrant   1618  0.0  0.1  48328  2240 ?        S    09:40   0:00 nginx: worker process
vagrant   6840  0.0  0.0 112672   976 pts/0    R+   11:55   0:00 grep --color=auto nginx

＆＃13;

＆＃13;

＆＃13;

lar_error.log

＆＃13;

＆＃13;

 2016/12/03 09:40:54 [error] 1618#1618: *1
 "/home/vagrant/lar/public/index.php" is forbidden (13: Permission
 denied), client: 192.168.5.1, server: www.lar.app, request: "GET /
 HTTP/1.1", host: "lar.app" 2016/12/03 09:40:54 [error] 1618#1618: *1
 open() "/home/vagrant/lar/public/favicon.ico" failed (13: Permission
 denied), client: 192.168.5.1, server: www.lar.app, request: "GET
 /favicon.ico HTTP/1.1", host: "lar.app" 2016/12/03 09:40:54 [error]
 1618#1618: *1 open() "/home/vagrant/lar/public/favicon.ico" failed
 (13: Permission denied), client: 192.168.5.1, server:

＆＃13;

＆＃13;

＆＃13; $ groups vagrant

vagrant: vagrant nginx apache

这里的原因是什么？
提前致谢