正确的nginx代理访问uwsgi套接字的权限?

时间:2017-01-15 21:27:12

标签: python nginx server file-permissions uwsgi

我跟着DigitalOcean的tutorial使用wsgi和nginx建立了一个烧瓶服务器,但是我的nginx服务器无法访问uwsgi套接字。

错误日志如下:

2017/01/15 21:11:39 [crit] 1565#1565: *1 connect() to unix:/root/fib/fib.sock failed (13: Permission denied) while connecting to upstream, client: <IP>, server: <IP>, request: "GET / HTTP/1.1", upstream: "uwsgi://unix:/root/fib/fib.sock:", host: <IP>
2017/01/15 21:11:40 [crit] 1565#1565: *1 connect() to unix:/root/fib/fib.sock failed (13: Permission denied) while connecting to upstream, client: <IP>, server: <IP>, request: "GET /favicon.ico HTTP/1.1", upstream: "uwsgi://unix:/root/fib/fib.sock:", host: <IP>, referrer: "<IP>"

我的uwsgi ini文件是:

[uwsgi]
module = wsgi:app

master = true
processes = 5

socket = fib.sock
chmod-socket = 666
uid = root
gid = www-data
vacuum = true

die-on-term = true

我的nginx配置是:

server {
    listen 80;
    server_name <SERVER_IP_HIDDEN>;

    location / {
        include uwsgi_params;
        uwsgi_pass unix:/root/fib/fib.sock;
    }
}

任何人都可以帮助我使用正确的权限设置来允许nginx访问套接字文件吗?谢谢!

1 个答案:

答案 0 :(得分:0)

了解有关Unix层次结构的更多信息(UbuntuFreeBSDOSX)。您应该根据风格将套接字文件放在/var/lib/uwsgi/var/run中。

除了root之外,没有人可以访问root的主目录。

如有疑问,请使用namei

相关问题
最新问题