CentOs 7.3 and
Nginx 1.11.8 and
This is a clean install, and everytime I get the above error page if I change the root for the nginx dir from
/usr/share/nginx/html to anything.
This time I changed it to /var/www/html.
Now I am getting the error.
I have given the html dir
chmod 775 and then
777 to no avail.
I have also made
chown -R nginx:nginx html/
These don’t work. BUT, if I disabled SELinux as
setenforce 0 everything works.
I don’t want to disable selinux entirely due to this issue, but it’s driving me nuts.
chmoding with www-data gives me this error.
[simon@localhost www]$ chown -R www-data:www-data html chown: invalid user: âwww-data:www-dataâ
Which I think is fair, since I have no user named www-data. Nginx is running under nginx user.
tail /var/log/nginx/error.log gives me this:
2017/01/07 22:37:03 [error] 3336#3336: *1 open() "/var/www/html/nginx.html" failed (13: Permission denied), client: 10.0.2.2, server: localhost, request: "GET /nginx.html HTTP/1.1", host: "localhost" 2017/01/07 22:37:06 [error] 3336#3336: *1 "/var/www/html/index.php" is forbidden (13: Permission denied), client: 10.0.2.2, server: localhost, request: "GET / HTTP/1.1", host: "localhost"
So, it is still a permission issue, probably tied to SELinux VLC thing.. I’m not sure.
Here is my ls -lZ output.
[simon@localhost html]$ ls -lZ -rwxrwxrwx. root root system_u:object_r:vmblock_t:s0 index.php -rwxrwxrwx. root root system_u:object_r:vmblock_t:s0 nginx.html
How on earth did you get those bizarre SELinux contexts? Those are not the default contexts.
Anyway, you should use
restorecon to change the SELinux contexts back to the defaults, on all of your web content. For example:
restorecon -r -v /var/www/html
You also should never chmod 777 anything, not even for “testing”.
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.