0
我試圖與nginx的CentOS的7連uWSGI瓶應用,Nginx的錯誤日誌在/var/log/nginx/error.log給出:nginx的uWSGI連接到Unix套接字失敗
2017/10/04 22:35:29 [crit] 24381#0: *54 connect() to unix:/var/www/html/CON29Application1/socket.sock failed
(13: Permission denied) while connecting to upstream, client: 80.44.138.51,
server: 188.226.174.121, request: "GET /favicon.ico HTTP/1.1", upstream: "uwsgi://unix:/var/www/html/CON29Application1/socket.sock:",
host: "188.226.174.121", referrer: "http://188.226.174.121/"
uWSGI錯誤日誌顯示我認爲uWSGI正常運行:
WSGI app 0 (mountpoint='') ready in 1 seconds on interpreter 0x1a1ebd0 pid: 26364 (default app)
這是我在Linux上首次部署,但讀另一SO答案在這裏:Nginx can't access a uWSGI unix socket on CentOS 7 這傢伙回答了自己的問題,並提到了博客上的SE Linux http://axilleas.me/en/blog/2013/selinux-policy-for-nginx-and-gitlab-unix-socket-in-fedora-19/後,說SE林ux是問題所在。我真的不知道SE Linux上運行的是什麼,解決方案似乎涉及到在nginx audit.log中更改「AVC」消息,我開始厭倦了我的腦海!
隨着博客文章稱,我得到的消息AVC拒絕提寫入和nginx的在/var/log/audit/audit.log:
type=AVC msg=audit(1507153878.777:559609): avc: denied { write } for pid=24381
comm="nginx" name="socket.sock" dev="vda1" ino=715975
scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:var_t:s0 tclass=sock_file
但作爲一個新手,是否有可能也許更簡單的東西我做錯了,可以修復與chmod權限或chown?感謝任何想法。 插座權限:
ls -l socket.sock
srwxrwxrwx. 1 will nginx 0 Oct 4 17:02 socket.sock