SELinux导致Nginx无法访问自定义web路径问题

SELinux导致Nginx无法访问自定义web路径问题

最近刚体验了一把CentOS 7,在安装Nginx后,把vhost文件的默认路径修改成home下的一个路径后,无论如何都提示403错误,chmod、chown、修改Nginx运行用户,都无效。

最终发现是SELinux导致的,解决方法:

最简单的方法就是关闭SELinux:

1、如果要临时关闭,可以执行
[cpp] view plaincopy
setenforce 0
此时的状态如下
[html] view plaincopy
[root@rdo ~]# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: permissive
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 28
2、如果要永久关闭,可以修改配置文件/etc/selinux/config,将SELINU置为disabled。
[html] view plaincopy
[root@rdo ~]# cat /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing – SELinux security policy is enforced.
# permissive – SELinux prints warnings instead of enforcing.
# disabled – No SELinux policy is loaded.
#SELINUX=enforcing
SELINUX=disabled
# SELINUXTYPE= can take one of three two values:
# targeted – Targeted processes are protected,
# minimum – Modification of targeted policy. Only selected processes are protected.
# mls – Multi Level Security protection.
SELINUXTYPE=targeted

修改该配置文件也可以执行下面的命令来完成
[html] view plaincopy
sed -i ‘/SELINUX/s/enforcing/disabled/’ /etc/selinux/config
修改完成后,保存重启,重启后状态如下:
[html] view plaincopy
[root@rdo ~]# sestatus
SELinux status: disabled

如果要开启SELinux并且允许nginx访问权限的话,请参考:http://blog.csdn.net/qidizi/article/details/41291397

发表评论

电子邮件地址不会被公开。 必填项已用*标注