0

I tried:

user nginx;
...
...
       location / {
           root /home/tango/www/html;
       }

Only to get 403 forbidden error. The /home/tango/www/html/index.html is generated by tango so I don't think I can put that in /var/www/html/ writing where requires root permission.

The error log confirms the permission error:

2020/07/28 11:50:12 [error] 122769#0: *533 open() "/home/tango/www/html/index.html" failed (13: Permission denied), client: XXX.YYY.ZZZ.AAA, server: , request: "GET /diagcte HTTP/1.1", host: "my.org"

However, ls -la /home/tango/www/html/index.html shows:

-rw-r--r--. 1 tango posixusers 212 Jul 28 11:33 /home/tb571/www/html/index.html

So the nginx user should have read permission.

Anyways, can you help with serving a non-root static file through nginx?

tash
  • 111

1 Answers1

0

The parent directory of the file nginx is trying to access must also have suitable permissions, not just the file itself. Typically a /home directory is not accessible to other users.

You'd need to do something like chgrp -R nginx /home/tango ; chmod g+rx /home/tango, but consider the security implications of this in your own setup.

Depending on your distro, SELinux could also be denying permission. Try audit2allow -a to see if that is causing an issue.

However, it may be advisable to move the root somewhere else and give tango write access there, rather than giving nginx access to the /home directory.

tater
  • 1,475