在CentOS 7.2 添加了nginx官方的yum源,使用yum install nginx 安装的nginx/1.10.2
安装完成后我关闭了系统防火墙,默认站点可以正常访问,我又添加了另一个虚拟主机配置文件,内容如下:
server {
listen 80;
server_name idas.it;
root /home/html;
index index.html index.php;
# location / {
# try_files $uri $uri/ /index.php?$query_string;
# }
location ~ \.php$ {
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}目录权限如下:
[root@hrms /]# ll && cd /home && ll && cd html && ll
total 84
dr-xr-xr-x. 17 root root 4096 Nov 12 13:39 .
dr-xr-xr-x. 17 root root 4096 Nov 12 13:39 ..
lrwxrwxrwx. 1 root root 7 Nov 12 11:37 bin -> usr/bin
dr-xr-xr-x. 5 root root 4096 Nov 12 12:16 boot
drwxr-xr-x. 20 root root 3260 Nov 12 13:10 dev
drwxr-xr-x. 83 root root 8192 Nov 12 14:40 etc
drwxr-xr-x. 5 root root 78 Nov 12 15:27 home
lrwxrwxrwx. 1 root root 7 Nov 12 11:37 lib -> usr/lib
lrwxrwxrwx. 1 root root 9 Nov 12 11:37 lib64 -> usr/lib64
drwxr-xr-x. 2 root root 6 Aug 12 2015 media
drwxr-xr-x. 2 root root 6 Aug 12 2015 mnt
drwxr-xr-x. 2 root root 6 Aug 12 2015 opt
dr-xr-xr-x. 137 root root 0 Nov 12 13:10 proc
-rw-r--r--. 1 root root 43092 Nov 12 13:11 .readahead
dr-xr-x---. 6 root root 4096 Nov 12 15:23 root
drwxr-xr-x. 24 root root 680 Nov 12 15:31 run
lrwxrwxrwx. 1 root root 8 Nov 12 11:37 sbin -> usr/sbin
drwxr-xr-x. 2 root root 6 Aug 12 2015 srv
dr-xr-xr-x. 13 root root 0 Nov 12 13:10 sys
drwxrwxrwt. 10 root root 4096 Nov 12 15:31 tmp
drwxr-xr-x. 13 root root 4096 Nov 12 11:37 usr
drwxr-xr-x. 20 root root 4096 Nov 12 13:38 var
total 12
drwxr-xr-x. 5 root root 78 Nov 12 15:27 .
dr-xr-xr-x. 17 root root 4096 Nov 12 13:39 ..
-rw-r--r--. 1 root root 1097 Oct 19 00:35 default.conf
drwxrwxr-x. 2 root root 23 Nov 12 15:24 html
drwxr-xr-x. 5 mysql mysql 4096 Nov 12 14:22 mysql
drwxrwxr-x. 2 nginx nginx 6 Nov 12 14:41 php
total 4
drwxrwxr-x. 2 root root 23 Nov 12 15:24 .
drwxr-xr-x. 5 root root 78 Nov 12 15:27 ..
-rwxrwxr-x. 1 root root 612 Nov 12 15:24 index.html权限都给了,但是访问依然是403 Forbidden,下面是nginx的错误日志:
2016/11/12 15:31:28 [error] 17524#17524: *2 "/home/html/index.html" is forbidden (13: Permission denied), client: 10.120.9.254, server: idas.it, request: "GET / HTTP/1.1", host: "idas.it"
2016/11/12 15:39:28 [error] 17524#17524: *3 "/home/html/index.html" is forbidden (13: Permission denied), client: 10.120.9.254, server: idas.it, request: "GET / HTTP/1.1", host: "idas.it"
2016/11/12 15:39:29 [error] 17524#17524: *3 "/home/html/index.html" is forbidden (13: Permission denied), client: 10.120.9.254, server: idas.it, request: "GET / HTTP/1.1", host: "idas.it"同样的权限配置,为什么在/var/share/nginx/html目录就能正常访问,而其他目录都没有权限呢?
[root@hrms html]# ps aux | grep nginx
nginx 17292 0.0 0.1 650776 10504 ? S 14:50 0:00 php-fpm: pool www
nginx 17293 0.0 0.1 650776 10500 ? S 14:50 0:00 php-fpm: pool www
nginx 17294 0.0 0.1 650776 10500 ? S 14:50 0:00 php-fpm: pool www
nginx 17295 0.0 0.1 650776 10500 ? S 14:50 0:00 php-fpm: pool www
nginx 17296 0.0 0.1 650776 10504 ? S 14:50 0:00 php-fpm: pool www
root 17523 0.0 0.0 47792 1164 ? Ss 15:31 0:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
nginx 17524 0.0 0.0 48184 2184 ? S 15:31 0:00 nginx: worker process
root 17617 0.0 0.0 112648 964 pts/0 S+ 16:19 0:00 grep --color=auto nginx我后来把/home、子目录及文件的所有者和和用户组都设为nginx,但是依然是403 Forbidden,错误日志还是一样!
求老司机带路!!!!!
可以试试是否是SElinux没关导致的,可以使用如下命令关闭:
好像跟什么安全策略有关,通过软连接应该可以解决,ln -s /var/nginx/html /home/html