当用独角兽 rails 启动时,Nginx 失败(13:权限被拒绝)
Nginx failed (13: Permission denied) when start rails with unicorn
我的 rails 应用程序在 Unicorn 和 Nginx 的服务器上运行,但是在配置 Nginx 并启动它之后,我得到了错误:
2015/08/03 15:43:44 [crit] 13951#0: *1 stat() "/home/ec2-user/apps/mybest/current/public//index.html" failed (13: Permission denied), client: 123.185.144.80, server: 52.74.148.194, request: "GET / HTTP/1.1", host: "52.74.148.194"
2015/08/03 15:43:44 [crit] 13951#0: *1 stat() "/home/ec2-user/apps/mybest/current/public/.html" failed (13: Permission denied), client: 123.185.144.80, server: 52.74.148.194, request: "GET / HTTP/1.1", host: "52.74.148.194"
2015/08/03 15:43:44 [crit] 13951#0: *1 stat() "/home/ec2-user/apps/mybest/current/public/" failed (13: Permission denied), client: 123.185.144.80, server: 52.74.148.194, request: "GET / HTTP/1.1", host: "52.74.148.194"
这里是nginx_myapp.conf
upstream unicorn {
server unix:/tmp/unicorn.myapp.sock fail_timeout=0;
}
server {
listen 80 default deferred;
server_name 52.74.148.194;
root /home/ec2-user/apps/mybest/current/public;
location ^~ /assets/ {
gzip_static on;
expires max;
add_header Cache-Control public;
}
try_files $uri/index.html $uri.html $uri @unicorn;
location @unicorn {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://unicorn;
}
error_page 500 502 503 504 /500.html;
keepalive_timeout 10;
}
我用谷歌搜索了几个小时,但仍然无法解决这个问题。我在猜测是否有任何路径拼写错误,并且不确定为什么错误消息是“public//index.html”,而不是“public/index.html” 有什么提示吗?谢谢!
Nginx 与用户“nginx”一起运行,如下所示:
编辑:
$ groups nginx
nginx : nginx ec2-user
groups ec2-user
ec2-user : ec2-user wheel
路径权限:(当前)
current]$ ls -l
total 76
drwxrwxr-x 8 ec2-user ec2-user 4096 Aug 3 14:06 app
drwxrwxr-x 2 ec2-user ec2-user 4096 Aug 3 14:08 assets_manifest_backup
drwxrwxr-x 2 ec2-user ec2-user 4096 Aug 3 14:26 bin
-rw-rw-r-- 1 ec2-user ec2-user 830 Aug 3 14:06 Capfile
drwxrwxr-x 6 ec2-user ec2-user 4096 Aug 3 14:08 config
-rw-rw-r-- 1 ec2-user ec2-user 153 Aug 3 14:06 config.ru
drwxrwxr-x 2 ec2-user ec2-user 4096 Aug 3 14:08 db
-rw-rw-r-- 1 ec2-user ec2-user 1720 Aug 3 14:06 Gemfile
-rw-rw-r-- 1 ec2-user ec2-user 5262 Aug 3 14:06 Gemfile.lock
drwxrwxr-x 4 ec2-user ec2-user 4096 Aug 3 14:06 lib
drwxrwxr-x 2 ec2-user ec2-user 4096 Aug 3 14:35 log
drwxrwxr-x 2 ec2-user ec2-user 4096 Aug 3 14:08 public
-rw-rw-r-- 1 ec2-user ec2-user 249 Aug 3 14:06 Rakefile
-rw-rw-r-- 1 ec2-user ec2-user 478 Aug 3 14:06 README.rdoc
-rw-rw-r-- 1 ec2-user ec2-user 8 Aug 3 14:07 REVISION
drwxrwxr-x 8 ec2-user ec2-user 4096 Aug 3 14:06 test
drwxrwxr-x 4 ec2-user ec2-user 4096 Aug 3 14:35 tmp
drwxrwxr-x 3 ec2-user ec2-user 4096 Aug 3 14:06 vendor
public:(我改成777偶了)
ls -l
total 16
-rwxrwxrwx 1 ec2-user ec2-user 1564 Aug 3 14:06 404.html
-rwxrwxrwx 1 ec2-user ec2-user 1547 Aug 3 14:06 422.html
-rwxrwxrwx 1 ec2-user ec2-user 1477 Aug 3 14:06 500.html
lrwxrwxrwx 1 ec2-user ec2-user 47 Aug 3 14:08 assets -> /home/ec2-user/apps/mybest/shared/public/assets
-rwxrwxrwx 1 ec2-user ec2-user 0 Aug 3 14:06 favicon.ico
-rwxrwxrwx 1 ec2-user ec2-user 202 Aug 3 14:06 robots.txt
将nginx.conf中的nginx用户从'nginx'更改为'ec2-user'解决。
确保 nginx 运行 在正确的用户下(主 nginx 配置文件中的 user ... 指令),然后确保该用户可以访问 /home/ec2-user/apps/mybest/current/public/* 文件(即它们与用户属于同一组,并且对它们具有读取权限。
您还需要对路径下的每个目录具有 +x 权限。您可以在终端中看到 ls -l 的权限,然后如果缺少权限就执行类似的操作:
chmod g+x apps
cd apps
chmod g+x mybest
cd mybest
chmod g+x current
cd current
chmod g+x public
cd public
chmod g+r *
UPD。正如在评论中发现的那样,nginx 运行 在 ec2-user 用户名下(配置中的 user ec2-user)很好。 /home and/or /home/ec2-user 很可能存在限制性权限(目录组没有“+x”/“+r”)。就个人而言,我认为在 ec2-user 用户名下使用 nginx 运行 没有任何问题。或者您可以将您的 Rails 应用程序移动到 /var/www/my_app,为 nginx 用户设置权限,然后从那里获得它 运行。
我的 rails 应用程序在 Unicorn 和 Nginx 的服务器上运行,但是在配置 Nginx 并启动它之后,我得到了错误:
2015/08/03 15:43:44 [crit] 13951#0: *1 stat() "/home/ec2-user/apps/mybest/current/public//index.html" failed (13: Permission denied), client: 123.185.144.80, server: 52.74.148.194, request: "GET / HTTP/1.1", host: "52.74.148.194"
2015/08/03 15:43:44 [crit] 13951#0: *1 stat() "/home/ec2-user/apps/mybest/current/public/.html" failed (13: Permission denied), client: 123.185.144.80, server: 52.74.148.194, request: "GET / HTTP/1.1", host: "52.74.148.194"
2015/08/03 15:43:44 [crit] 13951#0: *1 stat() "/home/ec2-user/apps/mybest/current/public/" failed (13: Permission denied), client: 123.185.144.80, server: 52.74.148.194, request: "GET / HTTP/1.1", host: "52.74.148.194"
这里是nginx_myapp.conf
upstream unicorn {
server unix:/tmp/unicorn.myapp.sock fail_timeout=0;
}
server {
listen 80 default deferred;
server_name 52.74.148.194;
root /home/ec2-user/apps/mybest/current/public;
location ^~ /assets/ {
gzip_static on;
expires max;
add_header Cache-Control public;
}
try_files $uri/index.html $uri.html $uri @unicorn;
location @unicorn {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://unicorn;
}
error_page 500 502 503 504 /500.html;
keepalive_timeout 10;
}
我用谷歌搜索了几个小时,但仍然无法解决这个问题。我在猜测是否有任何路径拼写错误,并且不确定为什么错误消息是“public//index.html”,而不是“public/index.html” 有什么提示吗?谢谢!
Nginx 与用户“nginx”一起运行,如下所示:
编辑:
$ groups nginx
nginx : nginx ec2-user
groups ec2-user
ec2-user : ec2-user wheel
路径权限:(当前)
current]$ ls -l
total 76
drwxrwxr-x 8 ec2-user ec2-user 4096 Aug 3 14:06 app
drwxrwxr-x 2 ec2-user ec2-user 4096 Aug 3 14:08 assets_manifest_backup
drwxrwxr-x 2 ec2-user ec2-user 4096 Aug 3 14:26 bin
-rw-rw-r-- 1 ec2-user ec2-user 830 Aug 3 14:06 Capfile
drwxrwxr-x 6 ec2-user ec2-user 4096 Aug 3 14:08 config
-rw-rw-r-- 1 ec2-user ec2-user 153 Aug 3 14:06 config.ru
drwxrwxr-x 2 ec2-user ec2-user 4096 Aug 3 14:08 db
-rw-rw-r-- 1 ec2-user ec2-user 1720 Aug 3 14:06 Gemfile
-rw-rw-r-- 1 ec2-user ec2-user 5262 Aug 3 14:06 Gemfile.lock
drwxrwxr-x 4 ec2-user ec2-user 4096 Aug 3 14:06 lib
drwxrwxr-x 2 ec2-user ec2-user 4096 Aug 3 14:35 log
drwxrwxr-x 2 ec2-user ec2-user 4096 Aug 3 14:08 public
-rw-rw-r-- 1 ec2-user ec2-user 249 Aug 3 14:06 Rakefile
-rw-rw-r-- 1 ec2-user ec2-user 478 Aug 3 14:06 README.rdoc
-rw-rw-r-- 1 ec2-user ec2-user 8 Aug 3 14:07 REVISION
drwxrwxr-x 8 ec2-user ec2-user 4096 Aug 3 14:06 test
drwxrwxr-x 4 ec2-user ec2-user 4096 Aug 3 14:35 tmp
drwxrwxr-x 3 ec2-user ec2-user 4096 Aug 3 14:06 vendor
public:(我改成777偶了)
ls -l
total 16
-rwxrwxrwx 1 ec2-user ec2-user 1564 Aug 3 14:06 404.html
-rwxrwxrwx 1 ec2-user ec2-user 1547 Aug 3 14:06 422.html
-rwxrwxrwx 1 ec2-user ec2-user 1477 Aug 3 14:06 500.html
lrwxrwxrwx 1 ec2-user ec2-user 47 Aug 3 14:08 assets -> /home/ec2-user/apps/mybest/shared/public/assets
-rwxrwxrwx 1 ec2-user ec2-user 0 Aug 3 14:06 favicon.ico
-rwxrwxrwx 1 ec2-user ec2-user 202 Aug 3 14:06 robots.txt
将nginx.conf中的nginx用户从'nginx'更改为'ec2-user'解决。
确保 nginx 运行 在正确的用户下(主 nginx 配置文件中的 user ... 指令),然后确保该用户可以访问 /home/ec2-user/apps/mybest/current/public/* 文件(即它们与用户属于同一组,并且对它们具有读取权限。
您还需要对路径下的每个目录具有 +x 权限。您可以在终端中看到 ls -l 的权限,然后如果缺少权限就执行类似的操作:
chmod g+x apps
cd apps
chmod g+x mybest
cd mybest
chmod g+x current
cd current
chmod g+x public
cd public
chmod g+r *
UPD。正如在评论中发现的那样,nginx 运行 在 ec2-user 用户名下(配置中的 user ec2-user)很好。 /home and/or /home/ec2-user 很可能存在限制性权限(目录组没有“+x”/“+r”)。就个人而言,我认为在 ec2-user 用户名下使用 nginx 运行 没有任何问题。或者您可以将您的 Rails 应用程序移动到 /var/www/my_app,为 nginx 用户设置权限,然后从那里获得它 运行。