-1

I have CentOs 7.3 and Nginx 1.11.8 and PHP-FPM 7.0

This is a clean install, and everytime I get the above error page if I change the root for the nginx dir from /usr/share/nginx/html to anything.

This time I changed it to /var/www/html.

Now I am getting the error.

I have given the html dir chmod 775 and then 777 to no avail.
I have also made chown -R nginx:nginx html/

These don't work. BUT, if I disabled SELinux as setenforce 0 everything works.

I don't want to disable selinux entirely due to this issue, but it's driving me nuts.

chmoding with www-data gives me this error. 

[simon@localhost www]$ chown -R www-data:www-data html
chown: invalid user: âwww-data:www-dataâ

Which I think is fair, since I have no user named www-data. Nginx is running under nginx user.

tail /var/log/nginx/error.log gives me this: 

2017/01/07 22:37:03 [error] 3336#3336: *1 open() "/var/www/html/nginx.html" failed (13: Permission denied), client: 10.0.2.2, server: localhost, request: "GET /nginx.html HTTP/1.1", host: "localhost"
2017/01/07 22:37:06 [error] 3336#3336: *1 "/var/www/html/index.php" is forbidden (13: Permission denied), client: 10.0.2.2, server: localhost, request: "GET / HTTP/1.1", host: "localhost"

So, it is still a permission issue, probably tied to SELinux VLC thing.. I'm not sure.

Here is my ls -lZ output. 

[simon@localhost html]$ ls -lZ
-rwxrwxrwx. root root system_u:object_r:vmblock_t:s0   index.php
-rwxrwxrwx. root root system_u:object_r:vmblock_t:s0   nginx.html
user7342807
  • 101
  • 4

1 Answers1

2

How on earth did you get those bizarre SELinux contexts? Those are not the default contexts.

Anyway, you should use restorecon to change the SELinux contexts back to the defaults, on all of your web content. For example:

restorecon -r -v /var/www/html

You also should never chmod 777 anything, not even for "testing".

Michael Hampton
  • 244,070
  • 43
  • 506
  • 972
  • I applied the context but it didn't change anything. I still get the same SELinux contexts. also, I have a folder called `www` in my windows, full path is: `C:/www` I am mounting this folder to `/var/www` I run `mount -t vboxsf www /var/www` aside from these I haven't done much, it's a clean install. Also, the turning of selinux, and chmoding 777 is just out of distress, I am asking this question so I can avoid doing that :) – user7342807 Jan 08 '17 at 10:03
  • @user7342807 vboxsf? Don't do that. It doesn't work with SELinux. And it's not professional. – Michael Hampton Jan 08 '17 at 15:29
  • Hmm.. I have used it for 2 years, always switching off selinux. I don't know any other alternatives. Is the command wrong, or do I have to use other application to share host folder? – user7342807 Jan 08 '17 at 20:37
  • You don't "share host folder". – Michael Hampton Jan 08 '17 at 20:45
  • I meant, share as as in mount. When I develop web applications in my Linux server, I need to edit them on windows. – user7342807 Jan 08 '17 at 20:46
  • @user7342807 Then create a SSH-user with access limited to that specific web-folder (not your server root) and use something like FileZilla to synchronize your local files with your server files. In case you're talking about a production server: **Don't ever use online servers for development.** In that case better use a local XAMPP. – Broco Jan 10 '17 at 14:40
  • @Broco I think you misread something, as my question has nothing to do with SSH, or user privileges. This is SElinux issue – user7342807 Jan 10 '17 at 14:48
  • @user7342807 Yes sorry, I came here from your other post :P – Broco Jan 10 '17 at 15:06