nginx: "/root/index.html" forbidden (13: Permission denied)
I am installing nginx. Here is the steps I followed:
- Make index.html file in /root directory
edit /etc/nginx/nginx.conf. After edit it looks like this:
user nginx; worker_processes 1; error_log /var/log/nginx/error.log; ... http { ... server { listen 80 default_server; server_name my_domain_name.com; root /root; ... }- following this question I gave away permissions:
gpasswd -a nginx root
chmod g+x /root
(sorry, couldn't correctly format as code)
- I restarted server:
service nginx restart
I visited my_domain_name.com and got 403 error. /var/log/nginx/error.log content:
"/root/index.html" is forbidden (13: Permission denied), client: 117.211.86.108, server: my_domain_name.com, request: "GET / HTTP/1.1", host: "my_domain_name.com"
Answer
Oh! Please don't disable SELinux.
First — do you really need to serve files from /root? That's actually the home directory for the root user, not meant to be the web root. This is actually a very bad idea. Instead, use /var/www/html or (my preference) /srv/www. If you do use /root, make sure you're not exposing ssh keys or authorized_keys files, database passwords, or anything similar. It's really just a bad idea all around.
Second, rather than disabling SELinux (which, in this case, is protecting you from doing something dangerous), you should configure it properly. In Fedora, the SELinux policy as designed so nginx shares this with other webservers, so, using /srv/www/yoursite as the root,
chcon -R -t httpd_sys_content_t /srv/www/yoursite
should do it.