以非root用户身份运行Nginx
我使用Ansible安装了Nginx.要在Centos7上安装,我使用了yum软件包,因此默认情况下它以 root 用户身份运行.我希望它以其他用户(例如- nginx 用户)的身份在Centos框中启动和运行.当我尝试用其他用户运行它时,出现以下错误:
I installed Nginx using Ansible. To install on Centos7 I used the yum package so it by default was run as root user. I want it to start and run as a different user (ex - nginx user) in the Centos box. When I try to run it with a different user I get the following error:
nginx.service的作业失败,因为控制进程退出 错误代码.请参阅"systemctl状态nginx.service"和"journalctl -xe" 有关详细信息.
Job for nginx.service failed because the control process exited with error code. See "systemctl status nginx.service" and "journalctl -xe" for details.
我知道不建议以root身份运行.因此,我该如何解决这个问题,并以非root用户身份运行nginx.谢谢
I know it's not advisable to run as root. So how do I get around this and run nginx as a non root user. Thanks
在您的/etc/nginx/nginx.conf中添加/更改以下内容:
Add/Change the following in your /etc/nginx/nginx.conf:
user nginx;
您应该创建用户并递归授予webroot目录的权限.
You should create the user and grant permissions on the webroot directories recursively.
这样,仅主进程以root的身份运行. 原因::只有root进程才能侦听1024以下的端口.Web服务器通常在端口80和/或443上运行.这意味着它需要以root身份启动.
This way only master process runs as root. Because: Only root processes can listen to ports below 1024. A webserver typically runs at port 80 and/or 443. That means it needs to be started as root.
要以非root用户身份运行主进程:
更改以下内容的所有权:
Change the ownership of the following:
- error_log
- access_log
- pid
- client_body_temp_path
- fastcgi_temp_path
- proxy_temp_path
- scgi_temp_path
- uwsgi_temp_path
将listen指令更改为1024以上的端口,以所需用户身份登录,并通过nginx -c /path/to/nginx.conf
Change the listen directives to ports above 1024, log in as desired user and run nginx by nginx -c /path/to/nginx.conf