nginx connet to .sock failed (13:Permission denied) - 502 bad gateway
Posted by franklmorgan54
|
nginx connet to .sock failed (13:Permission denied) - 502 bad gateway December 29, 2020 05:22AM |
Registered: 3 years ago Posts: 2 |
I am using nginx + uwsgi + django to deploy my very first site on centos7. They worked fine separately in test but I got a 502 bad gateway trying to connet them all together. The /var/log/nginx/error.log file says
2020/12/29 15:52:05 [crit] 1150#0: *1 connect() to unix:/run/uwsgi/site.sock failed (13: Permission denied) while connecting to upstream, client: IPaddress, server: mysite.com, request: "GET / HTTP/1.1", upstream: "uwsgi://unix:/run/uwsgi/site.sock:", host: "IPaddress"
I have tried these but none of them managed to fix the problem:
1.moving the site.sock file from my project base directory to /tmp/site.sock, or according to this tutorial, to /run/uwsgi/site.sock.
2.changing the site.sock file permission from 664 to 666.
3.chown socket file to myuser:nginx, and add myuser to nginx group.
4.running nginx and uwsgi with a www-data user by setting user = www-data in nginx.conf and uid = www-data,pid = www-data in site_uwsgi.ini.
5.turning off selinux by setenforce 0, or doing setsebool -P httpd_can_network_connect 1.
ps aux | grep nginx:
root 1148 0.0 0.0 39296 1972 ? Ss 15:41 0:00 nginx: master process /usr/sbin/nginx
nginx 1150 0.0 0.1 39640 2056 ? S 15:41 0:00 nginx: worker process
ps aux | grep uwsgi:
root 1322 0.0 0.1 54680 3068 ? Ss 15:49 0:00 /home/hanys/.virtualenvs/oligoweb/bin/uwsgi --emperor /etc/uwsgi/sites
hanys 1390 0.0 1.6 261668 34324 ? S 16:40 0:00 /home/hanys/.virtualenvs/oligoweb/bin/uwsgi --ini oligo_uwsgi.ini
hanys 1392 0.0 1.2 261668 26528 ? S 16:40 0:00 /home/hanys/.virtualenvs/oligoweb/bin/uwsgi --ini oligo_uwsgi.ini
hanys 1393 0.0 1.2 261668 26528 ? S 16:40 0:00 /home/hanys/.virtualenvs/oligoweb/bin/uwsgi --ini oligo_uwsgi.ini
hanys 1394 0.0 1.2 261668 26528 ? S 16:40 0:00 /home/hanys/.virtualenvs/oligoweb/bin/uwsgi --ini oligo_uwsgi.ini
hanys 1395 0.0 1.2 261668 26528 ? S 16:40 0:00 /home/hanys/.virtualenvs/oligoweb/bin/uwsgi --ini oligo_uwsgi.ini
hanys 1396 0.0 1.2 261668 26528 ? S 16:40 0:00 /home/hanys/.virtualenvs/oligoweb/bin/uwsgi --ini oligo_uwsgi.ini
hanys 1397 0.0 1.2 261668 26528 ? S 16:40 0:00 /home/hanys/.virtualenvs/oligoweb/bin/uwsgi --ini oligo_uwsgi.ini
hanys 1398 0.0 1.2 261668 26528 ? S 16:40 0:00 /home/hanys/.virtualenvs/oligoweb/bin/uwsgi --ini oligo_uwsgi.ini
hanys 1399 0.0 1.2 261668 26528 ? S 16:40 0:00 /home/hanys/.virtualenvs/oligoweb/bin/uwsgi --ini oligo_uwsgi.ini
hanys 1400 0.0 1.2 261668 26528 ? S 16:40 0:00 /home/hanys/.virtualenvs/oligoweb/bin/uwsgi --ini oligo_uwsgi.ini
hanys 1401 0.0 1.2 261668 26528 ? S 16:40 0:00 /home/hanys/.virtualenvs/oligoweb/bin/uwsgi --ini oligo_uwsgi.ini
and ls -l site.sock:
srw-rw-rw-. 1 hanys nginx 0 12月 29 16:40 /run/uwsgi/oligoweb.sock
That (13: Permission denied) really drives me mad these days. Thank you in advance for any help.
2020/12/29 15:52:05 [crit] 1150#0: *1 connect() to unix:/run/uwsgi/site.sock failed (13: Permission denied) while connecting to upstream, client: IPaddress, server: mysite.com, request: "GET / HTTP/1.1", upstream: "uwsgi://unix:/run/uwsgi/site.sock:", host: "IPaddress"
I have tried these but none of them managed to fix the problem:
1.moving the site.sock file from my project base directory to /tmp/site.sock, or according to this tutorial, to /run/uwsgi/site.sock.
2.changing the site.sock file permission from 664 to 666.
3.chown socket file to myuser:nginx, and add myuser to nginx group.
4.running nginx and uwsgi with a www-data user by setting user = www-data in nginx.conf and uid = www-data,pid = www-data in site_uwsgi.ini.
5.turning off selinux by setenforce 0, or doing setsebool -P httpd_can_network_connect 1.
ps aux | grep nginx:
root 1148 0.0 0.0 39296 1972 ? Ss 15:41 0:00 nginx: master process /usr/sbin/nginx
nginx 1150 0.0 0.1 39640 2056 ? S 15:41 0:00 nginx: worker process
ps aux | grep uwsgi:
root 1322 0.0 0.1 54680 3068 ? Ss 15:49 0:00 /home/hanys/.virtualenvs/oligoweb/bin/uwsgi --emperor /etc/uwsgi/sites
hanys 1390 0.0 1.6 261668 34324 ? S 16:40 0:00 /home/hanys/.virtualenvs/oligoweb/bin/uwsgi --ini oligo_uwsgi.ini
hanys 1392 0.0 1.2 261668 26528 ? S 16:40 0:00 /home/hanys/.virtualenvs/oligoweb/bin/uwsgi --ini oligo_uwsgi.ini
hanys 1393 0.0 1.2 261668 26528 ? S 16:40 0:00 /home/hanys/.virtualenvs/oligoweb/bin/uwsgi --ini oligo_uwsgi.ini
hanys 1394 0.0 1.2 261668 26528 ? S 16:40 0:00 /home/hanys/.virtualenvs/oligoweb/bin/uwsgi --ini oligo_uwsgi.ini
hanys 1395 0.0 1.2 261668 26528 ? S 16:40 0:00 /home/hanys/.virtualenvs/oligoweb/bin/uwsgi --ini oligo_uwsgi.ini
hanys 1396 0.0 1.2 261668 26528 ? S 16:40 0:00 /home/hanys/.virtualenvs/oligoweb/bin/uwsgi --ini oligo_uwsgi.ini
hanys 1397 0.0 1.2 261668 26528 ? S 16:40 0:00 /home/hanys/.virtualenvs/oligoweb/bin/uwsgi --ini oligo_uwsgi.ini
hanys 1398 0.0 1.2 261668 26528 ? S 16:40 0:00 /home/hanys/.virtualenvs/oligoweb/bin/uwsgi --ini oligo_uwsgi.ini
hanys 1399 0.0 1.2 261668 26528 ? S 16:40 0:00 /home/hanys/.virtualenvs/oligoweb/bin/uwsgi --ini oligo_uwsgi.ini
hanys 1400 0.0 1.2 261668 26528 ? S 16:40 0:00 /home/hanys/.virtualenvs/oligoweb/bin/uwsgi --ini oligo_uwsgi.ini
hanys 1401 0.0 1.2 261668 26528 ? S 16:40 0:00 /home/hanys/.virtualenvs/oligoweb/bin/uwsgi --ini oligo_uwsgi.ini
and ls -l site.sock:
srw-rw-rw-. 1 hanys nginx 0 12月 29 16:40 /run/uwsgi/oligoweb.sock
That (13: Permission denied) really drives me mad these days. Thank you in advance for any help.
|
Re: nginx connet to .sock failed (13:Permission denied) - 502 bad gateway December 31, 2020 02:49AM |
Registered: 3 years ago Posts: 2 |
It seems like this problem is quite common. I'd suggest you try the following steps and see if it solves the problem:
In the nginx.conf file, by default the user as nginx is defined at the very top section of the nginx.conf file as seen below;
user nginx; # Default Nginx user
Change nginx to the name of your current user - here, David is my current username.
user David; # Run Nginx as David's permissions (as username of the current logged in user)
Toggle the SELinux boolean value for httpd network connect to on, with the persistant flag: setsebool httpd_can_network_connect on -P
Also, I found some of these commands which might come handy in fixing SELinux:
sudo cat /var/log/audit/audit.log | grep nginx | grep denied | audit2allow -M mynginx sudo semodule -i mynginx.pp
https://exonlinecalculator.com/how-to-find-vat-number-of-company/
In the nginx.conf file, by default the user as nginx is defined at the very top section of the nginx.conf file as seen below;
user nginx; # Default Nginx user
Change nginx to the name of your current user - here, David is my current username.
user David; # Run Nginx as David's permissions (as username of the current logged in user)
Toggle the SELinux boolean value for httpd network connect to on, with the persistant flag: setsebool httpd_can_network_connect on -P
Also, I found some of these commands which might come handy in fixing SELinux:
sudo cat /var/log/audit/audit.log | grep nginx | grep denied | audit2allow -M mynginx sudo semodule -i mynginx.pp
https://exonlinecalculator.com/how-to-find-vat-number-of-company/
Sorry, only registered users may post in this forum.
Online Users
Guests:
272
Record Number of Users:
8
on April 13, 2023
Record Number of Guests:
421
on December 02, 2018
This forum is powered by Phorum.
 |
 |
 |
 |
|