Nginx: Permission denied for nginx on Ubuntu

UbuntuNginxDebianVagrantPuppet

Ubuntu Problem Overview

I am new to system administration. After installing nginx via puppet on Ubuntu I get the following output:

[alert] could not open error log file: open() "/var/log/nginx/error.log" failed (13: Permission denied)

[warn] 1898#0: the "user" directive makes sense only if the master process runs with super-user privileges, ignored in /etc/nginx/nginx.conf:1

[emerg] 1898#0: open() "/var/log/nginx/access.log" failed (13: Permission denied)

How do I get rid of all of these messages?

I don't want to use command line directly (chown / chmod) and repeat it every time I create a new server. Therefore, I am thinking of what has to be added to the puppet manifest.

What is the best sysadmin practice in this case: to change owner / permissions for /var/log/nginx or to store logs in different location? If chown / chmod is the way to go, which specific permissions would ensure the highest level of security?

I tried this, but it didn't help:

  file { '/var/log/nginx':
    ensure  => directory,
    mode    => '0755',
    owner   => 'www-data',
    group   => 'www-data',
    recurse => true
  }

Edited:

vagrant@precise64:~$ ps aux | grep [n]ginx
root      1001  0.0  0.1  62908  1388 ?        Ss   08:47   0:00 nginx: master process /usr/sbin/nginx
www-data  1002  0.0  0.1  63260  1696 ?        S    08:47   0:00 nginx: worker process
www-data  1003  0.0  0.1  63260  1696 ?        S    08:47   0:00 nginx: worker process
www-data  1004  0.0  0.1  63260  1696 ?        S    08:47   0:00 nginx: worker process
www-data  1005  0.0  0.1  63260  1696 ?        S    08:47   0:00 nginx: worker process

Ubuntu Solutions

Solution 1 - Ubuntu

Make sure you are running the test as a superuser.

sudo nginx -t

Or the test wont have all the permissions needed to complete the test properly.

Solution 2 - Ubuntu

I faced similar issue while restarting Nginx and found it to be a cause of SeLinux. Be sure to give a try after either disabling SeLinux or temporarily setting it to Permissive mode using below command:

setenforce 0

I hope it helps :)

Solution 3 - Ubuntu

If i assume that your second code is the puppet config then i have a logical explaination, if the error and log files were create before, you can try this

sudo chown -R www-data:www-data /var/log/nginx;
sudo chmod -R 755 /var/log/nginx;

Solution 4 - Ubuntu

just because you don't have the right to acess the file , use

chmod -R 755 /var/log/nginx;

or you can change to sudo then it

Solution 5 - Ubuntu

if you don't want to start nginx as root.

first creat log file :

sudo touch /var/log/nginx/error.log

and then fix permissions:

sudo chown -R www-data:www-data /var/log/nginx

sudo find /var/log/nginx -type f -exec chmod 666 {} \;

sudo find /var/log/nginx -type d -exec chmod 755 {} \;

Solution 6 - Ubuntu

Permission to view log files is granted to users being in the group adm.

To add a user to this group on the command line issue:

sudo usermod -aG adm <USER>

Solution 7 - Ubuntu

For me, I just changed the selinux from enforcing to permissive and then I was able to start nginx without any error.

Solution 8 - Ubuntu

On Debian WSL (Windows Subsystem for Linux) I had to use:

sudo chmod -R 775 /var/log/nginx

Solution 9 - Ubuntu

Found a good description what to do.



# support running as arbitrary user which belogs to the root group
RUN chmod g+rwx /var/cache/nginx /var/run /var/log/nginx
# users are not allowed to listen on priviliged ports
RUN sed -i.bak 's/listen\(.*\)80;/listen 8081;/' /etc/nginx/conf.d/default.conf
EXPOSE 8081
# comment user directive as master process is run as user in OpenShift anyhow
RUN sed -i.bak 's/^user/#user/' /etc/nginx/nginx.conf

Fixing all the issues with running NGNIX without root.

Solution 10 - Ubuntu

I just patch nginx binary replacing path /var/log/nginx/error.log and other with local path.

$ perl -pi \
    -e 's@/var/log/nginx/@_var_log_nginx/@g;' \
    -e 's@/var/lib/nginx/@_var_lib_nginx/@g;' \
    -e 's@/var/run/nginx.pid@_var_run/nginx.pid@g;' \
    -e 's@/run/nginx.pid@_run/nginx.pid@g;' \
    < /usr/sbin/nginx > nginx
$ chmod +x nginx
$ mkdir _var_log_nginx _var_lib_nginx _var_run _run
$ ./nginx -p . -c nginx.conf

It works for testing.

Solution 11 - Ubuntu

This works for me,

sudo chmod -R 777 /var/log/nginx

Solution 12 - Ubuntu

Nginx needs to run by command 'sudo /etc/init.d/nginx start'

Categories
Recommended Ubuntu Solutions
Recommended Nginx Solutions
Recommended Debian Solutions
Recommended Vagrant Solutions
Recommended Puppet Solutions

Previous Solution:

How do I set sys.argv so I can unit test it?

Python

Next Solution:

App not showing in admob when trying to link?

AndroidAdmob

Attributions

All content for this solution is sourced from the original question on Stackoverflow.

The content on this page is licensed under the Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license.

Content TypeOriginal AuthorOriginal Content on Stackoverflow
QuestionkrnView Question on Stackoverflow
Solution 1 - UbuntuCarlssonView Answer on Stackoverflow
Solution 2 - UbuntuChirag JainView Answer on Stackoverflow
Solution 3 - UbuntuMohammad AbuShadyView Answer on Stackoverflow
Solution 4 - UbuntuWang KevinView Answer on Stackoverflow
Solution 5 - UbuntuAmin.QarabaqiView Answer on Stackoverflow
Solution 6 - UbuntuStéphaneView Answer on Stackoverflow
Solution 7 - Ubuntuvipin kumarView Answer on Stackoverflow
Solution 8 - UbuntuGarethASView Answer on Stackoverflow
Solution 9 - UbuntudominicView Answer on Stackoverflow
Solution 10 - UbuntustariusView Answer on Stackoverflow
Solution 11 - UbuntuSushilView Answer on Stackoverflow
Solution 12 - UbuntuQAreaView Answer on Stackoverflow