nginx on Ubuntu: Permission denied

ubuntu nginx debian puppet vagrant

12,666

this could help you.

The messages you are receiving are dued to the fact that you started nginx as non-root user or without using sudo.

To get rid of log dir error, you have to check which user nginx is running as and give the appropriate permissions to that folder ( your puppet rule maybe gave rights to the wrong one )

The warning message you reported is triggered by the fact that ( as warning states ) "user" directive is meant to be used ONLY when your nginx master process is running as root.

12,666

krn

Updated on September 18, 2022

Comments

krn over 1 year

I am new to system administration. After installing nginx via puppet on Ubuntu I get the following output:

[alert] could not open error log file: open() "/var/log/nginx/error.log" failed (13: Permission denied)

[warn] 1898#0: the "user" directive makes sense only if the master process runs with super-user privileges, ignored in /etc/nginx/nginx.conf:1

[emerg] 1898#0: open() "/var/log/nginx/access.log" failed (13: Permission denied)

How do I get rid of all of these messages?

I don't want to use command line directly (chown / chmod) and repeat it every time I create a new server. Therefore, I am thinking of what has to be added to the puppet manifest.

What is the best sysadmin practice in this case: to change owner / permissions for /var/log/nginx or to store logs in different location? If chown / chmod is the way to go, which specific permissions would ensure the highest level of security?

I tried this, but it didn't help:

  file { '/var/log/nginx':
    ensure  => directory,
    mode    => '0755',
    owner   => 'www-data',
    group   => 'www-data',
    recurse => true
  }

Edited:

vagrant@precise64:~$ ps aux | grep [n]ginx
root      1001  0.0  0.1  62908  1388 ?        Ss   08:47   0:00 nginx: master process /usr/sbin/nginx
www-data  1002  0.0  0.1  63260  1696 ?        S    08:47   0:00 nginx: worker process
www-data  1003  0.0  0.1  63260  1696 ?        S    08:47   0:00 nginx: worker process
www-data  1004  0.0  0.1  63260  1696 ?        S    08:47   0:00 nginx: worker process
www-data  1005  0.0  0.1  63260  1696 ?        S    08:47   0:00 nginx: worker process

vagrant@precise64:~$ sudo chown -R www-data:www-data /var/log/nginx;
vagrant@precise64:~$ sudo chmod -R 755 /var/log/nginx;
vagrant@precise64:~$ ls -l /var/log/nginx/
-rwxr-xr-x 1 www-data www-data 214 Sep 10 11:07 error.log

Drew Khoury over 10 years

You shouldn't focus on 'magically getting rid of the errors'. Read them, understand them, Google them and learn about them. Fix the problem that they're telling you about.
krn over 10 years

I tried to fix permissions before posting this question, but this didn't solve the problem: sudo chown -R www-data:www-data /var/log/nginx; sudo chmod -R 755 /var/log/nginx; ls -l /var/log/nginx/ -rwxr-xr-x 1 www-data www-data 214 Sep 10 11:07 error.log