Permission denied for Nginx even if www-data user has group write access

linux ubuntu php nginx
9,605

A possible reason: when you add www-data user to the ubuntu group, it only affects sessions started later.

su - www-data -s /bin/bash creates a new session, so it works fine. But Nginx is still running as www-data user, therefore I suspect that it's the reason for the above error.

(if you switch to the www-data user before doing a usermod -a -G ubuntu www-data, I'm pretty sure that you will only see uid=33(www-data) gid=33(www-data) groups=33(www-data) when typing id)

Either restarting Nginx or do a newgrp ubuntu after switching to www-data user to make it take effect immediately.

Share:
9,605

Related videos on Youtube

Roman Newaza
Author by

Roman Newaza

Updated on September 18, 2022

Comments

  • Roman Newaza
    Roman Newaza over 1 year

    Nginx is not able to write to log file even if its user has write group access. Here are some details:

    www-data user is in ubuntu group:

    $ id www-data
uid=33(www-data) gid=33(www-data) groups=33(www-data),1000(ubuntu)

    /opt/logs/ is group writable:

    $ ls -ld /opt/logs/
drwxrwxr-x 2 ubuntu ubuntu 4096 2012-07-27 02:47 /opt/logs/

    www-data user can create /opt/logs/1 as expected:

    $ su www-data
$ touch /opt/logs/1
$ ls -l /opt/logs/1
-rw-rw-r-- 1 www-data www-data 0 2012-07-27 02:47 /opt/logs/1

    Nginx user:groups:

    var_dump(system('whoami'), system('groups'));
// string 'www-data' (length=8)
// string 'www-data ubuntu' (length=15)

    But Nginx is not able to write:

    Warning: file_put_contents(/opt/logs/Error.log) function.file-put-contents failed to open stream: Permission denied

    /opt/logs/Error.log doesn't exist

    So why coudn't it write to file?

    • chocripple
      chocripple almost 12 years
      any /opt/logs/Error.log exists ?, if yes, what's the permission ?. check if parent directory permission also. any apparmor or selinux ?
    • Roman Newaza
      Roman Newaza almost 12 years
      No, /opt/logs/Error.log doesn't exist. If it's apparmor or selinux, why can I create a file over shell?
    • Roman Newaza
      Roman Newaza almost 12 years
      Furthermore, I chowned it to ubuntu:www-data and back to ubuntu:ubuntu and now it can write!

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to enable/install the php fileinfo module for php 7.2
Nginx is running but not serving php files
PHP Errors (via FastCGI) with Nginx on Ubuntu Linode
php5-fpm not responding
Deny access to a PHP file (Nginx)
PHP/Ubuntu - QxcbConnection: Could not connect to display aborted
What is the different between php5 and php5-dev
PHP-FPM + Laravel + Nginx + Ubuntu permission
change ip address of server using PHP
Reload php on CentOS