我正在尝试让 nginx 连接到 FreeBSD 上的 uwsgi 套接字。我已将套接字设置为 666,但每当我在浏览器中发出请求时,我都会在 nginx 日志中看到以下内容:
2017/12/12 11:34:04 [crit] 1051#100213: *5 connect() to unix:/home/dashboard/dashboard/dashboard.sock failed (13: Permission denied) while connecting to upstream, client: <IP address>, server: <IP address>, request: "GET / HTTP/1.1", upstream: "uwsgi://unix:/home/dashboard/dashboard/dashboard.sock:", host: "<IP address>"
我的 nginx 进程:
root 1050 0.0 1.5 25496 7280 - Is 11:11 0:00.00 nginx: master process /usr/local/sbin/nginx
www 1051 0.0 1.6 25496 7756 - I 11:11 0:00.01 nginx: worker process (nginx)
我相信这是因为我的 uwsgi 进程(emperor、master 和 worker)以 root 身份运行,而 nginx 以 身份运行www。
我尝试设置 uwsgigid和uid但是wwwuwsgi 工作器会失败并出现以下错误:
*** Starting uWSGI 2.0.15 (64bit) on [Tue Dec 12 11:43:44 2017] ***
compiled with version: 4.2.1 Compatible FreeBSD Clang 4.0.0 (tags/RELEASE_400/final 297347) on 08 December 2017 10:41:56
os: FreeBSD-11.1-RELEASE-p4 FreeBSD 11.1-RELEASE-p4 #0: Tue Nov 14 06:12:40 UTC 2017 [email protected]:/usr/obj/usr/src/sys/GENERIC
nodename: newyork
machine: amd64
clock source: unix
pcre jit disabled
detected number of CPU cores: 1
current working directory: /usr/home/ruipacheco
detected binary path: /usr/local/bin/uwsgi-2.7
chdir() to /home/dashboard/dashboard
chdir(): Permission denied [core/uwsgi.c line 2591]
chdir(): Permission denied [core/uwsgi.c line 1613]
Tue Dec 12 11:43:44 2017 - [emperor] curse the uwsgi instance /home/ruipacheco/uwsgi.ini (pid: 967)
Tue Dec 12 11:43:44 2017 - [emperor] removed uwsgi instance /home/ruipacheco/uwsgi.ini
另一方面,如果我让它以 root 身份运行,nginx 将无法连接到 root 拥有的套接字。
让 nginx 与 FreeBSD 上的 uwsgi 套接字通信的正确程序是什么?