通过“setfacl”授予目录权限,但 nginx 仍会收到“权限被拒绝”的错误提示。为什么?

通过“setfacl”授予目录权限,但 nginx 仍会收到“权限被拒绝”的错误提示。为什么?

(1)

nginx 作为“http”运行:

$ sudo ps aux| grep nginx
root       10932  0.0  0.1  22264  1340 ?        Ss   18:27   0:00 nginx: master process /usr/bin/nginx -g pid /run/nginx.pid; error_log stderr;
http       10933  0.0  0.6  22796  6108 ?        S    18:27   0:00 nginx: worker process
user1      10939  0.0  0.2   6672  2680 pts/0    S+   18:28   0:00 grep nginx

(2)

相应组的权限:

$ sudo setfacl -m g:http:rwx -R ~/web_apps/my_app1

$ sudo getfacl ~/web_apps/my_app1
# file: home/user1/web_apps/my_app1
# owner: user1
# group: user1
user::rwx
group::r-x
group:http:rwx
mask::rwx
other::r-x

(3)

然而,当从互联网访问时,nginx 将无法提供任何文件,因为缺乏必要的权限

[error] 10933#10933: *1 open() "/home/user1/web_apps/my_app1/assets/static/favicon.ico" 
    failed (13: Permission denied), 
    client: x.x.x.x, server: my_app1.com,
    request: "GET /favicon.ico HTTP/2.0",
    host: "my_app1.com",
    referrer: "https://my_app1.com/assets/static/fdsafdsafds"

怎么了?

相关内容