You are not logged in.

#1 2013-05-07 19:21:02

Registered: 2013-04-24
Posts: 5

[solved] nginx chroot jail: open() "/run/" Permission denied

I used the perl script from the nginx wiki to configure chroot jail and also configured the nginx systemd unit file. When I try to start the service I get

# systemctl start nginx
Job for nginx.service failed. See 'systemctl status nginx.service' and 'journalctl -xn' for details.
# systemctl status nginx.service
nginx.service - A high performance web server and a reverse proxy server in chroot jail
   Loaded: loaded (/etc/systemd/system/nginx.service; enabled)
   Active: failed (Result: exit-code) since tis 2013-05-07 20:58:49 CEST; 4s ago
  Process: 418 ExecStartPre=/usr/bin/chroot --userspec=http:http /srv/http /usr/sbin/nginx -t -q -g pid /run/; daemon on; master_process on; (code=exited
, status=1/FAILURE)

Executing the ExecStartPre line produces the open error.

# /usr/bin/chroot --userspec=http:http /srv/http /usr/sbin/nginx -t -q -g 'pid /run/; daemon on; master_process on;'
nginx: [emerg] open() "/run/" failed (13: Permission denied)

What could be causing this?

Here's my nginx.service

# cat /etc/systemd/system/nginx.service 
Description=A high performance web server and a reverse proxy server in chroot jail

ExecStartPre=/usr/bin/chroot --userspec=http:http /srv/http /usr/sbin/nginx -t -q -g 'pid /run/; daemon on; master_process on;'
ExecStart=/usr/bin/chroot --userspec=http:http /srv/http /usr/sbin/nginx -g 'pid /run/; daemon on; master_process on;'
ExecReload=/usr/bin/chroot --userspec=http:http /srv/http /usr/sbin/nginx -g 'pid /run/; daemon on; master_process on;' -s reload
ExecStop=/usr/bin/chroot --userspec=http:http /srv/http /usr/sbin/nginx -g 'pid /run/;' -s quit



# ls -ahl /srv/http/run/
totalt 8,0K
drwxr-xr-x 2 root root 4,0K  7 maj 20.53 ./
dr-x--x--x 9 root root 4,0K  7 maj 20.16 ../
-rw-r--r-- 1 root root    0  7 maj 20.53


# chroot --userspec http:http /srv/http /usr/sbin/nginx
nginx: [emerg] bind() to failed (13: Permission denied)

I tried to change the port to 8080 and got

# chroot --userspec http:http /srv/http /usr/sbin/nginx
nginx: [emerg] open("/dev/null") failed (13: Permission denied)

The problem was due to the partition being mounted nodev,nosuid.

Last edited by seron (2013-05-08 11:25:12)


#2 2014-03-21 00:42:00

From: UK
Registered: 2013-07-26
Posts: 100

Re: [solved] nginx chroot jail: open() "/run/" Permission denied

I know this post is quite old but I wanted to say thank you to the author that you posted this solution. THANKS!!!


Board footer

Powered by FluxBB