You are not logged in.
I used the perl script from the nginx wiki to configure chroot jail and also configured the nginx systemd unit file. When I try to start the service I get
# systemctl start nginx
Job for nginx.service failed. See 'systemctl status nginx.service' and 'journalctl -xn' for details.
# systemctl status nginx.service
nginx.service - A high performance web server and a reverse proxy server in chroot jail
Loaded: loaded (/etc/systemd/system/nginx.service; enabled)
Active: failed (Result: exit-code) since tis 2013-05-07 20:58:49 CEST; 4s ago
Process: 418 ExecStartPre=/usr/bin/chroot --userspec=http:http /srv/http /usr/sbin/nginx -t -q -g pid /run/nginx.pid; daemon on; master_process on; (code=exited
, status=1/FAILURE)
Executing the ExecStartPre line produces the open error.
# /usr/bin/chroot --userspec=http:http /srv/http /usr/sbin/nginx -t -q -g 'pid /run/nginx.pid; daemon on; master_process on;'
nginx: [emerg] open() "/run/nginx.pid" failed (13: Permission denied)
What could be causing this?
Here's my nginx.service
# cat /etc/systemd/system/nginx.service
[Unit]
Description=A high performance web server and a reverse proxy server in chroot jail
After=syslog.target network.target
[Service]
Type=forking
PIDFile=/srv/http/run/nginx.pid
ExecStartPre=/usr/bin/chroot --userspec=http:http /srv/http /usr/sbin/nginx -t -q -g 'pid /run/nginx.pid; daemon on; master_process on;'
ExecStart=/usr/bin/chroot --userspec=http:http /srv/http /usr/sbin/nginx -g 'pid /run/nginx.pid; daemon on; master_process on;'
ExecReload=/usr/bin/chroot --userspec=http:http /srv/http /usr/sbin/nginx -g 'pid /run/nginx.pid; daemon on; master_process on;' -s reload
ExecStop=/usr/bin/chroot --userspec=http:http /srv/http /usr/sbin/nginx -g 'pid /run/nginx.pid;' -s quit
[Install]
WantedBy=multi-user.target
/srv/http/run
# ls -ahl /srv/http/run/
totalt 8,0K
drwxr-xr-x 2 root root 4,0K 7 maj 20.53 ./
dr-x--x--x 9 root root 4,0K 7 maj 20.16 ../
-rw-r--r-- 1 root root 0 7 maj 20.53 nginx.pid
edit:
# chroot --userspec http:http /srv/http /usr/sbin/nginx
nginx: [emerg] bind() to 0.0.0.0:80 failed (13: Permission denied)
I tried to change the port to 8080 and got
# chroot --userspec http:http /srv/http /usr/sbin/nginx
nginx: [emerg] open("/dev/null") failed (13: Permission denied)
solution:
The problem was due to the partition being mounted nodev,nosuid.
Last edited by seron (2013-05-08 11:25:12)
Offline
I know this post is quite old but I wanted to say thank you to the author that you posted this solution. THANKS!!!
Offline