You are not logged in.

#1 2013-05-07 19:21:02

seron
Member
Registered: 2013-04-24
Posts: 4

[solved] nginx chroot jail: open() "/run/nginx.pid" Permission denied

I used the perl script from the nginx wiki to configure chroot jail and also configured the nginx systemd unit file. When I try to start the service I get

# systemctl start nginx
Job for nginx.service failed. See 'systemctl status nginx.service' and 'journalctl -xn' for details.
# systemctl status nginx.service
nginx.service - A high performance web server and a reverse proxy server in chroot jail
   Loaded: loaded (/etc/systemd/system/nginx.service; enabled)
   Active: failed (Result: exit-code) since tis 2013-05-07 20:58:49 CEST; 4s ago
  Process: 418 ExecStartPre=/usr/bin/chroot --userspec=http:http /srv/http /usr/sbin/nginx -t -q -g pid /run/nginx.pid; daemon on; master_process on; (code=exited
, status=1/FAILURE)

Executing the ExecStartPre line produces the open error.

# /usr/bin/chroot --userspec=http:http /srv/http /usr/sbin/nginx -t -q -g 'pid /run/nginx.pid; daemon on; master_process on;'
nginx: [emerg] open() "/run/nginx.pid" failed (13: Permission denied)

What could be causing this?

Here's my nginx.service

# cat /etc/systemd/system/nginx.service 
[Unit]
Description=A high performance web server and a reverse proxy server in chroot jail
After=syslog.target network.target

[Service]
Type=forking
PIDFile=/srv/http/run/nginx.pid
ExecStartPre=/usr/bin/chroot --userspec=http:http /srv/http /usr/sbin/nginx -t -q -g 'pid /run/nginx.pid; daemon on; master_process on;'
ExecStart=/usr/bin/chroot --userspec=http:http /srv/http /usr/sbin/nginx -g 'pid /run/nginx.pid; daemon on; master_process on;'
ExecReload=/usr/bin/chroot --userspec=http:http /srv/http /usr/sbin/nginx -g 'pid /run/nginx.pid; daemon on; master_process on;' -s reload
ExecStop=/usr/bin/chroot --userspec=http:http /srv/http /usr/sbin/nginx -g 'pid /run/nginx.pid;' -s quit

[Install]
WantedBy=multi-user.target

/srv/http/run

# ls -ahl /srv/http/run/
totalt 8,0K
drwxr-xr-x 2 root root 4,0K  7 maj 20.53 ./
dr-x--x--x 9 root root 4,0K  7 maj 20.16 ../
-rw-r--r-- 1 root root    0  7 maj 20.53 nginx.pid

edit:

# chroot --userspec http:http /srv/http /usr/sbin/nginx
nginx: [emerg] bind() to 0.0.0.0:80 failed (13: Permission denied)

I tried to change the port to 8080 and got

# chroot --userspec http:http /srv/http /usr/sbin/nginx
nginx: [emerg] open("/dev/null") failed (13: Permission denied)

solution:
The problem was due to the partition being mounted nodev,nosuid.

Last edited by seron (2013-05-08 11:25:12)

Offline

#2 2014-03-21 00:42:00

Gregosky
Member
From: UK
Registered: 2013-07-26
Posts: 85

Re: [solved] nginx chroot jail: open() "/run/nginx.pid" Permission denied

I know this post is quite old but I wanted to say thank you to the author that you posted this solution. THANKS!!!

Offline

Board footer

Powered by FluxBB