(ubuntu) nginx: [emerg] bind() to 0.0.0.0:80 failed (13: permission denied)
[英](ubuntu) nginx: [emerg] bind() to 0.0.0.0:80 failed (13: permission denied)
问题描述
I need help figuring out the root cause of this permission denied error.
我需要帮助找出此权限被拒绝错误的根本原因。 What permissions does nginx need? nginx需要什么权限? Why is it so complicated?为什么这么复杂?
6 个解决方案
解决方案1
25 2013-08-28 06:22:19
the socket API bind() to a port less than 1024, such as 80 as your title mentioned, need root access.套接字 API bind() 到小于 1024 的端口,例如标题中提到的 80,需要 root 访问权限。
here is " Bind to ports less than 1024 without root access "这是“ 绑定到小于 1024 的端口而无需 root 访问”
and another easier way is to run nginx as root.另一种更简单的方法是以 root 身份运行 nginx。
解决方案2
10 2016-10-11 06:44:25
If you use a port bigger than 1024 with root privilege, but still got this problem, that's may be caused by SELinux :如果你以root权限使用大于1024的端口,但仍然出现这个问题,这可能是由SELinux引起的:
Check this port, say 8024, in segange port检查这个端口,比如 8024,在 segange 端口
sudo semanage port -l | grep http_port_t
If 8024 doesn't exist in the port list, add it into segange port如果端口列表中不存在 8024,则将其添加到 segange 端口
sudo semanage port -a -t http_port_t -p tcp 8024
###update in 2017.12.22 ###更新于 2017.12.22
Sometimes your SELinux is disabled , you need to enforcing it first.有时您的 SELinux 被disabled ,您需要先enforcing它。 Check the status of SELinux by通过以下方式检查 SELinux 的状态
$ sestatus
More steps can read this wonderful article: https://www.digitalocean.com/community/tutorials/an-introduction-to-selinux-on-centos-7-part-1-basic-concepts更多步骤可以阅读这篇精彩文章: https : //www.digitalocean.com/community/tutorials/an-introduction-to-selinux-on-centos-7-part-1-basic-concepts
解决方案3
2 2015-10-16 19:44:55
如果在运行“nginx -t”后看到此消息,则您没有以root身份运行的权限“sudo nginx -t”
解决方案4
2 2017-11-15 06:28:58
nginx needs root access. nginx 需要 root 访问权限。 Just use只需使用
sudo nginx
next step along with your password下一步以及您的密码
解决方案5
0 2018-03-29 17:42:30
The best solution would be:最好的解决办法是:
1) add user to sudoers ( my user is prod) 1)将用户添加到sudoers(我的用户是prod)
usermod -aG sudo prod
2) inside circus ( process manager ) append sudo before nginx executable, mine looks like this: 2)在马戏团(进程管理器)内在 nginx 可执行文件之前附加 sudo,我的看起来像这样:
[watcher:nginx]
cmd = sudo /usr/sbin/nginx
args = -c /home/t/Projects/x_b_11/etc/nginx.conf -p /home/t/Projects/x_b_11
3) and finaly add line into file /etc/sudoers ( my user is prod). 3)最后在文件/etc/sudoers中添加一行(我的用户是prod)。 This line avoids error (sudo: no tty present and no askpass program specified).此行避免错误(sudo:不存在 tty 且未指定 askpass 程序)。 Probably need to restart session ( reboot).可能需要重新启动会话(重新启动)。 Enjoy.享受。
prod ALL = NOPASSWD: /usr/sbin/nginx
解决方案6
0 2021-10-13 04:55:40
Ubuntu uses AppArmor and not SELinux. Ubuntu 使用 AppArmor 而不是 SELinux。 The responses pointing to SELinux may not be that relevant to the OP.指向 SELinux 的响应可能与 OP 无关。
For the others that Googled this: I also encountered this issue on a SELinux-enabled CentOS 7 machine.对于 Google 搜索过的其他人:我也在启用 SELinux 的 CentOS 7 机器上遇到了这个问题。 nginx would not bind port 80 and gave me error 13: permission denied despite having already run setcap 'CAP_NET_BIND_SERVICE=+ep' /usr/sbin/nginx to allow the service to bind the port with a non-root user. nginx 不会绑定端口 80 并给我错误13:尽管已经运行setcap 'CAP_NET_BIND_SERVICE=+ep' /usr/sbin/nginx以允许服务将端口与非 root 用户绑定,但权限被拒绝。
Temporarily setting SELinux to Permissive ( sudo setenforce Permissive ) allowed nginx to start.暂时将 SELinux 设置为 Permissive ( sudo setenforce Permissive ) 允许 nginx 启动。 I then ran audit2allow -a which gave me然后我运行了audit2allow -a这给了我
#============= httpd_t ==============
#!!!! This avc can be allowed using the boolean 'httpd_can_network_connect'
allow httpd_t ntop_port_t:tcp_socket name_connect;
Which meant the solution was to also run:这意味着解决方案还需要运行:
sudo setsebool -P httpd_can_network_connect on
After which you can set SELinux back to Enforcing ( sudo setenforce Enforcing ) and restart everything to verify.之后,您可以将 SELinux 设置回 Enforcing ( sudo setenforce Enforcing ) 并重新启动一切以进行验证。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.