Hi i am having the 403 error despite following the steps from here
403 Forbidden on Rails app w/ Nginx, Passenger
My app folder permissions
namei -l /home/ubuntu/resume_consumer/current/public
f: /home/ubuntu/resume_consumer/current/public
drwxr-xr-x root root /
drwxr-xr-x root root home
drwxr-xr-x ubuntu ubuntu ubuntu
drwxrwxr-x ubuntu ubuntu resume_consumer
lrwxrwxrwx ubuntu ubuntu current -> /home/ubuntu/resume_consumer/releases/20150815211156
drwxr-xr-x root root /
drwxr-xr-x root root home
drwxr-xr-x ubuntu ubuntu ubuntu
drwxrwxr-x ubuntu ubuntu resume_consumer
drwxrwxr-x ubuntu ubuntu releases
drwxrwxr-x ubuntu ubuntu 20150815211156
drwxrwxr-x ubuntu ubuntu public
The Nginx app is running as nobody
ps waux | grep nginx
root 12005 0.0 0.0 42480 900 ? Ss Jul28 0:00 nginx: master process /opt/nginx/sbin/nginx
nobody 12006 0.0 0.1 42804 2016 ? S Jul28 0:00 nginx: worker process
My nginx config looks as follows
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
passenger_root /home/ubuntu/.rvm/gems/ruby-2.2.1/gems/passenger-5.0.14;
passenger_ruby /home/ubuntu/.rvm/wrappers/ruby-2.2.1/ruby;
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 80;
server_name qa.enterprise.getmeed.com;
root /home/ubuntu/resume/current/public;
passenger_enabled on;
#charset koi8-r;
#access_log logs/host.access.log main;
# location / {
# root html;
# index index.html index.htm;
#}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
#error_page 500 502 503 504 /50x.html;
#location = /50x.html {
# root html;
#}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
server {
listen 80;
server_name qa.getmeed.com;
root /home/ubuntu/resume_consumer/current/public;
index index.html index.htm;
passenger_enabled on;
rails_env production;
passenger_friendly_error_pages on;
# location / {
# root html;
# index index.html index.htm;
# }
}
# HTTPS server
#
#server {
# listen 443;
# server_name localhost;
# ssl on;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_timeout 5m;
# ssl_protocols SSLv2 SSLv3 TLSv1;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
When i look at logs, i find an alert that says PassengerAgent not found another error that the directory is forbidden. I am not sure if the alert is related.
2015/08/15 23:40:41 [notice] 20858#0: signal process started
2015/08/15 23:40:41 [alert] 12005#0: Unable to start Phusion Passenger: Support binary PassengerAgent not found (tried: /home/ubuntu/.rvm/gems/ruby-2.2.1/gems/passenger-5.0.14/buildout/support-binaries/PassengerAgent and /root/.passenger/support-binaries/5.0.14/PassengerAgent). This probably means that your Phusion Passenger installation is broken or incomplete, or that your 'passenger_root' setting contains the wrong value. Please reinstall Phusion Passenger or adjust the setting (see: https://www.phusionpassenger.com/documentation/Users%20guide%20Nginx.html#PassengerRoot). (-1: Unknown error)
2015/08/15 23:45:04 [error] 20859#0: *375 directory index of "/home/ubuntu/resume_consumer/current/public/" is forbidden, client: 104.135.15.7, server: qa.getmeed.com, request: "GET / HTTP/1.1", host: "qa.getmeed.com"
You simply need to see if you can read the file inside /home/ubuntu/resume_consumer/current/public
. You are showing us the permissions set in the home directory of Ubuntu, but current
and public
will have their own permissions as well.
First assuming there is an index.html inside of public, does the following return an error:
sudo -u nobody /home/ubuntu/resume_consumer/current/public
If so then you have a permission problem. You could resolve this by adding the nobody
user to the same ubuntu
group:
sudo adduser nobody ubuntu
and then ensure the group ubuntu
users have the same access as the ubuntu
user.
sudo chmod -R g=u /home/ubuntu/resume_consumer
Thanks all! it turns out there is no issue with the nginx. There was an error about passenger in nginx logs, which i wan't sure was related initially, But it turns out that was the root cause.
I had passenger installed but the passenger was not installed for the application specifically. I had to go to the application directory and install passenger gem and then use the passenger_root corresponding to the gem in application in nginx config. That fixed the issue.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.