[Slackbuilds-users] nginx permissions?

Thomas Morper thomas at beingboiled.info
Thu May 7 18:53:32 UTC 2015

On Tue, 5 May 2015, Miguel De Anda wrote:

> i've installed nginx from the slackbuild and i have it run as a proxy for
> tomcat with a config something like this...

> when it tries to load some files, it fails with the following error:
> "/var/lib/nginx/proxy/3/00/0000000003" failed (13: Permission denied)

> it seems to kind of work if i add a
> user mdeanda users;
> to the config and change the permission to /var/lib/nginx/*

Nginx uses /var/lib/nginx for various temporary files, especially when 
proxying. The directory should belong to root:root. Upon start, nginx will 
then create the various subfolders and asign them to the $NGINXUSER unless 
they already exist.

I ran into problems once when I either reconfigured or rebuilt nginx to 
use a different user id but forgot about /var/lib/nginx/* still belonging 
to the old user. I don't know how you ended up with the wrong permissions, 
but if you stop nginx, remove the contents of /var/lib/nginx and restart 
you should be fine. If the permission problems remain you should check 
your config and your nginx package for possible errors (e.g. built in 
wrong environment, manually specified user doesn't exist, etc.).

Regarding the user id... the SlackBuild script follows best practices by 
using the defaults but still giving the user a choice. Having a dedicated 
"nginx" user is IMHO desirable with regards to permissions and security. 
It's not technically required, though.


More information about the SlackBuilds-users mailing list