CentOS上nginx开启或proxy_pass到非常用端口报错问题解决

2021-11-02 233点热度 0人点赞 0条评论

CentOS上遇到几个类似的问题:

  • server 监听8090等非常用端口,无法启动nginx

配置文件类似如下:

server {
    #nginx下监听非常用端口
    listen       8090;
    server_name  _
}

systemctl start nginx无法启动错误如下:

2021/11/01 09:20:00 [emerg] 30181#0: bind() to 0.0.0.0:8090 failed (13: Permission denied)

  • location里使用proxy_pass到非常用端口,也例如8090,能启动nginx,但是请求到location里匹配的路径时候,也是报500错误

配置文件如下:

location ^~ /api {
        proxy_pass http://127.0.0.1:8090/api;
}

查看tail -f /var/log/nginx/error.log 错误日志如下:

2021/11/01 09:09:47 [crit] 103133#103133: *20 connect() to 127.0.0.1:8090 failed (13: Permission denied) while connecting to upstream, client: 1.2.3.4, server: _, request: "GET /api/path... HTTP/1.1", upstream: ...

经查,都是同一个原因引起的,那就是selinux设置引起的,之前也有提到,安装CentOS第一件事情就是关闭selinux,要不然以后不一定会遇到各种奇奇怪怪的问题。

关闭selinux

编辑/etc/selinux/config文件,将SELINUX=enforcing修改为:SELINUX=disabled,

如下:

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
# 修改如下:SELINUX=disabled 之前是SELINUX=enforcing
SELINUX=disabled
# SELINUXTYPE= can take one of these three values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted

修改配置文件后,需要重启服务器,如果当前不方便重启服务器,可以先用如下命令临时关闭selinux并马上生效,等后续空闲的时间再重启电脑

# 临时关闭selinux,并马上生效
setenforce 0

 

admin

这个人很懒,什么都没留下

文章评论

您需要 登录 之后才可以评论