解决Nginx报错”open() failed (13: Permission denied)”问题
这个错误表明Nginx没有权限访问 /home/web/dist-prod/index.html 文件。以下是完整的解决方案:
1. 检查文件和目录权限
首先确认文件和目录的权限设置:
bash
复制
下载
ls -la /home/web/dist-prod/ ls -la /home/web/dist-prod/index.html
2. 设置正确的所有权
将目录和文件所有权赋予Nginx用户(通常是nginx或www-data):
bash
复制
下载
sudo chown -R nginx:nginx /home/web/dist-prod/
3. 设置适当的权限
bash
复制
下载
sudo chmod -R 755 /home/web/dist-prod/
对于更严格的安全设置,可以:
bash
复制
下载
sudo find /home/web/dist-prod/ -type d -exec chmod 755 {} ;
sudo find /home/web/dist-prod/ -type f -exec chmod 644 {} ;
4. 检查SELinux状态(CentOS/RHEL)
如果是CentOS/RHEL系统,SELinux可能阻止访问:
bash
复制
下载
# 检查SELinux是否启用 getenforce # 如果是Enforcing状态,添加正确的安全上下文 sudo chcon -R -t httpd_sys_content_t /home/web/dist-prod/
5. 检查父目录权限
确保所有上级目录(至少到/home)有执行权限:
bash
复制
下载
sudo chmod +x /home sudo chmod +x /home/web
6. 验证Nginx配置
确认nginx.conf中指定的用户有访问权限:
bash
复制
下载
grep "user" /etc/nginx/nginx.conf
7. 检查Nginx错误日志获取更多信息
bash
复制
下载
sudo tail -n 20 /var/log/nginx/error.log
8. 测试并重启Nginx
bash
复制
下载
sudo nginx -t sudo systemctl restart nginx
9. 其他可能的原因和解决方案
文件不存在:
确认文件确实存在于指定路径
检查Nginx配置中的root指令是否正确
磁盘挂载选项:
如果/home是单独分区,检查挂载选项是否包含noexec或nosuid
bash
复制
下载
mount | grep /home
ACL限制:
检查是否有访问控制列表限制
bash
复制
下载
getfacl /home/web/dist-prod/index.html
AppArmor限制(Ubuntu):
bash
复制
下载
sudo aa-status
完成以上步骤后,Nginx应该能够正常访问您的静态文件了。如果问题仍然存在,请提供更详细的错误日志信息以便进一步诊断。
[root@localhost /]# ls -la /home/web/dist-prod/index.html
-rwxr-xr-x. 1 nginx nginx 3887 6月 9 17:53 /home/web/dist-prod/index.html
[root@localhost /]# sudo chown -R nginx:nginx /home/web/dist-prod/
[root@localhost /]# sudo chmod -R 755 /home/web/dist-prod/
[root@localhost /]# getenforce
Enforcing
[root@localhost /]# sudo chcon -R -t httpd_sys_content_t /home/web/dist-prod/
[root@localhost /]# sudo chmod +x /home
[root@localhost /]# sudo chmod +x /home/web
[root@localhost /]# grep "user" /etc/nginx/nginx.conf
user nginx;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'"$http_user_agent" "$http_x_forwarded_for"';
[root@localhost /]# sudo tail -n 20 /var/log/nginx/error.log
2025/06/11 10:28:44 [notice] 123650#123650: signal 17 (SIGCHLD) received from 123654
2025/06/11 10:28:44 [notice] 123650#123650: worker process 123654 exited with code 0
2025/06/11 10:28:44 [notice] 123650#123650: signal 17 (SIGCHLD) received from 123652
2025/06/11 10:28:44 [notice] 123650#123650: worker process 123652 exited with code 0
2025/06/11 10:28:44 [notice] 123650#123650: exit
2025/06/11 10:28:44 [notice] 123911#123911: using the "epoll" event method
2025/06/11 10:28:44 [notice] 123911#123911: nginx/1.28.0
2025/06/11 10:28:44 [notice] 123911#123911: built by gcc 8.5.0 20210514 (Red Hat 8.5.0-26) (GCC)
2025/06/11 10:28:44 [notice] 123911#123911: OS: Linux 4.18.0-348.el8.x86_64
2025/06/11 10:28:44 [notice] 123911#123911: getrlimit(RLIMIT_NOFILE): 1024:262144
2025/06/11 10:28:44 [notice] 123912#123912: start worker processes
2025/06/11 10:28:44 [notice] 123912#123912: start worker process 123913
2025/06/11 10:28:44 [notice] 123912#123912: start worker process 123914
2025/06/11 10:28:44 [notice] 123912#123912: start worker process 123915
2025/06/11 10:28:44 [notice] 123912#123912: start worker process 123916
2025/06/11 10:28:44 [notice] 123912#123912: start worker process 123917
2025/06/11 10:28:44 [notice] 123912#123912: start worker process 123918
2025/06/11 10:28:44 [notice] 123912#123912: start worker process 123919
2025/06/11 10:28:44 [notice] 123912#123912: start worker process 123920
2025/06/11 10:28:48 [error] 123914#123914: *1 open() "/home/web/dist-prod/index.html" failed (13: Permission denied), client: 192.168.10.10, server: localhost, request: "GET / HTTP/1.1", host: "192.168.10.11"
[root@localhost /]# sudo nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@localhost /]# sudo systemctl restart nginx
ls -la /home/web/dist-prod/
ls -la /home/web/dist-prod/index.html
sudo chown -R nginx:nginx /home/web/dist-prod/
sudo chmod -R 755 /home/web/dist-prod/
getenforce
sudo chcon -R -t httpd_sys_content_t /home/web/dist-prod/
sudo chmod +x /home
sudo chmod +x /home/web
grep "user" /etc/nginx/nginx.conf
sudo tail -n 20 /var/log/nginx/error.log
sudo nginx -t
sudo systemctl restart nginx© 版权声明
文章版权归作者所有,未经允许请勿转载。如内容涉嫌侵权,请在本页底部进入<联系我们>进行举报投诉!
THE END
暂无评论内容