Ask Your Question

Nginx permissions

asked 2015-11-14 05:45:37 -0500

hendry gravatar image

I have a Web directory /srv/www from which my nginx root is served from.

I'm a bit puzzled what the chmod/chown/setfacl settings should be on this directory. I want any Web apps (php-fpm) to be able to write here, and I want any user on my system to be able to write in this Web directory too.

Furthermore anyone who creates a new Webapp in the directory /srv/www/, I want it to have the write permissions so that everyone can write here.

edit retag flag offensive close merge delete



If you are going to use a non-default location you will need to configure nginx, php, and php-fpm to use this directory. In addition you are going to have selinux problems, likely with all that. I advise you use the default locations.

bodhi.zazen gravatar imagebodhi.zazen ( 2015-11-14 08:29:46 -0500 )edit

What is the default location? I did have a SElinux issue just replacing nginx.conf with my own configuration from another machine, which resulted me in turning it off. I asked people how to fix it and no one knew how. Toodlepip unusable SElinux!

hendry gravatar imagehendry ( 2015-11-14 22:57:20 -0500 )edit

I do not know the default location for nginx. There is a bit of a learaning curve for selinux and debugging requires you to post the denials. . Could be a boolean, could be you are using non-default locations, could be you will need to write your own rules.

bodhi.zazen gravatar imagebodhi.zazen ( 2015-11-15 06:30:12 -0500 )edit

1 Answer

Sort by ยป oldest newest most voted

answered 2015-11-14 09:47:00 -0500

aeperezt gravatar image

If you are going to set in a different location than default, you need to change

You folders must be own by nginx user and group ngnix

sudo chown -R nginx:nginx /srv/www

You also need selinux look at this blog post that seems to solve your issue

edit flag offensive delete link more


That blog on selinux is old and the solution is a hack by someone who is new to selinux. chcon is temporary and will be reset next time the file system is relabled. It may or may not help with php-fpm

bodhi.zazen gravatar imagebodhi.zazen ( 2015-11-14 17:59:43 -0500 )edit

But users are not in the nginx group. So how I make it so that _any user_ can write into a Web dir? Add each user to nginx group manually??

hendry gravatar imagehendry ( 2015-11-14 22:58:14 -0500 )edit

Question Tools

1 follower


Asked: 2015-11-14 05:45:37 -0500

Seen: 331 times

Last updated: Nov 14 '15