Nginx cannot be accessed remotely due to Selinux service

This is the name of this article, because it is not very understanding of Selinux, perhaps you have a better way please tell me!
first, the problem phenomenon
after Nginx startup, this machine can be accessed normally, using the Curl command to get the default index.html, the other interfaces are inaccessible. The remote access server prompts for the request information, check Nginx user rights and ports are normal, iptables not started.

# curl-i localhosthttp/1.1 OKServer:nginxDate:Mon, Dec 10:52:34 gmtcontent-type:text/htmlcontent-length:1 2last-modified:mon, Dec 10:00:36 gmtconnection:keep-aliveaccept-ranges:bytes

The directory permission suffix was found to have a point when checking the directory.

Note the differences between the 50x.html, Default.html, index.html, and the welcome.html file permissions for the three file permissions under the HTML directory.

Second, the problem analysis

Google, Degree Niang, the final conclusion for the SELinux protection directory will be in the file and folder after a point

Querying SELinux status

$ sestatusselinux Status:                 enabledselinuxfs mount:                /selinuxcurrent mode:                   enforcingmode from config file:< C11/>enforcingpolicy version:                 24Policy from config file:        targeted

Querying SELinux Run mode

operating modes are divided into three enforcing (mandatory mode), permissive (tolerant mode), disabled (off)

Third, problem-handling

Since the analysis of the problem may be in SELinux, then try to repair, repair methods are divided into two temporary repair and permanent repair!

Temporary fix, online vibe way.

# Setenforce 0 #关闭 selinux# setenforce 1 #开启 Selinux

can actually run the next test effect, I run the result is in the enforcing mode and permissive mode to switch back and forth without any effect, if I understand the error, please advise!

Permanent mode, really available, need to restart the server!

1. Modify the/etc/selinux/config file

# Vim/etc/selinux/config

2, modified selinux=disabled, modified content

# This file controls the state of SELinux in the system.# selinux= can take one of the these three values:#       Enforcing-se  Linux security Policy is enforced.#       permissive-selinux prints warnings instead of enforcing.#       Disabled-selinux is fully disabled. selinux=disabled# selinuxtype= type of policy in use. Possible values are:#       targeted-only targeted network daemons is protected.#       strict-full SELinux protection. selinuxtype=targeted

3, restart the computer to view the Selinux status, should be off state

$ Getenforce Disabled

Iv. Summary of issues

1. When the Selinux service is not stopped, the files are added and the directories are changed with dots, see default.html and index.html.

2. After the SELinux service is stopped, the file will not be protected by the SELinux service, i.e. without a point, see welcome.html.
the first time to deal with the Selinux problem, if the actual problem and solution discrepancies please let me know, learn! Thank you!

Thanks to the author of Baidu Library for guiding opinions

Article Source: http://blog.csdn.net/johnnycode/article/details/41947581

Nginx cannot be accessed remotely due to Selinux service