This is the name of this article, because it is not very understanding of Selinux, perhaps you have a better way please tell me!
first, the problem phenomenon
after Nginx startup, this machine can be accessed normally, using the Curl command to get the default index.html, the other interfaces are inaccessible. The remote access server prompts for the request information, check Nginx user rights and ports are normal, iptables not started.
# curl-i localhosthttp/1.1 OKServer:nginxDate:Mon, Dec 10:52:34 gmtcontent-type:text/htmlcontent-length:1 2last-modified:mon, Dec 10:00:36 gmtconnection:keep-aliveaccept-ranges:bytes
The directory permission suffix was found to have a point when checking the directory.
Note the differences between the 50x.html, Default.html, index.html, and the welcome.html file permissions for the three file permissions under the HTML directory.
Second, the problem analysis
Google, Degree Niang, the final conclusion for the SELinux protection directory will be in the file and folder after a point
Querying SELinux status
$ sestatusselinux Status: enabledselinuxfs mount: /selinuxcurrent mode: enforcingmode from config file:< C11/>enforcingpolicy version: 24Policy from config file: targeted
Querying SELinux Run mode
operating modes are divided into three enforcing (mandatory mode), permissive (tolerant mode), disabled (off)
Third, problem-handling
Since the analysis of the problem may be in SELinux, then try to repair, repair methods are divided into two temporary repair and permanent repair!
Temporary fix, online vibe way.
# Setenforce 0 #关闭 selinux# setenforce 1 #开启 Selinux
can actually run the next test effect, I run the result is in the enforcing mode and permissive mode to switch back and forth without any effect, if I understand the error, please advise!
Permanent mode, really available, need to restart the server!
1. Modify the/etc/selinux/config file
# Vim/etc/selinux/config
2, modified selinux=disabled, modified content
# This file controls the state of SELinux in the system.# selinux= can take one of the these three values:# Enforcing-se Linux security Policy is enforced.# permissive-selinux prints warnings instead of enforcing.# Disabled-selinux is fully disabled. selinux=disabled# selinuxtype= type of policy in use. Possible values are:# targeted-only targeted network daemons is protected.# strict-full SELinux protection. selinuxtype=targeted
3, restart the computer to view the Selinux status, should be off state
$ Getenforce Disabled
Iv. Summary of issues
1. When the Selinux service is not stopped, the files are added and the directories are changed with dots, see default.html and index.html.
2. After the SELinux service is stopped, the file will not be protected by the SELinux service, i.e. without a point, see welcome.html.
the first time to deal with the Selinux problem, if the actual problem and solution discrepancies please let me know, learn! Thank you!
Thanks to the author of Baidu Library for guiding opinions
Article Source: http://blog.csdn.net/johnnycode/article/details/41947581
Nginx cannot be accessed remotely due to Selinux service