0
We are moving to a new box and I'm making an effort to do things right, or at least better.
CentOS 8.1
I have setup SFTP users. They are added to a group called sftp_users. They are chrooted to their username specific directory in /var/www with their home directory in it. Example:
/var/www/domain.com/web
The following permissions were run:
chown -R root:sftp_users /var/www/domain.com
chown -R domain.com:sftp_users /var/www/domain.com/web
I installed nginx and setup a server block for domain.com:
root /var/www/domain.com/web;
nginx is running with the user 'nginx' according to ps -ef | grep nginx.
I have created a simple index.html file at /var/www/domain.com/web/index.html. When I try to access it via the browser the nginx log says:
open() "/var/www/domain.com/web/index.html" failed (13: Permission denied)
index.html is 644
/var/www/domain.com/web is 755
What am I doing wrong? I think I have to do something with the nginx user, but I am not sure I should change the owner on the directories because of chroot.
BrandonD
Posted 2020-02-28T23:22:02.427
Reputation: 1
In this case the 403 forbidden was caused by SELinux. https://stackoverflow.com/questions/22586166/why-does-nginx-return-a-403-even-though-all-permissions-are-set-properly#answer-26228135
– BrandonD – 2020-02-29T02:47:35.610