当安装完nginx后,配置正确后,有时候会发现nginx转发却不起作用,并出现如下界面
404 Not Found
nginx/1.12.1
这个时候,可以考虑一下是否是selinux限制了访问。
查看selinux状态
[root@localhost conf.d]# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: permissive
Mode from config file: disabled
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 28
[root@localhost conf.d]# setenforce 1
[root@localhost conf.d]#
查询 selinux 运行模式
[root@localhost conf.d]# getenforce
Enforcing
[root@localhost conf.d]#
临时关闭selinux
# setenforce 0 #关闭 Selinux
# setenforce 1 #开启 Selinux
临时关闭以后,此时nginx就可以访问了
永久关闭selinux,永久关闭需要重启才能生效
编辑vim /etc/selinux/config
[root@localhost conf.d]# vim /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
#SELINUX=enforcing
SELINUX=disabled
# SELINUXTYPE= can take one of three two values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
允许nginx 白名单
yum install policycoreutils-python
cat /var/log/audit/audit.log | grep nginx | grep denied | audit2allow -M mynginx
semodule -i mynginx.pp
网友评论