Opened 5 years ago

Closed 5 years ago

Last modified 5 years ago

#1791 closed defect (duplicate)

Nginx -t changing ownersip of cache path

Reported by: infoabhi88@… Owned by:
Priority: critical Milestone: nginx-1.17.1
Component: nginx-core Version: 1.15.x
Keywords: nginx -t Cc:
uname -a: Linux 4.14.62-70.117.amzn2.x86_64 #1 SMP Fri Aug 10 20:14:53 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
nginx -V: nginx version: nginx/1.16.0
built by gcc 4.8.5 20150623 ( Red Hat 4.8.5-36) (GCC)
built with OpenSSL 1.0.2k-fips 26 Jan 2017
TLS SNI support enabled

Description

Scenario - Nginx process is running as non-root user by specifying user in nginx.service systemd file. In nginx.conf , we have commented out "user" directive as we have specified user in systemd file.

So, nginx master and worker process are running as non root user. But when we run nginx -t, it goes and changes the ownership of cache directory specifed in nginx.conf, resulting in request failures.

Ideally this should not happen as nginx process is running as non root user and why "nginx -t" is explicitly changing the ownership.

Change History (2)

comment:1 by Maxim Dounin, 5 years ago

Resolution: duplicate
Status: newclosed

The nginx -t does various configuration testing, including creating various logs and directories, and fixing ownership of appropriate directories - much like during normal nginx startup. This is done to make sure the configuration in question can be in fact used when nginx is started. If you don't want this to happen, avoid running nginx -t.

Closing this as a duplicate of #1506, which is somewhat related.

comment:2 by Maxim Dounin, 5 years ago

See also #1898.

Note: See TracTickets for help on using tickets.