In terms of managing web servers, many unpleasant surprises can occur. Especially when moving from an older older version of an operating system to a new one. Vsalable for both Ubuntu as well as CentOS.
From CentOS 5 to 7 CentOS a lot of things have changed for the better. The focus has been on security and stability. For a novice linux, or for a user who is not aware of what's new about servers and services specific to administering Web Hosting, little news can give you headaches.
One of the most common errors encountered when installing LEMP (Linux, NGINX, MySQL, PHP) security and service permissions installed on the CentOS 7 operating system.
Failure to start the NGINX service even if everything seems to be well configured in terms of PHP-FPM and NGINX.
Job for nginx.service failed because the control process exited with error code. See "systemctl status nginx.service" and "journalctl -xe" for details.
We have the following details in status, but they do not help us a lot.
systemctl status nginx.service
● nginx.service - The nginx HTTP and reverse proxy server
Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Fri 2019-03-08 06:57:41 UTC; 17s ago
Process: 4405 ExecReload=/bin/kill -s HUP $MAINPID (code=exited, status=0/SUCCESS)
Process: 4704 ExecStart=/usr/sbin/nginx (code=exited, status=0/SUCCESS)
Process: 4766 ExecStartPre=/usr/sbin/nginx -t (code=exited, status=1/FAILURE)
Process: 4764 ExecStartPre=/usr/bin/rm -f /run/nginx.pid (code=exited, status=0/SUCCESS)
Main PID: 4706 (code=exited, status=0/SUCCESS)
Mar 08 06:57:40 srv.xsystem.dev systemd: Starting The nginx HTTP and reverse proxy server...
Mar 08 06:57:41 srv.xsystem.dev nginx: nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
Mar 08 06:57:41 srv.xsystem.dev nginx: nginx: [emerg] open() "/srv/www/web.dev/logs/access.log" failed (13: Permission denied)
Mar 08 06:57:41 srv.xsystem.dev nginx: nginx: configuration file /etc/nginx/nginx.conf test failed
Mar 08 06:57:41 srv.xsystem.dev systemd: nginx.service: control process exited, code=exited status=1
Mar 08 06:57:41 srv.xsystem.dev systemd: Failed to start The nginx HTTP and reverse proxy server.
Mar 08 06:57:41 srv.xsystem.dev systemd: Unit nginx.service entered failed state.
Mar 08 06:57:41 srv.xsystem.dev systemd: nginx.service failed.
However, we understand that access to the "nginx" service that performs operations on CentOS 7 is blocked.
Solving the problem "nginx: [emerg] open ()" path "failed (13: Permission denied)"
Security-Enhanced Linux (SELinux) is a module that most often comes with the installation of CentOS 7 or other Linux distributions. This module offers multiple control tools and control access at the server level, being a good guard when it comes to security and integrity. However, may limit the privileges of important services and applications, installed on the system.
The simple solution to the above problem is to disable SELinux.
How to deactivate SELinux on CentOS 7
1. First of all, check if this module is enabled on the system by executing the command “sestatus”.
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 31
2. If the service is enabled, run the command line: "setenforce 0", then go and edit the file “/etc/selinux/config”.
Here you set: SELINUX=disabled.
3. After saving the above file, restart the server.
Everything should work smoothly.