Comments (23)
SOLVED:
chown -R www-data:www-data /var/lib/nginx
from nginx.
@carlalexander After some reading it's not an issue with docker, but with nginx and maybe because in my case it's running under supervisord. I just added client_body_temp_path /var/www/tmp 1 2;
in sites-available/default.conf
and solved the issue.
More on this here https://wincent.com/wiki/Fixing_nginx_client_body_temp_permission_denied_errors
from nginx.
Note: if you don't deal with uploaded files, you can just set a higher client_body_buffer_size
.
Setting a high client_body_buffer_size
also reduces file I/O, which is kinda good if you don't have a fast filesystem (virtual environments):
To sum it up, you need to just customize this bit of your config:
http {
# ...
client_body_temp_path /tmp 1 2;
client_body_buffer_size 256k;
client_body_in_file_only off;
# ...
}
from nginx.
For anyone landing here having this problem in uwsgi or similar: if you use an include like include /etc/nginx/uwsgi_params;
, you need to change the temp file location for that specific handler, i.e.:
# Override temp file locations
client_body_temp_path /var/lib/nginx-tmp/client_body;
proxy_temp_path /var/lib/nginx-tmp/proxy;
fastcgi_temp_path /var/lib/nginx-tmp/fastcgi 1 2;
uwsgi_temp_path /var/lib/nginx-tmp/uwsgi;
scgi_temp_path /var/lib/nginx-tmp/scgi;
from nginx.
In some versions of nginx docker images the nginx runs as user "nginx" instead of "www-data". This is why the chown -R www-data:www-data /var/lib/nginx
worked for some people and not others. Changing the location to /tmp works because /tmp is writable for all users. The buffer_size fix might only work if you have small files.
from nginx.
I am in macOs Mojave. Solved by
ps aux | grep "nginx: worker process"
sudo chown -R your_current_nginx_user:admin /usr/local/var/run/nginx/proxy_temp/
sudo nginx -s reload
from nginx.
I am having the same issue, although I did chown -R www-data:www-data /var/lib/nginx .
Also seems to trigger only when uploading files larger then 4kb.
from nginx.
SOLVED:
chown -R www-data:www-data /var/lib/nginx
The heroes live among us!
from nginx.
I used /tmp
instead of /var/www/tmp
. Worked like a charm. Thanks!
from nginx.
@pilwon I am still getting errors:
2014/05/14 20:53:24 [crit] 10#0: *19 open() "/var/lib/nginx/proxy/3/00/0000000003" failed (13: Permission denied) while reading upstream, client: 10.9.4.52, server: , request: "GET /assets/backbone/plugins/emoticons.js?body=1 HTTP/1.1", upstream: "http://172.17.0.4:3000/assets/backbone/plugins/emoticons.js?body=1", host: "kandan:8080", referrer: "http://kandan:8080/users/sign_in"
It appears that the permissions are appropriate though:
$ cat /var/log/nginx/kandan_vnext_error.log
2014/05/14 20:59:20 [crit] 11#0: *214 open() "/var/lib/nginx/proxy/6/00/0000000006" failed (13: Permission denied) while reading upstream, client: 10.9.4.52, server: , request: "GET /assets/backbone/plugins/emoticons.js?body=1 HTTP/1.1", upstream: "http://172.17.0.4:3000/assets/backbone/plugins/emoticons.js?body=1", host: "kandan:8080", referrer: "http://kandan:8080/users/sign_in"
[ root@cc668cb100dc:/var/lib/nginx ]$ ls -l
total 20K
drwx------ 2 www-data root 4.0K May 14 20:53 body/
drwx------ 2 www-data root 4.0K May 14 20:53 fastcgi/
drwx------ 2 www-data root 4.0K May 14 20:53 proxy/
drwx------ 2 www-data root 4.0K May 14 20:53 scgi/
drwx------ 2 www-data root 4.0K May 14 20:53 uwsgi/
Any thoughts? Perhaps the temp buffering dirs still being created as root. There's nothing in /var/lib/nginx/proxy/
when I check.
from nginx.
@johnjelinek Check the permission of /var/lib/nginx/proxy/6/00/0000000006
from nginx.
It doesn't exist. The response is buffered to that directory for a very short period ... so it's hard to see anything that shows up here.
[ root@b5be22863378:/var/lib/nginx/proxy ]$ ls -l
total 0
[ root@b5be22863378:/var/lib/nginx/proxy ]$ cd 6
bash: cd: 6: No such file or directory
from nginx.
I am also getting this when I try to upload files.
2014/05/14 21:14:30 [crit] 12#0: *189 open() "/var/lib/nginx/body/0000000003" failed (13: Permission denied), client: 10.9.4.52, server: , request: "POST /channels/1/attachments.json HTTP/1.1", host: "kandan:8080", referrer: "http://kandan:8080/"
[ root@afd05def8f17:/var/lib/nginx ]$ ls -l -R
.:
total 20K
drwx------ 2 www-data root 4.0K May 14 21:10 body/
drwx------ 2 www-data root 4.0K May 14 21:10 fastcgi/
drwx------ 2 www-data root 4.0K May 14 21:10 proxy/
drwx------ 2 www-data root 4.0K May 14 21:10 scgi/
drwx------ 2 www-data root 4.0K May 14 21:10 uwsgi/
./body:
total 0
./fastcgi:
total 0
./proxy:
total 0
./scgi:
total 0
./uwsgi:
total 0
from nginx.
How about the OS? Ubuntu has Apparmor which can prevent nginx accessing files that are not defined in nginx' apparmor profile file. Check the syslog for lines that both contain nginx and DENIED. Just a hint.
from nginx.
I am having this same issue. I mounted a system directory there too, still failing.
from nginx.
I'm also running into the same issue as @adrian7 (works for files under 4kb). It's not consistent though. It only happens when I switch the user id of www-data
to workaround a known boot2docker issue.
from nginx.
BTW /var/www/ is a shared volume
from nginx.
Thanks @adrian7, will look at that!
from nginx.
@johnjelinek is your issue resolved?
I'm getting exactly same issue.
Please help!!
from nginx.
from nginx.
For anyone landing here having this problem in uwsgi or similar: if you use an include like
include /etc/nginx/uwsgi_params;
, you need to change the temp file location for that specific handler, i.e.:# Override temp file locations client_body_temp_path /var/lib/nginx-tmp/client_body; proxy_temp_path /var/lib/nginx-tmp/proxy; fastcgi_temp_path /var/lib/nginx-tmp/fastcgi 1 2; uwsgi_temp_path /var/lib/nginx-tmp/uwsgi; scgi_temp_path /var/lib/nginx-tmp/scgi;
This fix worked! Thank you.
from nginx.
Note: if you don't deal with uploaded files, you can just set a higher
client_body_buffer_size
.Setting a high
client_body_buffer_size
also reduces file I/O, which is kinda good if you don't have a fast filesystem (virtual environments):To sum it up, you need to just customize this bit of your config:
http { # ... client_body_temp_path /tmp 1 2; client_body_buffer_size 256k; client_body_in_file_only off; # ... }
this worked for me, thanks!
client_body_temp_path /tmp 1 2;
from nginx.
The 'closed' solution doesn't work if you mount /var/lib/nginx/tmp as a tmpfs, since you can't change the user for a mount.
from nginx.
Related Issues (20)
- Reload configurations HOT 2
- /etc/nginx/conf.d/, not /etc/nginx/sites-enabled/ HOT 12
- Is this only for static file servers? HOT 1
- nginx repo no longer needed HOT 1
- Can't get the real client IP to my web-servers. HOT 1
- Error: image dockerfile/nginx:latest not found HOT 3
- nginx Container Open (13: Permission Denied) HOT 4
- Which one is which?
- Automated build link gives 404
- can not change nginx.conf
- debian 8.2 problem
- nginx's remote_addr always be the docker0 bridge ip HOT 2
- Is this repository deprecated? HOT 2
- gpgkeys: key 8B3981E7A6852F782CC4951600A6F0A3C300EE8C can't be retrieved HOT 1
- Not able to execute
- what it is this
- Issue with 1.13-alpine
- add-apt-repository problem and ubuntu
- ssl certificate?
- -v <localpath>:/var/www does not see files HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from nginx.