環境
- 系統:centos 7 amazon aws 雲
- 軟件:nginx 1.10.2
- 默認用戶:centos
- 安裝方法:http://blog.csdn.net/mingjie1212/article/details/54318021
問題
將nginx腳本放入/etc/init.d/中,在root下使用
/etc/init.d/nginx start
Starting nginx (via systemctl): #卡住
檢測服務狀態如下輸出:
[root@nginx]# service nginx status
● nginx.service - SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server
Loaded: loaded (/etc/rc.d/init.d/nginx; bad; vendor preset: disabled)
Active: inactive (dead) since Wed 2017-01-18 08:37:35 UTC; 2s ago
Docs: man:systemd-sysv-generator(8)
Process: 18249 ExecStart=/etc/rc.d/init.d/nginx start (code=exited, status=0/SUCCESS)
CGroup: /system.slice/nginx.service
├─7276 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
└─7277 nginx: worker process
Jan 18 08:34:26 systemd[1]: Starting SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
Jan 18 08:34:26 systemd[1]: PID file /usr/local/nginx/logs/nginx.pid not readable (yet?) after start.
Jan 18 08:37:35 systemd[1]: Stopped SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server.
nginx腳本如下:
#!/bin/sh
#
# nginx - this script starts and stops the nginx daemin
#
# chkconfig: - 85 15
# description: Nginx is an HTTP(S) server, HTTP(S) reverse \
# proxy and IMAP/POP3 proxy server
# processname: nginx
# config: /usr/local/nginx/conf/nginx.conf
# pidfile: /usr/local/nginx/logs/nginx.pid
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ "$NETWORKING" = "no" ] && exit 0
nginx="/usr/local/nginx/sbin/nginx"
prog=$(basename $nginx)
NGINX_CONF_FILE="/usr/local/nginx/conf/nginx.conf"
lockfile=/var/lock/subsys/nginx
start() {
[ -x $nginx ] || exit 5
[ -f $NGINX_CONF_FILE ] || exit 6
echo -n $"Starting $prog: "
daemon $nginx -c $NGINX_CONF_FILE
retval=$?
echo
[ $retval -eq 0 ] && touch $lockfile
return $retval
}
stop() {
echo -n $"Stopping $prog: "
killproc $prog -QUIT
retval=$?
echo
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
}
restart() {
configtest || return $?
stop
start
}
reload() {
configtest || return $?
echo -n $"Reloading $prog: "
killproc $nginx -HUP
RETVAL=$?
echo
}
force_reload() {
restart
}
configtest() {
$nginx -t -c $NGINX_CONF_FILE
}
rh_status() {
status $prog
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart|configtest)
$1
;;
reload)
rh_status_q || exit 7
$1
;;
force-reload)
force_reload
;;
status)
rh_status
;;
condrestart|try-restart)
rh_status_q || exit 0
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"
exit 2
esac
解決思路
開始以爲是文件權限的問題。創建nginx用戶,並切換到nginx用戶啓動服務。
創建nginx nginx 組和用戶
passwd nginx #創建密碼登陸
並將ngixn 的所屬關係都使用chown更改。
chown nginx:nginx /usr/local/nginx -R #更改所屬關係
groupadd nginx
useradd -g nginx nginx
passwd nginx
su nginx #切換nginx用戶
/etc/init.d/nginx start #執行啓動Nginx命令
#輸出
Starting nginx (via systemctl): ==== AUTHENTICATING FOR org.freedesktop.systemd1.manage-units ===
Authentication is required to manage system services or units.
Authenticating as: Cloud User (centos)
Password:
#發現還是要輸入密碼...
#應該是解決思路不對,啓動關聯到了centos用戶,nginx用戶嘗試使用sudo命令啓動
sudo /etc/init.d/nginx start
We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:
#1) Respect the privacy of others.
#2) Think before you type.
#3) With great power comes great responsibility.
[sudo] password for nginx:
nginx is not in the sudoers file. This incident will be reported.
#需要把nginx用戶加入sudoers 文件中,好麻煩...
#大致清楚了,就算root運行這個命令也需要root就切換到root嘗試了下。
exit
#root下sudo 運行成功
[root@nginx]# sudo /etc/init.d/nginx start
Starting nginx (via systemctl): [ OK ]
[root@nginx]# systemctl status nginx.service
● nginx.service - SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server
Loaded: loaded (/etc/rc.d/init.d/nginx; bad; vendor preset: disabled)
Active: active (running) since Wed 2017-01-18 09:03:56 UTC; 15min ago
Docs: man:systemd-sysv-generator(8)
Process: 18719 ExecStart=/etc/rc.d/init.d/nginx start (code=exited, status=0/SUCCESS)
Main PID: 18726 (nginx)
CGroup: /system.slice/nginx.service
├─18726 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
├─18727 nginx: worker process
└─18728 nginx: worker process
Jan 18 09:03:55 systemd[1]: Starting SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
Jan 18 09:03:56 nginx[18719]: Starting nginx: [ OK ]
Jan 18 09:03:56 systemd[1]: Started SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server.
#檢查狀態
systemctl status nginx.service
● nginx.service - SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server
Loaded: loaded (/etc/rc.d/init.d/nginx; bad; vendor preset: disabled)
Active: active (running) since Wed 2017-01-18 09:44:10 UTC; 2s ago
Docs: man:systemd-sysv-generator(8)
Process: 18957 ExecStart=/etc/rc.d/init.d/nginx start (code=exited, status=0/SUCCESS)
Main PID: 18964 (nginx)
CGroup: /system.slice/nginx.service
├─18964 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
├─18965 nginx: worker process
└─18966 nginx: worker process
Jan 18 09:44:10 systemd[1]: Starting SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
Jan 18 09:44:10 nginx[18957]: Starting nginx: [ OK ]
Jan 18 09:44:10 systemd[1]: Started SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server.
由於雲主機不能隨便重啓,共享地址會變化…所以沒有嘗試以下方式,應該改selinux也能實現訪問的限制的移出。
應該修改/etc/selinux/config
SELINUX=disabled
以後嘗試一下。
在生產環境 單獨創建出來個用戶運行nginx 比直接用root運行安全。還是使用nginx用戶來運行。