解决CentOS Linux Nginx 访问软件链目录报错403 Forbidden

目录状态

lrwxrwxrwx. 1 yeqiang yeqiang      5 Mar  2 13:56 tt -> tt_v1
drwxrwxr-x. 2 yeqiang yeqiang     60 Mar  2 13:51 tt_v1
drwxrwxr-x. 2 yeqiang yeqiang     60 Mar  2 13:51 tt_v2

nginx配置

location /tt {
                alias /tmp/tt;
                autoindex on;
        }

访问http://localhost/tt 报错如下

此时记录的错误日志error.log

2020/03/02 14:02:01 [error] 54748#0: *12 open() "/tmp/tt" failed (13: Permission denied), client: 127.0.0.1, server: localhost, request: "GET /tt HTTP/1.1", host: "localhost"

 

解决办法：修改软链接所属用户即组

[yeqiang@localhost tmp]$ sudo chown nobody:nobody tt -R
[yeqiang@localhost tmp]$ 

问题解决。

 

总结：奇怪的是，普通目录只要有755权限就可以访问，软连接必须是nginx worker进程用户才能打开目录。