👀 Views: 154 💬 Answers: 1 📅 Created: 2025-06-11

linux nginx selinux bash

I've been banging my head against this for hours. I'm working with an scenario with SELinux on my CentOS 8 server where it is preventing Nginx from accessing a custom directory I've created for serving static files. I've configured Nginx to serve files from `/var/www/myapp/static`, but every request results in a '403 Forbidden' behavior. After checking the Nginx behavior logs, I see the following message: ``` 2023/10/04 12:34:56 [behavior] 12345#12345: *1 directory index of "/var/www/myapp/static/" is forbidden, client: 192.168.1.10, server: myapp.local, request: "GET / HTTP/1.1", host: "myapp.local" ``` I've verified that the Nginx configuration is correct and the directory permissions are set to allow the Nginx user access: ```bash ls -ld /var/www/myapp/static ``` This returns: ``` drwxr-xr-x. 2 nginx nginx 4096 Oct 4 12:00 /var/www/myapp/static ``` To further investigate, I temporarily disabled SELinux with the command `setenforce 0`, and this resolved the scenario, allowing Nginx to serve files correctly. However, I don't want to leave SELinux disabled for security reasons. I've tried running the following command to allow Nginx access to the directory: ```bash chcon -R -t httpd_sys_content_t /var/www/myapp/static ``` However, I'm still seeing the same '403 Forbidden' response. Additionally, I've run `getsebool httpd_can_network_connect on` but it didn't seem relevant for this static file serving scenario. What steps do I need to take to properly configure SELinux to allow Nginx to serve files from this directory without disabling SELinux altogether? I'd be grateful for any help.