nginx permission denied for upstream unix socket

Tim tim at bastelfreak.de
Mon Aug 25 13:21:44 UTC 2014


Hi,

I'm running nginx under CentOS 7 as a local proxy for a puppetmaster. I 
get the following error for every agent trying to connect to the master:

"[crit] 8543#0: *13 connect() to 
unix:/var/run/puppet/puppetmaster_puma.sock failed (13: Permission 
denied) while connecting to upstream, client: 192.168.122.189, server: , 
request: "PUT /production/report/master.puppet.local HTTP/1.1", 
upstream: 
"http://unix:/var/run/puppet/puppetmaster_puma.sock:/production/report/master.puppet.local", 
host: "master.puppet.local:8140""


But:
srwxrwxrwx. 1 puppet puppet 0 25. Aug 10:35 
/var/run/puppet/puppetmaster_puma.sock

The socket seems to be read/write able for everyone on the system? Why 
throws nginx a "permission denied" massage?

And here is my nginx config:

# define our puma backend
upstream puppetmaster_puma {
         server unix:/var/run/puppet/puppetmaster_puma.sock;
}

# define our proxy for breaking up SSL
server {
         ssl on;
         ssl_certificate 
/var/lib/puppet/ssl/certs/master.puppet.local.pem;
         ssl_certificate_key 
/var/lib/puppet/ssl/private_keys/master.puppet.local.pem;
         ssl_verify_client optional;
         ssl_client_certificate /var/lib/puppet/ssl/ca/ca_crt.pem;
         listen 192.168.122.189:8140 ssl;
         root /var/empty;
         location / {
                 proxy_pass http://puppetmaster_puma;
         }
}

nginx is running in version 1.6.1,



More information about the nginx mailing list