Weird privilege errors on Ubuntu 20.04
Sergey A. Osokin
osa at freebsd.org.ru
Tue Jun 8 19:13:02 UTC 2021
Hi there,
hope you're doing well.
On Tue, Jun 08, 2021 at 11:46:32AM -0700, Palvelin Postmaster wrote:
> I wonder what can cause these weird error log entries? The log entries indicate a PID which doesn’t exist. Does nginx launch some temporary process when it starts?
>
> Nginx 1.21.0 on Ubuntu 20.04.
>
> root at k2:~# systemctl restart nginx
>
> root at k2:~# tail /var/log/nginx/error.log
> 2021/06/08 21:25:32 [warn] 1287733#1287733: the "user" directive makes sense only if the master process runs with super-user privileges, ignored in /etc/nginx/nginx.conf:21
> 2021/06/08 21:25:32 [emerg] 1287733#1287733: cannot load certificate key "/etc/ssl/private/nginx-selfsigned.key": BIO_new_file() failed (SSL: error:0200100D:system library:fopen:Permission denied:fopen('/etc/ssl/private/nginx-selfsigned.key','r') error:2006D002:BIO routines:BIO_new_file:system lib)
Seems like an attempt to start nginx without root privileges.
> root at k2:~# ls -lh /etc/ssl/private/ |grep selfsigned
> -rw-r----- 1 root ssl-cert 1.7K Jul 8 17:12 nginx-selfsigned.key
>
> root at k2:~# cat /etc/nginx/nginx.conf |grep ^user
> user www-data;
>
> root at k2:~# ps -auxw |grep nginx
> root 1287600 0.0 0.0 56148 6504 ? Ss 21:25 0:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
> www-data 1287601 0.7 0.1 58544 15652 ? S 21:25 0:05 nginx: worker process
> www-data 1287602 0.0 0.1 57556 13696 ? S 21:25 0:00 nginx: worker process
> www-data 1287603 0.0 0.1 56392 9184 ? S 21:25 0:00 nginx: cache manager process
Could you check `www-data' user permission, and add, if necessary, to the `ssl-cert' group.
--
Sergey Osokin
More information about the nginx
mailing list