failed (13: Permission denied) while connecting to upstream : Nginx 에러로그

1. Nginx 퍼미션 에러로그 원인

*1 connect() to [::1]:1206 failed (13: Permission denied) while connecting to upstream, client: 블라블라블라~~

Nginx로 라우팅 처리할때 퍼미션 에러가 발생한다면 이유는 아래 내용

selunux가 permissive로 enable된 상태의 가정

inbogi@localhost  ~/ sestatus            
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   enforcing
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      31

inbogi@localhost  ~/ sudo semanage port -l | grep http_port_t                                                                                                                               
http_port_t                    tcp      80, 81, 443, 488, 8008, 8009, 8443, 9000

가용하지 않은 포트번호로 넘겨주기때문에 에러가 발생

2. Permission denied 해결방안

selinux_can_network_connect 설정을 바꿔주면 간단히 해결!

 inbogi@localhost  ~ / sudo setsebool -P httpd_can_network_connect 1        
 inbogi@localhost  ~/ 

그리고 다시 접속하면 접속된다.

selinux 현재 설정 확인하는 방법

getsebool -a | grep httpd                                                                                                                                                                                                                  ✔  2756  14:55:38
httpd_anon_write --> off
httpd_builtin_scripting --> on
httpd_can_check_spam --> off
httpd_can_connect_ftp --> off
httpd_can_connect_ldap --> off
httpd_can_connect_mythtv --> off
httpd_can_connect_zabbix --> off
httpd_can_network_connect --> on
httpd_can_network_connect_cobbler --> off
httpd_can_network_connect_db --> off
.....
....
...

🙂 GOOD

https://nginx.org/en/

https://www.redhat.com/en/topics/linux/what-is-selinux