Nginx非root用户不能绑定端口

问题描述

在AWS上以普通用户身份安装nginx，启动时出现无法绑定8201端口的问题

● nginx.service - nginx - high performance web server
   Loaded: loaded (/usr/lib/systemd/system/nginx.service; disabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since 一 2021-04-19 12:28:16 CST; 9s ago
     Docs: http://nginx.org/en/docs/
  Process: 14781 ExecStart=/usr/sbin/nginx -c /etc/nginx/nginx.conf (code=exited, status=1/FAILURE)

4月 19 12:28:16 ip-172-31-6-83 systemd[1]: Starting nginx - high performance web server...
4月 19 12:28:16 ip-172-31-6-83 nginx[14781]: nginx: [emerg] bind() to 0.0.0.0:8201 failed (1...ed)
4月 19 12:28:16 ip-172-31-6-83 systemd[1]: nginx.service: control process exited, code=exite...s=1
4月 19 12:28:16 ip-172-31-6-83 systemd[1]: Failed to start nginx - high performance web server.
4月 19 12:28:16 ip-172-31-6-83 systemd[1]: Unit nginx.service entered failed state.
4月 19 12:28:16 ip-172-31-6-83 systemd[1]: nginx.service failed.

问题解决

在网上搜索到相关信息，都是提示非用户不能操作1024以上的端口，跟当前问题不符，后来在博客园上找到解决方案，是跟setlinux有关。

[ec2-user@ip-172-31-6-83 nginx]$ sudo getenforce # 查看setlinux状态
Enforcing
[ec2-user@ip-172-31-6-83 nginx]$ sudo setenforce 0
[ec2-user@ip-172-31-6-83 nginx]$ sudo getenforce
Permissive
[ec2-user@ip-172-31-6-83 nginx]$ sudo systemctl start nginx
[ec2-user@ip-172-31-6-83 nginx]$ ss -tunlp | grep 8201
tcp    LISTEN     0      128       *:8201                  *:*

如果需要永久关闭selinux，请编辑/etc/selinux/config文件，将SELINUX=disabled。之后将系统重启一下即可。

vim /etc/selinux/config

原文链接