Nginx tries to reload logs as www user on USR1 signal

Mikael

Mikael

Trying to setup Nginx log rotation I ran into a little problem with permissions. Nginx creates logs as root:wheel (master process?) but tries (and fail) to reload them as www user on USR1 signal (worker process?).

Steps to reproduce:

No logs exists:
Code: 
w02# ls /var/log/nginx*
total 4
drwxr-----  2 root  wheel   512 Dec 29 20:39 ./
drwxr-xr-x  3 root  wheel  1536 Dec 29 20:39 ../

Start nginx and the logs are created as root:wheel:
Code: 
w02# /usr/local/etc/rc.d/nginx start
Performing sanity check on nginx configuration:
the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
configuration file /usr/local/etc/nginx/nginx.conf test is successful
Starting nginx.
w02# ls /var/log/nginx*
-rw-r--r--  1 root  wheel  0 Dec 29 20:42 /var/log/nginx-error.log

/var/log/nginx:
total 4
drwxr-----  2 root  wheel   512 Dec 29 20:42 ./
drwxr-xr-x  3 root  wheel  1536 Dec 29 20:42 ../
-rw-r--r--  1 root  wheel     0 Dec 29 20:42 vhost1.access.log

Tell nginx to reload logs:
Code: 
w02# kill -USR1 `cat /var/run/nginx.pid`

Which it fails to do:
Code: 
w02# cat /var/log/nginx-error.log 
2009/12/29 20:48:31 [emerg] 74326#0: open() "/var/log/nginx/vhost1.access.log" failed (13: Permission denied)

Code: 
w02# ls /var/log/nginx*
-rw-r--r--  1 www  wheel  468 Dec 29 20:48 /var/log/nginx-error.log

/var/log/nginx:
total 4
drwxr-----  2 root  wheel   512 Dec 29 20:42 ./
drwxr-xr-x  3 root  wheel  1536 Dec 29 20:42 ../
-rw-r--r--  1 www   wheel     0 Dec 29 20:42 vhost1.access.log

Am I missing something obvious here? Should I just change the permissions on the /var/log/nginx directory? Spawn-fcgi starts PHP processes as the www user and I really don't like that the logs created by Nginx are owned by the same user. Any ideas for a better solution?
 
Set correct user in ngnix. From ver 0.7.53 recommended way to reopen file is
Code: 
/path/to/sbin/nginx -s reopen
 
Thank you vivek, nginx -s reload works perfectly. Is this a Nginx bug, according to http://wiki.nginx.org/NginxCommandLine the two reload methods should do the same thing?

Sadly nginx -s reload will not work with newsyslog.conf :\

I think I will run PHP with a different user and leave this as it is.
 
You must log in or register to reply here.
Back
Top