centos8 nginx uwsgi socket permission denied

nginx uwsgi centos8

Before getting to the answer, you should make every effort to break the bad security habits of using chmod 777 or disabling SELinux. Rather, you should learn fully the UNIX permission model so that you will always know the right permissions, and you should configure your services to work with SELinux to benefit from the additional layers of security that it provides.

So the reason your socket buried deep within a user's home directory doesn't work is that a parent directory's permissions prohibit the necessary access (in this case, search x). Use namei -l /home/***/.deploy/my.sock to see the permissions of all parent directories at once, and correct the ones which do not allow search permission (most likely it is /home/***).

chmod +x /as/needed

Also remember to fix the permissions and ownership on the socket itself as needed.

For completeness, the reason your socket in /tmp was not found is that nginx running as a system service cannot access the system /tmp directory. Systemd starts it with PrivateTmp=true which causes a unique private directory to be created and nginx's /tmp namespaced to that directory. This is what all those /tmp/xxx-systemd-private-foo directories are for.

Related

Looking for a way to replace every instance of a non-zero sized file in a directory tree using a batch file
Plain uWSGI error: uwsgi_response_write_body_do() TIMEOUT
Only have connectivity to nginx pod from the node its running on
How to encrypt user password in Freeradius
Having one ESXI VM serve DHCP addresses for two VLANs?
MDT auto-logon and update fails on when re-imagining Windows 10
GoDaddy Intermediate certificate for Apache 2.2.31 / Amazon Linux
DFS Replication server role and Remote Differential Compression feature
How to execute/run puppet class
Trying to install SSL: Private key does not match certificate
Can I alias all directory requests to a single file in nginx?
ESXi - serial console as default console