I have set up a system to use NGINX and Passenger. I used RVM single-user installation for Ruby. In the NGINX file, I specified that Passenger should run as the user that owns the application directory and its subdirectories and files. Everything works, as long as I allow execution privileges for other users:
drwxr-x--x 15 dog_park dog_park 4096 Apr 19 01:27 dog_park/
I don't understand why this should be the case. The following is specified in /etc/nginx/sites-enabled/default:
root /var/www/dog_park/public;
# Turn on Passenger
passenger_enabled on;
passenger_user dog_park;
passenger_ruby /home/dog_park/.rvm/gems/ruby-3.2.2/wrappers/ruby;
If I do not allow execution privileges to other users, I see the following in /var/log/nginx/error.log:
2023/04/20 00:34:25 [crit] 1118#1118: *1 stat() "/var/www/dog_park/public/" failed (13: Permission denied), client: <client IP>, server: _, request: "GET / HTTP/1.1", host: "<server IP>"
Any ideas would be a big help.
Looks like nginx (as a different user) is trying to inspect the directory.
The stat() in the error message is this system call.
From the linked docs:
No permissions are required on the file itself, but-in the case of
stat()andlstat()- execute (search) permission is required on all of the directories inpaththat lead to the file.