Hi. Or you just remove the user line in the nginx config ;-).
Due to the fact that you will change much more in the nginx config you can take a look into this repo. https://github.com/git001/nginx-osev3 I have changed the logging to a dedicated syslog container and setuped the real_ip module to get the real client IP in the logs. https://github.com/git001/nginx-osev3/blob/master/containerfiles/etc/nginx/inc.d/logging.conf http://nginx.org/en/docs/http/ngx_http_realip_module.html If you want you can read the discussion about nginx on openshift on nginx list. http://marc.info/?t=145572280900006&r=1&w=2 Aleksandar Lazic Cloudwerkstatt GmbH On Thu, Mar 3, 2016 at 9:54 PM -0800, "Dean Peterson" <peterson.d...@gmail.com<mailto:peterson.d...@gmail.com>> wrote: Thanks! I will grant the user anyuid. On Thu, Mar 3, 2016 at 11:48 PM, Clayton Coleman <ccole...@redhat.com<mailto:ccole...@redhat.com>> wrote: Restricted now drops the SETGID capability. The "anyuid" SCC does not. You can edit restricted to give that or grant the user anyuid (which is more correct). On Mar 4, 2016, at 12:31 AM, Dean Peterson <peterson.d...@gmail.com<mailto:peterson.d...@gmail.com>> wrote: In previous versions of openshift origin I was able to run an nginx server with some static content inside a container. Now I install with the ansible installer and I get the following error in the nginx errors.log inside the running container. 2016/03/03 23:51:22 [emerg] 6#0: setgid(996) failed (1: Operation not permitted) 2016/03/03 23:51:22 [alert] 5#0: worker process 6 exited with fatal code 2 and c annot be respawned fsfsfadf My nginx.conf file is: user nginx; worker_processes 1; error_log /var/log/nginx/error.log warn; pid /var/run/nginx.pid; events { worker_connections 1024; } http { include /etc/nginx/mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; #tcp_nopush on; keepalive_timeout 65; #gzip on; } daemon off; I have set my scc restricted runAsUser.type to RunAsAny. Is there something else I need to do to allow setgid(996) for nginx in origin? I have _______________________________________________ users mailing list users@lists.openshift.redhat.com<mailto:users@lists.openshift.redhat.com> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
_______________________________________________ users mailing list users@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/users