fix: Nginx: stat() failed (13: permission denied)

nginx-stat-failed-13-permission-denied.md

Nginx: stat() failed (13: permission denied)

from https://stackoverflow.com/questions/25774999/nginx-stat-failed-13-permission-denied

Nginx operates within the directory, so if you can't cd to that directory from the nginx user then it will fail (as does the stat command in your log). Make sure the www-user can cd all the way to the /username/test/static. You can confirm that the stat will fail or succeed by running

sudo -u www-data stat /username/test/static

In your case probably the /username directory is the issue here. Usually www-data does not have permissions to cd to other users home directories.

The best solution in that case would be to add www-data to username group:

gpasswd -a www-data username

and make sure that username group can enter all directories along the path:

chmod g+x /username && chmod g+x /username/test && chmod g+x /username/test/static

For your changes to work, restart nginx

nginx -s reload

It's the solution for many permission denied errors

Helped a lot thanks.

Helped a lot thanks.

My pleasure.

You save my day. Thank you so much ❤️

You save my day. Thank you so much ❤️

You are welcome.

ninja! thanks buddy 👍

Thank you so much ❤️

thanking you very much

Thank's a lot. You saved me.

thanks

this helped me:
sudo chown -R www-data:www-data /your/path/to/static/
I also had to give permission to every file that required permission not just an end location.
so smth like this:
sudo chown -R www-data:www-data /your/path/to/static/
sudo chown -R www-data:www-data /your/path/to/
sudo chown -R www-data:www-data /your/path/
sudo chown -R www-data:www-data /your/

this helped me:
sudo chown -R www-data:www-data /your/path/to/static/
I also had to give permission to every file that required permission not just an end location.
so smth like this:
sudo chown -R www-data:www-data /your/path/to/static/
sudo chown -R www-data:www-data /your/path/to/
sudo chown -R www-data:www-data /your/path/
sudo chown -R www-data:www-data /your/

If it works for you, you can keep it, but in my opinion, it may have some flaws.
It assigns the ownership of those directories to www-data, and gives that user access permission.
Our goal is to ensure that www-data can access the contents in that directory, but we also want to keep our own permission. However, your solution might prevent the current $USER (yourself) from accessing that directory. It doesn't always happen, but it's probable.

Thank you! You saved my day

Thank you! You saved my life

Ended up using ACL Permissions, 'sudo apt install acl', it allows me to add an additional $USER to a file/folder, which in my case would be 'nginx' as a $USER, had to give permissions starting at the home directory level, '~/', then github complained about unsecure permissions on my private key .ssh file, the following commands might save you some time,

$ sudo -u nginx namei ~/path/to/static/folder

$ setfacl -R -m u:nginx:rx ~/

$ sudo -u nginx namei ~/path/to/static/folder

$ getfacl -a

$ chmod -R go= ~/.ssh
$ chown -R <$USER>:<$USER> ~/.ssh

Note: the namei was used to just check the permissions granted to access a file/folder by a specific $USER through a given path

Reference: https://www.geeksforgeeks.org/linux-setfacl-command-with-example/