测试是照着阮一峰的教程做的。http://www.ruanyifeng.com/blog/2018/02/nginx-docker.html
在第二步 映射网页目录是出现 403 Forbidden 百度一下发现是权限的问题 只要添加selinux规则
chcon -Rt svirt_sandbox_file_t /root/nginx-docker-demo/html/
chcon -Rt svirt_sandbox_file_t /root/nginx-docker-demo/conf/
或者永久关闭selinx
修改 selinux 配置文件
将SELINUX=enforcing改为SELINUX=disabled,保存后退出
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of three two values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
此时获取当前selinux防火墙的安全策略仍为Enforcing,配置文件并未生效。
[root@localhost ~]# getenforce
Enforcing
重启
[root@localhost ~]# reboot
验证
[root@localhost ~]# /usr/sbin/sestatus
SELinux status: disabled
[root@localhost ~]# getenforce
Disabled