Fix log permissions issue
Note that the ownership of log files has changed to
root:root and the mode changed to
770) to address CVE-2016-1247. This should not affect general operation, as this is the default for log directories and also what httpd uses but if you use external tools to process the log files you may want to check continued operation after this update.
nginx in EPEL 7 is now built against OpenSSL 1.1 to allow the use of TLSv1.3.
location / directives so that it can be overridden in
conf.d without needing to touch the default config. Note that the first
server (as defined in the default config) and
root will continue to serve the default
index.html as long as no other
server is defined.
nginx now handles creation of new log files to ensure correct permissions.
nginx no longer requires
nginx-all-modules to allow for a leaner install.
The systemd unit will now wait for the
network-online.target. Previously, start up could fail if DNS names were used for some config options (such as
proxy_pass) and these names were not resolvable at service start time.
The systemd unit now uses
nginx -s to only reload the service if the configuration is valid. In previous versions an invalid configuration could take down nginx upon reload.
Please consult http://nginx.org/en/CHANGES-1.20 for all changes to nginx since the current EPEL 7 release of 1.16.1.
Please login to add feedback.