Nginx默认使用root用户启动，但这不符合运维管理规范。
如果由系统管理员重启Nginx，系统管理员多一项工作，应用管理员也存在沟通问题。

普通用户启动Nginx

方法1

[root@benniao sbin]# ll
-rwxr-xr-x. 1 root root 3893056 Feb 2 19:39 nginx

[root@benniao sbin]# chmod u+s nginx
[root@benniao sbin]# ll
-rwsr-xr-x. 1 root root 3893056 Feb 2 19:39 nginx

[root@benniao sbin]# su - appuser
[appuser@benniao ~]$ /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful

[appuser@benniao ~]$ /usr/local/nginx/sbin/nginx
[appuser@benniao ~]$ ps -ef | grep nginx
root 19653 1 0 20:15 ? 00:00:00 nginx: master process /usr/local/nginx/sbin/nginx
nobody 19654 19653 0 20:15 ? 00:00:00 nginx: worker process

方法2

[root@benniao sbin]# chown -R appuser.appuser /usr/local/nginx
[root@benniao sbin]# ll
-rwxr-xr-x. 1 appuser appuser 3893056 Feb 2 19:39 nginx

允许普通用户使用1024以下端口
Linux下默认只有root才能启动1024以下端口，所以普通用户启动会失败。
[root@benniao sbin]# setcap cap_net_bind_service=+eip nginx
[root@benniao sbin]# ll
-rwxr-xr-x. 1 appuser appuser 3893056 Feb 2 19:39 nginx
[root@benniao sbin]# getcap nginx
nginx = cap_net_bind_service+eip

扩展
setcap cap_net_bind_service=+eip nginx # 设置权限
setcap -r nginx # 清除权限
getcap nginx # 查看权限

[appuser@benniao ~]$ /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful

[appuser@benniao ~]$ /usr/local/nginx/sbin/nginx
[appuser@benniao ~]$ ps -ef | grep nginx
appuser 19426 1 0 20:11 ? 00:00:00 nginx: master process /usr/local/nginx/sbin/nginx
appuser 19427 19426 0 20:11 ? 00:00:00 nginx: worker process