Turns out I forgot about SELinux (again).
Running
Code:
setsebool -P httpd_can_network_connect_db on
Fixed my problem, on a side note another problem with Squirrelmail not being able to connect to the mailserver was solved by changing
/etc/php.ini: allow_url_include = Off
to On.
(by the way, if anyone knows how I can get the word wrap working on this post please let me know as I have no idea)
I'm having an issue where web applications running on apache, on a xen machine, cannot connect to databases over the network.
The configuration is a server running Fedora Core 6, on this server is a Xen machine running Fedora 9. This xen machine was installed with virt-install.
I don't know a lot of networking so it's whatever the default install did, I believe it connects directly to the router through the server's eth0 device using multicast (they both have their own IP and the router sees both machines as separate).
The essence of the problem is thus, I can write a script, in either php or python which connects to either a mysql or postgresql database on the server. Run from a bash terminal those scripts both run and connect fine, however, put those scripts into web application and neither script can connect to the server.
I've run wireshark on the server and confirmed that no packets are showing up there when the web apps try to make the connection.
In fact I replicated the databases onto the xen machine itself, if I try to connect to the localhost through either 192.168.1.5 or even 127.0.0.1 it again fails, however using 'localhost' instead of '127.0.0.1' works (note as usual everything works through the command line).
I'm pretty sure this isn't a problem with the apache configuration since I have a laptop running F9 and I went as far as copying over the entire /etc/httpd from the xen machine to the laptop and the laptop was still able to run the web apps properly and connect to the databases.
I was wondering if anyone had any idea what was going on or how to fix this?
Thanks,
Aaron
A sample line from the apache error_log
Code:
[Sun Jul 06 16:58:47 2008] [error] [client 192.168.1.2] PHP Warning: mysql_connect() [<a href='function.mysql-connect'>function.mysql-connect</a>]: Can't connect to MySQL server on '192.168.1.4' (13) in /var/www/html/test.php on line 2
One of the scripts.
PHP Code:
<?php
$link = mysql_connect('192.168.1.4','foo', 'bar');
if (!$link) {
die('Could not connect: ' . mysql_error());
}
echo 'Connected successfully';
mysql_close($link);
?>
Useful?
Code:
[root@web ~]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.0 * 255.255.255.0 U 0 0 0 eth0
default 192.168.1.254 0.0.0.0 UG 0 0 0 eth0
[root@web ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:16:3E:6E:A7:97
inet addr:192.168.1.5 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::216:3eff:fe6e:a797/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1827194 errors:0 dropped:0 overruns:0 frame:0
TX packets:208698 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1038882019 (990.7 MiB) TX bytes:18147937 (17.3 MiB)
Interrupt:6
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:732 errors:0 dropped:0 overruns:0 frame:0
TX packets:732 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:104226 (101.7 KiB) TX bytes:104226 (101.7 KiB)
