Hi, LQ!
Please help me out with this one, I'm stumped.
I have a very simple test script to connect to mysql on a different machine and do a print to the screen of a select in the db.
I run this script from machine A (192.168.9.103) to connect to mysql on port 3306 on machine B (192.168.9.101) via commandline php and the script prints out the result of the select with no problems.
I run the same script via web through apache and get:
Access denied for user 'root'@'localhost' (using password: NO)
The connection params are not root @ localhost (they are someuser, somepass at the machine B). Apache error logs show (right after apache restart):
[Thu Jan 24 12:01:07 2013] [notice] caught SIGTERM, shutting down
[Thu Jan 24 12:01:17 2013] [notice] SELinux policy enabled; httpd running as context unconfined_u:system_r:httpd_t:s0
[Thu Jan 24 12:01:17 2013] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu Jan 24 12:01:17 2013] [notice] Digest: generating secret for digest authentication ...
[Thu Jan 24 12:01:17 2013] [notice] Digest: done
[Thu Jan 24 12:01:17 2013] [notice] Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 configured -- resuming normal operations
[Thu Jan 24 12:01:25 2013] [error] [client 192.168.9.64] PHP Warning: mysql_connect(): Can't connect to MySQL server on '192.168.9.101' (13) in /var/www/html/t.php on line 5
[Thu Jan 24 12:01:25 2013] [error] [client 192.168.9.64] PHP Warning: mysql_select_db(): Access denied for user 'root'@'localhost' (using password: NO) in /var/www/html/t.php on line 7
[Thu Jan 24 12:01:25 2013] [error] [client 192.168.9.64] PHP Warning: mysql_select_db(): A link to the server could not be established in /var/www/html/t.php on line 7
[Thu Jan 24 12:01:25 2013] [error] [client 192.168.9.64] PHP Warning: mysql_query(): Access denied for user 'root'@'localhost' (using password: NO) in /var/www/html/t.php on line 11
[Thu Jan 24 12:01:25 2013] [error] [client 192.168.9.64] PHP Warning: mysql_query(): A link to the server could not be established in /var/www/html/t.php on line 11
# php -v
PHP 5.3.3 (cli) (built: Jul 3 2012 16:53:21)
Copyright (c) 1997-2010 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies
Here's a strace of the apache thread handling the script t.php:
accept4(3, {sa_family=AF_INET, sin_port=htons(40218), sin_addr=inet_addr("192.168.9.64")}, [16], SOCK_CLOEXEC) = 9
fcntl(9, F_GETFL) = 0x2 (flags O_RDWR)
fcntl(9, F_SETFL, O_RDWR|O_NONBLOCK) = 0
read(9, "GET /t.php HTTP/1.1\r\nHost: 192.168.9.103\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:16.0) Gecko/20100101 Firefox/16.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nConnection: keep-alive\r\n\r\n", 8000) = 288
stat("/var/www/html/t.php", {st_dev=makedev(253, 0), st_ino=1445263, st_mode=S_IFREG|0755, st_nlink=1, st_uid=0, st_gid=0, st_blksize=4096, st_blocks=8, st_size=260, st_atime=2013/01/24-12:08:44, st_mtime=2013/01/24-12:08:44, st_ctime=2013/01/24-12:08:44}) = 0
brk(0x7f6ff2460000) = 0x7f6ff2460000
setitimer(ITIMER_PROF, {it_interval={0, 0}, it_value={60, 0}}, NULL) = 0
rt_sigaction(SIGPROF, {0x7f6fe6035a50, [PROF], SA_RESTORER|SA_RESTART, 0x7f6feee53920}, {0x7f6fe6035a50, [PROF], SA_RESTORER|SA_RESTART, 0x7f6feee53920}, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [PROF], NULL, 8) = 0
getcwd("/", 4095) = 2
chdir("/var/www/html") = 0
setitimer(ITIMER_PROF, {it_interval={0, 0}, it_value={30, 0}}, NULL) = 0
lstat("/var/www/html/t.php", {st_dev=makedev(253, 0), st_ino=1445263, st_mode=S_IFREG|0755, st_nlink=1, st_uid=0, st_gid=0, st_blksize=4096, st_blocks=8, st_size=260, st_atime=2013/01/24-12:08:44, st_mtime=2013/01/24-12:08:44, st_ctime=2013/01/24-12:08:44}) = 0
lstat("/var/www/html", {st_dev=makedev(253, 0), st_ino=1442303, st_mode=S_IFDIR|0775, st_nlink=3, st_uid=48, st_gid=48, st_blksize=4096, st_blocks=8, st_size=4096, st_atime=2013/01/24-11:56:04, st_mtime=2013/01/24-12:08:44, st_ctime=2013/01/24-12:08:44}) = 0
lstat("/var/www", {st_dev=makedev(253, 0), st_ino=1442276, st_mode=S_IFDIR|0775, st_nlink=6, st_uid=48, st_gid=48, st_blksize=4096, st_blocks=8, st_size=4096, st_atime=2013/01/23-17:22:01, st_mtime=2013/01/23-17:21:59, st_ctime=2013/01/23-17:21:59}) = 0
lstat("/var", {st_dev=makedev(253, 0), st_ino=1310721, st_mode=S_IFDIR|0755, st_nlink=21, st_uid=0, st_gid=0, st_blksize=4096, st_blocks=8, st_size=4096, st_atime=2013/01/23-15:36:59, st_mtime=2013/01/14-19:17:12, st_ctime=2013/01/14-19:17:12}) = 0
open("/var/www/html/t.php", O_RDONLY) = 10
fstat(10, {st_dev=makedev(253, 0), st_ino=1445263, st_mode=S_IFREG|0755, st_nlink=1, st_uid=0, st_gid=0, st_blksize=4096, st_blocks=8, st_size=260, st_atime=2013/01/24-12:08:44, st_mtime=2013/01/24-12:08:44, st_ctime=2013/01/24-12:08:44}) = 0
fstat(10, {st_dev=makedev(253, 0), st_ino=1445263, st_mode=S_IFREG|0755, st_nlink=1, st_uid=0, st_gid=0, st_blksize=4096, st_blocks=8, st_size=260, st_atime=2013/01/24-12:08:44, st_mtime=2013/01/24-12:08:44, st_ctime=2013/01/24-12:08:44}) = 0
fstat(10, {st_dev=makedev(253, 0), st_ino=1445263, st_mode=S_IFREG|0755, st_nlink=1, st_uid=0, st_gid=0, st_blksize=4096, st_blocks=8, st_size=260, st_atime=2013/01/24-12:08:44, st_mtime=2013/01/24-12:08:44, st_ctime=2013/01/24-12:08:44}) = 0
mmap(NULL, 260, PROT_READ, MAP_SHARED, 10, 0) = 0x7f6ff07c4000
munmap(0x7f6ff07c4000, 260) = 0
close(10) = 0
rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0
rt_sigaction(SIGCHLD, NULL, {SIG_DFL, [], 0}, 8) = 0
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
nanosleep({5, 0}, 0x7fff6c0d5080) = 0
socket(PF_INET, SOCK_STREAM, IPPROTO_IP) = 10
fcntl(10, F_SETFL, O_RDONLY) = 0
fcntl(10, F_GETFL) = 0x2 (flags O_RDWR)
fcntl(10, F_GETFL) = 0x2 (flags O_RDWR)
fcntl(10, F_SETFL, O_RDWR|O_NONBLOCK) = 0
connect(10, {sa_family=AF_INET, sin_port=htons(3306), sin_addr=inet_addr("192.168.9.101")}, 16) = -1 EACCES (Permission denied)
fcntl(10, F_SETFL, O_RDWR) = 0
shutdown(10, 2 /* send and receive */) = -1 ENOTCONN (Transport endpoint is not connected)
close(10) = 0
write(2, "[Thu Jan 24 13:14:08 2013] [error] [client 192.168.9.64] PHP Warning: mysql_connect(): Can't connect to MySQL server on '192.168.9.101' (13) in /var/www/html/t.php on line 5\n", 175) = 175
socket(PF_FILE, SOCK_STREAM, 0) = 10
fcntl(10, F_SETFL, O_RDONLY) = 0
fcntl(10, F_GETFL) = 0x2 (flags O_RDWR)
fcntl(10, F_GETFL) = 0x2 (flags O_RDWR)
fcntl(10, F_SETFL, O_RDWR|O_NONBLOCK) = 0
connect(10, {sa_family=AF_FILE, path="/var/lib/mysql/mysql.sock"}, 110) = 0
fcntl(10, F_SETFL, O_RDWR) = 0
setsockopt(10, SOL_SOCKET, SO_RCVTIMEO, "\2003\341\1\0\0\0\0\0\0\0\0\0\0\0\0", 16) = 0
setsockopt(10, SOL_SOCKET, SO_SNDTIMEO, "\2003\341\1\0\0\0\0\0\0\0\0\0\0\0\0", 16) = 0
setsockopt(10, SOL_IP, IP_TOS, [8], 4) = -1 EOPNOTSUPP (Operation not supported)
setsockopt(10, SOL_SOCKET, SO_KEEPALIVE, [1], 4) = 0
poll([{fd=10, events=POLLIN}], 1, 60000) = 1 ([{fd=10, revents=POLLIN}])
read(10, "4\0\0\0\n5.1.66\0w\0\0\0Mf:.v,r{\0\377\367\10\2\0\0\0\0\0\0\0\0\0\0\0\0\0\000401GQA0kN$g[\0", 16384) = 56
geteuid() = 48
open("/proc/self/loginuid", O_RDONLY) = 11
read(11, "0", 12) = 1
close(11) = 0
open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 11
fstat(11, {st_dev=makedev(253, 0), st_ino=263856, st_mode=S_IFREG|0644, st_nlink=1, st_uid=0, st_gid=0, st_blksize=4096, st_blocks=8, st_size=1472, st_atime=2013/01/23-15:40:56, st_mtime=2013/01/23-15:40:28, st_ctime=2013/01/23-15:40:28}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6ff07c4000
read(11, "root:x:0:0:root:/root:/bin/bash\nbin:x:1:1:bin:/bin:/sbin/nologin\ndaemon:x:2:2:daemon:/sbin:/sbin/nologin\nadm:x:3:4:adm:/var/adm:/sbin/nologin\nlp:x:4:7:lp:/var/spool/lpd:/sbin/nologin\nsync:x:5:0:sync:/sbin:/bin/sync\nshutdown:x:6:0:shutdown:/sbin:/sbin/shutdown\nhalt:x:7:0:halt:/sbin:/sbin/halt\nmail:x:8:12:mail:/var/spool/mail:/sbin/nologin\nuucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin\noperator:x:11:0
perator:/root:/sbin/nologin\ngames:x:12:100:games:/usr/games:/sbin/nologin\ngopher:x:13:30:gopher:/var/gopher:/sbin/nologin\nftp:x:14:50:FTP User:/var/ftp:/sbin/nologin\nnobody:x:99:99:Nobody:/:/sbin/nologin\ndbus:x:81:81:System message bus:/:/sbin/nologin\nvcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin\nrpc:x:32:32:Rpcbind Daemon:/var/cache/rpcbind:/sbin/nologin\nabrt:x:173:173::/etc/abrt:/sbin/nologin\nhaldaemon:x:68:68:HAL daemon:/:/sbin/nologin\nntp:x:38:38::/etc/ntp:/sbin/nologin\nsaslauth:x:499:76:\"Saslauthd user\":/var/empty/saslauth:/sbin/nologin\npostfix:x:89:89::/var/spool/post"..., 4096) = 1472
close(11) = 0
munmap(0x7f6ff07c4000, 4096) = 0
write(10, "&\0\0\1\205\242\2\0\0\0\0@\10\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0root\0\0", 42) = 42
read(10, "G\0\0\2\377\25\4#28000Access denied for user 'root'@'localhost' (using password: NO)", 16384) = 75
shutdown(10, 2 /* send and receive */) = 0
close(10) = 0
write(2, "[Thu Jan 24 13:14:08 2013] [error] [client 192.168.9.64] PHP Warning: mysql_select_db(): Access denied for user 'root'@'localhost' (using password: NO) in /var/www/html/t.php on line 7\n", 186) = 186
write(2, "[Thu Jan 24 13:14:08 2013] [error] [client 192.168.9.64] PHP Warning: mysql_select_db(): A link to the server could not be established in /var/www/html/t.php on line 7\n", 169) = 169
socket(PF_FILE, SOCK_STREAM, 0) = 10
fcntl(10, F_SETFL, O_RDONLY) = 0
fcntl(10, F_GETFL) = 0x2 (flags O_RDWR)
fcntl(10, F_GETFL) = 0x2 (flags O_RDWR)
fcntl(10, F_SETFL, O_RDWR|O_NONBLOCK) = 0
connect(10, {sa_family=AF_FILE, path="/var/lib/mysql/mysql.sock"}, 110) = 0
fcntl(10, F_SETFL, O_RDWR) = 0
setsockopt(10, SOL_SOCKET, SO_RCVTIMEO, "\2003\341\1\0\0\0\0\0\0\0\0\0\0\0\0", 16) = 0
setsockopt(10, SOL_SOCKET, SO_SNDTIMEO, "\2003\341\1\0\0\0\0\0\0\0\0\0\0\0\0", 16) = 0
setsockopt(10, SOL_IP, IP_TOS, [8], 4) = -1 EOPNOTSUPP (Operation not supported)
setsockopt(10, SOL_SOCKET, SO_KEEPALIVE, [1], 4) = 0
poll([{fd=10, events=POLLIN}], 1, 60000) = 1 ([{fd=10, revents=POLLIN}])
read(10, "4\0\0\0\n5.1.66\0x\0\0\0{o:sT+u0\0\377\367\10\2\0\0\0\0\0\0\0\0\0\0\0\0\0\0+(&'/XMXT|4,\0", 16384) = 56
geteuid() = 48
open("/proc/self/loginuid", O_RDONLY) = 11
read(11, "0", 12) = 1
close(11) = 0
open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 11
fstat(11, {st_dev=makedev(253, 0), st_ino=263856, st_mode=S_IFREG|0644, st_nlink=1, st_uid=0, st_gid=0, st_blksize=4096, st_blocks=8, st_size=1472, st_atime=2013/01/23-15:40:56, st_mtime=2013/01/23-15:40:28, st_ctime=2013/01/23-15:40:28}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6ff07c4000
read(11, "root:x:0:0:root:/root:/bin/bash\nbin:x:1:1:bin:/bin:/sbin/nologin\ndaemon:x:2:2:daemon:/sbin:/sbin/nologin\nadm:x:3:4:adm:/var/adm:/sbin/nologin\nlp:x:4:7:lp:/var/spool/lpd:/sbin/nologin\nsync:x:5:0:sync:/sbin:/bin/sync\nshutdown:x:6:0:shutdown:/sbin:/sbin/shutdown\nhalt:x:7:0:halt:/sbin:/sbin/halt\nmail:x:8:12:mail:/var/spool/mail:/sbin/nologin\nuucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin\noperator:x:11:0
perator:/root:/sbin/nologin\ngames:x:12:100:games:/usr/games:/sbin/nologin\ngopher:x:13:30:gopher:/var/gopher:/sbin/nologin\nftp:x:14:50:FTP User:/var/ftp:/sbin/nologin\nnobody:x:99:99:Nobody:/:/sbin/nologin\ndbus:x:81:81:System message bus:/:/sbin/nologin\nvcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin\nrpc:x:32:32:Rpcbind Daemon:/var/cache/rpcbind:/sbin/nologin\nabrt:x:173:173::/etc/abrt:/sbin/nologin\nhaldaemon:x:68:68:HAL daemon:/:/sbin/nologin\nntp:x:38:38::/etc/ntp:/sbin/nologin\nsaslauth:x:499:76:\"Saslauthd user\":/var/empty/saslauth:/sbin/nologin\npostfix:x:89:89::/var/spool/post"..., 4096) = 1472
close(11) = 0
munmap(0x7f6ff07c4000, 4096) = 0
write(10, "&\0\0\1\205\242\2\0\0\0\0@\10\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0root\0\0", 42) = 42
read(10, "G\0\0\2\377\25\4#28000Access denied for user 'root'@'localhost' (using password: NO)", 16384) = 75
shutdown(10, 2 /* send and receive */) = 0
close(10) = 0
write(2, "[Thu Jan 24 13:14:08 2013] [error] [client 192.168.9.64] PHP Warning: mysql_query(): Access denied for user 'root'@'localhost' (using password: NO) in /var/www/html/t.php on line 11\n", 183) = 183
write(2, "[Thu Jan 24 13:14:08 2013] [error] [client 192.168.9.64] PHP Warning: mysql_query(): A link to the server could not be established in /var/www/html/t.php on line 11\n", 166) = 166
chdir("/") = 0
setitimer(ITIMER_PROF, {it_interval={0, 0}, it_value={0, 0}}, NULL) = 0
writev(9, [{"HTTP/1.1 200 OK\r\nDate: Thu, 24 Jan 2013 11:14:03 GMT\r\nServer: Apache/2.2.15 (CentOS)\r\nX-Powered-By: PHP/5.3.3\r\nContent-Length: 62\r\nConnection: close\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n", 192}, {"Access denied for user 'root'@'localhost' (using password: NO)", 62}], 2) = 254
write(6, "192.168.9.64 - - [24/Jan/2013:13:14:03 +0200] \"GET /t.php HTTP/1.1\" 200 62 \"-\" \"Mozilla/5.0 (X11; Linux x86_64; rv:16.0) Gecko/20100101 Firefox/16.0\"\n", 150) = 150
shutdown(9, 1 /* send */) = 0
poll([{fd=9, events=POLLIN}], 1, 2000) = 1 ([{fd=9, revents=POLLIN|POLLHUP}])
read(9, "", 512) = 0
close(9) = 0
read(4, 0x7fff6c0d77bf, 1) = -1 EAGAIN (Resource temporarily unavailable)
accept4(3,
I couldn't find anything interesting in apache conf, php.ini or php conf for apache, and clearly this is the issue:
socket(PF_INET, SOCK_STREAM, IPPROTO_IP) = 10
fcntl(10, F_SETFL, O_RDONLY) = 0
fcntl(10, F_GETFL) = 0x2 (flags O_RDWR)
fcntl(10, F_GETFL) = 0x2 (flags O_RDWR)
fcntl(10, F_SETFL, O_RDWR|O_NONBLOCK) = 0
connect(10, {sa_family=AF_INET, sin_port=htons(3306), sin_addr=inet_addr("192.168.9.101")}, 16) = -1 EACCES (Permission denied)
fcntl(10, F_SETFL, O_RDWR) = 0
shutdown(10, 2 /* send and receive */) = -1 ENOTCONN (Transport endpoint is not connected)
but I don't know where to look.
The system is:
# cat /etc/redhat-release
CentOS release 6.3 (Final)
with
Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3
# iptables -n -L -v
...
Chain OUTPUT (policy ACCEPT 68812 packets, 216M bytes)
pkts bytes target prot opt in out source destination
no outgoing rules.
Btw, no problems connecting with commandline client:
# netstat -npla | grep mysql
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 3027/mysqld
tcp 0 0 192.168.9.103:58036 192.168.9.101:3306 ESTABLISHED 20317/mysql
unix 2 [ ACC ] STREAM LISTENING 17169 3027/mysqld /var/lib/mysql/mysql.sock
unix 3 [ ] STREAM CONNECTED 13542130 3027/mysqld /var/lib/mysql/mysql.sock
unix 3 [ ] STREAM CONNECTED 13542129 7281/mysql
And here's the script itself:
<?php
mysql_connect("192.168.9.101","******","******");
mysql_select_db("***");
$sql =" select * from event_current limit 1; ";
$r= mysql_query($sql) or die(mysql_error());
while ( $res = mysql_fetch_assoc($r) ) {
var_dump($res);
}
?>
If you need any other info, please let me know and I'll run it, etc.
Very mysterious problem for me... Might be something about selinux, I'm not familiar with this...
These are fresh installs of mysql, php, apache on a fresh centos 6.3 install, btw - nothing modified. Except one rule in iptables to allow connections to port 80.
-Alex