MySQL is not working on PHP with Fedora 16

Fedora Linux fedoralinux at toursbymexico.com
Wed Jan 25 02:03:00 UTC 2012 

Yes... it appeared a popup with SELinux errors, I opened it and shows:

SELinux is preventing /usr/sbin/httpd from connectto access on the
unix_stream_socket /var/lib/mysql/mysql.sock.

*****  Plugin catchall (100. confidence) suggests
 ***************************

If you believe that httpd should be allowed connectto access on the
mysql.sock unix_stream_socket by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep /usr/sbin/httpd /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp

Additional Information:
Source Context                unconfined_u:system_r:httpd_t:s0
Target Context
 unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1
                              023
Target Objects                /var/lib/mysql/mysql.sock [
unix_stream_socket ]
Source                        /usr/sbin/httpd
Source Path                   /usr/sbin/httpd
Port                          <Unknown>
Host                          hexenmeister
Source RPM Packages           httpd-2.2.21-1.fc16
Target RPM Packages
Policy RPM                    selinux-policy-3.10.0-46.fc16
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Enforcing
Host Name                     hexenmeister
Platform                      Linux hexenmeister 3.1.0-7.fc16.x86_64 #1 SMP
Tue
                              Nov 1 21:10:48 UTC 2011 x86_64 x86_64
Alert Count                   13
First Seen                    Mon 26 Dec 2011 09:13:51 AM CST
Last Seen                     Tue 24 Jan 2012 07:45:05 PM CST
Local ID                      13679772-cd1a-4414-8fe0-17db5c12c0f9

Raw Audit Messages
type=AVC msg=audit(1327455905.131:121): avc:  denied  { connectto } for
 pid=6215 comm="/usr/sbin/httpd" path="/var/lib/mysql/mysql.sock"
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
tclass=unix_stream_socket


type=SYSCALL msg=audit(1327455905.131:121): arch=x86_64 syscall=connect
success=no exit=EACCES a0=10 a1=7fffbec545a0 a2=6e a3=0 items=0 ppid=6211
pid=6215 auid=1000 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48
fsgid=48 tty=(none) ses=2 comm=/usr/sbin/httpd exe=/usr/sbin/httpd
subj=unconfined_u:system_r:httpd_t:s0 key=(null)

Hash: /usr/sbin/httpd,httpd_t,unconfined_t,unix_stream_socket,connectto

audit2allow

#============= httpd_t ==============
allow httpd_t unconfined_t:unix_stream_socket connectto;

audit2allow -R

#============= httpd_t ==============
allow httpd_t unconfined_t:unix_stream_socket connectto;


So I guess it has blocked the access, I tried a command to allow access
that posted another user on my thread, but didn't work... How can I unlock
it? I've never used SELinux...

Thanks for your help!



On Mon, Jan 23, 2012 at 1:04 PM, bruce <badouglas at gmail.com> wrote:

> are you running selinux?
>
>
> On Mon, Jan 23, 2012 at 1:05 PM, Fedora Linux <
> fedoralinux at toursbymexico.com> wrote:
>
>> Hello
>>
>> By command line I am able to connect normally, so the problem is not
>> MySQL... I use "mysql -u root -h localhost -p" and it works... Note that
>> the application also uses root since it must create the database and a user
>> for the application...
>>
>> I have tried to restart MySQL and the whole system, but it still does not
>> connect from PHP
>>
>> The error is:
>> [error] [client ::1] PHP Warning:  mysql_connect(): Can't connect to
>> local MySQL server through socket '/var/lib/mysql/mysql.sock' (13) in
>> /var/www/html/install2.php on line 22, referer:
>> http://localhost/install.php
>>
>> So I guess the problem is in the PHP, Apache or on the interface between
>> MySQL and Apache/PHP...
>>
>> Any other suggestion?
>>
>> Regards
>>
>> On Sun, Jan 22, 2012 at 12:04 PM, bruce <badouglas at gmail.com> wrote:
>>
>>> hi...
>>>
>>> ok.. basic debug stuff.. skip if you've already done..
>>> -using the user/passwd.. can you access mysql from the cmdline..
>>>    [i assume you can]
>>> -what are the permissions on the mysql db/tbls? have they changed?
>>> --did you stop/restart mysql?
>>> -what do the mysql logs say?
>>>
>>> let us know..
>>>
>>>
>>> On Sun, Jan 22, 2012 at 12:28 PM, Mike Wright <
>>> mike.wright at mailinator.com> wrote:
>>>
>>>> On 01/22/2012 07:02 AM, Fedora Linux wrote:
>>>>
>>>>> Hello
>>>>>
>>>>> I have a web application but it is not working on my Fedora 16 with
>>>>> PHP,
>>>>> for some reason it is unable to connect to the MySQL server, it returns
>>>>> the error:
>>>>>
>>>>> [Sun Jan 22 08:40:24 2012] [error] [client ::1] PHP Warning:
>>>>>  mysql_connect(): Can't connect to local MySQL server through socket
>>>>> '/var/lib/mysql/mysql.sock' (13) in /var/www/html/install2.php on line
>>>>> 22, referer: http://localhost/install.php
>>>>>
>>>>> Notice that the user/password is correct, the PHP is installed and
>>>>> working and MySQL is up and running...
>>>>>
>>>>> Even the socket is there
>>>>>
>>>>> # ls -l /var/lib/mysql/mysql.sock
>>>>> srwxrwxrwx. 1 mysql mysql 0 Jan 22 08:37 /var/lib/mysql/mysql.sock
>>>>>
>>>>> What can be the problem? The application is okay, I am using it in a
>>>>> production server and it is running in 2 other local computers (with
>>>>> slackware) for testing purposes...
>>>>>
>>>>> This is the first time that I can't connect to MySQL via PHP... I don't
>>>>> know if it requires an extra configuration or there is a missing
>>>>> package
>>>>> that I should install... the httpd log does not give more details...
>>>>>
>>>>> Thanks for any help!
>>>>>
>>>>
>>>> Do you have port 3306 open on your firewall?
>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>> --
>>>> users mailing list
>>>> users at lists.fedoraproject.org
>>>> To unsubscribe or change subscription options:
>>>> https://admin.fedoraproject.**org/mailman/listinfo/users<https://admin.fedoraproject.org/mailman/listinfo/users>
>>>> Guidelines: http://fedoraproject.org/wiki/**Mailing_list_guidelines<http://fedoraproject.org/wiki/Mailing_list_guidelines>
>>>> Have a question? Ask away: http://ask.fedoraproject.org
>>>>
>>>
>>>
>>> --
>>> users mailing list
>>> users at lists.fedoraproject.org
>>> To unsubscribe or change subscription options:
>>> https://admin.fedoraproject.org/mailman/listinfo/users
>>> Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
>>> Have a question? Ask away: http://ask.fedoraproject.org
>>>
>>>
>>
>> --
>> users mailing list
>> users at lists.fedoraproject.org
>> To unsubscribe or change subscription options:
>> https://admin.fedoraproject.org/mailman/listinfo/users
>> Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
>> Have a question? Ask away: http://ask.fedoraproject.org
>>
>>
>
> --
> users mailing list
> users at lists.fedoraproject.org
> To unsubscribe or change subscription options:
> https://admin.fedoraproject.org/mailman/listinfo/users
> Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
> Have a question? Ask away: http://ask.fedoraproject.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/users/attachments/20120124/118a751c/attachment.html>

More information about the users mailing list