Looks like a SELINUX issue: setsebool -P httpd_can_network_connect_db=1 setsebool -P httpd_can_network_connect=1 should have fixed it. On 5/25/09, koder wrote: > Have you ruled out difficulties with file locations, permissions and > such ilk? > > Do we know what environment these files are being run under? > > For a file to be run from a browser under Ubuntu you need permissions > set to user www-data UID:GID 33:33, and located in a directory that > localhost can find according to your directory setting in the apache > config files. Red Hat wants user apache, UID:GID, 48:48. > > The browser will use the browser root as defined in the apache config > file. I think you can force it to run in a user directory, but I am > pretty sure that is not how to get it there. > > (Can script activation be accomplished just by pointing a browser at it? > If so would that be a security issue?) > > The other matter would be how the browser is modifying the UserID and > Password string it is passing to MySQL. > > Harold > > > On Mon, 2009-05-25 at 08:15 -0700, Lisa Kachold wrote: >> Just humor us and rename the hostname to something other than mysql? >> Try an IP address? >> >> On Mon, May 25, 2009 at 12:03 AM, Steven A. DuChene >> wrote: >> As I said, on the Apache server I can run the php script just >> fine and >> it connects to the remote mysql server just fine. Both servers >> are here >> on my local internal network and there is no firewall between >> them. >> >> So to be clear on the Apache system I can run the php mysql >> connect script >> just fine like so: >> >> Apache$ php ./mysql_php_dbconnectscript.php >> >> and it works fine. I really believe this eliminates any port >> or firewall >> or ping or FQDN or localhost issues between the two boxes. >> >> -----Original Message----- >> >From: Mike Butash >> >Sent: May 24, 2009 10:03 PM >> >To: Main PLUG discussion list >> >> >Cc: "Steven A. DuChene" >> >Subject: Re: mysql_connect won't when run from web server >> > >> >Is your hostname "mysql" valid, just "ping mysql" and see if >> you get a >> >response. Try to connect to "localhost" as well and see if >> it works. >> >Most default installs will listen only on 127.0.0.1, not the >> live IP >> >most distro's bind to the hostname from the network, like >> 10.x.x.x. >> >Assure the hostname is valid in your connect string. >> > >> >Check that the sql daemon is listening on the right >> port/address. Try >> >'netstat -a | egrep "mysql|3306"' without the single quote, >> see if the >> >daemon is listening, and on what address - should look like >> this: >> > >> >mb@thrawn:/media/ext0/opt$ netstat -a | grep mysql >> >tcp 0 0 *:mysql *:* LISTEN >> > >> >.. if not, rather like this: >> > >> >mb@thrawn:/media/ext0/opt$ netstat -a | grep ssh >> >tcp 0 0 127.0.0.1:ssh *:* >> LISTEN >> > >> >.. then you might need to tweak the my.cnf to remove the bind >> addr from >> >binding only to localhost. Comment it out as such, and it >> should show >> >as listening on all ports: >> > >> >#bind-address = 127.0.0.1 >> > >> >If you can telnet to port 3306 from both localhost or the >> real IP >> >(telnet localhost 3306), check sql logs for auth errors. I'm >> most pgsql >> >than my, but I think this is the tree you'll want to bark up, >> namely the >> >binding and socket access. >> > >> >Caveat Emptor - This opens general network access to that sql >> port short >> >of a firewall, so make sure you secure it adequately. Best >> bet is to >> >set your php connection string to connect to localhost, and >> keep the sql >> >daemon only bound to localhost. So long as you're not >> needing any >> >remote connections, that is. >> > >> >-mb >> >> > >> > >> >On Sun, 2009-05-24 at 20:36 -0700, Lisa Kachold wrote: >> >> Hi Steven, >> >> >> >> On Sun, May 24, 2009 at 3:53 PM, Steven A. DuChene >> >> wrote: >> >> Hello all: >> >> I have a php to mysql database connection script >> that I am >> >> having a problem with. >> >> I have two systems. One is running apache and also >> happens to >> >> be my desktop system. >> >> Call this one system Apache. The other system is >> running mysql >> >> and let's call this >> >> one Mysql. >> >> >> >> the connection script is very simple: >> >> >> >> > >> $dbhost = "Mysql"; >> >> $dbuser = "someuser"; >> >> $dbpass = "NOTREAL"; >> >> >> >> $conn = mysql_connect($dbhost, $dbuser, $dbpass) >> or >> >> die("Error connecting to mysql"); >> >> >> >> if ($conn) { >> >> echo "CONNECT OK"; >> >> } >> >> >> >> $dbname = "tmp"; >> >> mysql_select_db($dbname); >> >> ?> >> >> >> >> >> >> If I run this script from the command line on the >> Apache >> >> system like so: >> >> >> >> $ php testmysqlconnect_script.php >> >> >> >> and it works fine. However if I run the script from >> the web >> >> browser open on the >> >> Apache desktop and point it at >> >> >> http://localhost/~meuser/testmysqlconnect_script.php >> >> I get a connection error. Just to confirm I have >> also used the >> >> following mysql >> >> command from the command line on the Apache system >> and it >> >> works fine as well: >> >> >> >> mysql --host=Mysql -u someuser -p tmp >> >> >> >> and entered the exact same user name as is in my >> script and I >> >> am able to connect >> >> just fine. I have tried looking at the output from >> php_info() >> >> on the Apache web >> >> server and it looks normal but I could be missing >> something. >> >> >> >> Anyone have any ideas of what I might be over >> looking??? >> >> >> >> 1) What is apache saying about this? Tail the logs? >> >> 1.5) Change to FQDN like mysql.mylocalnetwork rather than >> IP or CNAME >> >> and retest script. >> >> 2) Verify you have php extensions enabled (can you run >> other .php >> >> files in apache)? >> >> 3) What does tcpdump on each server say? Do you see the >> connection go >> >> out? Do you have a sniffer that you can invoke and filter >> >> specifically between these two servers? Wireshark? >> >> 4) Selectively take down firewalling between each server >> and test to >> >> verify once you determine it might be switch or router or >> local >> >> iptables causing the issues? >> >> 5) Do you allow scripting from that directory in your >> Apache >> >> tags? >> >> >> >> >> >> -- >> >> Steve DuChene >> >> >> >> www.obnosis.com (503)754-4452 >> >> "Contradictions do not exist." A. Rand >> >> >> >> --------------------------------------------------- >> >> PLUG-discuss mailing list - >> PLUG-discuss@lists.plug.phoenix.az.us >> >> To subscribe, unsubscribe, or to change your mail settings: >> >> >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >> > >> >> >> >> --------------------------------------------------- >> PLUG-discuss mailing list - >> PLUG-discuss@lists.plug.phoenix.az.us >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >> >> >> >> >> -- >> www.obnosis.com (503)754-4452 >> "Contradictions do not exist." A. Rand >> --------------------------------------------------- >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > -- www.obnosis.com (503)754-4452 "Contradictions do not exist." A. Rand --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss