FAQ Series | PHP connection MySQL exception when SELinux is enabled

Source: Internet
Author: User

Colleagues report a strange phenomenon, one of the simplest test PHP code, in the test environment is normal, but in a formal environment, no matter how (TCP/IP, UNIX sockets) can not connect to MySQL.
I assisted to view the next, it is true, whether the specified IP, port TCP/IP connection, or a UNIX socket connection, the error message is similar:

Could not Connect:can ' t connect to MySQL server on ' MySQL. SERVER ' (13)

No matter how you modify MySQL's authorization, or adjust the settings for MySQL in php.ini, or modify the MySQL listening network, it will not work.
And if you manually connect MySQL with the command line, everything is fine.

The problem seems to be that PHP (with Apache) is not allowed to connect to MySQL, but there are no restrictions on firewalls. To think about it, only the selinux factor will cause the problem.

Getsebool-a|grep-i httpd

You can see that the license mode for the HTTPD process is set here, and then take a closer look and have an option:

Getsebool-a|grep-i Httpd_can_network_connecthttpd_can_network_connect--off

Now it's clear that SELinux restricts httpd access to the outside. To turn it on:

Setsebool-p httpd_can_network_connect=1

If you are unfamiliar with SELinux, you can also directly modify the system configuration file/etc/sysconfig/selinux, global shutdown:

# This  file controls the state of selinux on the system.# selinux=  can take one of these three values:#      enforcing - selinux security policy is enforced.#      permissive - selinux prints warnings instead of enforcing.#      disabled - no selinux policy is loaded. #SELINUX =enforcing# Change the setting to disabledselinux=disabled# selinuxtype= can take one of these two  values:#     targeted - targeted processes are protected,#      mls - multi level security protection. Selinuxtype=targeted 

Then restart the operating system to take effect.
Alternatively, direct execution of the command can take effect online:

[Email protected]~]# setenforce 0setenforce:selinux is disabled


--------------------------------------Split Line--------------------------------------

http://zhishuedu.comTraining is a professional quality training brand jointly launched by senior MySQL expert Ye Jinlong and Wu Bingxi, with MySQL dba combat optimization and Python devops Development course, which is the most conscientious and The most quality training courses.


This article is from the "Lao Ye teahouse" blog, please be sure to keep this source http://imysql.blog.51cto.com/1540006/1879758

FAQ Series | PHP connection MySQL exception when SELinux is enabled

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.