当我通过Nginx使用mysql_connet但命令行正常运行时,权限被拒绝
[英]Permission denied when I use mysql_connet through nginx but command line runs normally
问题描述
My environment: 
我的环境:
CentOS 6.6 CentOS的6.6
Nginx 1.7.10 with mod_security, naxsi, ngx_pagespeed modules 具有mod_security,naxsi,ngx_pagespeed模块的Nginx 1.7.10
PHP 5.6.5 PHP 5.6.5
Mariadb 10.0.16 玛丽亚德10.0.16
SeLinux close SeLinux关闭
setenforce 0
My test code: 我的测试代码:
<?php
/*
** Connect to database:
*/
// connect to the database
$con = mysql_connect('localhost','root','my pass')
or die('Could not connect to the server! ' . mysql_error());
var_dump($con);
exit;
That's it. 而已。
And when I use firefox to run this script 当我使用firefox运行该脚本时
The result is "Could not connect to the server! Permission denied" 结果是“无法连接到服务器!权限被拒绝”
The nginx error.log is Nginx error.log是
2015/02/18 23:26:33 [error] 1532#0: *68 FastCGI sent in stderr: "PHP message: PHP Warning: mysql_connect(): Permission denied in /var/www/nginx/aa.php on line 9" while reading response header from upstream, client: client ip, server: localhost, request: "GET /test-sql-injection.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm.sock:", host: "server ip" 2015/02/18 23:26:33 [错误] 1532#0:* 68 FastCGI在stderr中发送:“ PHP消息:PHP警告:mysql_connect():/ var / www / nginx / aa.php中的权限被拒绝9”,同时从上游读取响应头,客户端:客户端ip,服务器:localhost,请求:“ GET /test-sql-injection.php HTTP / 1.1”,上游:“ fastcgi:// unix:/ var / run / php -fpm.sock:”,主机:“ server ip”
But when I use command line to run this script 但是当我使用命令行运行此脚本时
php aa.php
The result is 结果是
resource(5) of type (mysql link)
It is success to connect to maria db... 连接到玛丽亚数据库是成功的...
The mysql.sock file permission is mysql.sock文件的权限为
In /tmp 在/ tmp中
lrwxrwxrwx. 1 mysql mysql 25 2015-02-18 21:20 mysql.sock -> /var/lib/mysql/mysql.sock
In /var/lib/mysql 在/ var / lib / mysql中
srwxrwxrwx. 1 mysql mysql 0 2015-02-18 23:03 mysql.sock
all command is run as root all命令以root身份运行
and when I use another user to run php command 当我使用另一个用户运行php命令时
still get Permission denied error message! 仍然会出现“权限被拒绝”错误消息!
which file's permission wrong? 哪个文件的权限错误?
====== ======
/var/lib/mysql dir permission is 700 / var / lib / mysql目录权限为700
so it cause permission denied problem.... 因此会导致权限被拒绝的问题。
2 个解决方案
解决方案1
0
php-cgi and php-cli are not using the same php.ini file. php-cgi和php-cli没有使用相同的php.ini文件。 Compare both file, maybe you have a difference 比较两个文件,也许您有所不同
解决方案2
-1 2015-06-08 18:24:51
Check full path to socket file. 检查套接字文件的完整路径。
every directory in the path to socket must have eXecute permission for webserver user. 套接字路径中的每个目录都必须对Web服务器用户具有eXecute权限。
eg /var/ or /var/lib/ or /var/lib/mysql/ could have chmod 700 when it must have chmod 711. 例如/ var /或/ var / lib /或/ var / lib / mysql /在必须具有chmod 711时可能具有chmod 700。
Note that making more permissive chmod could lead to security issues. 请注意,制作更多宽松的chmod可能会导致安全问题。 I suggest you moving mysql.sock into world-accessible-by-default directory such as /tmp 我建议您将mysql.sock移至默认可访问的世界目录,例如/ tmp
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.