使用 Laravel Forge 和 Digital Ocean 拒绝 Mysql 访问

Question

Please help.请帮忙。 All of a sudden around 2019-01-24 06:37:10 UTC I started receiving errors on my server that:突然在 2019-01-24 06:37:10 UTC 我开始在我的服务器上收到错误：

SQLSTATE[HY000] [1045] Access denied for user 'forge'@'localhost' (using password: YES)

I'm unable to access mysql.我无法访问 mysql。 I did not change anything on my end, so I don't know what happened.我最后没有改变任何东西，所以我不知道发生了什么。 When I look through the system logs, I do see some mysql activity around that time:当我查看系统日志时，我确实看到了当时的一些 mysql 活动：

Jan 24 06:36:07 whispering-hurricane systemd[1]: Starting Daily apt upgrade and clean activities...
Jan 24 06:36:24 whispering-hurricane kernel: [1767450.357697] [UFW BLOCK] IN=eth0 OUT= MAC=32:f4:a6:e9:03:29:f0:4b:3a:4e:50:30:08:00 SRC=85.10.193.56 DST=206.189.227.234 LEN=60 TOS=0x00 PREC=0x00 TTL=56 ID=37186 DF PROTO=TCP SPT=57178 DPT=22123 WINDOW=29200 RES=0x00 SYN URGP=0
Jan 24 06:36:32 whispering-hurricane systemd[1]: Reloading.
Jan 24 06:36:33 whispering-hurricane systemd[1]: Reloading.
Jan 24 06:36:33 whispering-hurricane systemd[1]: Stopped Daily apt upgrade and clean activities.
Jan 24 06:36:33 whispering-hurricane systemd[1]: Stopping Daily apt upgrade and clean activities.
Jan 24 06:36:33 whispering-hurricane systemd[1]: Started Daily apt upgrade and clean activities.
Jan 24 06:36:33 whispering-hurricane systemd[1]: Stopped Daily apt download activities.
Jan 24 06:36:33 whispering-hurricane systemd[1]: Stopping Daily apt download activities.
Jan 24 06:36:33 whispering-hurricane systemd[1]: Started Daily apt download activities.
Jan 24 06:36:38 whispering-hurricane systemd[1]: Reloading.
Jan 24 06:36:38 whispering-hurricane systemd[1]: Stopping MySQL Community Server...
Jan 24 06:36:42 whispering-hurricane systemd[1]: Stopped MySQL Community Server.
Jan 24 06:36:42 whispering-hurricane systemd[1]: Reloading.
Jan 24 06:36:46 whispering-hurricane kernel: [1767472.035497] audit: type=1400 audit(1548311806.292:39): apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="/usr/sbin/mysqld" pid=27468 comm="apparmor_parser"
Jan 24 06:36:46 whispering-hurricane kernel: [1767472.069261] audit: type=1400 audit(1548311806.324:40): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/sys/devices/system/node/" pid=27486 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Jan 24 06:36:46 whispering-hurricane kernel: [1767472.132572] audit: type=1400 audit(1548311806.388:41): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/sys/devices/system/node/" pid=27501 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Jan 24 06:36:50 whispering-hurricane kernel: [1767476.078756] audit: type=1400 audit(1548311810.336:42): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/sys/devices/system/node/" pid=27552 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Jan 24 06:36:53 whispering-hurricane kernel: [1767478.885369] audit: type=1400 audit(1548311813.140:43): apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="/usr/sbin/mysqld" pid=27601 comm="apparmor_parser"
Jan 24 06:36:53 whispering-hurricane systemd[1]: message repeated 5 times: [ Reloading.]
Jan 24 06:36:53 whispering-hurricane systemd[1]: Starting MySQL Community Server...
Jan 24 06:36:53 whispering-hurricane kernel: [1767479.454427] audit: type=1400 audit(1548311813.708:44): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/sys/devices/system/node/" pid=27677 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Jan 24 06:36:53 whispering-hurricane kernel: [1767479.499368] audit: type=1400 audit(1548311813.756:45): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/sys/devices/system/node/" pid=27682 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=113 ouid=0
Jan 24 06:36:54 whispering-hurricane systemd[1]: Started MySQL Community Server.

Can someone help me understand if something in that system log is what caused the problem?有人可以帮助我了解该系统日志中的某些内容是否是导致问题的原因吗？ How can I fix it?我该如何解决？ This is our production server and I can not access the database.这是我们的生产服务器，我无法访问数据库。 Neither can our application.我们的应用程序也不能。 Not good.不好。

I see these upgrades occurred automatically at that time.我看到这些升级当时自动发生。 These must be causing the issue:这些一定是导致问题的原因：

Start-Date: 2019-01-24  06:36:21
Commandline: /usr/bin/unattended-upgrade
Upgrade: mysql-client-5.7:amd64 (5.7.24-0ubuntu0.18.04.1, 5.7.25-0ubuntu0.18.04.2)
End-Date: 2019-01-24  06:36:22

Start-Date: 2019-01-24  06:36:25
Commandline: /usr/bin/unattended-upgrade
Upgrade: mysql-client-core-5.7:amd64 (5.7.24-0ubuntu0.18.04.1, 5.7.25-0ubuntu0.18.04.2)
End-Date: 2019-01-24  06:36:26

Start-Date: 2019-01-24  06:36:38
Commandline: /usr/bin/unattended-upgrade
Upgrade: mysql-server-5.7:amd64 (5.7.24-0ubuntu0.18.04.1, 5.7.25-0ubuntu0.18.04.2), mysql-server-core-5.7:amd64 (5.7.24-0ubuntu0.18.04.1, 5.7.25-0ubuntu0.18.04.2)
End-Date: 2019-01-24  06:36:54

I ran these commands as per one of the comments:我根据评论之一运行了这些命令：

ufw status
ufw allow 3306

This did not seem to help.这似乎没有帮助。 Here's the current output of ufw status :这是ufw status的当前输出：

Status: active

To                         Action      From
--                         ------      ----
22                         ALLOW       Anywhere
80                         ALLOW       Anywhere
443                        ALLOW       Anywhere
3306                       ALLOW       Anywhere
22 (v6)                    ALLOW       Anywhere (v6)
80 (v6)                    ALLOW       Anywhere (v6)
443 (v6)                   ALLOW       Anywhere (v6)
3306 (v6)                  ALLOW       Anywhere (v6)

When I restart mysql on a working development server, I get this output in the syslog:当我在工作的开发服务器上重新启动 mysql 时，我在系统日志中得到以下输出：

Jan 24 13:08:16 smooth-star systemd[1]: Stopping MySQL Community Server...
Jan 24 13:08:17 smooth-star systemd[1]: Stopped MySQL Community Server.
Jan 24 13:08:17 smooth-star systemd[1]: Starting MySQL Community Server...
Jan 24 13:08:17 smooth-star kernel: [4733737.407768] audit: type=1400 audit(1548335297.764:31): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/sys/devices/system/node/" pid=28433 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Jan 24 13:08:17 smooth-star kernel: [4733737.456162] audit: type=1400 audit(1548335297.812:32): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/sys/devices/system/node/" pid=28438 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=113 ouid=0
Jan 24 13:08:18 smooth-star systemd[1]: Started MySQL Community Server.

On the production server, which has the issue, I get this when restarting mysql:在有问题的生产服务器上，我在重新启动 mysql 时得到这个：

Jan 24 13:10:40 whispering-hurricane systemd[1]: Stopping MySQL Community Server...
Jan 24 13:10:41 whispering-hurricane systemd[1]: Stopped MySQL Community Server.
Jan 24 13:10:41 whispering-hurricane systemd[1]: Starting MySQL Community Server...
Jan 24 13:10:41 whispering-hurricane kernel: [ 8114.162705] kauditd_printk_skb: 6 callbacks suppressed
Jan 24 13:10:41 whispering-hurricane kernel: [ 8114.162707] audit: type=1400 audit(1548335441.898:130): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/sys/devices/system/node/" pid=6841 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Jan 24 13:10:41 whispering-hurricane kernel: [ 8114.186619] audit: type=1400 audit(1548335441.922:131): apparmor="DENIED" operation="capable" profile="/usr/sbin/mysqld" pid=6841 comm="mysqld" capability=2  capname="dac_read_search"
Jan 24 13:10:41 whispering-hurricane kernel: [ 8114.217354] audit: type=1400 audit(1548335441.954:132): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/sys/devices/system/node/" pid=6850 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=113 ouid=0
Jan 24 13:10:42 whispering-hurricane systemd[1]: Started MySQL Community Server.

Is something in here causing the problem?这里有什么东西导致了这个问题吗？

Answer 1

So, just to confirm:所以，只是为了确认：

You have generated a key using php artisan key:generate ?您已经使用php artisan key:generate生成了一个密钥？

This key is in your .env file under a APP_KEY key?这个键在你的.env文件中的APP_KEY键下？

Your config/app.php has a key 'key' => env('APP_KEY') ?你的config/app.php有一个键'key' => env('APP_KEY') ？

If all of these are in place you should be right.如果所有这些都到位，你应该是对的。 Come back if there are any errors.如果有任何错误，请返回。

Answer 2

The reason you can't access the database might be due to UFW not allowing connection on your mysql port which I suppose is 3306 .您无法访问数据库的原因可能是由于UFW不允许在您的 mysql 端口上进行连接，我认为是3306 。 Could you SSH into your forge server and type:您能否通过SSH到您的伪造服务器并输入：

ufw status
ufw allow 3306

You might need sudo permissions for this.为此，您可能需要sudo permissions 。 The reason for this thinking is this line in your logs:这种想法的原因是您的日志中的这一行：

...
Jan 24 06:36:24 whispering-hurricane kernel: [1767450.357697] [UFW BLOCK] IN=eth0 OUT= MAC=32:f4:a6:e9:03:29:f0:4b:3a:4e:50:30:08:00 SRC=85.10.193.56 DST=206.189.227.234 LEN=60 TOS=0x00 PREC=0x00 TTL=56 ID=37186 DF PROTO=TCP SPT=57178 DPT=22123 WINDOW=29200 RES=0x00 SYN URGP=0
...

使用 Laravel Forge 和 Digital Ocean 拒绝 Mysql 访问

问题描述

2 个解决方案

解决方案1
0 2019-01-24 12:12:59

解决方案2
0 2019-01-24 12:28:16

使用 Laravel Forge 和 Digital Ocean 拒绝 Mysql 访问

问题描述

2 个解决方案

解决方案1 0 2019-01-24 12:12:59

解决方案2 0 2019-01-24 12:28:16

解决方案1
0 2019-01-24 12:12:59

解决方案2
0 2019-01-24 12:28:16