stackoom
  简体   繁体   中英

Permission denied when I use mysql_connet through nginx but command line runs normally

 原文  2015-02-18 15:38:34       php/ mysql/ nginx/ centos/ mariadb

Question

My environment:

CentOS 6.6

Nginx 1.7.10 with mod_security, naxsi, ngx_pagespeed modules

PHP 5.6.5

Mariadb 10.0.16

SeLinux close 

setenforce 0

My test code: 

<?php
/*
** Connect to database:
*/

// connect to the database
$con = mysql_connect('localhost','root','my pass')
       or die('Could not connect to the server! ' . mysql_error());

var_dump($con);
exit;

That's it.

And when I use firefox to run this script

The result is "Could not connect to the server! Permission denied"

The nginx error.log is

2015/02/18 23:26:33 [error] 1532#0: *68 FastCGI sent in stderr: "PHP message: PHP Warning: mysql_connect(): Permission denied in /var/www/nginx/aa.php on line 9" while reading response header from upstream, client: client ip, server: localhost, request: "GET /test-sql-injection.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm.sock:", host: "server ip"

But when I use command line to run this script 

php aa.php

The result is 

resource(5) of type (mysql link)

It is success to connect to maria db...

The mysql.sock file permission is

In /tmp 

lrwxrwxrwx. 1 mysql  mysql    25 2015-02-18 21:20 mysql.sock -> /var/lib/mysql/mysql.sock

In /var/lib/mysql 

srwxrwxrwx.  1 mysql mysql        0 2015-02-18 23:03 mysql.sock

all command is run as root

and when I use another user to run php command

still get Permission denied error message!

which file's permission wrong?

======

/var/lib/mysql dir permission is 700

so it cause permission denied problem....

2 answers

solution1
 0  

php-cgi and php-cli are not using the same php.ini file. Compare both file, maybe you have a difference

solution2
 -1  2015-06-08 18:24:51

Check full path to socket file.
every directory in the path to socket must have eXecute permission for webserver user.
eg /var/ or /var/lib/ or /var/lib/mysql/ could have chmod 700 when it must have chmod 711.

Note that making more permissive chmod could lead to security issues. I suggest you moving mysql.sock into world-accessible-by-default directory such as /tmp

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Permission denied when executing php from command line, and crontab Nginx “Permission denied” when creating a folder permission denied on php from command line Nginx permission denied CentOS Permission denied with nginx and php Permission Denied on mkdir php with nginx Mkdir permission denied php nginx MySQL query runs fine in command line, but gives error when ran in php Why does PHP PDO get “SQLSTATE[42000] [1044] Access denied for user” when mysql command line works? I am getting Permission denied error when i use require_once() with ampps
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM