使用 Laravel Forge 和 Digital Ocean 拒绝 Mysql 访问

Question

请帮忙。 突然在 2019-01-24 06:37:10 UTC 我开始在我的服务器上收到错误：

SQLSTATE[HY000] [1045] Access denied for user 'forge'@'localhost' (using password: YES)

我无法访问 mysql。 我最后没有改变任何东西，所以我不知道发生了什么。 当我查看系统日志时，我确实看到了当时的一些 mysql 活动：

Jan 24 06:36:07 whispering-hurricane systemd[1]: Starting Daily apt upgrade and clean activities...
Jan 24 06:36:24 whispering-hurricane kernel: [1767450.357697] [UFW BLOCK] IN=eth0 OUT= MAC=32:f4:a6:e9:03:29:f0:4b:3a:4e:50:30:08:00 SRC=85.10.193.56 DST=206.189.227.234 LEN=60 TOS=0x00 PREC=0x00 TTL=56 ID=37186 DF PROTO=TCP SPT=57178 DPT=22123 WINDOW=29200 RES=0x00 SYN URGP=0
Jan 24 06:36:32 whispering-hurricane systemd[1]: Reloading.
Jan 24 06:36:33 whispering-hurricane systemd[1]: Reloading.
Jan 24 06:36:33 whispering-hurricane systemd[1]: Stopped Daily apt upgrade and clean activities.
Jan 24 06:36:33 whispering-hurricane systemd[1]: Stopping Daily apt upgrade and clean activities.
Jan 24 06:36:33 whispering-hurricane systemd[1]: Started Daily apt upgrade and clean activities.
Jan 24 06:36:33 whispering-hurricane systemd[1]: Stopped Daily apt download activities.
Jan 24 06:36:33 whispering-hurricane systemd[1]: Stopping Daily apt download activities.
Jan 24 06:36:33 whispering-hurricane systemd[1]: Started Daily apt download activities.
Jan 24 06:36:38 whispering-hurricane systemd[1]: Reloading.
Jan 24 06:36:38 whispering-hurricane systemd[1]: Stopping MySQL Community Server...
Jan 24 06:36:42 whispering-hurricane systemd[1]: Stopped MySQL Community Server.
Jan 24 06:36:42 whispering-hurricane systemd[1]: Reloading.
Jan 24 06:36:46 whispering-hurricane kernel: [1767472.035497] audit: type=1400 audit(1548311806.292:39): apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="/usr/sbin/mysqld" pid=27468 comm="apparmor_parser"
Jan 24 06:36:46 whispering-hurricane kernel: [1767472.069261] audit: type=1400 audit(1548311806.324:40): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/sys/devices/system/node/" pid=27486 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Jan 24 06:36:46 whispering-hurricane kernel: [1767472.132572] audit: type=1400 audit(1548311806.388:41): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/sys/devices/system/node/" pid=27501 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Jan 24 06:36:50 whispering-hurricane kernel: [1767476.078756] audit: type=1400 audit(1548311810.336:42): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/sys/devices/system/node/" pid=27552 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Jan 24 06:36:53 whispering-hurricane kernel: [1767478.885369] audit: type=1400 audit(1548311813.140:43): apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="/usr/sbin/mysqld" pid=27601 comm="apparmor_parser"
Jan 24 06:36:53 whispering-hurricane systemd[1]: message repeated 5 times: [ Reloading.]
Jan 24 06:36:53 whispering-hurricane systemd[1]: Starting MySQL Community Server...
Jan 24 06:36:53 whispering-hurricane kernel: [1767479.454427] audit: type=1400 audit(1548311813.708:44): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/sys/devices/system/node/" pid=27677 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Jan 24 06:36:53 whispering-hurricane kernel: [1767479.499368] audit: type=1400 audit(1548311813.756:45): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/sys/devices/system/node/" pid=27682 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=113 ouid=0
Jan 24 06:36:54 whispering-hurricane systemd[1]: Started MySQL Community Server.

有人可以帮助我了解该系统日志中的某些内容是否是导致问题的原因吗？ 我该如何解决？ 这是我们的生产服务器，我无法访问数据库。 我们的应用程序也不能。 不好。

我看到这些升级当时自动发生。 这些一定是导致问题的原因：

Start-Date: 2019-01-24  06:36:21
Commandline: /usr/bin/unattended-upgrade
Upgrade: mysql-client-5.7:amd64 (5.7.24-0ubuntu0.18.04.1, 5.7.25-0ubuntu0.18.04.2)
End-Date: 2019-01-24  06:36:22

Start-Date: 2019-01-24  06:36:25
Commandline: /usr/bin/unattended-upgrade
Upgrade: mysql-client-core-5.7:amd64 (5.7.24-0ubuntu0.18.04.1, 5.7.25-0ubuntu0.18.04.2)
End-Date: 2019-01-24  06:36:26

Start-Date: 2019-01-24  06:36:38
Commandline: /usr/bin/unattended-upgrade
Upgrade: mysql-server-5.7:amd64 (5.7.24-0ubuntu0.18.04.1, 5.7.25-0ubuntu0.18.04.2), mysql-server-core-5.7:amd64 (5.7.24-0ubuntu0.18.04.1, 5.7.25-0ubuntu0.18.04.2)
End-Date: 2019-01-24  06:36:54

我根据评论之一运行了这些命令：

ufw status
ufw allow 3306

这似乎没有帮助。 这是ufw status的当前输出：

Status: active

To                         Action      From
--                         ------      ----
22                         ALLOW       Anywhere
80                         ALLOW       Anywhere
443                        ALLOW       Anywhere
3306                       ALLOW       Anywhere
22 (v6)                    ALLOW       Anywhere (v6)
80 (v6)                    ALLOW       Anywhere (v6)
443 (v6)                   ALLOW       Anywhere (v6)
3306 (v6)                  ALLOW       Anywhere (v6)

当我在工作的开发服务器上重新启动 mysql 时，我在系统日志中得到以下输出：

Jan 24 13:08:16 smooth-star systemd[1]: Stopping MySQL Community Server...
Jan 24 13:08:17 smooth-star systemd[1]: Stopped MySQL Community Server.
Jan 24 13:08:17 smooth-star systemd[1]: Starting MySQL Community Server...
Jan 24 13:08:17 smooth-star kernel: [4733737.407768] audit: type=1400 audit(1548335297.764:31): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/sys/devices/system/node/" pid=28433 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Jan 24 13:08:17 smooth-star kernel: [4733737.456162] audit: type=1400 audit(1548335297.812:32): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/sys/devices/system/node/" pid=28438 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=113 ouid=0
Jan 24 13:08:18 smooth-star systemd[1]: Started MySQL Community Server.

在有问题的生产服务器上，我在重新启动 mysql 时得到这个：

Jan 24 13:10:40 whispering-hurricane systemd[1]: Stopping MySQL Community Server...
Jan 24 13:10:41 whispering-hurricane systemd[1]: Stopped MySQL Community Server.
Jan 24 13:10:41 whispering-hurricane systemd[1]: Starting MySQL Community Server...
Jan 24 13:10:41 whispering-hurricane kernel: [ 8114.162705] kauditd_printk_skb: 6 callbacks suppressed
Jan 24 13:10:41 whispering-hurricane kernel: [ 8114.162707] audit: type=1400 audit(1548335441.898:130): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/sys/devices/system/node/" pid=6841 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Jan 24 13:10:41 whispering-hurricane kernel: [ 8114.186619] audit: type=1400 audit(1548335441.922:131): apparmor="DENIED" operation="capable" profile="/usr/sbin/mysqld" pid=6841 comm="mysqld" capability=2  capname="dac_read_search"
Jan 24 13:10:41 whispering-hurricane kernel: [ 8114.217354] audit: type=1400 audit(1548335441.954:132): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/sys/devices/system/node/" pid=6850 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=113 ouid=0
Jan 24 13:10:42 whispering-hurricane systemd[1]: Started MySQL Community Server.

这里有什么东西导致了这个问题吗？

Answer 1

所以，只是为了确认：

您已经使用php artisan key:generate生成了一个密钥？

这个键在你的.env文件中的APP_KEY键下？

你的config/app.php有一个键'key' => env('APP_KEY') ？

如果所有这些都到位，你应该是对的。 如果有任何错误，请返回。

Answer 2

您无法访问数据库的原因可能是由于UFW不允许在您的 mysql 端口上进行连接，我认为是3306 。 您能否通过SSH到您的伪造服务器并输入：

ufw status
ufw allow 3306

为此，您可能需要sudo permissions 。 这种想法的原因是您的日志中的这一行：

...
Jan 24 06:36:24 whispering-hurricane kernel: [1767450.357697] [UFW BLOCK] IN=eth0 OUT= MAC=32:f4:a6:e9:03:29:f0:4b:3a:4e:50:30:08:00 SRC=85.10.193.56 DST=206.189.227.234 LEN=60 TOS=0x00 PREC=0x00 TTL=56 ID=37186 DF PROTO=TCP SPT=57178 DPT=22123 WINDOW=29200 RES=0x00 SYN URGP=0
...