[Technology] Apache, PHP, MySQL, PDO, "Permission denied", Fedora, and SELinux

I'm working on a fun little PHP web application (a manager for my repeating, daily tasks), mostly for the exercise.  The 'production' server is a bit limiting, and I cannot view httpd's (Apache's) error logs there, so I've set up my own local httpd as a development server (just good sense).  However, my web app makes use of a MySQL database.  I will create a local one eventually, but I thought, to make things easier to start, I would just use the remote one. 

SQLSTATE[HY000] [2002] Permission denied

This is what came back each time I tried running the web application from my local httpd.  I'm using PHP's PDO database interface, and its mysql driver, and it works when deployed on the remote server.  I made sure that my remote server had permissions for my local user.  I tested connecting from my local machine from the mysql client, and it worked.  I tested the PHP connection statement from the command-line and ... it worked.  It was only causing a problem when running within the web application.

Eventually, I found this explanation, which boils down to:

setsebool -P httpd_can_network_connect_db=1

Yes, SELinux on Fedora strikes again.  I actually appreciate SELinux.  The main problem with it is the often total lack of feedback.  SELinux's troubleshooter is running and in theory it's suppose to report issues like this and give me options, but it didn't seem to notice at all.  If things did not simply fail silently and mysteriously, I'm sure most complaints about SELinux would go away

Keine Kommentare:

Kommentar veröffentlichen

Dieses Blog durchsuchen


#Technology #GNOME gnome gxml fedora bugs linux vala google #General firefox security gsoc GUADEC android bug xml fedora 18 javascript libxml2 programming web blogger encryption fedora 17 gdom git libgdata memory mozilla open source serialisation upgrade web development API Spain design emacs evolution fedora 16 fedora 20 fedora 22 fedup file systems friends future glib gnome shell internet luks music performance phone photos preupgrade tablet testing yum #Microblog Network Manager adb art automation bash brno catastrophe containers css data loss deja-dup disaster emusic errors ext4 facebook fedora 19 gee gir gitlab gitorious gmail gobject google talk google+ html libxml mail microsoft mtp namespaces nautilus php picasaweb podman ptp resizing rpm school selinux sms speech dispatcher systemd technology texting time management typescript uoguelph usability video web design youtube #Tech Air Canada C Empathy Europe GError GNOME 3 GNOME Files Go Google Play Music Grimes IRC Mac OS X Mario Kart Memento Nintendo Nintendo Switch PEAP Selenium Splatoon UI VPN Xiki accessibility advertising ai albums anaconda anonymity apache apple ask asus eee top automake autonomous automobiles b43 backup battery berlin bit rot broadcom browsers browsing canada canadian english cars chrome clarity comments communication compiler complaints computer computers configuration console constructive criticism cron customisation dataloss dconf debian debug symbols debugging design patterns desktop summit development discoverability distribution diy dnf docker documentation drm duplicity e-mail efficiency email english environment estate experimenting ext3 fedora 11 festival file formats firejail flac forgottotagit freedom friendship fuse galaxy nexus galton gay rights gdb german germany gimp gio gjs gnome software gnome-control-center google assistant google calendar google chrome google hangouts google reader gqe graphviz growth gtest gtg gtk gvfs gvfs metadata hard drive hard drives hardware help hp humour identity instagram installation instant messaging integration intel interactivity introspection jabber java java 13 jobs kernel keyboard language languages law learning lenovo letsencrypt libreoffice librpm life livecd liveusb login macbook maintainership mario memory leaks messaging mounting mouse mysql netflix new zealand node nodelist numix obama oci ogg oggenc oh the humanity open open standards openoffice optimisation org-mode organisation package management packagekit paint shedding parallelism pdo perl pipelight pitivi privacy productivity progress progressive web apps pumpkin pwa python quality recursion redhat refactoring repairs report rhythmbox sandboxes scheduling screenshots self-navigating car shell signal sleep smartphones software software engineering speed sql ssd synergy tabs test tests themes thesis tracker travel triumf turtles tv tweak twist typing university update usb user experience valadoc volunteering vpnc waf warm wayland weather web apps website wifi wiki wireless wishes work xinput xmpp xorg xpath
Powered by Blogger.