PHP Warning: mysql_connect(): Can’t connect to MySQL server on… (13)
I created some barebones Fedora servers that I’m intending to create a load balanced cluster from using Apache’s mod_proxy_balancer. My topology will eventually look like this:
load_balancer -> (ws1, ws2, ws3) -> mysql_server
As you can see, it’s nothing fancy. To test the balancer, each web server has a PHP script that connects to the MySQL database and inserts its hostname and IP address. Then I could run a simple query to determine whether the balancer was distributing the load according to my rules.
The PHP script was basic too:
$dbhost = "mysql.host.com";
$dbuser = "testuser";
$dbpass = "testpass";
$conn = mysql_connect($dbhost, $dbuser, $dbpass) or die (mysql_error());
$dbname = "testdb";
mysql_select_db($dbname);
$query = "INSERT INTO testtable(ip, host) VALUES('" . $_SERVER["SERVER_ADDR"] . "', '" . $_SERVER["SERVER_NAME"] . "');";
print $query;
mysql_query($query);
mysql_close($conn);
I’ve done this a thousand times, so you can imagine my frustration at getting this error message:
[Mon Feb 01 16:22:21 2010] [error] [client 192.168.1.1] PHP Warning: mysql_connect() [<a href='function.mysql-connect'>function.mysql-connect</a>]: Can't connect to MySQL server on 'mysql.host.com' (13) in /var/www/html/index.php on line 7
I spent almost 2 hours looking for various solutions. I’ll list the most common ones in case you’re searching for a solution and mine doesn’t work for you:
–Ensure that MySQL user permissions are configured correctly.
–Ensure that MySQL is running on the server and on the correct port
–Ensure that selinux is not blocking the MySQL port or the mysqld process
These three items can be tested by simply logging into MySQL from a remote host using the following command:
mysql -u testuser -p -h mysql.host.com testdb
If that gives you a MySQL prompt, you can rule out the above three causes.
Some of the less obvious suggestions, which didn’t solve my problem either were:
–Ensure MySQL is using the correct path to the mysql.sock in my.ini
–Ensure that the server wasn’t started with –skip-networking
Though I tried a number of configuration changes for both MySQL, the server MySQL was running on (including disabling selinux completely), and PHP, I failed to overlook that selinux was blocking Apache’s outgoing connections to the MySQL database.
So what finally solved my problem was disabling selinux completely on the server Apache was running on. I should have done this in the first place, as I normally do with my Linux desktop installations.
This can be accomplished by changing a line in /etc/selinux/config. Change the line that says:
SELINUX=enforcing
to
SELINUX=disabled
If you do some searching you can find out how to add an exception for Apache, after 2 hours I didn’t feel like fussing with those.
Hi there,
had exactly the same problem.
Found this website: http://www.beginlinux.com/server_training/web-server/976-apache-and-selinux
I issued “setsebool -P httpd_can_network_connect 1″ as root and httpd was able to connect to mysql
cheers
thomas
Thanks, that was a very interesting post. I had no idea the relationship between Apache and selinux was so granular.
That was really helpful.
CentOS 5.4 and Lighttpd and Mysql on 2 servers… A true nightmare for that.
Bests,
Otto
I had the same problem as above and following thomas’ instruction got it working. It’s nice to find a simple command line fix. Thanks guys!
cheers
Mark
Having same issue…although I have SELINUX disabled….FC12 PHP5 APACHE2
Keep getting mysql_connect() failures.
Thank you SO much. This was also giving me trouble for the last few hours when trying to install the MindTouch wiki solution with a remote MySql database … so glad to have it resolved.
# setenforce 1
# getsebool -a | grep ‘httpd’
allow_httpd_anon_write –> off
allow_httpd_bugzilla_script_anon_write –> off
allow_httpd_cvs_script_anon_write –> off
allow_httpd_mod_auth_pam –> off
allow_httpd_nagios_script_anon_write –> off
allow_httpd_prewikka_script_anon_write –> off
allow_httpd_squid_script_anon_write –> off
allow_httpd_sys_script_anon_write –> off
httpd_builtin_scripting –> on
httpd_can_network_connect –> off
httpd_can_network_connect_db –> off
httpd_can_network_relay –> off
httpd_can_sendmail –> on
httpd_disable_trans –> off
httpd_enable_cgi –> on
httpd_enable_ftp_server –> off
httpd_enable_homedirs –> on
httpd_rotatelogs_disable_trans –> off
httpd_ssi_exec –> off
httpd_suexec_disable_trans –> off
httpd_tty_comm –> on
httpd_unified –> on
httpd_use_cifs –> off
httpd_use_nfs –> off
$ setsebool httpd_can_network_connect_db 1
OK
Fantastic. Saved me lots of time. God bless you for giving me the command:
setsebool -P httpd_can_network_connect 1 !!!
Thanks U Very much, Only these two commands,
$ setsebool httpd_can_network_connect_db 1
$ setsebool -P httpd_can_network_connect 1
Helped me a lot :)
GREAT WORK DUDE !!!
Saved my life.. ty
Marvelous bro…you have save me 2 hours…after disabled the selinux…voila…it works…
Thanks again.
Azmi
Malaysia
setsebool httpd_can_network_connect_db 1
Helped me a lot.. thanx :)
Everything is very open with a very clear explanation of the
issues. It was definitely informative. Your website is very
useful. Thank you for sharing!
What’s up, I read your blog regularly. Your humoristic style is witty, keep doing what you’re doing!
nice job bro… tnkyu very much…
Thanks John, this problem was driving me nuts! Disabling SELINUX solved the problem :)