CentOS: Can't connect remotely to mysql server but I can 'nc' to it

Question

I have two VMs, both running CentOS.

One is web server: 10.2.2.59 -- in this server I put Moodle web application files.

One is DB server: 10.2.2.58 I installed MySQL and it is running nice, changed my.conf to comment #skipping-network and commented #bind-address.

I have config the firewall to accept port 3306

-A INPUT -s 10.3.2.59 -i eth0 -p tcp -m tcp --dport 3306 -j ACCEPT

On (.59) I tried to nc -z 10.2.2.58 3306 and the output is

Connection to 10.2.2.58 3306 port [tcp/mysql] succeeded!

Also I tried to connect to mysql remotely from (.59) to (.58) using mysql -u moodle_XXXX_ur -p -h 10.2.2.58

and it did connect and the mysql> prompt is showing.

I Grant 'moodle_XXXX_ur' all privileges to moodle_XXX_DB

The main problem is when I try to install moodle in (.59) with those parameters

Database host : 10.2.2.58
Database name : moodle_XXX_DB
Database user : moodle_XXXX_ur
Database password: XXXXXXXXXXXXX
Tables prefix: mdl_
Unix socket: true

I tried setting the Unix socket to false as well.

an error is showing saying that:

Error: Database connection failed

It is possible that the database is overloaded or otherwise not running properly.

The site administrator should also check that the database details have been correctly specified in config.php

Warning: mysqli::mysqli(): (HY000/2002): Permission denied in /var/www/html/lib/dml/mysqli_native_moodle_database.php on line 76

line 76 looks like this:

$conn = new mysqli($dbhost, $dbuser, $dbpass, '', $dbport, $dbsocket); // Connect without db

any help, or any way to trace the problem???

josue ixcayau · Answer 1 · 2018-02-28T23:00:47.440

1

It seems to be a problem of "SELinux Booleans" use the following comand to show the state of the boolean

$getsebool -a | grep httpd_can_network

and "httpd_can_network_connect_db" should be on

httpd_can_network_connect_db --> on

otherwise u have to turn on whit this command

$setsebool -P httpd_can_network_connect_db 1

edited Feb 28 '18 at 23:00

answered Feb 28 '18 at 22:51

josue ixcayau

11
3

Only `httpd_can_network_connect_db` is necessary here. It allows database ports. `httpd_can_network_connect` allows connections to all ports. – Michael Hampton Feb 28 '18 at 22:56

zygis · Answer 2 · 2013-09-17T09:53:45.983

You seem to say you have enabled the "skip-networking" option in MySQL. If that's so, the server not to listen on the network. In other words, if you have "skip-networking" on, you will only be able to talk to this server via a local UNIX socket and not from another server over the network.

To fix this, remove the "skip-networking" configuration line and restart MySQL, you should be able to connect then.

Please see MySQL documentation for more details on the "skip-networking" option - MySQL 5.5 server options - skip-networking

If you didn't enable the "skip-networking" option, you need to double check the database parameters you supply the Moodle installer with, esp. make sure that "UNIX socket" is set to false.

He said that he "commented" the `skip-networking` option. That would normally mean that networking is active. The success of the `nc` command suggests that networking is working. — Ladadadada, Sep 18 '13 at 11:38

score -1 · Accepted Answer · edited May 23 '17 at 12:41

-1

As stated here it could be because of selinux policy. Try to turn selinux off on both servers. Enable or Disable SELinux on CentOs

edited May 23 '17 at 12:41

Community

1

answered Sep 17 '13 at 10:37

Kewa

154
4

score -3 · Answer 4 · answered Mar 09 '15 at 03:50

-3

I did turn selinux off on database server.

The solution was turn selinux off on BOTH servers.

many thanks to Kewa @kewa

answered Mar 09 '15 at 03:50

Jaifar Al Shizawi

17
1
6

2

Turning SELinux off is never the correct solution. – user9517 Mar 09 '15 at 07:54

CentOS: Can't connect remotely to mysql server but I can 'nc' to it

4 Answers4