同一服务器上,使用php中mysql_connect连接MySQL数据库,只能localhost联结,无法通过IP访问(以GRANT ALL PRIVILEGES ON给权限了)。报错:Can't connect to mysql server on 'ip或域名' (13),如果用命令行人工连接MySQL,则一切正常
原来是SELinux限制了httpd对外访问的权限。将其开启即可:
1. 查看httpd_can_network_connect的值是否为off(例如:httpd_can_network_connect --> off)
# getsebool -a | grep httpd
2. 修改httpd_can_network_connect的值为on
# setsebool httpd_can_network_connect 1
3. 重新验证httpd_can_network_connect
# getsebool -a | grep httpd
4. 重启http
# /etc/init.d/httpd restart
如果对SELinux不熟悉,也可以直接修改系统配置文件 /etc/sysconfig/selinux,全局关闭:
复制代码 代码如下:
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
#SELINUX=enforcing
#把设置改为disabled
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
然后重启操作系统,即可生效。
或者,直接执行命令,可在线生效:
复制代码 代码如下:
[root@imysql~]# setenforce 0
setenforce: SELinux is disabled