在使用lepus3.7监控MySQL数据库的时候,碰到了以下几个问题,本博客给出了这些问题产生的原因,以及相应的解决办法。
1. 问题1:php页面无法连接数据库
直接使用php程序执行php文件,可以连接mysql,但是在httpd中同样的php页面无法连接mysql。
lepus的web程序(PHP代码)无法连接数据库时,web界面上什么操作也无法继续。
为此编写了最简单的PDO连接测试代码:
php代码如下:
[linuxidc@linuxidc lepus]$ cat mysql.php
try{
#$dsn="mysql:host=127.0.0.1;dbname=lepus;";
$dsn="mysql:host=11.1.1.11;dbname=lepus;";
$user="coe2coe";
$pwd="XXXXXXXXXX";
$sql="select now() as a";
$dbh=new PDO($dsn,$user,$pwd);
$stmt=$dbh->prepare($sql);
$stmt->execute();
$row=$stmt->fetch(PDO::FETCH_ASSOC);
echo "result:".$row['a'];
}
catch(PDOException $e) {
echo "FAILED:".$e->getMessage();
}
?>
php程序直接执行php文件:
[linuxidc@linuxidc lepus]$ php mysql.php
result:2018-09-27 00:03:44
通过浏览器访问这个页面:
FAILED:SQLSTATE[HY000] [2003] Can't connect to MySQL server on '11.1.1.11' (13)
lepus的web程序给出的错误提示信息更加模糊。
原因:
通过一番baidu之后,终于看到了一个比较靠谱的分析。
Linux(CentOS7)的selinux安全机制禁止了httpd中的模块访问网络。
[linuxidc@linuxidc lepus]$ sudo getsebool -a |grep httpd
httpd_anon_write --> off
httpd_builtin_scripting --> on
httpd_can_check_spam --> off
httpd_can_connect_ftp --> off
httpd_can_connect_ldap --> off
httpd_can_connect_mythtv --> off
httpd_can_connect_zabbix --> off
httpd_can_network_connect --> off
httpd_can_network_connect_cobbler --> off
httpd_can_network_connect_db --> off
httpd_can_network_memcache --> off
httpd_can_network_relay --> off
httpd_can_sendmail --> off
httpd_dbus_avahi --> off
httpd_dbus_sssd --> off
httpd_dontaudit_search_dirs --> off
httpd_enable_cgi --> on
httpd_enable_ftp_server --> off
httpd_enable_homedirs --> off
httpd_execmem --> off
httpd_graceful_shutdown --> on
httpd_manage_ipa --> off
httpd_mod_auth_ntlm_winbind --> off
httpd_mod_auth_pam --> off
httpd_read_user_content --> off
httpd_run_ipa --> off
httpd_run_preupgrade --> off
httpd_run_stickshift --> off
httpd_serve_cobbler_files --> off
httpd_setrlimit --> off
httpd_ssi_exec --> off
httpd_sys_script_anon_write -->