1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

XF 1.4 Unexpected database error occurred

Discussion in 'Troubleshooting and Problems' started by Floren, Nov 10, 2014.

  1. Floren

    Floren Well-Known Member

    After upgrading to CentOS 6.6, I get this error:
    Code:
    An unexpected database error occurred. Please try again later.
    <!-- Permission denied -->
    There is nothing indicating an issue into PHP, Nginx or MySQL logs. I can connect fine to the database, using the user listed into config.php file.
    Code:
    # netstat -tulpan | grep 3306
    tcp        0      0 :::3306                     :::*                        LISTEN      2959/mysqld
    # mysql -u user -h 127.0.0.1 -p
    Enter password:
    Welcome to the MariaDB monitor.  Commands end with ; or \g.
    Your MariaDB connection id is 2
     
    Last edited: Nov 10, 2014
  2. Xon

    Xon Well-Known Member

    Do you have selinux configured? It might be a selinux configuration profile was updated and is doing something you don't expect.
     
    Floren likes this.
  3. Floren

    Floren Well-Known Member

    Thanks @Xon for pointing me into right direction, never thought Selinux will go so aggressive in CentOS 6.6. I had to build 2 new modules, example for PHP-FPM module:
    Code:
    # cat php-fpm.te
    module php-fpm 1.0;
    
    require {
        type mysqld_port_t;
        type httpd_t;
        type memcache_port_t;
        class process setrlimit;
        class tcp_socket name_connect;
    }
    
    #============= httpd_t ==============
    #!!!! This avc can be allowed using one of the these booleans:
    #     httpd_can_network_relay, httpd_can_network_memcache, httpd_can_network_connect
    allow httpd_t memcache_port_t:tcp_socket name_connect;
    
    #!!!! This avc can be allowed using one of the these booleans:
    #     httpd_can_network_connect, httpd_can_network_connect_db
    allow httpd_t mysqld_port_t:tcp_socket name_connect;
    
    #!!!! This avc can be allowed using the boolean 'httpd_setrlimit'
    allow httpd_t self:process setrlimit;
     
    Last edited: Nov 10, 2014
    Xon likes this.
  4. rainmotorsports

    rainmotorsports Well-Known Member

    It's fun in 7 thats for sure.
     
    Xon and Floren like this.
  5. Floren

    Floren Well-Known Member

    In CentOS 7 is so much easier to work with it, Firewalld is amazing with its dynamic config. :)
     
  6. rainmotorsports

    rainmotorsports Well-Known Member

    I am liking systemctl as well. A noob like me can write a startup script pretty easily. My initial CentOS 7 builds had SELinux enabled. But I am at the point now with swapping Apache out for NGINX that I have to learn how to do what you are doing. Once I get through that learning curve I can swap it back out of permissive.
     
  7. Floren

    Floren Well-Known Member

    I posted a tutorial on my site, how to create the custom modules for Selinux in CentOS 6.6.
     
    Xon and rainmotorsports like this.

Share This Page