• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

XF 1.4 Unexpected database error occurred

Floren

Well-known member
#1
After upgrading to CentOS 6.6, I get this error:
Code:
An unexpected database error occurred. Please try again later.
<!-- Permission denied -->
There is nothing indicating an issue into PHP, Nginx or MySQL logs. I can connect fine to the database, using the user listed into config.php file.
Code:
# netstat -tulpan | grep 3306
tcp        0      0 :::3306                     :::*                        LISTEN      2959/mysqld
# mysql -u user -h 127.0.0.1 -p
Enter password:
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 2
 
Last edited:

Xon

Well-known member
#2
Do you have selinux configured? It might be a selinux configuration profile was updated and is doing something you don't expect.
 

Floren

Well-known member
#3
Thanks @Xon for pointing me into right direction, never thought Selinux will go so aggressive in CentOS 6.6. I had to build 2 new modules, example for PHP-FPM module:
Code:
# cat php-fpm.te
module php-fpm 1.0;

require {
    type mysqld_port_t;
    type httpd_t;
    type memcache_port_t;
    class process setrlimit;
    class tcp_socket name_connect;
}

#============= httpd_t ==============
#!!!! This avc can be allowed using one of the these booleans:
#     httpd_can_network_relay, httpd_can_network_memcache, httpd_can_network_connect
allow httpd_t memcache_port_t:tcp_socket name_connect;

#!!!! This avc can be allowed using one of the these booleans:
#     httpd_can_network_connect, httpd_can_network_connect_db
allow httpd_t mysqld_port_t:tcp_socket name_connect;

#!!!! This avc can be allowed using the boolean 'httpd_setrlimit'
allow httpd_t self:process setrlimit;
 
Last edited:

rainmotorsports

Well-known member
#6
In CentOS 7 is so much easier to work with it, Firewalld is amazing with its dynamic config. :)
I am liking systemctl as well. A noob like me can write a startup script pretty easily. My initial CentOS 7 builds had SELinux enabled. But I am at the point now with swapping Apache out for NGINX that I have to learn how to do what you are doing. Once I get through that learning curve I can swap it back out of permissive.