Hi All,
I have had a thread about this going on the phpMyAdmin list for a little while. Nobody there has been able to shed any light on my problem. It seems that with phpMyAdmin I can not connect to remote servers. Though it also seems that apache, php and mysqli all work fine outside of phpMyAdmin. Below I have detailed my trouble shooting. This only seems to be an issue for me with CentOS 5 so I'm hoping someone out there has run into this before. I'm certain there is some setting or dependency I am missing so if you have any insight into this I'd greatly appreciate it.
We have CentOS 5.5 production systems with a major Cloud VM vendor and I have replicated the results with CentOS 5.5 on local VM's (ISO install) with my own VM platform. The remote database server is listening on eth1. eth0 is our public routable IP and eth1 is our 10.x.x.x private subnet. We do not expose the mysql servers on the public interfaces. All of our web applications access the database servers by IP on the 10.x.x.x subnet on eth1. The apache server where phpmyadmin is installed also has other virtual hosts that have wordpress instances among other things, that use the mysqli interface to connect to the same remote database server and they all work fine. The apache server also has a local mysql server that I can successfully connect phpmyadmin to using localhost or 127.0.0.1 for the db host name with cookie authentication. The apache server where phpmyadmin is installed I can use the bash mysql client and connect to the remote database server with my credentials. I have tested CentOS 5.5 with RPM installed httpd and RPM installed PHP 5.1 and PMA 2.x, and CentOS 5.5 RPM installed Apache, my compiled PHP 5.2.3 and PMA 3.x. Both with the same result. Logins to any remote server over TCP with cookie auth fail with a "#1045 Cannot log in to the MySQL server" and tcpdump shows no packets on the interface to the DB server. Connections to the local database server via PMA 3.x, my compiled php 5.2 over tcp using localhost, port 3306, cookie auth connects right away. Connections to the local database server via PMA "mysqli://localhost:3306" shows no traffic in tcpdump on lo, eth0 or eth1 so I'm assuming it uses the local socket for this. I have tested Ubuntu 10 with Apt installed php, apache, mysqladmin and it all works out of the box. I would love to just throw ubuntu up there but work won't allow a mixed linux environment. It HAS to be CentOS.
Just to make sure I am not crazy I made the test file below and connected to my remote database from the same virtualhost as phpmyadmin using the same username and password (not root). It works perfectly and I get the results from my mysql.user table. I have tested this php both from the CLI and through Apache.
<?php $mysqli = new mysqli('10.x.x.x.', 'myuser', 'mypass', 'mysql'); $result = $mysqli->query( 'SELECT * from user'); while( $row = $result->fetch_assoc() ){ print_r($row); echo "\n"; } $result->close(); $mysqli->close(); ?>
And my PMA config files look like this
THIS DOES NOT WORK <?php /* * Generated configuration file * Generated by: phpMyAdmin 3.3.5 setup script by Piotr Przybylski piotrprz@gmail.com * Date: Thu, 26 Aug 2010 10:32:53 -0600 */
/* Servers configuration */ $i = 0;
/* Server: glacier [1] */ $i++; $cfg['Servers'][$i]['auth_type'] = 'cookie'; $cfg['Servers'][$i]['host'] = '10.x.x.x'; $cfg['Servers'][$i]['extension'] = 'mysqli'; $cfg['Servers'][$i]['bookmarktable'] = 'pma_bookmark'; $cfg['Servers'][$i]['relation'] = 'pma_relation'; $cfg['Servers'][$i]['table_info'] = 'pma_table_info'; $cfg['Servers'][$i]['table_coords'] = 'pma_table_coords'; $cfg['Servers'][$i]['pdf_pages'] = 'pma_pdf_pages'; $cfg['Servers'][$i]['column_info'] = 'pma_column_info'; $cfg['Servers'][$i]['history'] = 'pma_history'; $cfg['Servers'][$i]['designer_coords'] = 'pma_designer_coords'; $cfg['Servers'][$i]['verbose'] = 'somename'; $cfg['Servers'][$i]['port'] = 3306; $cfg['Servers'][$i]['socket'] = ''; $cfg['Servers'][$i]['connect_type'] = 'tcp'; $cfg['Servers'][$i]['user'] = ''; $cfg['Servers'][$i]['password'] = ''; $cfg['Servers'][$i]['AllowRoot'] = false; $cfg['Servers'][$i]['AllowDeny'] = array ( 'order' => 'allow,deny', );
/* End of servers configuration */
$cfg['blowfish_secret'] = '4c74332d81b5c0.29678885'; $cfg['UploadDir'] = ''; $cfg['SaveDir'] = ''; $cfg['DefaultLang'] = 'en-utf-8'; $cfg['ServerDefault'] = 1; $cfg['ForceSSL'] = true; $cfg['AllowAnywhereRecoding'] = true; $cfg['UseDbSearch'] = false; $cfg['ShowPhpInfo'] = true; $cfg['LeftDisplayServers'] = true; $cfg['DisplayServersList'] = true; ?>
THIS WORKS <?php /* * Generated configuration file * Generated by: phpMyAdmin 3.3.5 setup script by Piotr Przybylski piotrprz@gmail.com * Date: Thu, 26 Aug 2010 10:34:31 -0600 */
/* Servers configuration */ $i = 0;
/* Server: localhost [1] */ $i++; $cfg['Servers'][$i]['verbose'] = 'localhost'; $cfg['Servers'][$i]['host'] = 'localhost'; $cfg['Servers'][$i]['port'] = 3306; $cfg['Servers'][$i]['socket'] = ''; $cfg['Servers'][$i]['connect_type'] = 'tcp'; $cfg['Servers'][$i]['extension'] = 'mysqli'; $cfg['Servers'][$i]['auth_type'] = 'cookie'; $cfg['Servers'][$i]['user'] = ''; $cfg['Servers'][$i]['password'] = '';
/* End of servers configuration */
$cfg['UploadDir'] = ''; $cfg['SaveDir'] = ''; $cfg['ForceSSL'] = true; $cfg['blowfish_secret'] = '0(s3$9dea5bfy7ic8wo4l8kn&is3ANFY6NA*CM64'; $cfg['MaxRows'] = 100; $cfg['DefaultLang'] = 'en-utf-8'; $cfg['ServerDefault'] = 1; ?>
All that being said it looks like PHPMyAdmin does not run on CentOS (It feels crazy just to say that). I know there's something I'm missing. If anyone else has any insight or questions please let me know. I'm happy to experiment.
On Aug 27, 2010, at 1:23 PM, Brian Marshall wrote:
If anyone else has any insight or questions please let me know. I'm happy to experiment.
is SELinux enabled? any relevant messages in the audit log?
-steve
-- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es
On Aug 27, 2010, at 11:36 AM, Steve Huff wrote:
On Aug 27, 2010, at 1:23 PM, Brian Marshall wrote:
If anyone else has any insight or questions please let me know. I'm happy to experiment.
is SELinux enabled? any relevant messages in the audit log?
-steve
Hi Steve,
No we don't run SELinux on any of our systems. SELinux config is set to disabled and /selinux/enforce is '0'