问题
我遇到了一个非常奇怪的问题,ownCloud 似乎无法使用在 Fedora 23 上运行的 nginx、mariadb 和 php-fpm 访问我的 SQL 数据库。
当我尝试访问该页面时,我收到一个错误页面,上面显示“内部服务器错误”,没有任何有意义的输出。查看 nginx 错误日志,我看到以下内容:
PHP message: {"reqId":"b42TI6oHUGKOfGGClEPP","remoteAddr":"REDACTED","app":"core","message":"Exception: {\"Exception\":\"Doctrine\\\\DBAL\\\\DBALException\",\"Message\":\"Failed to connect to the database: An exception occured in driver: SQLSTATE[HY000] [2002] Permission denied\",\"Code\":0,\"Trace\":\"#0 \\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/doctrine\\\/dbal\\\/lib\\\/Doctrine\\\/DBAL\\\/Connection.php(429): OC\\\\DB\\\\Connection->connect()\\n#1 \\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/doctrine\\\/dbal\\\/lib\\\/Doctrine\\\/DBAL\\\/Connection.php(389): Doctrine\\\\DBAL\\\\Connection->getDatabasePlatformVersion()\\n#2 \\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/doctrine\\\/dbal\\\/lib\\\/Doctrine\\\/DBAL\\\/Connection.php(328): Doctrine\\\\DBAL\\\\Connection->detectDatabasePlatform()\\n#3 \\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/doctrine\\\/dbal\\\/lib\\\/Doctrine\\\/DBAL\\\/Connection.php(621): Doctrine\\\\DBAL\\\\Connection->getDataba
环顾四周,似乎这个SQLSTATE[HY000] [2002]错误很常见并且有很多原因,所以我只概述我已经尝试过的方法:
- 我可以使用与 shell 中的 ownCloud 配置相同的凭据连接到数据库
- MariaDB 套接字文件可供所有用户访问,并
php.ini配置为使用该套接字 - 我尝试过禁用 selinux(设置为 permissive),甚至关闭它并完全重启,但仍然出现同样的错误
- 我甚至尝试指定
127.0.0.1MariaDB 的绑定地址
以下是有关我的设置的其他一些注意事项:
- 所有服务都在同一台机器上运行
/var/lib/mysql和都是/var/www/owncloud从 Ubuntu 15.10 机器迁移过来的,但我restorecon -Rv在两个目录上运行过,并mysql_upgrade在数据库上运行过- 该机器是 Digital Ocean VPS
日志
/var/log/nginx/owncloud_error.log
...
PHP message: {"reqId":"UeN9U1jaHrLuCzHUZGIr","remoteAddr":"REDACTED","app":"core","message":"Exception: {\"Exception\":\"Doctrine\\\\DBAL\\\\DBALException\",\"Message\":\"Failed to connect to the database: An exception occured in driver: SQLSTATE[HY000] [2002] Permission denied\",\"Code\":0,\"Trace\":\"#0 \\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/doctrine\\\/dbal\\\/lib\\\/Doctrine\\\/DBAL\\\/Connection.php(429): OC\\\\DB\\\\Connection->connect()\\n#1 \\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/doctrine\\\/dbal\\\/lib\\\/Doctrine\\\/DBAL\\\/Connection.php(389): Doctrine\\\\DBAL\\\\Connection->getDatabasePlatformVersion()\\n#2 \\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/doctrine\\\/dbal\\\/lib\\\/Doctrine\\\/DBAL\\\/Connection.php(328): Doctrine\\\\DBAL\\\\Connection->detectDatabasePlatform()\\n#3 \\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/doctrine\\\/dbal\\\/lib\\\/Doctrine\\\/DBAL\\\/Connection.php(621): Doctrine\\\\DBAL\\\\Connection->getDataba
2016/05/10 17:11:42 [error] 2175#0: *16 FastCGI sent in stderr: "PHP message: {"reqId":"w8VAqhrnSZX\/5xM1+3C1","remoteAddr":"REDACTED","app":"index","message":"Exception: {\"Exception\":\"Doctrine\\\\DBAL\\\\DBALException\",\"Message\":\"Failed to connect to the database: An exception occured in driver: SQLSTATE[HY000] [2002] Permission denied\",\"Code\":0,\"Trace\":\"#0 \\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/doctrine\\\/dbal\\\/lib\\\/Doctrine\\\/DBAL\\\/Connection.php(429): OC\\\\DB\\\\Connection->connect()\\n#1 \\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/doctrine\\\/dbal\\\/lib\\\/Doctrine\\\/DBAL\\\/Connection.php(389): Doctrine\\\\DBAL\\\\Connection->getDatabasePlatformVersion()\\n#2 \\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/doctrine\\\/dbal\\\/lib\\\/Doctrine\\\/DBAL\\\/Connection.php(328): Doctrine\\\\DBAL\\\\Connection->detectDatabasePlatform()\\n#3 \\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/doctrine\\\/dbal\\\/lib\\\/Doctrine\\\/DBAL\\\/Connection.php(621): Doctrine\\\\DBAL\\\\Connection->getDatabasePlatform()\\n#4 \\\/var\\\/www\\\/owncloud\\\/lib\\\/priv...
PHP message: {"reqId":"w8VAqhrnSZX\/5xM1+3C1","remoteAddr":"REDACTED","app":"core","message":"Exception: {\"Exception\":\"Doctrine\\\\DBAL\\\\DBALException\",\"Message\":\"Failed to connect to the database: An exception occured in driver: SQLSTATE[HY000] [2002] Permission denied\",\"Code\":0,\"Trace\":\"#0 \\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/doctrine\\\/dbal\\\/lib\\\/Doctrine\\\/DBAL\\\/Connection.php(429): OC\\\\DB\\\\Connection->connect()\\n#1 \\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/doctrine\\\/dbal\\\/lib\\\/Doctrine\\\/DBAL\\\/Connection.php(389): Doctrine\\\\DBAL\\\\Connection->getDatabasePlatformVersion()\\n#2 \\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/doctrine\\\/dbal\\\/lib\\\/Doctrine\\\/DBAL\\\/Connection.php(328): Doctrine\\\\DBAL\\\\Connection->detectDatabasePlatform()\\n#3 \\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/doctrine\\\/dbal\\\/lib\\\/Doctrine\\\/DBAL\\\/Connection.php(621): Doctrine\\\\DBAL\\\\Connection->getData
2016/05/10 17:11:58 [error] 3308#0: *1 FastCGI sent in stderr: "PHP message: {"reqId":"b42TI6oHUGKOfGGClEPP","remoteAddr":"REDACTED","app":"index","message":"Exception: {\"Exception\":\"Doctrine\\\\DBAL\\\\DBALException\",\"Message\":\"Failed to connect to the database: An exception occured in driver: SQLSTATE[HY000] [2002] Permission denied\",\"Code\":0,\"Trace\":\"#0 \\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/doctrine\\\/dbal\\\/lib\\\/Doctrine\\\/DBAL\\\/Connection.php(429): OC\\\\DB\\\\Connection->connect()\\n#1 \\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/doctrine\\\/dbal\\\/lib\\\/Doctrine\\\/DBAL\\\/Connection.php(389): Doctrine\\\\DBAL\\\\Connection->getDatabasePlatformVersion()\\n#2 \\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/doctrine\\\/dbal\\\/lib\\\/Doctrine\\\/DBAL\\\/Connection.php(328): Doctrine\\\\DBAL\\\\Connection->detectDatabasePlatform()\\n#3 \\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/doctrine\\\/dbal\\\/lib\\\/Doctrine\\\/DBAL\\\/Connection.php(621): Doctrine\\\\DBAL\\\\Connection->getDatabasePlatform()\\n#4 \\\/var\\\/www\\\/owncloud\\\/lib\\\/priva...
PHP message: {"reqId":"b42TI6oHUGKOfGGClEPP","remoteAddr":"REDACTED","app":"core","message":"Exception: {\"Exception\":\"Doctrine\\\\DBAL\\\\DBALException\",\"Message\":\"Failed to connect to the database: An exception occured in driver: SQLSTATE[HY000] [2002] Permission denied\",\"Code\":0,\"Trace\":\"#0 \\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/doctrine\\\/dbal\\\/lib\\\/Doctrine\\\/DBAL\\\/Connection.php(429): OC\\\\DB\\\\Connection->connect()\\n#1 \\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/doctrine\\\/dbal\\\/lib\\\/Doctrine\\\/DBAL\\\/Connection.php(389): Doctrine\\\\DBAL\\\\Connection->getDatabasePlatformVersion()\\n#2 \\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/doctrine\\\/dbal\\\/lib\\\/Doctrine\\\/DBAL\\\/Connection.php(328): Doctrine\\\\DBAL\\\\Connection->detectDatabasePlatform()\\n#3 \\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/doctrine\\\/dbal\\\/lib\\\/Doctrine\\\/DBAL\\\/Connection.php(621): Doctrine\\\\DBAL\\\\Connection->getDataba
笔记:抱歉,格式太糟糕了,日志文件就是这样的。
/var/log/mariadb/mariadb.log
160510 17:16:42 mysqld_safe mysqld from pid file /var/run/mariadb/mariadb.pid ended
160510 17:16:42 mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql
160510 17:16:42 [Note] /usr/libexec/mysqld (mysqld 10.0.23-MariaDB) starting as process 3637 ...
160510 17:16:42 [Note] InnoDB: Using mutexes to ref count buffer pool pages
160510 17:16:42 [Note] InnoDB: The InnoDB memory heap is disabled
160510 17:16:42 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins
160510 17:16:42 [Note] InnoDB: Memory barrier is not used
160510 17:16:42 [Note] InnoDB: Compressed tables use zlib 1.2.8
160510 17:16:42 [Note] InnoDB: Using Linux native AIO
160510 17:16:42 [Note] InnoDB: Using CPU crc32 instructions
160510 17:16:42 [Note] InnoDB: Initializing buffer pool, size = 128.0M
160510 17:16:42 [Note] InnoDB: Completed initialization of buffer pool
160510 17:16:42 [Note] InnoDB: Highest supported file format is Barracuda.
160510 17:16:42 [Note] InnoDB: 128 rollback segment(s) are active.
160510 17:16:42 [Note] InnoDB: Waiting for purge to start
160510 17:16:42 [Note] InnoDB: Percona XtraDB (http://www.percona.com) 5.6.26-76.0 started; log sequence number 2335654097
160510 17:16:42 [Note] Plugin 'FEEDBACK' is disabled.
160510 17:16:42 [Note] Server socket created on IP: '127.0.0.1'.
160510 17:16:42 [Note] Reading of all Master_info entries succeded
160510 17:16:42 [Note] Added new Master_info '' to hash table
160510 17:16:42 [Note] /usr/libexec/mysqld: ready for connections.
Version: '10.0.23-MariaDB' socket: '/var/lib/mysql/mysql.sock' port: 3306 MariaDB Server
160510 17:16:43 [Warning] Access denied for user 'UNKNOWN_MYSQL_USER'@'localhost' (using password: NO)
笔记:我查看了最后的警告,显然它是由启动脚本检查服务器是否正在运行引起的。
/var/log/php-fpm/error.log
[10-May-2016 18:01:19] NOTICE: fpm is running, pid 4512
[10-May-2016 18:01:19] NOTICE: ready to handle connections
[10-May-2016 18:01:19] NOTICE: systemd monitor interval set to 10000ms
笔记:不是很有用,为了完整性而包含。
配置文件
/etc/nginx/nginx.conf
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/hosts.d/*.conf;
}
/etc/nginx/hosts.d/owncloud.conf
upstream php-handler {
server unix:/run/php-fpm/www.sock;
}
server {
listen 80;
listen [::]:80;
server_name REDACTED;
return 301 https://$server_name$request_uri;
}
server {
access_log /var/log/nginx/owncloud_access.log;
error_log /var/log/nginx/owncloud_error.log;
listen 443 ssl;
listen [::]:443 ssl;
include tls.conf;
server_name REDACTED;
ssl_certificate /etc/letsencrypt/live/REDACTED/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/REDACTED/privkey.pem;
root /var/www/owncloud;
client_max_body_size 10G;
fastcgi_buffers 64 4K;
rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
index index.php;
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ ^/(data|config|\.ht|db_structure\.xml|README) {
deny all;
}
location / {
rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
try_files $uri $uri/ index.php;
}
location ~ ^(.+?\.php)(/.*)?$ {
try_files $1 = 404;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$1;
fastcgi_param PATH_INFO $2;
fastcgi_param HTTPS on;
fastcgi_pass php-handler;
}
location ~* ^.+\.(jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
expires 7d;
access_log off;
}
}
/etc/php.ini
[PHP]
engine = On
short_open_tag = Off
asp_tags = Off
precision = 14
output_buffering = 4096
zlib.output_compression = Off
implicit_flush = Off
unserialize_callback_func =
serialize_precision = 17
disable_functions =
disable_classes =
zend.enable_gc = On
expose_php = On
max_execution_time = 30
max_input_time = 60
memory_limit = 128M
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
display_errors = Off
display_startup_errors = Off
log_errors = On
log_errors_max_len = 1024
ignore_repeated_errors = Off
ignore_repeated_source = Off
report_memleaks = On
track_errors = Off
html_errors = On
variables_order = "GPCS"
request_order = "GP"
register_argc_argv = Off
auto_globals_jit = On
post_max_size = 8M
auto_prepend_file =
auto_append_file =
default_mimetype = "text/html"
default_charset = "UTF-8"
doc_root =
user_dir =
enable_dl = Off
file_uploads = On
upload_max_filesize = 2M
max_file_uploads = 20
allow_url_fopen = On
allow_url_include = Off
default_socket_timeout = 60
[CLI Server]
cli_server.color = On
[Date]
[filter]
[iconv]
[intl]
[sqlite]
[sqlite3]
[Pcre]
[Pdo]
[Pdo_mysql]
pdo_mysql.cache_size = 2000
pdo_mysql.default_socket = /var/lib/mysql/mysql.sock
[Phar]
[mail function]
sendmail_path = /usr/sbin/sendmail -t -i
mail.add_x_header = On
[SQL]
sql.safe_mode = Off
[ODBC]
odbc.allow_persistent = On
odbc.check_persistent = On
odbc.max_persistent = -1
odbc.max_links = -1
odbc.defaultlrl = 4096
odbc.defaultbinmode = 1
[Interbase]
ibase.allow_persistent = 1
ibase.max_persistent = -1
ibase.max_links = -1
ibase.timestampformat = "%Y-%m-%d %H:%M:%S"
ibase.dateformat = "%Y-%m-%d"
ibase.timeformat = "%H:%M:%S"
[MySQL]
mysql.allow_local_infile = On
mysql.allow_persistent = On
mysql.cache_size = 2000
mysql.max_persistent = -1
mysql.max_links = -1
mysql.default_port =
mysql.default_socket =
mysql.default_host =
mysql.default_user =
mysql.default_password =
mysql.connect_timeout = 60
mysql.trace_mode = Off
[MySQLi]
mysqli.max_persistent = -1
mysqli.allow_persistent = On
mysqli.max_links = -1
mysqli.cache_size = 2000
mysqli.default_port = 3306
mysqli.default_socket =
mysqli.default_host =
mysqli.default_user =
mysqli.default_pw =
mysqli.reconnect = Off
[mysqlnd]
mysqlnd.collect_statistics = On
mysqlnd.collect_memory_statistics = Off
[OCI8]
[PostgreSQL]
pgsql.allow_persistent = On
pgsql.auto_reset_persistent = Off
pgsql.max_persistent = -1
pgsql.max_links = -1
pgsql.ignore_notice = 0
pgsql.log_notice = 0
[Sybase-CT]
sybct.allow_persistent = On
sybct.max_persistent = -1
sybct.max_links = -1
sybct.min_server_severity = 10
sybct.min_client_severity = 10
[bcmath]
bcmath.scale = 0
[browscap]
[Session]
session.save_handler = files
session.use_strict_mode = 0
session.use_cookies = 1
session.use_only_cookies = 1
session.name = PHPSESSID
session.auto_start = 0
session.cookie_lifetime = 0
session.cookie_path = /
session.cookie_domain =
session.cookie_httponly =
session.serialize_handler = php
session.gc_probability = 1
session.gc_divisor = 1000
session.gc_maxlifetime = 1440
session.referer_check =
session.cache_limiter = nocache
session.cache_expire = 180
session.use_trans_sid = 0
session.hash_function = 0
session.hash_bits_per_character = 5
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
[MSSQL]
mssql.allow_persistent = On
mssql.max_persistent = -1
mssql.max_links = -1
mssql.min_error_severity = 10
mssql.min_message_severity = 10
mssql.compatibility_mode = Off
mssql.secure_connection = Off
[Assertion]
[mbstring]
[gd]
[exif]
[Tidy]
tidy.clean_output = Off
[soap]
soap.wsdl_cache_enabled=1
soap.wsdl_cache_dir="/tmp"
soap.wsdl_cache_ttl=86400
soap.wsdl_cache_limit = 5
[sysvshm]
[ldap]
ldap.max_links = -1
[mcrypt]
[dba]
[curl]
[openssl]
笔记:删除评论以大幅缩小文件。
/etc/php-fpm.conf
include=/etc/php-fpm.d/*.conf
[global]
pid = /run/php-fpm/php-fpm.pid
error_log = /var/log/php-fpm/error.log
daemonize = yes
笔记:评论已删除。
/etc/php-fpm.d/www.conf
[www]
user = nginx
group = nginx
listen = /run/php-fpm/www.sock
listen.acl_users = apache,nginx
listen.allowed_clients = 127.0.0.1
pm = dynamic
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 35
slowlog = /var/log/php-fpm/www-slow.log
php_flag[display_errors] = on
php_admin_value[error_log] = /var/log/php-fpm/www-error.log
php_value[session.save_handler] = files
php_value[session.save_path] = /var/lib/php/session
php_value[soap.wsdl_cache_dir] = /var/lib/php/wsdlcache
笔记:评论已删除。
/etc/my.cnf
#
# This group is read both both by the client and the server
# use it for options that affect everything
#
[client-server]
#
# This group is read by the server
#
[mysqld]
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0
#
# include all files from the config directory
#
!includedir /etc/my.cnf.d
/etc/my.cnf.d/mariadb-server.cnf
#
# These groups are read by MariaDB server.
# Use it for options that only the server (but not clients) should see
#
# See the examples of server my.cnf files in /usr/share/mysql/
#
# this is read by the standalone daemon and embedded servers
[server]
# this is only for the mysqld standalone daemon
# Settings user and group are ignored when systemd is used.
# If you need to run mysqld under a different user or group,
# customize your systemd unit file for mysqld/mariadb according to the
# instructions in http://fedoraproject.org/wiki/Systemd
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
log-error=/var/log/mariadb/mariadb.log
pid-file=/var/run/mariadb/mariadb.pid
log-warnings = 2
bind-address = 127.0.0.1
# this is only for embedded server
[embedded]
# This group is only read by MariaDB servers, not by MySQL.
# If you use the same .cnf file for MySQL and MariaDB,
# you can put MariaDB-only options here
[mariadb]
# This group is only read by MariaDB-10.0 servers.
# If you use the same .cnf file for MariaDB of different versions,
# use this group for options that older servers don't understand
[mariadb-10.0]
答案1
事实证明,当我/var/lib/mysql从旧系统复制过来时,权限并未得到更正,导致nginx无法读取包含 MariaDB 套接字文件的目录。
解决方案是更新权限,/var/lib/mysql以便 nginx 可以访问。