My database connection appears to be invalid?
-
Server
- FOG Version: 1.3.0 RC19
- OS: Centos 7
Client
- Service Version:
- OS:
Description
I got a FOG server all set up over the weekend at home, using a Dell E6520 laptop connected to my home WiFi. I believe I configured the installer to use the Ethernet NIC to be the primary interface. Everything seemed to work when browsing the localhost/fog, I could log in etc. Shut the laptop down, and took it to work, and now I get the following error when I browse to the web interface.
Your database connection appears to be invalid. FOG is unable to communicate with the database. There are many reasons why this could be the case. Please check your credentials in /var/www/html/fog/lib/fog/config.class.php. Also confirm that the database is indeed running. If credentials are correct, and if the Database service is running, check to ensure your filesystem has enough space.
Hmm check to see if database service is running. The following command has a very large output, but I do not recall what database FOG uses. MySQL? MySQL and its daemon are enabled…
sudo systemctl list-unit-files
I never did setup a database to be activated/run on startup, looking at the install guide located on the wiki here
-
There’s more to it than just the service running.
If the snmysqluser and snmysqlpass fields of /opt/fog/.fogsettings aren’t available the server wouldn’t be able to communicate properly which would, in turn, present this same message. If the disk is full the server wouldn’t be able to write or pull information from the database which also would return this message.
-
Excerpt from fogsettings
snmysqluser='root' snmysqlpass='' snmysqlhost='localhost'
The install wiki article had no mention of setting up a password or user, and when the fog installation script asked, I selected that the password was blank. Disk space is not an issue either:
Filesystem 1K-blocks Used Available Use% Mounted on /dev/mapper/centos-root 20961280 4153016 16808264 20% / devtmpfs 3928304 0 3928304 0% /dev tmpfs 3943852 96 3943756 1% /dev/shm tmpfs 3943852 9112 3934740 1% /run tmpfs 3943852 0 3943852 0% /sys/fs/cgroup /dev/sda1 1038336 224532 813804 22% /boot /dev/mapper/centos-images 213940160 32948 213907212 1% /images tmpfs 788772 48 788724 1% /run/user/1000
-
Is selinux set to be permissive or disabled? Or is it still set as enforcing?
sestatus
setenforce 0
(temporary fix)Is iptables/firewalld?
systemctl status firewalld
iptables -L -n
-
To reiterate, I followed the install guide on the wiki exactly.
selinux is set to permissive:
SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: permissive Mode from config file: permissive Policy MLS status: enabled Policy deny_unknown status: allowed Max kernel policy version: 28
Status of firewalld:
firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled) Active: active (running) since Tue 2016-11-08 09:43:44 EST; 1h 30min ago Main PID: 831 (firewalld) CGroup: /system.slice/firewalld.service └─831 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid Nov 08 09:43:39 localhost.localdomain systemd[1]: Starting firewalld - dynamic firewall daemon... Nov 08 09:43:44 localhost.localdomain systemd[1]: Started firewalld - dynamic firewall daemon.
And now for IPtables, this one is long!
Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 INPUT_direct all -- 0.0.0.0/0 0.0.0.0/0 INPUT_ZONES_SOURCE all -- 0.0.0.0/0 0.0.0.0/0 INPUT_ZONES all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain FORWARD (policy ACCEPT) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 FORWARD_direct all -- 0.0.0.0/0 0.0.0.0/0 FORWARD_IN_ZONES_SOURCE all -- 0.0.0.0/0 0.0.0.0/0 FORWARD_IN_ZONES all -- 0.0.0.0/0 0.0.0.0/0 FORWARD_OUT_ZONES_SOURCE all -- 0.0.0.0/0 0.0.0.0/0 FORWARD_OUT_ZONES all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain OUTPUT (policy ACCEPT) target prot opt source destination OUTPUT_direct all -- 0.0.0.0/0 0.0.0.0/0 Chain FORWARD_IN_ZONES (1 references) target prot opt source destination FWDI_public all -- 0.0.0.0/0 0.0.0.0/0 [goto] FWDI_public all -- 0.0.0.0/0 0.0.0.0/0 [goto] FWDI_public all -- 0.0.0.0/0 0.0.0.0/0 [goto] Chain FORWARD_IN_ZONES_SOURCE (1 references) target prot opt source destination Chain FORWARD_OUT_ZONES (1 references) target prot opt source destination FWDO_public all -- 0.0.0.0/0 0.0.0.0/0 [goto] FWDO_public all -- 0.0.0.0/0 0.0.0.0/0 [goto] FWDO_public all -- 0.0.0.0/0 0.0.0.0/0 [goto] Chain FORWARD_OUT_ZONES_SOURCE (1 references) target prot opt source destination Chain FORWARD_direct (1 references) target prot opt source destination Chain FWDI_public (3 references) target prot opt source destination FWDI_public_log all -- 0.0.0.0/0 0.0.0.0/0 FWDI_public_deny all -- 0.0.0.0/0 0.0.0.0/0 FWDI_public_allow all -- 0.0.0.0/0 0.0.0.0/0 Chain FWDI_public_allow (1 references) target prot opt source destination Chain FWDI_public_deny (1 references) target prot opt source destination Chain FWDI_public_log (1 references) target prot opt source destination Chain FWDO_public (3 references) target prot opt source destination FWDO_public_log all -- 0.0.0.0/0 0.0.0.0/0 FWDO_public_deny all -- 0.0.0.0/0 0.0.0.0/0 FWDO_public_allow all -- 0.0.0.0/0 0.0.0.0/0 Chain FWDO_public_allow (1 references) target prot opt source destination Chain FWDO_public_deny (1 references) target prot opt source destination Chain FWDO_public_log (1 references) target prot opt source destination Chain INPUT_ZONES (1 references) target prot opt source destination IN_public all -- 0.0.0.0/0 0.0.0.0/0 [goto] IN_public all -- 0.0.0.0/0 0.0.0.0/0 [goto] IN_public all -- 0.0.0.0/0 0.0.0.0/0 [goto] Chain INPUT_ZONES_SOURCE (1 references) target prot opt source destination Chain INPUT_direct (1 references) target prot opt source destination ACCEPT 2 -- 0.0.0.0/0 0.0.0.0/0 Chain IN_public (3 references) target prot opt source destination IN_public_log all -- 0.0.0.0/0 0.0.0.0/0 IN_public_deny all -- 0.0.0.0/0 0.0.0.0/0 IN_public_allow all -- 0.0.0.0/0 0.0.0.0/0 Chain IN_public_allow (1 references) target prot opt source destination ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 ctstate NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:137 ctstate NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:138 ctstate NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:139 ctstate NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:445 ctstate NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 ctstate NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 ctstate NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:111 ctstate NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:111 ctstate NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:20048 ctstate NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:20048 ctstate NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:2049 ctstate NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ctstate NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 ctstate NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53 ctstate NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:3306 ctstate NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:67 ctstate NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:69 ctstate NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:4011 ctstate NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:49152:65532 ctstate NEW Chain IN_public_deny (1 references) target prot opt source destination Chain IN_public_log (1 references) target prot opt source destination Chain OUTPUT_direct (1 references) target prot opt source destination
-
Try to access the db manually.
mysql -D fog
-
Pulled from git for RC21, Fixed errors in the fogsettings file. During installation, a selinux alert was generated:
SELinux is preventing /usr/bin/passwd from ioctl access on the file /home/ullsadmin/git/fogproject/bin/error_logs/fog_error_1.3.0-RC-21.log. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that passwd should be allowed ioctl access on the fog_error_1.3.0-RC-21.log file by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep passwd /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context unconfined_u:unconfined_r:passwd_t:s0-s0:c0.c1023 Target Context unconfined_u:object_r:user_home_t:s0 Target Objects /home/ullsadmin/git/fogproject/bin/error_logs/fog_ error_1.3.0-RC-21.log [ file ] Source passwd Source Path /usr/bin/passwd Port <Unknown> Host localhost.localdomain Source RPM Packages passwd-0.79-4.el7.x86_64 Target RPM Packages Policy RPM selinux-policy-3.13.1-60.el7_2.9.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Permissive Host Name localhost.localdomain Platform Linux localhost.localdomain 3.10.0-327.36.3.el7.x86_64 #1 SMP Mon Oct 24 16:09:20 UTC 2016 x86_64 x86_64 Alert Count 2 First Seen 2016-11-05 22:11:37 EDT Last Seen 2016-11-08 12:24:57 EST Local ID b2bddb79-8259-42e5-b4d2-2b432292d6b6 Raw Audit Messages type=AVC msg=audit(1478625897.821:682): avc: denied { ioctl } for pid=5594 comm="passwd" path="/home/ullsadmin/git/fogproject/bin/error_logs/fog_error_1.3.0-RC-21.log" dev="dm-0" ino=35560553 scontext=unconfined_u:unconfined_r:passwd_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file type=SYSCALL msg=audit(1478625897.821:682): arch=x86_64 syscall=ioctl success=no exit=ENOTTY a0=1 a1=5401 a2=7ffd1070e6e0 a3=7ffd1070e670 items=0 ppid=5118 pid=5594 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=1 comm=passwd exe=/usr/bin/passwd subj=unconfined_u:unconfined_r:passwd_t:s0-s0:c0.c1023 key=(null) Hash: passwd,passwd_t,user_home_t,file,ioctl
The file was still written however, and the last few entries indicate a problem with the database as well…
--2016-11-08 12:49:27-- (try: 5) http://10.6.6.6//fog//maintenance/backup_db.php Connecting to 10.6.6.6:80... connected. HTTP request sent, awaiting response...
-
@AngryScientist In permissive mode, SELinux generates messages as it would in enforcing, but it doesn’t take any action to block anything whatsoever. Please try what I posted below.
-
@Wayne-Workman
Okay, sorry Wayne, your post got lost in my text walls.[ullsadmin@localhost ~]$ mysql -D fog ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2)
This is beyond my knowledge…
EDIT: Restarting mysqld fixed the issue. Now I will see if it stays after reboot…
EDIT2: It does not stay, boooo. -
@AngryScientist When it throws the error again, try these and see if one works:
mysql -D fog -u root -h localhost
mysql -D fog -u root -h 127.0.0.1
-
@AngryScientist said in My database connection appears to be invalid?:
@Wayne-Workman
Okay, sorry Wayne, your post got lost in my text walls.[ullsadmin@localhost ~]$ mysql -D fog ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2)
This is beyond my knowledge…
EDIT: Restarting mysqld fixed the issue. Now I will see if it stays after reboot…
EDIT2: It does not stay, boooo.I have the exact same error now… great.
@Tom-Elliott Moving this to bug reports.
-
This post is deleted! -
This sounds like a mariaDB (aka mySql) issue. And it sounds like it’s just not configured to start on startup if systemctl start mysqld.service fixes it. This article might could help.
https://mariadb.com/kb/en/mariadb/starting-and-stopping-mariadb-automatically/I thought that the database got configured to automatically start on the apt-get/yum install.
I have cent os 7 and have never had to do any sort of configuration for fog services to run on startup. -
This post is deleted! -
This post is deleted! -
In centos 7 the way to start maridadb on boot is probably:
systemctl eanble mysqld
I’m still waiting to hear back on the commands I posted.
-
systemctl enable mysqld
Typo correction!
I will reboot my FOG server later today and give you the results of your suggestions. Right now I am reveling in the wonders of 5GBps imagine speed. 1.2.0 on my old hardware topped out at 1.2GBps
-
@AngryScientist said in My database connection appears to be invalid?:
Right now I am reveling in the wonders of 5GBps imagine speed. 1.2.0 on my old hardware topped out at 1.2GBps
A lot of that has to do with the performance improvements of FOG 1.3.0 RC, a change was made to how the images are compressed and decompressed for imaging and some people reported 50 to 100% speed increases.
-
RC-22 Officially released.
Please update and hopefully you’ll see all the latest goodies and what not. (Hopefully this will be fixed for you too.)
-
@Tom-Elliott
I know how to do a git pull, but what is the official upgrade procedure?