У меня очень странная проблема, когда ownCloud не может получить доступ к моей базе данных SQL, используя nginx, mariadb и php-fpm, работающие в Fedora 23.
Когда я пытаюсь получить доступ к странице, Я получаю страницу ошибки с надписью «Internal Server Error» без какого-либо значимого вывода. Просматривая журнал ошибок nginx, я вижу следующее:
PHP message: {"reqId":"b42TI6oHUGKOfGGClEPP","remoteAddr":"REDACTED","app":"core","message":"Exception: {\"Exception\":\"Doctrine\\\\DBAL\\\\DBALException\",\"Message\":\"Failed to connect to the database: An exception occured in driver: SQLSTATE[HY000] [2002] Permission denied\",\"Code\":0,\"Trace\":\"#0 \\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/doctrine\\\/dbal\\\/lib\\\/Doctrine\\\/DBAL\\\/Connection.php(429): OC\\\\DB\\\\Connection->connect()\\n#1 \\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/doctrine\\\/dbal\\\/lib\\\/Doctrine\\\/DBAL\\\/Connection.php(389): Doctrine\\\\DBAL\\\\Connection->getDatabasePlatformVersion()\\n#2 \\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/doctrine\\\/dbal\\\/lib\\\/Doctrine\\\/DBAL\\\/Connection.php(328): Doctrine\\\\DBAL\\\\Connection->detectDatabasePlatform()\\n#3 \\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/doctrine\\\/dbal\\\/lib\\\/Doctrine\\\/DBAL\\\/Connection.php(621): Doctrine\\\\DBAL\\\\Connection->getDataba
Оглядываясь вокруг, кажется, что ошибка SQLSTATE [HY000] [2002]
является распространенной и имеет много причин, поэтому я просто обрисую, что я ' я уже пробовал:
php.ini
чтобы использовать этот сокет /var/log/php-fpm/error.log
[10-May-2016 18:01:19] NOTICE: fpm is running, pid 4512
[10-May-2016 18:01:19] NOTICE: ready to handle connections
[10-May-2016 18:01:19] NOTICE: systemd monitor interval set to 10000ms
Примечание : Не очень полезно, включено для полноты.
/etc/nginx/nginx.conf
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/hosts.d/*.conf;
}
/etc/nginx/hosts.d/owncloud.conf
upstream php-handler {
server unix:/run/php-fpm/www.sock;
}
server {
listen 80;
listen [::]:80;
server_name REDACTED;
return 301 https://$server_name$request_uri;
}
server {
access_log /var/log/nginx/owncloud_access.log;
error_log /var/log/nginx/owncloud_error.log;
listen 443 ssl;
listen [::]:443 ssl;
include tls.conf;
server_name REDACTED;
ssl_certificate /etc/letsencrypt/live/REDACTED/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/REDACTED/privkey.pem;
root /var/www/owncloud;
client_max_body_size 10G;
fastcgi_buffers 64 4K;
rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
index index.php;
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ ^/(data|config|\.ht|db_structure\.xml|README) {
deny all;
}
location / {
rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
try_files $uri $uri/ index.php;
}
location ~ ^(.+?\.php)(/.*)?$ {
try_files $1 = 404;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$1;
fastcgi_param PATH_INFO $2;
fastcgi_param HTTPS on;
fastcgi_pass php-handler;
}
location ~* ^.+\.(jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
expires 7d;
access_log off;
}
}
/etc/php.ini[1252 visibleNote: Комментарии удалены для массового сжатия файла.
/etc/php-fpm.conf
include=/etc/php-fpm.d/*.conf
[global]
pid = /run/php-fpm/php-fpm.pid
error_log = /var/log/php-fpm/error.log
daemonize = yes
Примечание : комментарии удалены.
/etc/php-fpm.d/www.conf
[www]
user = nginx
group = nginx
listen = /run/php-fpm/www.sock
listen.acl_users = apache,nginx
listen.allowed_clients = 127.0.0.1
pm = dynamic
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 35
slowlog = /var/log/php-fpm/www-slow.log
php_flag[display_errors] = on
php_admin_value[error_log] = /var/log/php-fpm/www-error.log
php_value[session.save_handler] = files
php_value[session.save_path] = /var/lib/php/session
php_value[soap.wsdl_cache_dir] = /var/lib/php/wsdlcache
Примечание : комментарии удалены.
/etc/my.cnf
#
# This group is read both both by the client and the server
# use it for options that affect everything
#
[client-server]
#
# This group is read by the server
#
[mysqld]
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0
#
# include all files from the config directory
#
!includedir /etc/my.cnf.d
/ etc / my .cnf.d / mariadb-server.cnf
#
# These groups are read by MariaDB server.
# Use it for options that only the server (but not clients) should see
#
# See the examples of server my.cnf files in /usr/share/mysql/
#
# this is read by the standalone daemon and embedded servers
[server]
# this is only for the mysqld standalone daemon
# Settings user and group are ignored when systemd is used.
# If you need to run mysqld under a different user or group,
# customize your systemd unit file for mysqld/mariadb according to the
# instructions in http://fedoraproject.org/wiki/Systemd
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
log-error=/var/log/mariadb/mariadb.log
pid-file=/var/run/mariadb/mariadb.pid
log-warnings = 2
bind-address = 127.0.0.1
# this is only for embedded server
[embedded]
# This group is only read by MariaDB servers, not by MySQL.
# If you use the same .cnf file for MySQL and MariaDB,
# you can put MariaDB-only options here
[mariadb]
# This group is only read by MariaDB-10.0 servers.
# If you use the same .cnf file for MariaDB of different versions,
# use this group for options that older servers don't understand
[mariadb-10.0]
Как оказалось, когда я скопировал / var / lib / mysql
из моей старой системы, разрешения не были исправлены, что привело к nginx
, не имея доступа на чтение к каталогу, содержащему файл сокета для MariaDB.
Решением было обновить разрешения на / var / lib / mysql
, чтобы у nginx был доступ.