[Gslug-general] Stuck on what should be easy

Frank Paterra fcp at wittykids.com
Tue Feb 10 10:16:48 PST 2009 

Thanks for continuing to help here.  The two grants affected 0 rows
and a flush privileges confirmed this.  The connect error still
happens sadly.

I disabled selinux at install and have verified that it is still disabled.

The /var/log/mysql.log file has the initialization stuff:
090208 23:43:42  mysqld started
InnoDB: The first specified data file ./ibdata1 did not exist:
InnoDB: a new database to be created!
090208 23:43:42  InnoDB: Setting file ./ibdata1 size to 10 MB
InnoDB: Database physically writes the file full: wait...
090208 23:43:43  InnoDB: Log file ./ib_logfile0 did not exist: new to be created
InnoDB: Setting log file ./ib_logfile0 size to 5 MB
InnoDB: Database physically writes the file full: wait...
090208 23:43:43  InnoDB: Log file ./ib_logfile1 did not exist: new to be created
InnoDB: Setting log file ./ib_logfile1 size to 5 MB
InnoDB: Database physically writes the file full: wait...
InnoDB: Doublewrite buffer not found: creating new
InnoDB: Doublewrite buffer created
InnoDB: Creating foreign key constraint system tables
InnoDB: Foreign key constraint system tables created
090208 23:43:44  InnoDB: Started; log sequence number 0 0
090208 23:43:44 [Note] /usr/libexec/mysqld: ready for connections.
Version: '5.0.45'  socket: '/var/lib/mysql/mysql.sock'  port: 3306
Source distribution
090209  8:12:06 [Note] /usr/libexec/mysqld: Normal shutdown

Followed by a series of start up/shutdown sequences as I have cycled
the database in an attempt to get passed this.  The tail of the file
with one complete cycle is as follows (they are all identical):
090209 15:13:14  InnoDB: Starting shutdown...
090209 15:13:16  InnoDB: Shutdown completed; log sequence number 0 43655
090209 15:13:16 [Note] /usr/libexec/mysqld: Shutdown complete

090209 15:13:16  mysqld ended

090209 15:13:17  mysqld started
090209 15:13:17  InnoDB: Started; log sequence number 0 43655
090209 15:13:17 [Note] /usr/libexec/mysqld: ready for connections.
Version: '5.0.45'  socket: '/var/lib/mysql/mysql.sock'  port: 3306
Source distribution


Thanks again for helping me with this.

Frank


On Tue, Feb 10, 2009 at 10:00 AM,  <daleville at gmail.com> wrote:
> AppArmor is a Novell thing not present in rhel flavors (i think suse may
> be the only one). Centos/RHEL uses SELinux, which could possibly be the
> source of your problems. See if you're getting any selinux messages in
> /var/log/messages. You could always try temporarily disabling it to see
> if that's the problem. (edit /etc/sysconfig/selinux and set
> SELINUX=disabled then reboot).
>
> Also what's in /var/log/mysqld.log?
>
> Frank Paterra wrote, On 02/10/2009 09:54 AM:
>> Thanks to all for the suggestions but still no joy.  I was able to
>> telnet (to some degree) with port 3306.  I get some garbage on the
>> terminal screen rather than a login prompted but I think this is to be
>> expected as mysql is not looking to send an ascii based login message.
>>
>> My user table contains the following:
>> +------+---------------+
>> | user | host          |
>> +------+---------------+
>> | root | %             |
>> | root | 127.0.0.1     |
>> | root | 192.168.1.100 |
>> | root | localhost     |
>> +------+---------------+
>> 4 rows in set (0.00 sec)
>>
>> My /etc/sysconfig/iptables file contains:
>> # Firewall configuration written by system-config-securitylevel
>> # Manual customization of this file is not recommended.
>> *filter
>> :INPUT ACCEPT [0:0]
>> :FORWARD ACCEPT [0:0]
>> :OUTPUT ACCEPT [0:0]
>> :RH-Firewall-1-INPUT - [0:0]
>> -A INPUT -j RH-Firewall-1-INPUT
>> -A FORWARD -j RH-Firewall-1-INPUT
>> -A RH-Firewall-1-INPUT -i lo -j ACCEPT
>> -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
>> -A RH-Firewall-1-INPUT -p 50 -j ACCEPT
>> -A RH-Firewall-1-INPUT -p 51 -j ACCEPT
>> -A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
>> -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
>> -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
>> -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
>> -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
>> -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT
>> -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
>> -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
>> -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 23 -j ACCEPT
>> -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
>> -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT
>> -A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 3306 -j ACCEPT
>> -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
>> COMMIT
>>
>> When I issued the grant statements in mysql I got the following:
>> mysql> grant all privileges on *.* to 'root'@'localhost' identified by
>> 'sql' with grant option;
>> Query OK, 0 rows affected (0.01 sec)
>>
>> mysql> grant all privileges on *.* to 'root'@'%' identified by 'sql'
>> with grant option;Query OK, 0 rows affected (0.00 sec)
>>
>> mysql> quit
>>
>> Which tells me that nothing changed.  To assure that any changes would
>> be read I followed with a flush privileges command with still no rows
>> affected.
>>
>> Lastly I tried disabling apparmor but I don't think it is install as I
>> don't have a /etc/init.d/apparmor as I get the following:
>>
>> # /etc/init.d/apparmor stop
>> bash: /etc/init.d/apparmor: No such file or directory
>>
>> So, I'm still stuck, any more ideas?  this is maddening!
>>
>> For clarity the exact error message that I am getting on the remote machine is:
>> MySQL error number 1045
>> Access denied for user 'root'@'192.168.1.1100 (using password: YES)
>>
>> Frank
>> On Mon, Feb 9, 2009 at 5:54 PM, Derek Simkowiak <dereks at realloc.net> wrote:
>>>   If all else fails, try disabling "AppArmor" (if you have it installed):
>>>
>>> dereks at laptop:~$ sudo /etc/init.d/apparmor stop
>>> [sudo] password for dereks:
>>> Unloading AppArmor profiles : done.
>>> dereks at laptop:~$
>>>
>>> _______________________________________________
>>> Gslug-general mailing list
>>> Gslug-general at gslug.org
>>> http://lists.gslug.org/mailman/listinfo/gslug-general
>>>
>>
>>
>>
>



-- 
Frank Paterra
fcp at wittykids.com

More information about the Gslug-general mailing list