I can connect to a mysql database from the command line on centos 6.7:
mysql -u root -h 127.0.0.1 --protocol=TCP -p;
also:
mysql -u root -h localhost --protocol=TCP -p;
But if I connect from NodeBB running on port 4567 via an importer plugin I get an access denied error:
From a node application for importing data to the database I see:
22/11 09:11 [28144] - error: Error: ER_ACCESS_DENIED_ERROR: Access denied for user 'root'@'localhost' (using password: YES)
at Handshake.Sequence._packetToError (/var/www/nodebb/node_modules/nodebb-plugin-import-punbb2/node_modules/mysql/lib/protocol/sequences/Sequence.js:48:14)
at Handshake.ErrorPacket (/var/www/nodebb/node_modules/nodebb-plugin-import-punbb2/node_modules/mysql/lib/protocol/sequences/Handshake.js:101:18)
at Protocol._parsePacket (/var/www/nodebb/node_modules/nodebb-plugin-import-punbb2/node_modules/mysql/lib/protocol/Protocol.js:270:23)
at Parser.write (/var/www/nodebb/node_modules/nodebb-plugin-import-punbb2/node_modules/mysql/lib/protocol/Parser.js:77:12)
at Protocol.write (/var/www/nodebb/node_modules/nodebb-plugin-import-punbb2/node_modules/mysql/lib/protocol/Protocol.js:39:16)
at Socket.<anonymous> (/var/www/nodebb/node_modules/nodebb-plugin-import-punbb2/node_modules/mysql/lib/Connection.js:82:28)
at Socket.emit (events.js:107:17)
at readableAddChunk (_stream_readable.js:163:16)
at Socket.Readable.push (_stream_readable.js:126:10)
at TCP.onread (net.js:538:20)
I have tried granting privileges on *.* to 'root'@'%'
(this is a vagrant box) but the error persists.
Can anyone suggest what might be causing this? I can connect to MySQL from a simple nodejs script on the same box without error using the same credentials.
SELinux is disabled:
sudo cat /etc/sysconfig/selinux
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted
If this is a default install of CentOS you should check your SELinux configuration. SELinux provides a fine grained access protection system to your system. This is controlled by the SELinux module in the kernel.
Any access controlled by SELinux will be logged (in a default install of CentOS) by the audit deamon. The log is located at
/var/log/audit/audit.log
and should have some entries specific to your MySQL access attempts.By default on CentOS6 it is set to enforcing. This is configured in
/etc/sysconfig/selinux
. After changing this a reboot is required.You could disable SELinux but the most proper way is to add a policy to SELinux to allow MySQL access from a specific application. You can do this as explained in the manual.