[mod_python] Re: mysqldb error

Mike Looijmans nlv11281 at natlab.research.philips.com
Thu Apr 13 01:54:18 EDT 2006 

There is an optimization in the MySQL client that when the host is "localhost" (or the equivalent), 
it will attempt to use a UNIX socket (or a named pipe on Windows) instead of a TCP/IP socket.

If your DB is on the localhost, makeing sure the UNIX socket (/tmp/mysql.sock or something like 
that) is there and functions properly can greatly improve security, since you can disable remote TCP 
access to the database entirely, so that even if people get the password, they still cannot connect 
to the DB (without access rights to that machine).

I've seen machines that use /var/lib/mysql/mysql.sock, which the apache user (usually 'apache' or 
'nobody') may not have access to.



Mike Looijmans
Philips Natlab / Topic Automation


Graham Dumpleton wrote:

 > Whoops. I could be talking nonsense here. But  then I missed that
 > your code says 127.0.0.1 yet the error says 10.0.0.6.
 >
 > FWIW, the reason that I thought to suggest to look at this was that
 > I was using a database once where using 127.0.0.1 made it use
 > a local database connection rather than full IP connection and in
 > that situation, for whatever reason it actually ignored the user name
 > in the login and was using the user ID of the process connecting
 > to the database to determine privileges.
 >
 > I rarely use databases, so could though be completely wrong and
 > misunderstood what I saw at the time. :-(
 >
 > Someone who knows what they are talking about should step in
 > and save me now. :-)
 >
 > Graham
 >
 > Graham Dumpleton wrote ..
 >
 >> Apache doesn't probably run as any of the users which your database
 >> allows access to. Add lines in your CGI which says:
 >>
 >>  import os
 >>  print os.getuid()
 >>
 >> and then see what user that UID actually is and give it access. User
 >> may be something like "apache", "www", "wwwroot" or possibly even
 >> "nobody" depending on the system configuration.
 >>
 >> You can also check your Apache configuration for lines:
 >>
 >> User www
 >> Group www
 >>
 >> to see what it runs as:
 >>
 >> Graham
 >>
 >> Firat KUCUK wrote ..
 >>
 >>> my distro is ubuntu breezy,
 >>> I used cgi handler. And text mime type
 >>> so i can view the print statement.
 >>>
 >>> MySQL server 4.0.24
 >>> apache 2.0.54
 >>> python2.4-mysqldb 1.2.1
 >>>
 >>> php, console python, cgi python works fine.
 >>>
 >>> my .htaccess file
 >>>
 >>> Allow from       All
 >>>
 >>> AddHandler       mod_python .py
 >>> PythonHandler    mod_python.cgihandler
 >>> PythonDebug      On
 >>>
 >>> DirectoryIndex   index.htm index.html index.php index.py index.pl
 >>>
 >>> -----------------------------------------------------------------------------
 >>>
 >>> #! /usr/bin/python
 >>> # -*- coding: UTF-8 -*-
 >>>
 >>> print 'Content-Type: text/plain\n'
 >>>
 >>> import MySQLdb
 >>> conn = MySQLdb.connect(
 >>>           host   = '127.0.0.1',
 >>>           user   = 'pismikrop',
 >>>           passwd = 'pass',
 >>>           db     = 'gate')
 >>> print conn
 >>> conn.close()
 >>>
 >>>
 >>> -------------------------------------------
 >>>
 >>> output: <_mysql.connection open to '(null)' at 82a97e4>
 >>>
 >>>
 >>> if host = '10.0.0.6'
 >>>
 >>> Mod_python error: "PythonHandler mod_python.cgihandler"
 >>>
 >>> Traceback (most recent call last):
 >>>
 >>>  File "/usr/lib/python2.4/site-packages/mod_python/apache.py", line
 >>
 >>
 >> 299,
 >>
 >>> in HandlerDispatch
 >>>    result = object(req)
 >>>
 >>>  File "/usr/lib/python2.4/site-packages/mod_python/cgihandler.py", line
 >>> 96, in handler
 >>>    imp.load_module(module_name, fd, path, desc)
 >>>
 >>>  File "/home/pismikrop/vhosts/mikropyuvasi/content/tests/mpcgi/firat.py",
 >>> line 11, in ?
 >>>    db     = 'gate')
 >>>
 >>>  File "/usr/lib/python2.4/site-packages/MySQLdb/__init__.py", line 66,
 >>> in Connect
 >>>    return Connection(*args, **kwargs)
 >>>
 >>>  File "/usr/lib/python2.4/site-packages/MySQLdb/connections.py", line
 >>> 134, in __init__
 >>>    super(Connection, self).__init__(*args, **kwargs2)
 >>>
 >>> OperationalError: (2003, "Can't connect to MySQL server on '10.0.0.6'
 >>
 >>
 >> (111)")
 >>
 >>> ------------------------------------------
 >>>
 >>> mysql> SELECT User, Host FROM user;
 >>> +------------------+--------------+
 >>> | User             | Host         |
 >>> +------------------+--------------+
 >>> | pismikrop        | %            |
 >>> | debian-sys-maint | localhost    |
 >>> | root             | localhost    |
 >>> | root             | mikropyuvasi |
 >>> +------------------+--------------+
 >>>
 >>> pismikrop user has all priviliges to all databases.
 >
 >
 >

More information about the Mod_python mailing list