Topic: Problem with my SME 5.5 server

[jentra001]

Few years back someone setup an SME 5.5 server for me to host my website and webmail etc.

I am a newbie to linux. I have the following errors in var/log/messages


Jun 8 20:58:13 mirch ^B[2277]: PHP Warning: Access denied for user: 'root@localhost' (Using password: YES) in /opt/utili
ties/geeklog-1.3.7sr1/system/databases/mysql.class.php on line 104
Jun 8 20:58:13 mirch ^B[2277]: PHP Warning: MySQL Connection Failed: Access denied for user: 'root@localhost' (Using pas
sword: YES) in /opt/utilities/geeklog-1.3.7sr1/system/databases/mysql.class.php on line 104


I changed some password from a howto that I cannot remember.

Any help will be greatly appreciated. I would appreciate if someone can decipher the logs and give me a starting point.

I can login to mysql using the following command:

mysql -u root -p

when I go to my website I get the message:

Cannot connect to DB server

mysql installation on my system:
mysql-3.23.41-1
mysql-devel-3.23.41-1
e-smith-mysql-1.6.0-01
mysqlclient9-3.23.22-6
mysql-server-3.23.41-1
php-mysql-4.1.2-2es3

[guest22]

Upgrade your server to SME Server 7.5 and upgrade your website software. It looks like a hack attempts through your website software which runs PHP I guess.

 

[Stefano]

jentra001:

you should contact someone to upgrade your server asap.

migrating from 5.5 to 7.5 is not trivial and there's no reason to spend time to repair such an old version issue.

out of my interest (I'm italian), where are you from?

[Jeppe Fugl]

It sound like you have a mysql user that has got a new password.

"I changed some password from a howto that I cannot remember. " a mysql password?

Is geeklog your cms?


Snippet from http://www.geeklog.net/docs/english/install.html

•Error: Warning: mysql_connect(): Access denied for user: 'username@localhost' (Using password: YES) in /path/to/geeklog/system/databases/mysql.class.php on line 104
Cannnot connect to DB server

Answer: First of all, make sure the database settings in siteconfig.php are correct, specifically the name and password of your MySQL user, the name of your database, and the name of your MySQL server.

If you're running your own server, you may need to give your MySQL user proper permissions. Log in to MySQL as the MySQL root user and issue these commands:

GRANT ALL PRIVILEGES ON [database_name] TO [user@host] IDENTIFIED BY '[password]';
FLUSH PRIVILEGES;

Replace the [lower-case] strings with the actual values.

If you want (or need) to be more restrictive with database permissions: You will need to at least grant the ALTER, CREATE, DELETE, INSERT, SELECT, and UPDATE permissions to your database user. ALTER and CREATE permissions are only needed for installing and upgrading Geeklog, as well as for installing plugins and other add-ons.

[Stefano]

Jeppe fugl: please don't give such a suggestion because:

- SME 5.5 is unsupported since a long time
- OP, which defines himself as a mewbie, could do something that compromise even more his server

The only way is to backup data and start an upgrade path to the last stable version, but, I repeat, this is not a trivial job

[Jeppe Fugl]

I agree that he should upgrade sme, but it does not solve his problem. His problem seems to be a changed mysql password.

Best Regards,
Jeppe

[cactus]

I changed some password from a howto that I cannot remember.

I would try very hard to retrace your steps and remember what you did as that will help us guide you to a solution.

The general consensus in the thread most likely is right, but we have no way of confirming that you altered a MySQL user or password if you can not remember what you did.

First some more valuable advice. using a root user for a application is a bad thing security wise and should not be done. the proper way to fix your issue is to alter the configuration of your geeklog application to not use the root user anymore and use a new password which you know.

We can try and help you a little bit. you could try and see if you can find the password that the application was configured to use, most likely this will give you the file and line number of the configuration of the database user:

Code: [Select]

grep -Rn -A5 -B5 root /path/to/geeklog/
Somewhere near that should be the password. Whatever you do, do not post the password anywhere.

Now open the mentioned file in an editor, since I am unsure what editors where supplied on SME Server 5.x we will use vi, which most certainly will be there, but is a bit complex.

Open the file like this:

Code: [Select]

vi /path/to/file
Using the arrows scroll to the line that contains the username.
Press i. You are now in the edit mode.

Remove root and replace it with a username of your choice, anything would be OK as long as it is using alpHanumeric characters and no spaces. Write down the username.

Now scroll around to find the line with the password and change that as well. Write down the new value.

Now it is time to save the file, you can do that by pressing the following sequence followed by return:

Code: [Select]

:w!
Remember the value you choose for username and password as you will need them later on as we still need to properly configure your MySQL server. Also record the database name that is most likely also in that file.

After doing so you can quit this file by pressing the following sequence followed by a return:

Code: [Select]

:q!
Now since you have recorded username, password and database name it is time to reconfigure MySQL properly:

Log in to mysql as root user.

To create a user you need to execute the following code replacing the parameters with the values you recorded (but keep the quotes:

Code: [Select]

GRANT SELECT, UPDATE, DELETE, INSERT ON 'database'.* to 'username'@localhost IDENTIFIED BY 'password';
Now we only need to make sure these new values are also current, therefore we need to flush the privileges:

Code: [Select]

FLUSH PRIVILEGES;
Now you can quit MySQL:

Code: [Select]

QUIT
Now try and see if your application is working again.

I will also add the advice to schedule an update of your server as you are lacking two major releases behind. In the mean time a lot has been improved and updated. Using this version of SME Server/e-smith is a serious security issue as many packages have had important security fixes in the mean time that have not been implemented on your server.

[jentra001]

Thank you Jeppe and Cactus for your suggestions.

I found in my history that I used the following command

sudo mysqladmin -u root password "********" 

I am able to login into mysql using the following command

mysql -u root -p  (the password is the same as the one shown in the sudo statement above i.e, "********"

[root@mirch etc]# mysql -u root -p
Enter password:
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 24 to server version: 3.23.41

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql>



When I type mysqladmin status in the shell, I get


[root@mirch etc]# mysqladmin status
mysqladmin: connect to server at 'localhost' failed
error: 'Access denied for user: 'root@localhost' (Using password: YES)'

mysqladmin  Ver 8.21 Distrib 3.23.41, for redhat-linux-gnu on i386
Copyright (C) 2000 MySQL AB & MySQL Finland AB & TCX DataKonsult AB

Thanks

[cactus]

You have done something you should not have done. You should never modify your root password. Please read the FAQ to know why.

Resetting the root password will generate a new MySQL root password, this is unrelated to the root account used to login to the CLI. Please take some time to read and familiarize yourself with the way MySQL works on SME Server as you do not need to know the MySQL root user password to work with MySQL on your SME Server.

Please, be careful as I am not sure if the method to reset your root password is valid for SME Server/e-smith 5.5.

After restoring your root password you still need to reconfigure your application as I described to you earlier as you should never run applications with the MySQL root password. The account has far to many privileges and is a serious security risk when using it in web applications as malicious or faulty code can be run as the most privileged user you have in MySQL.
In fact you should only use the root account for administration tasks at most and all applications that need access to the database should have their own username and password, with a restrictive set of permissions that is just enough for the application to function. More on the MySQL privileges and user system can be found in the MySQL manual, be sure to look for th eone detailing version 3.23 as that is the version SME Server/e-smith 5.5 is running IIRC.

[cactus]

Moving this topic to General Discussion where it is more appropriate as this has nothing to do with SME Server 7.x. Please try to adhere to our forum policy and post in the proper forum. Thanks in advance.

[jentra001]

I will make sure I post my query in the correct forum.  Thanks for all the help.

[cactus]

Thanks for all the help.

Did you get it sorted out?

[jentra001]

Hi Cactus,

I read the FAQs from your post (reply #8).  I now realize my mistake.  I tried to run the following procedure but it is not working on SME 5.5

For SME Server 7.2 and earlier releases do the following (they use the runsvctrl command instead of the sv command):

cd /var/service/mysqld
runsvctrl d .
expand-template /root/.my.cnf
expand-template /var/service/mysqld/set.password
/usr/libexec/mysqld --bootstrap --user=mysql --skip-grant-tables < ./set.password
runsvctrl u .


When I run the first command I get the following:

[root@mirch root]# cd /var/service/mysqld
bash: cd: /var/service/mysqld: No such file or directory


I am trying to educate myself on how the SME works.  I am looking for some documentation on the SME 5.5 from the Internet.

Thanks