Page 1 of 3

phpMyAdmin installation

Posted: 12 Feb 2013, 05:36
by GodfatherB
I have a problem with phpmyadmin installation or better said its usage...

I have installed it using apt-get install phpmyadmin and then went, selected apache2 as a server, and then I tried it at //b3/phpmyadmin. The login screen loads successfuly, but the problem is I cannot log in.

I tried the username "root" and password blank, but no joy. I tried password excito, I tried admin user, regular user, but again no joy. The logon screen just reloads with empty credential fields.

The same happens if I try to change the language in the logon screen... it just reloads the logon screen without any changes (so the old language is still in effect).

I suspect it has something to do with priviledges, I just don't know how it should all be set-up. What is the default priviledge for /home/web/? Should I check any other priviledges?

Re: phpMyAdmin installation

Posted: 12 Feb 2013, 11:31
by Gordon
I don't know about the language tab thing - I got my phpmyadmin from their site and it only has English language support.

The login issue however is caused by root having an empty password, which phpmyadmin will simply not accept. Since system updates might fail if you add a password for root, you don't want to change that. What you need to do therefore is add a new mysql user with similar privileges as root.

A good start is this page: http://dev.mysql.com/doc/refman/5.1/en/ ... users.html

Re: phpMyAdmin installation

Posted: 12 Feb 2013, 12:02
by GodfatherB
I followed he instructions and created admin@localhost with full privileges (and password), restarted the mysql and tried to logon again, but not joy. The logon screen simply reloads like nothing happened.

There is no error or warning about user credentials being wrong.

I used apt-get install phpmyadmin and I got version installed that gives me an option to chose language of the interface. If I try to change the language (its a simple drop down list), the page just reloads with no changes (no language change)... so I suspect there are some privileges (on web folders or something similar) problems.

Re: phpMyAdmin installation

Posted: 12 Feb 2013, 15:51
by nobody
If there is a privilege issue the error log of apache will tell you so. Please post relevant log in a Code block

Re: phpMyAdmin installation

Posted: 12 Feb 2013, 16:31
by GodfatherB
This is in the log, the last 2 lines (previous ones for the last 2 hours were the same as the first one here)..

Code: Select all

[Tue Feb 12 22:08:27 2013] [error] [client 127.0.0.1] File does not exist: /home/web/announce
[Tue Feb 12 22:22:43 2013] [error] [client 10.0.0.31] PHP Warning:  Unknown: POST Content-Length of 289 bytes exceeds the limit of 0 bytes in Unknown on line 0, referer: http://b3/phpmyadmin/
Also, a question for my understanding; where does this http://b3/phpmyadmin come from - it is not in the /home/web/ nor in the /var/www/?

Re: phpMyAdmin installation

Posted: 12 Feb 2013, 16:45
by nobody
Ah
Maybe there is an error in your php.ini that set the max post size to 0 bytes. What are the post_max_size and other related values in php.ini?

Re: phpMyAdmin installation

Posted: 13 Feb 2013, 09:29
by Nrde
GodfatherB wrote:Also, a question for my understanding; where does this http://b3/phpmyadmin come from - it is not in the /home/web/ nor in the /var/www/?
It's where the package file was supposed to put it.

I would just download a tarfile from mysqladmin homepage and unpack it where you want. (/home/web probably)

Re: phpMyAdmin installation

Posted: 13 Feb 2013, 16:58
by nobody
No

PLEASE do not give suggestions that you know will bring the OP into an unsecure setup. Dumping tarballs is not a good solution if you do not understand linux security models or apache configs

Also, "its where it is supposed to be" is not too helpful. Why bother to post such a response?

Anyway, the config files for apache are in /etc/apache2. There, or in a subdir, is a config file that contains the alias to phpmyadmin. Use grep to identify the file that contains the relevznt config and from there identify the rootdir where your phpmyadmin install is located.

Fix the php.ini issue first though

Re: phpMyAdmin installation

Posted: 13 Feb 2013, 17:35
by Gordon
Seconded

The safe way to install any package is to use the one that is supplied by the distribution. To choose otherwise is because you want different/extended functionality or simply because the package doesn't exist on your distribution (or in my case: forgot to check if it existed).

In any case: the problem appears to be caused by a bad setting in php.ini and choosing a different install method will not fix that. Fixing the ini file and restarting Apache after that should do it.

Re: phpMyAdmin installation

Posted: 13 Feb 2013, 18:09
by GodfatherB
OK, php.ini post_max_size and upload_max_filesize did the trick. I changed that just a few days ago to about 4GB so that I could upload larger files to owncloud. Apparantly 4GB is too much. I changed them both now to 1024M.

What is the allowed maximum for these two variables?

Re: phpMyAdmin installation

Posted: 14 Feb 2013, 03:19
by Gordon
GodfatherB wrote:OK, php.ini post_max_size and upload_max_filesize did the trick. I changed that just a few days ago to about 4GB so that I could upload larger files to owncloud. Apparantly 4GB is too much. I changed them both now to 1024M.

What is the allowed maximum for these two variables?
According to the PHP manual:

Code: Select all

Note:

PHP allows shortcuts for bit values, including K (kilo), M (mega) and G (giga). PHP will do the conversions automatically if you use any of these. Be careful not to exceed the 32 bit signed integer limit (if you're using 32bit versions) as it will cause your script to fail. 
Considering the ARM processor is 32 bit this sets the limit at 2G

Re: phpMyAdmin installation

Posted: 14 Feb 2013, 10:55
by nobody
Sorry but do you realize the manner in which you just set up your system?

Wouldnt you say its kinda ridiculous to allow a single PHP script to eat 1G of memory for a post on a machine that has 1G memory tops? Just the upload to 1G will take so long the script will timeout, and if it does not, you just opened up your system for an easy DoS attack. If you are planning to upload 1GB files, the web interface is maybe not the best way to do so.

ISPs generally set max_mem_limit and max_post-limit to 64MB. I only hear inexperienced web devs complain about this setting. For cloud services I can imagine you increase this to maybe 128M, but for a B3 anything over 128M is not making the system more stable.

Re: phpMyAdmin installation

Posted: 14 Feb 2013, 14:59
by Nrde
nobody wrote:PLEASE do not give suggestions that you know will bring the OP into an unsecure setup. Dumping tarballs is not a good solution if you do not understand linux security models or apache configs
phpmyadmin has installation instructions in the tar package. Also a mention how to secure the installation.
Also, "its where it is supposed to be" is not too helpful. Why bother to post such a response?
I agree it wasn't really helpful and I do apologize. Different distros put it in different places. Is it Excitos package or plain debian for example?
Anyway, the config files for apache are in /etc/apache2. There, or in a subdir, is a config file that contains the alias to phpmyadmin. Use grep to identify the file that contains the relevznt config and from there identify the rootdir where your phpmyadmin install is located.
My Debian derived desktop distro doesn't do it like that, but this was good info to know.

Re: phpMyAdmin installation

Posted: 15 Feb 2013, 07:07
by Gordon
Nrde wrote:
Anyway, the config files for apache are in /etc/apache2. There, or in a subdir, is a config file that contains the alias to phpmyadmin. Use grep to identify the file that contains the relevznt config and from there identify the rootdir where your phpmyadmin install is located.
My Debian derived desktop distro doesn't do it like that, but this was good info to know.
Allow me to comment on that, with a warning :!:

Although the safe method is to always use distro packages when installing applications, this does not mean that it will lead to a safe environment. In this case the phpMyAdmin installer added an alias to its install path, which is probably in either /usr/share or /var/lib, in the Apache2 conf files. What is also very likely is that it did this by adding a specialised conf file for this in the apache include directory /etc/apache2/conf.d. This means that phpMyAdmin will be available on every site that you enabled and that is a serious security issue if you're operating a publicly available website on your B3.

Re: phpMyAdmin installation

Posted: 15 Feb 2013, 13:28
by nobody
True except the conf file includes an "allow fom 127.0.0.1/ deny all" that limits exploitation. But its not the most secure of setups, especilly when noobs remove the allow line instead of modifying it to allow only the subnet