Hi Andrew, this is a MySQL Feature you are having trouble with.
1) http://dev.mysql.com/doc/refman/5.1/en/connecting.html says: -- On Unix, MySQL programs treat the host name localhost specially, in a way that is likely different from what you expect compared to other network-based programs. For connections to localhost, MySQL programs attempt to connect to the local server by using a Unix socket file. This occurs even if a --port or -P option is given to specify a port number. -- The socket a client is trying to use is defined in the [client] section of your my.cnf while the socket provided by MySQL is defined inside the [server] section via the socket = /var/run/mysqld/mysqld.sock command. If you want to be able to connect to "localhost" this file has to be acessible from inside and outside the chroot. Also remember, that clients outside the chroot will read /etc/mysql/mysql.cnf outside the chroot. 2) Just omit bind_address or set it to 0.0.0.0 if you want MySQL to listen on _all_ network interfaces. Note however that this is discouraged, as you allow remote attackers to reach (and maybe break) your MySQL deamon; you should set up a firewall in this case. Regards Matthias Andrew schrieb: > Hey all, > > I have MySQL running without issue inside a chroot by setting > bind_address = 127.0.0.1 in the /etc/my.cnf and then setting the > connection setting to 127.0.0.1 in my various scripts. I have two > questions: > > 1) Is it possible in some way to get it so that when people specify > "localhost" instead of 127.0.0.1 MySQL still works? I've got a /etc/ > hosts file inside the chroot but it doesn't appear to work. Perhaps > some sort of iptables forwarding? > > 2) It would seem to me that this setup would prevent remote MySQL > access on port 3306? This is important still. Is it therefore possible > to have a chroot environment and still have MySQL function via > localhost *and* on port 3306 in some way? If so how? > > Thanks. > _______________________________________________ > Peruser mailing list > [email protected] > http://www.telana.com/mailman/listinfo/peruser > > _______________________________________________ Peruser mailing list [email protected] http://www.telana.com/mailman/listinfo/peruser
