Matthias, Thank you for your detailed answer!
1) I read that MySQL can only cope with one socket file, therefore I see the only option here (if I want to use sockets) is some sort of symlink to the socket defined in the my.cnf from the chroot? I worry about doing such things and I assume if that was a wise thing to do it'd be getting recommended and really everyone is saying to use MySQL via TCP in a chroot. Any advice on that point? Thanks :) On 2 Sep 2009, at 17:51, Matthias Vill wrote: > Hi Andrew, > > this is a MySQL Feature you are having trouble with. > > 1) > http://dev.mysql.com/doc/refman/5.1/en/connecting.html says: > -- > On Unix, MySQL programs treat the host name localhost specially, in a > way that is likely different from what you expect compared to other > network-based programs. For connections to localhost, MySQL programs > attempt to connect to the local server by using a Unix socket file. > This > occurs even if a --port or -P option is given to specify a port > number. > -- > The socket a client is trying to use is defined in the [client] > section > of your my.cnf while the socket provided by MySQL is defined inside > the > [server] section via the > socket = /var/run/mysqld/mysqld.sock > command. If you want to be able to connect to "localhost" this file > has > to be acessible from inside and outside the chroot. > Also remember, that clients outside the chroot will read > /etc/mysql/mysql.cnf outside the chroot. > > 2) Just omit bind_address or set it to 0.0.0.0 if you want MySQL to > listen on _all_ network interfaces. > Note however that this is discouraged, as you allow remote attackers > to > reach (and maybe break) your MySQL deamon; you should set up a > firewall > in this case. > > Regards > > Matthias > > Andrew schrieb: >> Hey all, >> >> I have MySQL running without issue inside a chroot by setting >> bind_address = 127.0.0.1 in the /etc/my.cnf and then setting the >> connection setting to 127.0.0.1 in my various scripts. I have two >> questions: >> >> 1) Is it possible in some way to get it so that when people specify >> "localhost" instead of 127.0.0.1 MySQL still works? I've got a /etc/ >> hosts file inside the chroot but it doesn't appear to work. Perhaps >> some sort of iptables forwarding? >> >> 2) It would seem to me that this setup would prevent remote MySQL >> access on port 3306? This is important still. Is it therefore >> possible >> to have a chroot environment and still have MySQL function via >> localhost *and* on port 3306 in some way? If so how? >> >> Thanks. >> _______________________________________________ >> Peruser mailing list >> [email protected] >> http://www.telana.com/mailman/listinfo/peruser >> >> > _______________________________________________ > Peruser mailing list > [email protected] > http://www.telana.com/mailman/listinfo/peruser _______________________________________________ Peruser mailing list [email protected] http://www.telana.com/mailman/listinfo/peruser
