Hey Andrew, you should definetly go to another mailinglist for this question. I would guess that setting socket in the outside mysql.cnf to the full-path to the inside socket should work. As I a) don't run a chrooted MySQL myself b) don't know how sockets really work c) think this is mailinglist is more about peruser than MySQL I guess you won't get reliable information from here (and especially me) on such details.
Feel free to experiment with the settings and see whether it works (I was told sockets are a bit faster) or stick to the recommendations and use networking (which prooved to work well with all chrooted servers) Sorry I can further help you Matthias Andrew schrieb: > Matthias, > > Thank you for your detailed answer! > > 1) I read that MySQL can only cope with one socket file, therefore I > see the only option here (if I want to use sockets) is some sort of > symlink to the socket defined in the my.cnf from the chroot? I worry > about doing such things and I assume if that was a wise thing to do > it'd be getting recommended and really everyone is saying to use MySQL > via TCP in a chroot. > > Any advice on that point? > > Thanks :) > > On 2 Sep 2009, at 17:51, Matthias Vill wrote: > > >> Hi Andrew, >> >> this is a MySQL Feature you are having trouble with. >> >> 1) >> http://dev.mysql.com/doc/refman/5.1/en/connecting.html says: >> -- >> On Unix, MySQL programs treat the host name localhost specially, in a >> way that is likely different from what you expect compared to other >> network-based programs. For connections to localhost, MySQL programs >> attempt to connect to the local server by using a Unix socket file. >> This >> occurs even if a --port or -P option is given to specify a port >> number. >> -- >> The socket a client is trying to use is defined in the [client] >> section >> of your my.cnf while the socket provided by MySQL is defined inside >> the >> [server] section via the >> socket = /var/run/mysqld/mysqld.sock >> command. If you want to be able to connect to "localhost" this file >> has >> to be acessible from inside and outside the chroot. >> Also remember, that clients outside the chroot will read >> /etc/mysql/mysql.cnf outside the chroot. >> >> 2) Just omit bind_address or set it to 0.0.0.0 if you want MySQL to >> listen on _all_ network interfaces. >> Note however that this is discouraged, as you allow remote attackers >> to >> reach (and maybe break) your MySQL deamon; you should set up a >> firewall >> in this case. >> >> Regards >> >> Matthias >> >> Andrew schrieb: >> >>> Hey all, >>> >>> I have MySQL running without issue inside a chroot by setting >>> bind_address = 127.0.0.1 in the /etc/my.cnf and then setting the >>> connection setting to 127.0.0.1 in my various scripts. I have two >>> questions: >>> >>> 1) Is it possible in some way to get it so that when people specify >>> "localhost" instead of 127.0.0.1 MySQL still works? I've got a /etc/ >>> hosts file inside the chroot but it doesn't appear to work. Perhaps >>> some sort of iptables forwarding? >>> >>> 2) It would seem to me that this setup would prevent remote MySQL >>> access on port 3306? This is important still. Is it therefore >>> possible >>> to have a chroot environment and still have MySQL function via >>> localhost *and* on port 3306 in some way? If so how? >>> >>> Thanks. >>> _______________________________________________ >>> Peruser mailing list >>> [email protected] >>> http://www.telana.com/mailman/listinfo/peruser >>> >>> >>> >> _______________________________________________ >> Peruser mailing list >> [email protected] >> http://www.telana.com/mailman/listinfo/peruser >> > > _______________________________________________ > Peruser mailing list > [email protected] > http://www.telana.com/mailman/listinfo/peruser > >
_______________________________________________ Peruser mailing list [email protected] http://www.telana.com/mailman/listinfo/peruser
