- B.1.4 Administration-Related Issues
- B.1.4.1 How to Reset the Root Password
- B.1.4.2 What to Do If MySQL Keeps Crashing
- B.1.4.3 How MySQL Handles a Full Disk
- B.1.4.4 Where MySQL Stores Temporary Files
- B.1.4.5 How to Protect or Change the MySQL Unix Socket File
- B.1.4.6 Time Zone Problems
The default location for the Unix socket file that the server
uses for communication with local clients is
/tmp/mysql.sock. (For some distribution
formats, the directory might be different, such as
/var/lib/mysql for RPMs.)
On some versions of Unix, anyone can delete files in the
/tmp directory or other similar
directories used for temporary files. If the socket file is
located in such a directory on your system, this might cause
problems.
On most versions of Unix, you can protect your
/tmp directory so that files can be
deleted only by their owners or the superuser
(root). To do this, set the
sticky bit on the /tmp
directory by logging in as root and using
the following command:
shell> chmod +t /tmp
You can check whether the sticky bit is set
by executing ls -ld /tmp. If the last
permission character is t, the bit is set.
Another approach is to change the place where the server creates the Unix socket file. If you do this, you should also let client programs know the new location of the file. You can specify the file location in several ways:
-
Specify the path in a global or local option file. For example, put the following lines in
/etc/my.cnf:[mysqld] socket=/path/to/socket [client] socket=/path/to/socket
Specify a
--socketoption on the command line to mysqld_safe and when you run client programs.Set the
MYSQL_UNIX_PORTenvironment variable to the path of the Unix socket file.Recompile MySQL from source to use a different default Unix socket file location. Define the path to the file with the
--with-unix-socket-pathoption when you run configure. See Section 2.10.2, “Typical configure Options”.
You can test whether the new socket location works by attempting to connect to the server with this command:
shell> mysqladmin --socket=/path/to/socket version
User Comments
When using the DBI/DBD Perl interface routines along with mysql_multi(aka a socket file different from mysql.sock) you should set the perl env variable MYSQL_UNIX_PORT as referenced in your mysql.cnf file. Example:
$ENV{MYSQL_UNIX_PORT} = "/tmp/mysql.sock2";
It would be nice if the perldoc information(referenced in the PERL API page 21.4 MySQL Perl API) was updated to reflect this but its not a mysql problem; its PERL
Thanks Elliot! Here's a more detailed example:
#!/opt/bin/perl -w
use DBI;
$ENV{MYSQL_UNIX_PORT} = "/home/me/mysql/mysql.sock";
my $dbh = DBI->connect("DBI:mysql:database=mydb;host=localhost", "user", "passwd", {'RaiseError' => 1});
Do work here...
$dbh->disconnect();
Setting the sticky bit is sufficient in most cases, but a rogue process run in root's context (or the MySQL user context) can still remove the pipe file.
For additional security on BSD-based platforms (I tested with FreeBSD, I think OpenBSD also supports this), set the SAPPEND flag on the file:
chflags sappend /tmp/mysql.sock
This makes the file append-only (which is perfect for a pipe), and cannot be removed without first unsetting the flag.
My first inclination was to use the SCHG flag, but that means nothing can write to the pipe. :)
I don't think Linux has anything like BSD filesystem flags, so I don't think this works on Linux systems.
Add your own comment.