The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

/var/lib/mysql mounted in cagefs

Discussion in 'CloudLinux' started by ThinIce, Apr 7, 2017.

Tags:
  1. ThinIce

    ThinIce Well-Known Member

    Joined:
    Apr 27, 2006
    Messages:
    352
    Likes Received:
    7
    Trophy Points:
    168
    Location:
    Disillusioned in England
    cPanel Access Level:
    Root Administrator
    I was quite surprised to see that by default, /var/lib/mysql and its database data is included in the CageFS skeleton. Per Mysql issues there appears to be a good reason for this (access to the MySQL socket required) but it still seems counter intuitive somehow, given the treatment of home, tmp, root and such.

    I don't however know enough about the CageFS implementation details to know whether this matters enough that it's worth doing something about, so two questions:

    1. Are the database files less protected being linked within the cage, even though the directory has permissions such that they cannot be read, than they would be if they were not included?

    2. If the above = true, what would be the method to resolve the issue (move the socket) that would not break cPanel MySQL maintenance?
     
  2. Anoop P Alias

    Anoop P Alias Well-Known Member

    Joined:
    Mar 31, 2015
    Messages:
    65
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Kochi,Kerala,India
    cPanel Access Level:
    Root Administrator
    Ideally ony the mysql socket being available in the jail should be enough to access mysql. As you said not sure how CageFS sets this up ;so I cant comment on the requirement of the dir in the skeleton
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,064
    Likes Received:
    1,287
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello @ThinIce,

    You'll likely receive better feedback on this question directly from CloudLinux (@Bazinga). You can post directly to their forums at:

    CloudLinux Forums

    Thank you.
     
  4. ThinIce

    ThinIce Well-Known Member

    Joined:
    Apr 27, 2006
    Messages:
    352
    Likes Received:
    7
    Trophy Points:
    168
    Location:
    Disillusioned in England
    cPanel Access Level:
    Root Administrator
    Thanks Michael, that's true. Perhaps the item from the question germane directly to cPanel is whether the MySQL socket can be changed to a different location in my.cnf for the MySQL server without this causing a problem to cPanel or cPanel upgrades of MySQL. I guess the symlink in tmp would also need modifying off the top of my head...
     
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,064
    Likes Received:
    1,287
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    You should be able to change the socket location per the instructions on MySQL's documentation:

    MySQL :: MySQL 5.7 Reference Manual :: B.5.3.6 How to Protect or Change the MySQL Unix Socket File

    Thank you.
     
Loading...

Share This Page