MySQL – CHROOT Install After Installing MySQL 5.6

MySQLSecurity

I installed some time ago Mysql 5.6 on Ubuntu server 12.04 and now I'd like to enhance security by putting mysql into a CHROOT environment on that same Ubuntu server.

Is this possible without re-installing the whole mysql? mysql files are under var/lib and system files are under OPT/mysql/server-5.6

Anyone did this before?
Thanks

Best Answer

I didn't tested it but mysql has build in support for chroot by adding "chroot=/path/to/chroot" into my.cnf

Normally mysql should start and load all libraries and the log files it needs and then make a chroot to the path set in the parameter. That means the database must be in the chroot and the path in the config file have to be relative to the chroot.

So if your "datadir" path is set to /var/lib/mysql/data and your chroot is /var/lib/mysql you have to change the "datadir" path to /data

According to the documentation LOAD DATA INFILE and SELECT ... INTO OUTFILE having some limits.

http://dev.mysql.com/doc/refman/5.1/en/server-options.html#option_mysqld_chroot

Related Solutions

MySQL – How to Restore Table from .frm and .ibd Files

InnoDB tables cannot be copied the same way that MyISAM tables can.

Just copying the .frm and .ibd files from one location to another is asking for trouble. Copying the .frm and .ibd file of an InnoDB table is only good if and only if you can guarantee that the tablespace id of the .ibd file matches exactly with the tablespace id entry in the metdata of the ibdata1 file.

I wrote two posts in DBA StackExchange about this tablespace id concept

Table compression in InnoDB? (under the heading 'Restoring Databases')
How to Recover an InnoDB table whose files were moved around

Here is excellent link on how to reattach any .ibd file to ibdata1 in the event of mismatched tablespace ids : http://www.chriscalender.com/?tag=innodb-error-tablespace-id-in-file. After reading this, you should come to the immediate realization that copying .ibd files is just plain crazy.

You could apply the suggestions from the Chris Calendar link, or you could go back to the old installation of mysql, startup up mysql, and then mysqldump the ddms database. Then, import that mysqldump into your new mysql instance. Trust me, this would be far easier.

MySQL does not start – Ubuntu 14.04 LTS after migration to new disk

You only changed the ownership and permissions for the mysql datadir, not all the files below it. You should apply those changes recursively with the -R option.

I would do it this way:

$ sudo chown -R mysql:mysql /media/juanjo/2d4aef3c-ae2e-4b30-8bb7-c5723eb5403b/mysql-db-new/mysql

$ sudo chmod -R g+rwX /media/juanjo/2d4aef3c-ae2e-4b30-8bb7-c5723eb5403b/mysql-db-new/mysql

The datadir doesn't need to be other-accessible.

Also make sure that the full chain of directories above (/media/juanjo/2d4aef3c-ae2e-4b30-8bb7-c5723eb5403b/mysql-db-new/) are readable & executable by mysql:mysql.

Best Answer

Related Solutions

MySQL – How to Restore Table from .frm and .ibd Files

MySQL does not start – Ubuntu 14.04 LTS after migration to new disk

Related Question