Re: Directions to chroot MySQL ?

To: Joel Carnat <joel%carnat.net@localhost>
Subject: Re: Directions to chroot MySQL ?
From: Steven Drake <sbd%NetBSD.org@localhost>
Date: Thu, 9 Dec 2010 19:50:36 +1300 (NZDT)

On Tue, 7 Dec 2010, Joel Carnat wrote:

> I've installed mysql-server 5.1 from pkgsrc binaries (on netbsd-5/i386)
> and wanted to chroot it.
> I've added 'mysqld_flags="--chroot=/home/sql"' to /etc/rc.conf, added
> various files (errmsg.sys, master.passwd...) and issued various command
> lines. But I still get loads of errors from MySQL (about write
> permissions, missing plugins...).
> 
> I already have quite a few chrooted daemons (pound, named, slapd...)
> that were far easier to deal with :)
> 
> While continuing digging to solve the errors one by one, I wanted to
> know if there were "easy" directions to chroot mysql on netbsd ?

This seams to work!

1) Create the chroot and needed subdirectorys.
# for i in etc tmp `dirname ${mysqld_datadir}` usr/pkg/share/mysql ;do \
        mkdir -p ${mysqld_chroot}/${i} ; done

2) Create a passwd file with the mysql user.
# grep mysql /etc/passwd >${mysqld_chroot}/etc/passwd

3) Make the tmp accessable by the mysql user.
# chown mysql:mysql {mysqld_chroot}/tmp

4) Copy the charsets and error messages into the chroot.
# cp -a /usr/pkg/share/mysql/charsets ${mysqld_chroot}/usr/pkg/share/mysql
# cp -a /usr/pkg/share/mysql/english ${mysqld_chroot}/usr/pkg/share/mysql

5) Move the ${mysqld_datadir} into the chroot.
# ( cd `dirname ${mysqld_datadir}` ; tar cf - `basename ${mysqld_datadir}` )|\
  ( cd ${mysqld_chroot}/`dirname ${mysqld_datadir}`; tar xf - )

6) Delete the old ${mysqld_datadir} and make it symlink to the new location[1]
# rm -rf ${mysqld_datadir}
# ln -s ${mysqld_chroot}${mysqld_datadir} ${mysqld_datadir}

7) If this is a linux system copy file libnss_file library into the chroot.
# mkdir ${mysqld_chroot}/lib
# cp /lib/libnss_files.so.2 ${mysqld_chroot}/lib

8) Put the mysqld_flags="--chroot=......" into /etc/rc.conf
# vi /etc/rc.conf

9) Start mysqld.
# /etc/rc.d/mysqld start

10) Create a symlink to the mysqld socket[2].
# ln -s ${mysqld_chroot}/tmp/mysql.sock /tmp/mysql.sock

11) Enjoy :)

Note 1: kills two birds with one symlink.
 ""  2: ditto.

-- 
Steven

Follow-Ups:
- RE: Directions to chroot MySQL ?
  - From: Joel Carnat

References:
- Directions to chroot MySQL ?
  - From: Joel Carnat

Prev by Date: Re: Something is very wrong with lang/kaffe
Next by Date: Re: Something is very wrong with lang/kaffe
Previous by Thread: Re: Directions to chroot MySQL ?
Next by Thread: RE: Directions to chroot MySQL ?
Indexes:

Home | Main Index | Thread Index | Old Index