Applicable to:
- Plesk Obsidian for Linux
- Plesk Onyx for Linux
Question
How to chroot MySQL/MariaDB client for users in Plesk?
Answer
Warning: It is not recommended to give access to MySQL/MariaDB in the chrooted environment as it is designed to isolate a system user from any system services. Proceed with the following steps at your own risk.
-
Connect to the server via SSH;
-
Download and unzip the update-chroot script:
# wget https://raw.githubusercontent.com/plesk/kb-scripts/master/update-chroot/update-chroot.sh && chmod +x update-chroot.sh
-
Add the mysql command and all the required files to the chrooted environment and apply it to all domain:
# ./update-chroot.sh --add mysql
# ./update-chroot.sh --apply all-
Afterwards, it should be possible to use the mysql command as follows:
# mysql -u db_user -p -h127.0.0.1 db_name
-
In order to access the database without the
-h127.0.0.1
option, create the/var/www/vhosts/example.com/.my.cnf
file with the following content:# cat /var/www/vhosts/example.com/.my.cnf
[mysql]
host=127.0.0.1
-
-
Mount a MySQL/MariaDB socket under the domain's chrooted shell:
Do not recommend mounting it via /etc/fstab for the following reason:
When the customer decides to remove the domain, by doing so its vhost will be deleted.
That means the corresponding fstab entry must be removed too, otherwise, the next reboot will bring you to the emergency mode, and the default target (multi-user.target) will not come up.
During the boot procedure, systemd tries to mount everything under the /etc/fstab file - if one single typo exists or one or more mount point fails, the server becomes unbootable until you fix that via an attached console.
-
Create the following directory for the corresponding domain:
# mkdir -p /var/www/vhosts/example.com/var/lib/mysql
-
Bind the MySQL socket to the chrooted directory:
# mount -o bind,ro /var/lib/mysql /var/www/vhosts/example.com/var/lib/mysql
-
Create the following directory for the corresponding domain:
# mkdir -p /var/www/vhosts/example.com/var/run/mysqld
-
Bind the MySQL socket to the chrooted directory:
# mount -o bind,ro /var/run/mysqld /var/www/vhosts/example.com/var/run/mysqld
Additional Information
How to add programs to a chrooted shell environment template in Plesk
Comments
1 comment
How do I get this to survive a server reboot on my Plesk server?
Please sign in to leave a comment.