Question
How to chroot MySQL client for users in Plesk?
Answer
Warning: It is not recommended to give access to MySQL in the chrooted environment as it is designed to isolate a system user from any system services. Proceed with the following steps at your own risk.
-
Connect to the server via SSH;
-
Download and unzip the update_chroot script:
# wget https://plesk.zendesk.com/hc/article_attachments/360023025260/update_chroot.zip ; unzip update_chroot.zip && chmod +x update_chroot.sh
-
Add the mysql command and all the required files to the chrooted environment and apply it to all domain:
# ./update_chroot.sh –add mysql
# ./update_chroot.sh –apply all-
Afterwards, it should be possible to use the mysql command as follows:
# mysql -u db_user -p -h127.0.0.1 db_name
-
In order to access the database without the
-h127.0.0.1
option, create the/var/www/vhosts/example.com/.my.cnf
file with the following content:# cat /var/www/vhosts/example.com/.my.cnf
[mysql]
host=127.0.0.1
-
-
Mount a MySQL socket under the domain’s chrooted shell:
Do not recommend mounting it via /etc/fstab for the following reason:
When the customer decides to remove the domain, by doing so its vhost will be deleted.
That means the corresponding fstab entry must be removed too, otherwise, the next reboot will bring you to the emergency mode, and the default target (multi-user.target) will not come up.
During the boot procedure, systemd tries to mount everything under the /etc/fstab file – if one single typo exists or one or more mount point fails, the server becomes unbootable until you fix that via an attached console.Â
For CentOS/RHEL/CloudLinux:
-
Create the following directory for the corresponding domain:
# mkdir -p /var/www/vhosts/example.com/var/lib/mysql
-
Bind the MySQL socket to the chrooted directory:
# mount -o bind,ro /var/lib/mysql /var/www/vhosts/example.com/var/lib/mysql
For Debian/Ubuntu:
-
Create the following directory for the corresponding domain:
# mkdir -p /var/www/vhosts/example.com/var/run/mysqld
-
Bind the MySQL socket to the chrooted directory:
# mount -o bind,ro /var/run/mysqld /var/www/vhosts/example.com/var/run/mysqld
Additional Information
How to add programs to a chrooted shell environment template in PleskÂ