mysql --protocol=SOCKET -u root -p -S /run/mysqld/mysqld.sock
but from within a jailed domain context (like PHP-FPM), using WordPress as an example, it does not. For example, when using (after checking “cat /etc/mysql/my.cnf | grep socket”):
causing errors; which standard forum posts solve by replacing the localhost (that defaults to using the socket as per https://dev.mysql.com/doc/refman/8.4/en/server-system-variables.html) to a domain or (local) IP address or to redo “GRANT ALL PRIVILEGES ON” or running “mariadb-upgrade” (which generally is not the problem).
Judging by the number of Google results and forum posts about “Warning: mysqli_real_connect(): (HY000/2002): No such file or directory in /wp-includes/class-wpdb.php”, I recon that allowing socket connections to work by default will make life easier (and better) for a lot of people.
Note: I have not tried this on the most recent VirtualMin version with a fresh install (on Debian). But my setups were installed last year and upgraded to the most recent versions.
PS: This article nicely lists the benefits of allowing this:
You need to change from using “localhost” to using “127.0.0.1” when using a “jailed” environment by default as it does not have access to the “hosts” file by default. This has been discussed many times within the forums.
I know what the solution is, and “::1” is even shorter & better vs “127.0.0.1”. My point is that it (being via the TCP stack) is slower and causes problems for many people (as you also just confirmed). Therefore, better if we support socket-based connections (also, in the same way, it will help with other programs like postfix).
PS: hosts file access is not needed (that is what DNS is for, from the perspective of the virtual servers) and would not solve it.
If the socket is not in the jail (and it wouldn’t be), of course it doesn’t work. A UNIX socket is a file (kind of), and the chroot makes the file unreachable to the user.
I believe you could bind mount the socket path into the chroot, though I’ve never tested.
But, also, have you actually tested this? The performance difference can’t possibly be all that big (I mean, I don’t know how big, I haven’t tested, but my gut says, “barely anything”). I wouldn’t consider it a necessary thing unless you really have a performance critical app running at the edge of what your systems are capable of. Otherwise, you won’t notice a difference.
There are good reasons to prefer sockets (for many services, not just databases), but if you’re using chroot jails, you probably should just stick with network connections, as it’s a lot easier to manage. And, performance is not really one of the reasons, though at the edges, sockets are more performant.
