Mysql can't create socket in /tmp but everywhere else

paukul asked:

I’ve setup mysql to create its socket in /tmp/mysql.sock via /etc/mysql/my.conf but after restarting mysql server, the socket file doesn’t show up. If I change the socket location to /var/run/mysql/mysql.sock it creates it. Lsof even tells me that the mysql process has a socket open at /tmp/mysql.sock but it’s simply not there.

I guess the console output below describes it best.

λ paukul [~] → ls -al /tmp 
total 12
drwxrwxrwt  8 root   root    220 Nov 13 01:55 .
drwxr-xr-x 18 root   root   4096 Oct 18 16:03 ..
drwxrwxrwt  2 root   root     40 Nov 13 01:54 .font-unix
drwxrwxrwt  2 root   root     40 Nov 13 01:54 .ICE-unix
-rw-------  1 paukul paukul  104 Nov 13 01:55 serverauth.HPR12fsB3
drwx------  3 root   root     60 Nov 13 01:54 systemd-private-23e4ad16efb8basdb2eb23b2073-mysqld.service-aio3pf
drwxrwxrwt  2 root   root     40 Nov 13 01:54 .Test-unix
srwx------  1 root   root      0 Nov 13 01:54 wpa_ctrl_384-1
-r--r--r--  1 root   paukul   11 Nov 13 01:55 .X0-lock
drwxrwxrwt  2 root   root     60 Nov 13 01:55 .X11-unix
drwxrwxrwt  2 root   root     40 Nov 13 01:54 .XIM-unix

λ paukul [~] → ps aux | grep mysqld
mysql      323  0.0  0.6 596380 101712 ?       Ssl  01:54   0:00 /usr/bin/mysqld --pid-file=/run/mysqld/mysqld.pid

λ paukul [~] → sudo lsof -p 323 | grep sock
[sudo] password for paukul: 
mysqld  323 mysql   22u  unix 0xffff88040add4600      0t0  15296 /tmp/mysql.sock type=STREAM

λ paukul [~] → grep socket /etc/mysql/my.cnf 
socket = /tmp/mysql.sock
socket = /tmp/mysql.sock

My answer:


You should not attempt to place anything in /tmp which is meant to be shared between system services.

It will not work, because systemd provides private /tmp directories to most services, which eliminates a large class of potential security vulnerabilities. When you start the service, systemd places the service in a container, changing the /tmp directory that the service sees to, in this case, /tmp/systemd-private-23e4ad16efb8basdb2eb23b2073-mysqld.service-aio3pf/tmp. This directory name is randomly generated each time the service is started.

Sockets meant for interprocess communication should be placed elsewhere, such as in /run (as you already did).


View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.