Re: Squeeze, MySQL and hosts.allow and hosts.deny ignored
On Tue, 10 Jul 2012 18:09:42 +0200, Zdenek Herman wrote:
> On Mon, 09 Jul 2012 20:11:10 +0200, Zdenek Herman wrote: (please, reply
> at the bottom)
>>> Dne 9.7.2012 16:52, Camaleón napsal(a):
(...)
>> I don't know why does not work for you. Take a look into this article
>> that shows a few samples for using mysql with tcp wrappers:
>>
>> http://www.unixmen.com/securing-services-with-tcp-wrappers/
>>
>> And also read the manual ("man hosts_options"), maybe we are omitting
>> something obvious...
>>
>> Greetings,
>>
>>
> I found part of problem. If I use localhost can connect, if 127.0.0.1
> all is ok.
> If I connect from remote first is checked client in mysql grant and
> after in tcp wrappers.
> Conslusion for me is that mysql doesn't support tcp wrappers correctly
> (first check by wrapper then authentization by service).
(...)
> root@mon:~# mysql -h localhost -p
(...)
Ah, how curious... It seems to be documented here:
4.2.2. Connecting to the MySQL Server
http://dev.mysql.com/doc/refman/5.6/en/connecting.html
"(...) On Unix, MySQL programs treat the host name localhost specially,
in a way that is likely different from what you expect compared to other
network-based programs. For connections to localhost, MySQL programs
attempt to connect to the local server by using a Unix socket file. This
occurs even if a --port or -P option is given to specify a port number.
To ensure that the client makes a TCP/IP connection to the local server,
use --host or -h to specify a host name value of 127.0.0.1, or the IP
address or name of the local server. You can also specify the connection
protocol explicitly, even for localhost, by using the --protocol=TCP
option. For example:
shell> mysql --host=127.0.0.1
shell> mysql --protocol=TCP
(...)"
Greetings,
--
Camaleón
Reply to: