[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Squeeze, MySQL and hosts.allow and hosts.deny ignored

On Tue, 10 Jul 2012 18:09:42 +0200, Zdenek Herman wrote:

> On Mon, 09 Jul 2012 20:11:10 +0200, Zdenek Herman wrote: (please, reply
> at the bottom)
>>> Dne 9.7.2012 16:52, Camaleón napsal(a):


>> I don't know why does not work for you. Take a look into this article
>> that shows a few samples for using mysql with tcp wrappers:
>> http://www.unixmen.com/securing-services-with-tcp-wrappers/
>> And also read the manual ("man hosts_options"), maybe we are omitting
>> something obvious...
>> Greetings,
> I found part of problem. If I use localhost can connect, if
> all is ok.
> If I connect from remote first is checked client in mysql grant and
> after in tcp wrappers.
> Conslusion for me is that mysql doesn't support tcp wrappers correctly
> (first check by wrapper then authentization by service).


> root@mon:~# mysql -h localhost -p


Ah, how curious... It seems to be documented here:

4.2.2. Connecting to the MySQL Server

"(...) On Unix, MySQL programs treat the host name localhost specially, 
in a way that is likely different from what you expect compared to other 
network-based programs. For connections to localhost, MySQL programs 
attempt to connect to the local server by using a Unix socket file. This 
occurs even if a --port or -P option is given to specify a port number. 
To ensure that the client makes a TCP/IP connection to the local server, 
use --host or -h to specify a host name value of, or the IP 
address or name of the local server. You can also specify the connection 
protocol explicitly, even for localhost, by using the --protocol=TCP 
option. For example: 

shell> mysql --host=
shell> mysql --protocol=TCP




Reply to: