-
Notifications
You must be signed in to change notification settings - Fork 5.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
*: Change default for unix socket #28486
Conversation
[REVIEW NOTIFICATION] This pull request has been approved by:
To complete the pull request process, please ask the reviewers in the list to review by filling The full list of commands accepted by this bot can be found here. Reviewer can indicate their review by submitting an approval review. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- I think this is fine since tidb using unix socket cannot restart if after SIGKILL #26058 is fixed. If this PR needs to be backported to any versions than that PR should be as well.
- We could consider using the same default as MySQL:
/tmp/mysql.sock
. This would make it easier to connect with a standard MySQL client. However different distributions may override it (On Fedora it is in/var/lib/mysql/mysql.sock
). Personally, I don't think we should do this. - This needs documentation updates:
- The default for the
socket
variable - How to connect over a UNIX socket with
mysql -S /tmp/tidb.sock
(optional) - How to connect over a UNIX socket with
mysqlsh mysql://root@(/tmp/tidb.sock)/
(optional)
- The default for the
I added the label compatibility-breaker, because I have no intention to cherry pick.
I actually deliberately avoided it, similar to how we don't use the MySQL Port. I'm worried some users will want to have both installed and get confused. If we ever aim for OS distros, they tend not to like this either.
Yes |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
/merge |
/merge |
/merge hold |
/merge cancel |
This looks to be blocked on an approving reviewer. Canceling merge so it doesn't block other PRs. |
/merge |
This pull request has been accepted and is ready to merge. Commit hash: a7305c0
|
The
Looks like this is easy to fix:
|
Thanks! I'll fix it. |
What problem does this PR solve?
Issue Number: close #28484
Problem Summary:
In #28482 it is proposed that the security be improved by using AuthSocket.
This only makes sense when socket listening is enabled by default.
What is changed and how it works?
What's Changed:
As well as listening on
TCP:4000
, the tidb-server now listens on a unix socket at/tmp/tidb.sock
by default.Check List
Tests
We actually have great existing tests for this (checking if the config file differs by defaults, and socket listening in the server package).
Side effects
Documentation
Release note