9244http://bugs.mysql.com/bug.php?id=9244VerifiedServer: GeneralProvide better support for chroot=...I'm currently chrooting mysqld via 'chroot=/srv/mysql' in my.cnf. This works fine, but only if I copy some libraries into the chroot: pushd $CHROOT_DIR > /dev/null # for reading etc/passwd and etc/hosts cp /lib/libnss_compat.so.2 lib cp /lib/libnss_files.so.2 lib # needed only when compiled with --with-mysqld-ldflags=-all-static cp /lib/libc.so.6 lib cp /lib/ld* lib (Full chrooting setup available on http://blog.blackdown.de/2005/03/04/chrooting-mysql-on-debian/ ) It would be nice if chrooting worked without copying any libraries into the chroot. Both Apache (via mod_chroot or mod_security) and bind9 manage to change the user in the chroot without having any libraries and /etc/passwd in the chroot. It shouldn't be hard to implement this for mysqld.cc too, just do all user lookup stuff (ie. getpwuid(3), getpwnam(3), ...) before calling chroot(2) (currently it's the other way round). src/mysqld.cc is a huge file and I probably don't know enough about the code flow, so this change should be implemented by someone more competent. 260315111104743511968809434.1.10aLinux (Debian Linux)AnyS4 (Feature request)