Bug #88667 mysqlrouter creates socket accessible only to mysqlrouter user
Submitted: 27 Nov 2017 17:21 Modified: 9 Jan 2018 20:48
Reporter: Jim Parks Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Router Severity:S2 (Serious)
Version:2.1.4 OS:Linux
Assigned to: CPU Architecture:Any
Tags: mysqlrouter socket

[27 Nov 2017 17:21] Jim Parks 
Description:
When mysqlrouter is configured to use a socket, it creates the socket but by default the socket is accessible only by the mysqlrouter user, at least on RHEL 7.

This means that other users can not actually use the socket to connect unless the permissions are manually changed on the socket.  This could be due to system default umask, but it should not be based on that.  

How to repeat:
Install mysqlrouter RPM on RHEL 7
Add a socket definition to a [routing:xxx] section.
Start mysqlrouter and observe that the socket is writable only by the mysqlrouter user.
Try to connect using socket and observer error (13) -- a permissions error.

Suggested fix:
Set perms so that everyone can use the socket.

Workaround:  Manually set socket permissions after starting mysqlrouter
[9 Jan 2018 20:48] Philip Olson 
Posted by developer:
 
Fixed as of the upcoming MySQL Router 8.0.4 and 2.1.5 releases, and here's the changelog entry:

Configuring MySQL Router with sockets would create a socket that was only
accessible by the MySQL Router user.

Thank you for the bug report.