Uploaded image for project: 'MariaDB Connector/C'
  1. MariaDB Connector/C
  2. CONC-651

Support systemd directive OpenFile= when connecting to a Unix socket



    • Task
    • Status: Closed (View Workflow)
    • Minor
    • Resolution: Duplicate
    • 3.3.5
    • N/A
    • API
    • None
    • Fedora 38


      When connecting to a Unix socket, instead of providing a file path it would be nice
      if Mariadb would support using an inherited file descriptor from the parent process.
      Systemd can connect to a Unix socket and then let the started program (as defined by ExecStart= in the service unit) inherit this file descriptor. This improves security because
      the process running MariaDB Connector/C does not need file access permission to the Unix socket.

      The systemd directive OpenFile= was introduced in systemd 253
      (released February 2023).

      Man page:

      There is some example code at
      about how to use MariaDB Connector/C to connect to MariaDB database products.

      Here I replaced _ NULL_ with "/some/path"

      // Connect to the database
      if (!mysql_real_connect(
      conn, // Connection
      "example.skysql.net", // Host
      "db_user", // User account
      "db_user_password", // User password
      "test", // Default database
      5009, // Port number
      "/some/path", // Path to socket file
      0 // Additional options

      Instead of specifying a path to the Unix socket there should be a way to specify the file descriptor name myfdname that was set in the systemd service unit


      I don't know how to best introduce OpenFile= support in the API,
      but just as an example there could be a new function

      // Connect to the database
      if (!mysql_real_connect_with_OpenFile(
      conn, // Connection
      "example.skysql.net", // Host
      "db_user", // User account
      "db_user_password", // User password
      "test", // Default database
      "myfdname", // OpenFile fdname
      0 // Additional options

      The file descriptor name is set by systemd in the environment variable LISTEN_FDNAMES (see https://www.freedesktop.org/software/systemd/man/sd_listen_fds.html).

      A side-note: OpenFile= also supports opening normal files. If MariaDB Connector/C has a need to open files, such files could be passed to MariaDB Connector/C as file descriptors with OpenFile=




            georg Georg Richter
            eriksjolund Erik Sjölund
            0 Vote for this issue
            2 Start watching this issue



              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.