关闭 MySQL 服务端的 TCP 端口，只允许本地 unix sock 连接

安全风险，限制网络网络，只允许本机访问

How to properly close MySQL port 3306 from outer networks

To close port #3306 from outside networks add this to /etc/my.cnf' under the [mysqld] section:

skip-networking

then run 'service mysqld restart' and then 'netstat -tln' to see if the port comes up in the list of open ports:

root@my:/var/named#
netstat -tln
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:995 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:13769 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN
tcp 0 0 66.43.70.100:53 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN
tcp 0 0 :::993 :::* LISTEN
tcp 0 0 :::995 :::* LISTEN
tcp 0 0 :::110 :::* LISTEN
tcp 0 0 ::ffff:127.0.0.1:8079 :::* LISTEN
tcp 0 0 :::143 :::* LISTEN
tcp 0 0 :::19759 :::* LISTEN
tcp 0 0 :::80 :::* LISTEN
tcp 0 0 :::53 :::* LISTEN
tcp 0 0 :::8983 :::* LISTEN
tcp 0 0 ::1:953 :::* LISTEN
tcp 0 0 :::25 :::* LISTEN
tcp 0 0 :::443 :::* LISTEN

驱动

Go 语言驱动

root:pw@unix(/tmp/mysql.sock)/myDatabase?loc=Local

Java 驱动

stackoverflow 商业网/questions/25918416/jdbc-mysql-connection-using-unix-socket

You simply cannot do this: the MySQL JDBC driver only supports TCP/IP and - on Windows - named pipes to connect to the database. Therefor specifying --skip-networking will not allow you to use JDBC MySQL Connector/J at all.

See also lists.mysql 商业网/java/8749:

Java itself doesn't support unix domain sockets, but since you're on windows, you can use named pipes, [..]

The dead-link in the above post is now dev.mysql 商业网/doc/connector-j/en/connector-j-reference-configuration-properties.html

If you want to use UNIX sockets with the Mysql JDBC Connector/J you need to provide a socketFactory( dev.mysql 商业网/doc/connector-j/en/connector-j-reference-configuration-properties.html).

jdbc:mysql:///?user=test&password=test&socketFactory=<classname>&<socket>=/tmp/mysql.sock

So this will vary with the implementation you use. By default, Mysql does not ship with any implementation for that, just provides an example for such a factory in it's source-code.

There is an existing UNIX socket Java library named kohlschutter/junixsocket( github /kohlschutter/junixsocket) which also has such a socketFactory class implementation. An example is outlined in Connecting to a MySQL database via Unix Domain Sockets( code.google 商业网/p/junixsocket/wiki/ConnectingToMySQL) which is part of their documentation.

You can find more Java UNIX socket library alternatives in related Q&A material:

UNIX socket implementation for Java?( stackoverflow 商业网/q/170600/367456)

Checkout the JUDS( github /mcfunley/juds) library. It is a Java Unix Domain Socket library.

As the original kohlschutter/junixsocket , mentioned in another answer seems to be dead, you can check out its forks.

Especially fiken/junixsocket( github /fiken/junixsocket) looks promising. Its author has added support for connection to PostgreSQL using unix socket via pgjdbc( github /pgjdbc/pgjdbc), for example.