admin · 7月13日 · 2020年
1.yum安装
wget -i -c http://dev.mysql.com/get/mysql57-community-release-el7-10.noarch.rpm
yum -y install mysql57-community-release-el7-10.noarch.rpm
yum -y install mysql-community-server
#查看安装的随机密码
grep "password" /var/log/mysqld.log
#安全初始化
mysql_secure_installation
Enter current password for root (enter for none): //enter
Set root password? [Y/n] //是否设置root用户密码
Remove anonymous users? [Y/n] //是否删除匿名用户
Disallow root login remotely? [Y/n] //是否禁止root远程登录
Remove test database and access to it? [Y/n] //是否删除test数据库
Reload privilege tables now? [Y/n] //是否重新加载权限表
2.二进制安装
#以5.2.0版本为例
mkdir -p /software
wget -O /software/mysql.tar.gz https://downloads.mysql.com/archives/get/p/23/file/mysql-5.7.20-linux-glibc2.12-x86_64.tar.gz
cd /software
tar xzf mysql.tar.gz
mkdir -p /var/run/mysqld
chown mysql.mysql /var/run/mysqld
mkdir -p /var/log/mysql
chown mysql.mysql /var/log/mysql
chown -R /software/mysql
cat > /etc/systemd/system/multi-user.target.wants/mysqld.service <<EOF
[Unit]
Description=MySQL Server
Documentation=man:mysqld(8)
Documentation=http://dev.mysql.com/doc/refman/en/using-systemd.html
After=network.target
After=syslog.target
[Install]
WantedBy=multi-user.target
[Service]
User=mysql
Group=mysql
ExecStart=/software/mysql/bin/mysqld --defaults-file=/etc/my.cnf
LimitNOFILE = 5000
EOF
cat > /etc/my.cnf<<EOF
[mysql]
socket=/tmp/mysql.sock
[mysqld]
user=mysql
basedir=/software/mysql
datadir=/software/mysql/data
socket=/tmp/mysql.sock
symbolic-links=0
log-error=/var/log/mysql/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
EOF
#建库
mysqld --initialize --user=mysql --basedir=/software/mysql --datadir=/software/mysql/data
#查看随机密码
grep 'password' /var/log/mysql/mysqld.log
PASSWD=`grep 'password' /var/log/mysql/mysqld.log |awk -F : '{print $4}' | sed 's|\ ||g'`
mysql -uroot -p$PASSWD
#设置root密码
alter user 'root'@'localhost' identified by '12345678';
3.找回密码及设置密码策略
#忘记密码找回
echo "skip-grant-tables" >> /etc/my.cnf
systemctl restart mysqld.service
#查看密码复杂度要求
show variables like 'validate_password%';
#策略等级 #检查规则
0 or LOW Length
1 or MEDIUM Length; numeric, lowercase/uppercase, and special characters
2 or STRONG Length; numeric, lowercase/uppercase, and special characters; dictionary file
-- 密码验证策略低要求(0或LOW代表低级)
set global validate_password_policy=0;
-- 密码至少要包含的小写字母个数和大写字母个数
set global validate_password.mixed_case_count=0;
-- 密码至少要包含的数字个数。
set global validate_password.number_count=0;
-- 密码至少要包含的特殊字符数
set global validate_password.special_char_count=0;
-- 密码长度
set global validate_password.length=6;
update user set password=password('123456') where user='root';
update user set authentication_string=password('123456') where user='root';
alter user 'root'@'localhost' identified by '123456';
#root账户开启远程登录
grant 权限1,权限2,…权限n on 数据库名称.表名称 to 用户名@用户地址 identified by ‘连接口令’;
select,insert,update,delete,create,drop,index,alter,grant,references,reload,shutdown,process,file等14个权限,可合并为ALL
当数据库名称.表名称被*.*代替,表示赋予用户操作服务器上所有数据库所有表的权限
用户地址可以是localhost,也可以是ip地址、机器名字、域名。也可以用’%'表示从任何地址连接。
GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY 'passwd' WITH GRANT OPTION;
GRANT ALL PRIVILEGES ON *.* TO 'root'@'IP' IDENTIFIED BY 'passwd' WITH GRANT OPTION;
FLUSH PRIVILEGES;