mysql一般来讲有3种安装方法,分别是编译安装,二进制安装,rpm安装。其中编译安装另外有文章说明mysql编译安装全过程,本文就只介绍二进制安装和rpm安装
一、二进制安装
二进制安装,即从官网下载二进制包安装。数据库专家姜承尧比较建议使用这种方式,因为可以在服务器上安装多实例。
- 进入官网。下载链接
-
选择合适的版本。二进制安装包在operating system 下拉框选择linux generic
版本选择界面
- 下载 Compressed TAR Archive即可,一般选择64bit。test suite可以下载也可以不下载。
二进制包是单纯的程序文件,如果想要让mysql运行起来,则还需要初始化。
初始化步骤
- 添加mysql用户和用户组
# groupadd mysql
# useradd -r -g mysql mysql
- mysql数据目录初始化
# mkdir /data/mysql/data
# chown -R mysql:mysql /data/mysql0817/data
# ./mysqld --defaults-file=/etc/my.cnf --initialize --user=mysql datadir=/data/mysql/data
其中,datadir是可选的,但最好指定。当然这些参数都可以写在my.cnf里。
如果想了解mysql在初始化的过程中做了哪些事情请参考mysql初始化详细过程
修改密码
MySQL5.7以后的版本,安装成功之后不支持默认的无密码登录,所以要登录和查询的话,需要修改密码。具体过程参考MySQL修改密码
如果不想这么麻烦,mysql提供了一种兼容的方式,可以在初始化的时候使用--initialize-insecure参数,这样mysql初始化后的行为与之前一样了。
安全加固
可以有两种方法,一种是mysql_secure_installation程序按步骤执行,一种是手工进入mysql中对表做操作
- 使用mysql_secure_installation一步步执行即可
# ./mysql_secure_installation -S /data/mysql8017/datadir/mysql.sock
Securing the MySQL server deployment.
Connecting to MySQL using a blank password.
VALIDATE PASSWORD COMPONENT can be used to test passwords
and improve security. It checks the strength of password
and allows the users to set only those passwords which are
secure enough. Would you like to setup VALIDATE PASSWORD component?
Press y|Y for Yes, any other key for No: Y
There are three levels of password validation policy:
LOW Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters and dictionary file
Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 0
Please set the password for root here.
New password:
Re-enter new password:
Estimated strength of the password: 50
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : n
New password:
Re-enter new password:
Estimated strength of the password: 25
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : Y
... Failed! Error: Your password does not satisfy the current policy requirements
New password:
Re-enter new password:
Estimated strength of the password: 50
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : Y
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.
Remove anonymous users? (Press y|Y for Yes, any other key for No) : Y
Success.
Normally, root should only be allowed to connect from
'localhost'. This ensures that someone cannot guess at
the root password from the network.
Disallow root login remotely? (Press y|Y for Yes, any other key for No) : n
... skipping.
By default, MySQL comes with a database named 'test' that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.
Remove test database and access to it? (Press y|Y for Yes, any other key for No) : Y
- Dropping test database...
Success.
- Removing privileges on test database...
Success.
Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.
Reload privilege tables now? (Press y|Y for Yes, any other key for No) : Y
Success.
All done!
可以看到mysql_secure_installation做了如下几步:
- 是否需要验证密码
既然是安全加固,肯定选Y - 设置密码
密码强度有3种,low 、media和high,长度要求都必须大于8.并且设置密码的时候,还会评估密码得分 - 删除匿名用户
- 是否禁止(disallow)root远程登录
这个一般是不允许的,但为了操作方便,此处选了n - 是否删除测试数据库test
在mysql中,test库对任意用户都有管理员权限,因此,线上数据库不要用test。为了安全,这个test库需要被删除 - 是否重新加载privilege权限表让修改生效
- 手工修改,不用mysql_secure_installation
一般需要做如下操作: 删除非root或非localhost用户并修改root密码。
如果是5.7以前
delete from mysql.user where user !="root" or host !="localhost";
如果是5.7以后或者8
delete from mysql.user where user not in ("mysql.sys","mysql.session","mysqlxsys","mysql.infoschema") or host not in ("localhost");
删除test库
drop database test;
清理mysql.db表
truncate mysql.db
二、rpm安装
由于yum安装一般都是从yum库中安装mariadb,不提供oracle的官方mysql包了。所以我们必须从oracle的mysql官网上下载rpm包。
rpm下载
一般选择rpm bundle,因为包含了除了mysql server之外所需的支持包,然后使用rpm命令安装即可。
同样的,使用rpm安装之后,也是需要初始化的。但这个初始化比二进制稍微简单一点
service mysqld start
这个命令本来是启动mysql的服务器的,但如果是第一次使用,则会先初始化,然后再启动。
网友评论