卸载所有 mariadb 相关组件
(PS: mariadb是一个开源的MySQL实现
与MySQL完全兼容
且由原MySQL作者开发
用法其实也一样
只是大家都习惯了使用MySQL)
yum -y remove mariadb*
安装 MySQL 官方 repo 源
wget https://repo.mysql.com/mysql80-community-release-el7-2.noarch.rpm
rpm -Uvh mysql80-community-release-el7-2.noarch.rpm
我们可以使用以下命令
yum repolist all |grep mysql
##### 此 MySQL 源中包含以下之组件的最新版本:
MySQL 8.0 (GA) (默认启用)
MySQL 5.7 (GA) (默认禁用)
MySQL 5.6 (GA) (默认禁用)
MySQL 5.5 (GA - Red Hat Enterprise Linux and Oracle Linux Only) (默认禁用)
MySQL Cluster 7.6 (GA)
MySQL Cluster 7.5 (GA)
MySQL Workbench
MySQL Fabric
MySQL Router (GA)
MySQL Utilities
MySQL Connector/C++
MySQL Connector/ODBC
MySQL Connector/Python
MySQL Connector/J
MySQL Shell (GA)
来查看当前源的组件启禁用状态
禁用8.0版本 启用5.7版本 强烈不推荐使用5.X的老版本
yum-config-manager --disable mysql80-community
yum-config-manager --enable mysql57-community
安装MySQL 8.0
yum install -y mysql-community-server
启动MySQL 开机自动启动
systemctl start mysqld && systemctl enable mysqld
检查MySQL 状态
systemctl status mysqld
● mysqld.service - MySQL Server
Loaded: loaded (/usr/lib/systemd/system/mysqld.service; enabled; vendor preset: disabled)
Active: active (running) since 二 2020-08-11 04:25:54 UTC; 7s ago
Docs: man:mysqld(8)
http://dev.mysql.com/doc/refman/en/using-systemd.html
Main PID: 3606 (mysqld)
Status: "Server is operational"
CGroup: /system.slice/mysqld.service
└─3606 /usr/sbin/mysqld
8月 11 04:25:48 systemd[1]: Starting MySQL Server...
8月 11 04:25:54 systemd[1]: Started MySQL Server.
PS: Active: 后面 inactive(dead)表示未运行/active(running)表示正在运行中
获取MySQL临时root密码 下一步初始化之用(root@location: 后面就是临时密码)
grep 'temporary password' /var/log/mysqld.log
2019-03-13T08:00:49.135070Z 1 [Note] A temporary password is generated for root@localhost: **fuo7fB>6%fsg**
初始化MySQL(基本可以全yes 这一步会问还要不要修改root密码可以输入no 禁用root远程连接 刷新权限 ...)
mysql_secure_installation
输入 上一步获取的临时root密码 fuo7fB>6%fsg
(请不要复制这个密码
你应该复制上一步命令在你的系统中所显示的那个密码)
输完之后 系统会要求你更改root密码
比如 输入新的复杂密码
6#r#4PC8fgQkjLZCL!m%
以下为可选,生产环境强烈不推荐修改
调整MySQL 默认密码安全策略 默认的实在是太不方便了- -
mysql -uroot -p
输入上一步修改后的密码
mysql> SHOW VARIABLES LIKE 'validate_password%';
+--------------------------------------+--------+
| Variable_name | Value |
+--------------------------------------+--------+
| validate_password_check_user_name | OFF |
| validate_password_dictionary_file | |
| validate_password_length | 8 |
| validate_password_mixed_case_count | 1 |
| validate_password_number_count | 1 |
| validate_password_policy | MEDIUM |
| validate_password_special_char_count | 1 |
+--------------------------------------+--------+
7 rows in set (0.03 sec)
参数解释:
-
validate_password_dictionary_file 指定密码验证的文件路径;
-
validate_password_length 密码最小长度
-
validate_password_mixed_case_count 密码至少要包含的小写字母个数和大写字母个数;
-
validate_password_number_count 密码至少要包含的数字个数
-
validate_password_policy 密码强度检查等级,对应等级为:
- 0/LOW 只检查长度
- 1/MEDIUM 检查长度、数字、大小写、特殊字符
- 2/STRONG 检查长度、数字、大小写、特殊字符字典文件
默认为1
-
validate_password_special_char_count密码至少要包含的特殊字符数
mysql> set global validate_password_policy=0;
Query OK, 0 rows affected (0.00 sec)
确认密码强度 会发现已经降低
mysql> SHOW VARIABLES LIKE 'validate_password%';
+--------------------------------------+-------+
| Variable_name | Value |
+--------------------------------------+-------+
| validate_password_check_user_name | OFF |
| validate_password_dictionary_file | |
| validate_password_length | 8 |
| validate_password_mixed_case_count | 1 |
| validate_password_number_count | 1 |
| validate_password_policy | LOW |
| validate_password_special_char_count | 1 |
+--------------------------------------+-------+
7 rows in set (0.00 sec)
修改最低密码位数 降到6 之前是8
mysql> set global validate_password_length=6;
Query OK, 0 rows affected (0.00 sec)
mysql> SHOW VARIABLES LIKE 'validate_password%';
+--------------------------------------+-------+
| Variable_name | Value |
+--------------------------------------+-------+
| validate_password_check_user_name | OFF |
| validate_password_dictionary_file | |
| validate_password_length | 6 |
| validate_password_mixed_case_count | 1 |
| validate_password_number_count | 1 |
| validate_password_policy | LOW |
| validate_password_special_char_count | 1 |
+--------------------------------------+-------+
7 rows in set (0.00 sec)
创建数据库 test
create database 数据库名;
mysql> create database test;
Query OK, 1 row affected (0.00 sec)
创建一个可通过全部ip访问对所有数据库拥有全部权限的用户blank
(让该用户对所有库有所有的权限)
GRANT 操作权限(all 表示全部权限) ON 数据库名.表名 TO 用户名@'允许访问的域名/ip' IDENTIFIED BY '密码';
(后面的@'%' 表示所有远程IP都可连接
如只拥有test数据库的全部操作权限且只让192.168.1.2的ip可以访问 用户名为blank 密码123456:
GRANT all ON test.* TO blank @'192.168.1.2' IDENTIFIED BY '123456';)
(密码需要满足当前配置的安全策略现在只有6位数要求了:D)
mysql> GRANT all ON *.* TO blank@'%' IDENTIFIED BY '123456';
Query OK, 0 rows affected (0.00 sec)
刷新权限以便MySQL生效
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
查看用户对应权限
mysql> use mysql;
mysql> select host,user,select_priv,insert_priv,update_priv,delete_priv,create_priv,drop_priv,reload_priv,index_priv,alter_priv,show_db_priv from user;
+-----------+---------------+-------------+-------------+-------------+-------------+-------------+-----------+-------------+------------+------------+--------------+
| host | user | select_priv | insert_priv | update_priv | delete_priv | create_priv | drop_priv | reload_priv | index_priv | alter_priv | show_db_priv |
+-----------+---------------+-------------+-------------+-------------+-------------+-------------+-----------+-------------+------------+------------+--------------+
| localhost | root | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y |
| localhost | mysql.session | N | N | N | N | N | N | N | N | N | N |
| localhost | mysql.sys | N | N | N | N | N | N | N | N | N | N |
| % | blank | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y |
| % | root | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y |
+-----------+---------------+-------------+-------------+-------------+-------------+-------------+-----------+-------------+------------+------------+--------------+
5 rows in set (0.01 sec)
可以看到 blank 用户 可通过 所有 ip 访问 db 的 全部权限
退出MySQL命令行
mysql> exit;
Bye
8.0 版本创建账户方法
# 8.0 创建用户
CREATE USER 'blank'@'%' IDENTIFIED BY 'Fb@6ZATPi4r7s^HFAZ6j';
# 8.0 授权
GRANT ALL ON *.* TO 'blank'@'%' WITH GRANT OPTION;
8.0 版本 修改用户密码
# 修改用户密码
ALTER USER 'username'@'%' IDENTIFIED WITH mysql_native_password BY 'password';