时间:2020.07.08
环境:Centos7.8
目的:安装和配置MySQL8.0
说明:
作者:Zhong QQ交流群:121160124 欢迎加入!
下载MySQLYum Repository
Download the MySQL Yum Repository
wget https://repo.mysql.com//mysql80-community-release-el7-3.noarch.rpm
Adding the MySQL Yum Repository
yum localinstall https://repo.mysql.com//mysql80-community-release-el7-3.noarch.rpm -y
查看启用的版本
yum repolist all | grep mysql
yum repolist enabled | grep "mysql.*-community.*"
yum repolist enabled | grep mysql
Disabling the Default MySQL Module (EL8 systems only)
sudo yum module disable mysql
安装MySQL
Installing MySQL
sudo yum install mysql-community-server -y
Starting the MySQL Server
sudo service mysqld start
查看状态
service mysqld status
查看MySQL生成的临时密码
grep 'temporary password' /var/log/mysqld.log
使用临时密码登录
mysql -uroot -p
修改root密码
ALTER USER 'root'@'localhost' IDENTIFIED BY '123@CSDN.com'; #密码要符合安全策略否则不生效
修改完成之后新密码生效后面使用新密码登录即可 临时密码将失效
创建普通用户 配置远程可连接
mysql -uroot -p #登录root账户
use mysql #选择mysql数据库
create user zhong__ identified by 'abc@123'; #创建用户zhong__ 密码为abc@123
grant all on *.* to 'zhong__'@'%'; # 授权zhong__用户所有数据库的权限 可远程连接
flush privileges; #刷新权限使生效
MySQL安全加固
禁用symbolic-links选项
描述
禁用符号链接以防止各种安全风险
检查提示
--
加固建议
编辑Mysql配置文件/etc/my.cnf,在mysqld 段落中配置symbolic-links=0,5.6及以上版本应该配置为skip_symbolic_links=yes,并重启mysql服务。
操作时建议做好记录或备份
配置log-error选项
描述
启用错误日志可以提高检测针对mysql和其他关键消息的恶意尝试的能力,例如,如果错误日志未启用,则连接错误可能会被忽略。
检查提示
--
加固建议
编辑Mysql配置文件/etc/my.cnf,在mysqld_safe 段落中配置log-error参数,<log_path>代表存放日志文件路径,如:/var/log/mysqld.log,并重启mysql服务:
log-error=<log_path>
操作时建议做好记录或备份
修改默认3306端口
描述
避免使用熟知的端口,降低被初级扫描的风险
检查提示
--
加固建议
编辑/etc/my.cnf文件,mysqld 段落中配置新的端口参数,并重启mysql服务:
port=3506
操作时建议做好记录或备份
删除test数据库
如果存在test数据库
修改后的/etc/my.cnf文件内容应如下所示配置
# For advice on how to change settings please see
# http://dev.mysql.com/doc/refman/8.0/en/server-configuration-defaults.html
[mysqld]
#
# Remove leading # and set to the amount of RAM for the most important data
# cache in MySQL. Start at 70% of total RAM for dedicated server, else 10%.
# innodb_buffer_pool_size = 128M
#
# Remove the leading "# " to disable binary logging
# Binary logging captures changes between backups and is enabled by
# default. It's default setting is log_bin=binlog
# disable_log_bin
#
# Remove leading # to set options mainly useful for reporting servers.
# The server defaults are faster for transactions and fast SELECTs.
# Adjust sizes as needed, experiment to find the optimal values.
# join_buffer_size = 128M
# sort_buffer_size = 2M
# read_rnd_buffer_size = 2M
#
# Remove leading # to revert to previous value for default_authentication_plugin,
# this will increase compatibility with older clients. For background, see:
# https://dev.mysql.com/doc/refman/8.0/en/server-system-variables.html#sysvar_default_authentication_plugin
# default-authentication-plugin=mysql_native_password
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
# mysql security
symbolic-links=0
skip_symbolic_links=yes
port=3506
[mysqld_safe]
log-error=/var/log/mysqld.log
重启MySQL生效
service mysqld restart
配置防火墙或云服务器安全组策略
开放端口使其可以远程连接 ...
远程连接和测试
使用数据库工具或程序测试是否可连接 ...
完成安装和配置 其它如有需要按需配置
Update
2023.03.14更新
如果提示失效 需要更新
下载rpm文件 如centos7系统可选择 Red Hat Enterprise Linux 7 / Oracle Linux 7 (Architecture Independent), RPM Package
MySQL :: Download MySQL Yum Repository
安装rpm文件
如centos7系统可选择 For an EL7-based system 选项 直接安装rpm文件
sudo yum install mysql80-community-release-el7-{version-number}.noarch.rpm
Note
MySQL8.0版本和5.0版本其中一个比较明显的区别就是数据库默认字符集和排序规则不同 在不同版本之间备份还原数据库数据时要注意 例如备份8.0版本数据库数据如果字符集为utf8mb4 还原到5.7版本如果手动建立的数据库字符集为utf8的话 大概率会报错的 可以在备份、还原数据前首先确认好字符集一致