# sudo mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none):
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
Set root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] y
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] n
... skipping.
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] y
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] y
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!# systemctl start mariadb# systemctl enable mariadb
为FreeRADIUS创建数据库和用户
设置mysql root用户信息
# 初始化数据库sudo mysql_secure_installation
## Enter current password for root (enter for none): 输入管理员原始密码,默认为空值,直接回车即可## Switch to unix_socket authentication [Y/n]: 切换到 unix_socket 身份验证,输入N## Set root password? [Y/n] y(设置管理员密码)
输入两次要设置的数据库root密码
## Remove anonymous users? [Y/n] y(是否删除匿名账户)## Disallow root login remotely? [Y/n] n(是否禁止管理员从远程登录)## Remove test database and access to it? [Y/n] y(删除测试数据库及其访问权限)## Reload privilege tables now? [Y/n] y(刷新授权表,让初始化后的设定立即生效)# 设置开机自启且现在启动
systemctl enable--now mariadb
systemctl enable mariadb
利用root用户添加radius用户及其密码
# 登录数据库
mysql -u root -p# 检查数据库版本
MariaDB [(none)]> SELECT VERSION();# 创建数据库和用户## 创建数据库radius
CREATE database radius;# 创建数据库用户:radius/radius123## 先用root登陆数据库
mysql -u root -p## 创建数据库用户radius,设置密码为radius123
MariaDB [(none)]> CREATE USER radius@localhost IDENTIFIED BY 'radius123';# 查看用户radius是否创建成功## 进入mysql库
MariaDB [(none)]> use mysql;## 查看radius用户
SELECT HOST,USER,PASSWORD FROM user WHERE USER="radius";## radius用户已经创建完成了,但是没有任何的数据库权限# 为radius用户授权# 登陆root
mysql -u root -p# 进入mysql库
use mysql;# 对数据库进行授权## 授予radius用户权限 create创建,select查询,update修改,delete删除,insert插入,@localhost 仅允许从本地登陆
GRANT CREATE,SELECT,UPDATE,DELETE,INSERT ON radius.* TO radius@localhost identified by 'radius123';## 刷新权限
flush privileges;# 查看radius的权限
show GRANTS FOR 'radius'@'localhost';
1134
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
