安装环境:CentOS7 64位 MINI版,安装MySQL5.7
1、配置YUM源
在MySQL官网中下载YUM源rpm安装包:http://dev.mysql.com/downloads/repo/yum/
-
# 下载mysql源安装包
-
shell> wget http://dev.mysql.com/get/mysql57-community-release-el7-8.noarch.rpm
-
# 安装mysql源
-
shell> yum localinstall mysql57-community-release-el7-8.noarch.rpm
检查mysql源是否安装成功
shell> yum repolist enabled | grep "mysql.*-community.*"
看到上图所示表示安装成功。
可以修改vim /etc/yum.repos.d/mysql-community.repo
源,改变默认安装的mysql版本。比如要安装5.6版本,将5.7源的enabled=1改成enabled=0。然后再将5.6源的enabled=0改成enabled=1即可。改完之后的效果如下所示:
2、安装MySQL
shell> yum install mysql-community-server
3、启动MySQL服务
shell> systemctl start mysqld
查看MySQL的启动状态
-
shell> systemctl status mysqld
-
● mysqld.service - MySQL Server
-
Loaded: loaded (/usr/lib/systemd/system/mysqld.service; disabled; vendor preset: disabled)
-
Active: active (running) since 五 2016-06-24 04:37:37 CST; 35min ago
-
Main PID: 2888 (mysqld)
-
CGroup: /system.slice/mysqld.service
-
└─2888 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid
-
6月 24 04:37:36 localhost.localdomain systemd[1]: Starting MySQL Server...
-
6月 24 04:37:37 localhost.localdomain systemd[1]: Started MySQL Server.
4、开机启动
-
shell> systemctl enable mysqld
-
shell> systemctl daemon-reload
5、修改root本地登录密码
mysql安装完成之后,在/var/log/mysqld.log文件中给root生成了一个默认密码。通过下面的方式找到root默认密码,然后登录mysql进行修改:
shell> grep 'temporary password' /var/log/mysqld.log
-
shell> mysql -uroot -p
-
mysql> ALTER USER 'root'@'localhost' IDENTIFIED BY 'MyNewPass4!';
或者
mysql> set password for 'root'@'localhost'=password('MyNewPass4!');
注意:mysql5.7默认安装了密码安全检查插件(validate_password),默认密码检查策略要求密码必须包含:大小写字母、数字和特殊符号,并且长度不能少于8位。否则会提示ERROR 1819 (HY000): Your password does not satisfy the current policy requirements错误,如下图所示:
通过msyql环境变量可以查看密码策略的相关信息:
mysql> show variables like '%password%';
validate_password_policy:密码策略,默认为MEDIUM策略
validate_password_dictionary_file:密码策略文件,策略为STRONG才需要
validate_password_length:密码最少长度
validate_password_mixed_case_count:大小写字符长度,至少1个
validate_password_number_count :数字至少1个
validate_password_special_char_count:特殊字符至少1个
上述参数是默认策略MEDIUM的密码检查规则。
共有以下几种密码策略:
策略 | 检查规则 |
---|---|
0 or LOW | Length |
1 or MEDIUM | Length; numeric, lowercase/uppercase, and special characters |
2 or STRONG | Length; numeric, lowercase/uppercase, and special characters; dictionary file |
MySQL官网密码策略详细说明:http://dev.mysql.com/doc/refman/5.7/en/validate-password-options-variables.html#sysvar_validate_password_policy
【解决】
1) 查看mysql全局参数配置
该问题其实与mysql的validate_password_policy的值有关。
查看一下msyql密码相关的几个全局参数:
[sql] view plain copy
- mysql> select @@validate_password_policy;
- +----------------------------+
- | @@validate_password_policy |
- +----------------------------+
- | MEDIUM |
- +----------------------------+
- 1 row in set (0.00 sec)
- mysql> SHOW VARIABLES LIKE 'validate_password%';
- +--------------------------------------+--------+
- | Variable_name | Value |
- +--------------------------------------+--------+
- | validate_password_dictionary_file | |
- | validate_password_length | 8 |
- | validate_password_mixed_case_count | 1 |
- | validate_password_number_count | 1 |
- | validate_password_policy | MEDIUM |
- | validate_password_special_char_count | 1 |
- +--------------------------------------+--------+
- 6 rows in set (0.08 sec)
2)参数解释
validate_password_dictionary_file
插件用于验证密码强度的字典文件路径。
validate_password_length
密码最小长度,参数默认为8,它有最小值的限制,最小值为:validate_password_number_count + validate_password_special_char_count + (2 * validate_password_mixed_case_count)
validate_password_mixed_case_count
密码至少要包含的小写字母个数和大写字母个数。
validate_password_number_count
密码至少要包含的数字个数。
validate_password_policy
密码强度检查等级,0/LOW、1/MEDIUM、2/STRONG。有以下取值:
Policy Tests Performed
0 or LOW Length
1 or MEDIUM Length; numeric, lowercase/uppercase, and special characters
2 or STRONG Length; numeric, lowercase/uppercase, and special characters; dictionary file
默认是1,即MEDIUM,所以刚开始设置的密码必须符合长度,且必须含有数字,小写或大写字母,特殊字符。
validate_password_special_char_count
密码至少要包含的特殊字符数。
3)修改mysql参数配置
[sql] view plain copy
- mysql> set global validate_password_policy=0;
- Query OK, 0 rows affected (0.05 sec)
- mysql>
- mysql>
- mysql> set global validate_password_mixed_case_count=0;
- Query OK, 0 rows affected (0.00 sec)
- mysql> set global validate_password_number_count=3;
- Query OK, 0 rows affected (0.00 sec)
- mysql> set global validate_password_special_char_count=0;
- Query OK, 0 rows affected (0.00 sec)
- mysql> set global validate_password_length=3;
- Query OK, 0 rows affected (0.00 sec)
- mysql> SHOW VARIABLES LIKE 'validate_password%';
- +--------------------------------------+-------+
- | Variable_name | Value |
- +--------------------------------------+-------+
- | validate_password_dictionary_file | |
- | validate_password_length | 3 |
- | validate_password_mixed_case_count | 0 |
- | validate_password_number_count | 3 |
- | validate_password_policy | LOW |
- | validate_password_special_char_count | 0 |
- +--------------------------------------+-------+
- 6 rows in set (0.00 sec)
4)修改简单密码:
[sql] view plain copy
- mysql> SET PASSWORD FOR 'root'@'localhost' = PASSWORD('123');
- Query OK, 0 rows affected, 1 warning (0.00 sec)
6、添加远程登录用户
1)、新建用户远程连接mysql数据库
grant all on *.* to admin@'%' identified by '123456' with grant option;
flush privileges;
允许任何ip地址(%表示允许任何ip地址)的电脑用admin帐户和密码(123456)来访问这个mysql server。
注意admin账户不一定要存在。
2)、支持root用户允许远程连接mysql数据库
grant all privileges on *.* to 'root'@'%' identified by '123456' with grant option;
flush privileges;
7、配置默认编码为utf8
修改/etc/my.cnf配置文件,在[mysqld]下添加编码配置,如下所示:
-
[mysqld]
-
character_set_server=utf8
-
init_connect='SET NAMES utf8'
重新启动mysql服务,查看数据库默认编码如下所示:
默认配置文件路径:
配置文件:/etc/my.cnf
日志文件:/var/log/var/log/mysqld.log
服务启动脚本:/usr/lib/systemd/system/mysqld.service
socket文件:/var/run/mysqld/mysqld.pid
8、开启永久开放mysql端口号
1)执行firewall-cmd --permanent --zone=public --add-port=3306/tcp,提示FirewallD is not running,如下图所示。
2)通过systemctl status firewalld查看firewalld状态,发现当前是dead状态,即防火墙未开启。
3)通过systemctl start firewalld开启防火墙,没有任何提示即开启成功。
4)再次通过systemctl status firewalld查看firewalld状态,显示running即已开启了。
5)如果要关闭防火墙设置,可能通过 stop firewalld这条指令来关闭该功能。
6)再次执行执行firewall-cmd --permanent --zone=public --add-port=3306/tcp,提示success,表示设置成功,这样就可以继续后面的设置了。
7 )systemctl daemon-reload 重启防火墙