用户授权 、 完全备份 、 增量备份 、 案例

Top

NSD RDBM1 DAY04

1. 案例1： 用户授权
2. 案例2：root密码
3. 案例3：数据备份与恢复
4. 案例4：binlog日志
5. 案例5：使用binlog日志恢复数据

1 案例1： 用户授权

1.1 问题

• 允许192.168.4.0/24网段主机使用root连接数据库服务器，对所有库和所有表有完全权限、密码为123qqq…A 。
• 添加用户dba007，对所有库和所有表有完全权限、且有授权权限，密码为123qqq…A 客户端为网络中的所有主机。
• 撤销root从本机访问权限，然后恢复。
• 允许任意主机使用webuser用户连接数据库服务器，仅对webdb库有完全权限，密码为123qqq…A 。
• 撤销webuser的权限，使其仅有查询记录权限。

1.2 步骤

实现此案例需要按照如下步骤进行。

步骤一：用户授权

1）允许root从192.168.4.0/24访问，对所有库表有完全权限，密码为123qqq…A

授权之前，从192.168.4.0/24网段的客户机访问时，将会被拒绝：

1. [root@host120 ~]# mysql -u root -p -h 192.168.4.10
2. Enter password:                                 //输入正确的密码
3. ERROR 2003 (HY000): Host '192.168.4.120' is not allowed to connect to this MySQL server

授权操作，此处可设置与从localhost访问时不同的密码：

1. mysql> GRANT all ON *.* TO root@'192.168.4.%' IDENTIFIED BY 'tarena';
2. Query OK, 0 rows affected (0.00 sec)

再次从192.168.4.0/24网段的客户机访问时，输入正确的密码后可登入：

1. [root@host120 ~]# mysql -u root -p -h 192.168.4.10
2. Enter password:
3. Welcome to the MySQL monitor. Commands end with ; or \g.
4. Your MySQL connection id is 20
5. Server version: 5.7.17 MySQL Community Server (GPL)
6.  
7. Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
8.  
9. Oracle is a registered trademark of Oracle Corporation and/or its
10. affiliates. Other names may be trademarks of their respective
11. owners.
12.  
13. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
14.  
15. mysql>

从网络登入后，测试新建一个库、查看所有库：

1. mysql> CREATE DATABASE rootdb;                 //创建新库rootdb
2. Query OK, 1 row affected (0.06 sec)
3.  
4. mysql> SHOW DATABASES;
5. +--------------------+
6. | Database |
7. +--------------------+
8. | information_schema |
9. | home |
10. | mysql |
11. | performance_schema |
12. | rootdb | //新建的rootdb库
13. | sys |
14. | userdb |
15. +--------------------+
16. 7 rows in set (0.01 sec)

2）在Mysql服务器上建立一个管理账号dba007，对所有库完全控制，并赋予其授权的权限新建账号并授权：

1. mysql> GRANT all ON *.* TO dba007@localhost
2. -> IDENTIFIED BY '123qqq…A '
3. -> WITH GRANT OPTION;
4. Query OK, 0 rows affected (0.00 sec)

查看dba007的权限：

1. mysql> SHOW GRANTS FOR dba007@localhost;
2. +-----------------------------------------------------------------------+
3. | Grants for dba007@localhost |
4. +-----------------------------------------------------------------------+
5. | GRANT ALL PRIVILEGES ON *.* TO 'dba007'@'localhost' WITH GRANT OPTION |
6. +-----------------------------------------------------------------------+
7. 1 row in set (0.00 sec)

3）撤销root从本机访问的权限，然后恢复

注意：如果没有事先建立其他管理账号，请不要轻易撤销root用户的本地访问权限，否则恢复起来会比较困难，甚至不得不重装数据库。

撤销root对数据库的操作权限：

1. mysql> REVOKE all ON *.* FROM root@localhost;
2. Query OK, 0 rows affected (0.00 sec)
3. mysql> SHOW GRANTS FOR root@localhost;
4. +--------------------------------------------------------------+
5. | Grants for root@localhost |
6. +--------------------------------------------------------------+
7. | GRANT USAGE ON *.* TO 'root'@'localhost' WITH GRANT OPTION |
8. | GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION |
9. +--------------------------------------------------------------+
10. 2 rows in set (0.00 sec)

验证撤销后的权限效果：

1. mysql> exit                                     //退出当前MySQL连接
2. Bye
3. [root@dbsvr1 ~]# mysql -u root -p                 //重新以root从本地登入
4. Enter password:
5. Welcome to the MySQL monitor. Commands end with ; or \g.
6. Your MySQL connection id is 6
7. Server version: 5.6.15 MySQL Community Server (GPL)
8.  
9. Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
10.  
11. Oracle is a registered trademark of Oracle Corporation and/or its
12. affiliates. Other names may be trademarks of their respective
13. owners.
14.  
15. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
16.  
17. mysql> CREATE DATABASE newdb2014;                 //尝试新建库失败
18. ERROR 1044 (42000): Access denied for user 'root'@'localhost' to database 'newdb2014'
19. mysql> DROP DATABASE rootdb;                         //尝试删除库失败
20. ERROR 1044 (42000): Access denied for user 'root'@'localhost' to database 'rootdb'

尝试以当前的root用户恢复权限，也会失败（无权更新授权表）：

1. mysql> GRANT all ON *.* TO root@localhost IDENTIFIED BY '1234567';
2. ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)

怎么办呢？

退出当前MySQL连接，以上一步添加的管理账号dba007登入：

1. mysql> exit                                         //退出当前MySQL连接
2. Bye
3. [root@dbsvr1 ~]# mysql -u dba007 -p                 //以另一个管理账号登入
4. Enter password:
5. Welcome to the MySQL monitor. Commands end with ; or \g.
6. Your MySQL connection id is 24
7. Server version: 5.7.17 MySQL Community Server (GPL)
8.  
9. Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
10.  
11. Oracle is a registered trademark of Oracle Corporation and/or its
12. affiliates. Other names may be trademarks of their respective
13. owners.
14.  
15. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

由管理账号dba007重新为root添加本地访问权限：

1. mysql> GRANT all ON *.* TO root@localhost IDENTIFIED BY '1234567';
2. Query OK, 0 rows affected (0.00 sec)
3. mysql> SHOW GRANTS FOR root@localhost;             //查看恢复结果
4. +---------------------------------------------------------------------+
5. | Grants for root@localhost |
6. +---------------------------------------------------------------------+
7. | GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION |
8. | GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION |
9. +---------------------------------------------------------------------+
10. 2 rows in set (0.00 sec)

退出，再重新以root登入，测试一下看看，权限又恢复了吧：

1. mysql> exit                                     //退出当前MySQL连接
2. Bye
3. [root@dbsvr1 ~]# mysql -u root -p                 //重新以root登入
4. Enter password:
5. Welcome to the MySQL monitor. Commands end with ; or \g.
6. Your MySQL connection id is 25
7. Server version: 5.7.17 MySQL Community Server (GPL)
8.  
9. Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
10.  
11. Oracle is a registered trademark of Oracle Corporation and/or its
12. affiliates. Other names may be trademarks of their respective
13. owners.
14.  
15. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
16.  
17. mysql> CREATE DATABASE newdb2014;                 //成功创建新库
18. Query OK, 1 row affected (0.00 sec)

4）允许webuser从任意客户机登录，只对webdb库有完全权限，密码为 123qqq…A

添加授权：

1. mysql> GRANT all ON webdb.* TO webuser@'%' IDENTIFIED BY '888888';
2. Query OK, 0 rows affected (0.00 sec)

查看授权结果：

1. mysql> SHOW GRANTS FOR webuser@'%';
2. +----------------------------------------------------+
3. | Grants for webuser@% |
4. +----------------------------------------------------+
5. | GRANT USAGE ON *.* TO 'webuser'@'%' |
6. | GRANT ALL PRIVILEGES ON `webdb`.* TO 'webuser'@'%' |
7. +----------------------------------------------------+
8. 2 rows in set (0.00 sec)

5）撤销webuser的完全权限，改为查询权限

撤销所有权限：

1. mysql> REVOKE all ON webdb.* FROM webuser@'%';
2. Query OK, 0 rows affected (0.00 sec)

只赋予查询权限：

1. mysql> GRANT select ON webdb.* TO webuser@'%';
2. Query OK, 0 rows affected (0.00 sec)

确认授权更改结果：

1. mysql> SHOW GRANTS FOR webuser@'%';
2. +--------------------------------------------+
3. | Grants for webuser@% |
4. +--------------------------------------------+
5. | GRANT USAGE ON *.* TO 'webuser'@'%' |
6. | GRANT SELECT ON `webdb`.* TO 'webuser'@'%' |
7. +--------------------------------------------+
8. 2 rows in set (0.00 sec)

2 案例2：root密码

2.1 问题

具体要求如下：

• 恢复管理员root密码 123qqq…A
• 重置管理员root密码 A…qqq321

2.2 步骤

实现此案例需要按照如下步骤进行。

步骤一：恢复管理员root密码

1）首先停止已运行的MySQL服务程序

1. [root@dbsvr1 ~]# systemctl stop mysqld.service         //停止服务
2. [root@dbsvr1 ~]# systemctl status mysqld.service      //确认状态
3. mysqld.service - MySQL Server
4. Loaded: loaded (/usr/lib/systemd/system/mysqld.service; enabled)
5. Active: inactive (dead) since 五 2017-04-07 23:01:38 CST; 21s ago
6. Docs: man:mysqld(8)
7. http://dev.mysql.com/doc/refman/en/using-systemd.html
8. Process: 20260 ExecStart=/usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid $MYSQLD_OPTS (code=exited, status=0/SUCCESS)
9. Process: 20238 ExecStartPre=/usr/bin/mysqld_pre_systemd (code=exited, status=0/SUCCESS)
10. Main PID: 20262 (code=exited, status=0/SUCCESS)

2）然后跳过授权表启动MySQL服务程序

这一步主要利用mysqld的 --skip-grant-tables选项

修改my.cnf配置，添加 skip_grant_tables=1启动设置：

1. [root@dbsvr1 ~]# vim /etc/my.cnf
2. [mysqld]
3. skip_grant_tables
4. .. ..
5. [root@dbsvr1 ~]# systemctl start mysqld.service
6.  
7. [root@dbsvr1 ~]# service mysql status
8. mysqld.service - MySQL Server
9. Loaded: loaded (/usr/lib/systemd/system/mysqld.service; enabled)
10. Active: active (running) since 五 2017-04-07 23:40:20 CST; 40s ago
11. Docs: man:mysqld(8)
12. http://dev.mysql.com/doc/refman/en/using-systemd.html
13. Process: 11698 ExecStart=/usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid $MYSQLD_OPTS (code=exited, status=0/SUCCESS)
14. Process: 11676 ExecStartPre=/usr/bin/mysqld_pre_systemd (code=exited, status=0/SUCCESS)
15. Main PID: 11701 (mysqld)
16. CGroup: /system.slice/mysqld.service
17. └─11701 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.p...

3）使用mysql命令连接到MySQL服务，重设root的密码

由于前一步启动的MySQL服务跳过了授权表，所以可以root从本机直接登录

1. [root@dbsvr1 ~]# mysql //直接回车即可
2.  
3. Welcome to the MySQL monitor. Commands end with ; or \g.
4. Your MySQL connection id is 4
5. Server version: 5.7.17 MySQL Community Server (GPL)
6.  
7. Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
8.  
9. Oracle is a registered trademark of Oracle Corporation and/or its
10. affiliates. Other names may be trademarks of their respective
11. owners.
12.  
13. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
14.  
15. mysql>

进入 mysql> 环境后，通过修改mysql库中user表的相关记录，重设root用户从本机登录的密码：

1. mysql> UPDATE mysql.user SET authentication_string=PASSWORD('123qqq…A')
2. -> WHERE user='root' AND host='localhost';             //重设root的密码
3. Query OK, 1 row affected, 1 warning (0.00 sec)
4. Rows matched: 1 Changed: 1 Warnings: 1
5. mysql> FLUSH PRIVILEGES;                                 //刷新授权表
6. Query OK, 0 rows affected (0.01 sec)
7. mysql> exit                                             //退出mysql> 环境
8. Bye

通过执行“FLUSH PRIVILEGES;”可使授权表立即生效，对于正常运行的MySQL服务，也可以用上述方法来修改密码，不用重启服务。本例中因为是恢复密码，最好重启MySQL服务程序，所以上述“FLUSH PRIVILEGES;”操作可跳过。

4）重新以正常方式启动MySQL服务程序，验证新密码

如果前面是修改/etc/my.cnf配置的方法来跳过授权表，则重置root密码后，应去除相应的设置以恢复正常：

1. [root@dbsvr1 ~]# vim /etc/my.cnf
2. [mysqld]
3. #skip_grant_tables=1                             //注释掉或删除此行
4. .. ..

按正常方式，通过mysql脚本重启服务即可：

1. [root@dbsvr1 ~]# systemctl restart mysqld.service

验证无密码登录时，将会被拒绝：

1. [root@dbsvr1 ~]# mysql -u root
2. Enter password: //没有跳过授权表回车会报错
3. ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)

只有提供重置后的新密码，才能成功登入：

1. [root@dbsvr1 ~]# mysql -uroot –p123qqq…A
2. Welcome to the MySQL monitor. Commands end with ; or \g.
3. Your MySQL connection id is 4
4. Server version: 5.7.17 MySQL Community Server (GPL)
5.  
6. Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
7.  
8. Oracle is a registered trademark of Oracle Corporation and/or its
9. affiliates. Other names may be trademarks of their respective
10. owners.
11.  
12. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
13.  
14. mysql>

步骤二：重置管理员root密码

正常的前提是：已知当前MySQL管理用户（root）的密码。

1）方法1，在Shell命令行下设置

使用mysqladmin管理工具，需要验证旧的密码。比如，以下操作将会把root的密码设置为 1234567：

1. [root@dbsvr1 ~]# mysqladmin -uroot -p password 'A…qqq321'                    
2. Enter password: //验证原来的密码
3. mysqladmin: [Warning] Using a password on the command line interface can be insecure.
4. Warning: Since password will be sent to server in plain text, use ssl connection to ensure password safety. //提示明文修改不安全，并不是报错
5. [root@dbsvr1 ~]# mysql -uroot –pA…qqq321 //使用修改后的密码登录
6. Welcome to the MySQL monitor. Commands end with ; or \g.
7. Your MySQL connection id is 4
8. Server version: 5.7.17 MySQL Community Server (GPL)
9.  
10. Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
11.  
12. Oracle is a registered trademark of Oracle Corporation and/or its
13. affiliates. Other names may be trademarks of their respective
14. owners.
15.  
16. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
17.  
18. mysql>

步骤三：修改管理员root密码的其他方法

1）方法1，以root登入mysql> 后，使用SET PASSWORD指令设置

这个与新安装MySQL-server后首次修改密码时要求的方式相同，平时也可以用：

1. mysql> SET PASSWORD FOR root@localhost=PASSWORD('1234567');
2. Query OK, 0 rows affected, 1 warning (0.00 sec)

2）方法2，以root登入mysql> 后，使用GRANT授权工具设置

这个是最常见的用户授权方式（下一节会做更多授权的练习）：

1. mysql> GRANT all ON *.* TO root@localhost IDENTIFIED BY '1234567';
2. Query OK, 0 rows affected, 1 warning (0.00 sec)

3）方法3，以root登入mysql> 后，使用UPDATE更新相应的表记录

这种方法与恢复密码时的操作相同：

1. mysql> UPDATE mysql.user SET authentication_string=PASSWORD('1234567')
2. -> WHERE user='root' AND host='localhost';         //重设root的密码
3. Query OK, 0 rows affected, 1 warning (0.00 sec)
4. Rows matched: 1 Changed: 0 Warnings: 1
5. mysql> FLUSH PRIVILEGES;                                 //刷新授权表
6. Query OK, 0 rows affected (0.00 sec)

在上述方法中，需要特别注意：当MySQL服务程序以 skip-grant-tables 选项启动时，如果未执行“FLUSH PRIVILEGES;”操作，是无法通过SET PASSWORD或者GRANT方式来设置密码的。比如，验证这两种方式时，都会看到ERROR 1290的出错提示：

1. mysql> SET PASSWORD FOR root@localhost=PASSWORD('1234567');
2. ERROR 1290 (HY000): The MySQL server is running with the --skip-grant-tables option so it cannot execute this statement
3.  
4. mysql> GRANT all ON *.* TO root@localhost IDENTIFIED BY '1234567';
5. ERROR 1290 (HY000): The MySQL server is running with the --skip-grant-tables option so it cannot execute this statement

3 案例3：数据备份与恢复

3.1 问题

具体要求如下：

• 练习mysqldump命令的使用
• 使用 mysql 命令恢复删除的数据

3.2 步骤

实现此案例需要按照如下步骤进行。

步骤一：练习mysqldump命令的使用

1）备份MySQL服务器上的所有库

将所有的库备份为mysql-all.sql文件：

1. [root@dbsvr1 ~]# mysqldump -u root -p --all-databases > /root/alldb.sql
2. Enter password:                                 //验证口令
3. [root@dbsvr1 mysql]# file /root/alldb.sql         //确认备份文件类型
4. /root/alldb.sql: UTF-8 Unicode English text, with very long lines

查看备份文件alldb.sql的部分内容：

1. [root@dbsvr1 ~]# grep -vE '^/|^-|^$' /root/alldb.sql | head -15
2. CREATE DATABASE /*!32312 IF NOT EXISTS*/ `home` /*!40100 DEFAULT CHARACTER SET latin1 */;
3. USE `home`;
4. DROP TABLE IF EXISTS `biao01`;
5. CREATE TABLE `biao01` (
6. `id` int(2) NOT NULL,
7. `name` varchar(8) DEFAULT NULL
8. ) ENGINE=InnoDB DEFAULT CHARSET=latin1;
9. LOCK TABLES `biao01` WRITE;
10. UNLOCK TABLES;
11. DROP TABLE IF EXISTS `biao02`;
12. CREATE TABLE `biao02` (
13. `id` int(4) NOT NULL,
14. `name` varchar(8) DEFAULT NULL,
15. PRIMARY KEY (`id`)
16. ) ENGINE=InnoDB DEFAULT CHARSET=latin1;
17. .. ..

注意：若数据库都使用MyISAM存储引擎，可以采用冷备份的方式，直接复制对应的数据库目录即可；恢复时重新复制回来就行。

2）只备份指定的某一个库

将userdb库备份为userdb.sql文件：

1. [root@dbsvr1 ~]# mysqldump -u root -p userdb > userdb.sql
2. Enter password:                                 //验证口令

查看备份文件userdb.sql的部分内容：

1. [root@dbsvr1 ~]# grep -vE '^/|^-|^$' /root/userdb.sql
2. DROP TABLE IF EXISTS `stu_info`;
3. CREATE TABLE `stu_info` (
4. `name` varchar(12) NOT NULL,
5. `gender` enum('boy','girl') DEFAULT 'boy',
6. `age` int(3) NOT NULL
7. ) ENGINE=InnoDB DEFAULT CHARSET=latin1;
8. LOCK TABLES `stu_info` WRITE;
9. .. ..

3）同时备份指定的多个库

同时备份mysql、userdb库，保存为mysql+userdb.sql文件：

1. [root@dbsvr1 ~]# mysqldump -u root -p -B mysql userdb > mysql+test+userdb.sql
2. Enter password:                                 //验证口令

查看备份文件userdb.sql的部分内容：

1. [root@dbsvr1 ~]# grep '^CREATE DATA' /root/mysql+userdb.sql
2. CREATE DATABASE /*!32312 IF NOT EXISTS*/ `mysql` /*!40100 DEFAULT CHARACTER SET latin1 */;
3. CREATE DATABASE /*!32312 IF NOT EXISTS*/ `userdb` /*!40100 DEFAULT CHARACTER SET latin1 */;

步骤二：使用mysql 命令恢复删除的数据

以恢复userdb库为例，可参考下列操作。通常不建议直接覆盖旧库，而是采用建立新库并导入逻辑备份的方式执行恢复，待新库正常后即可废弃或删除旧库。

1）创建名为userdb2的新库

1. mysql> CREATE DATABASE userdb2;
2. Query OK, 1 row affected (0.00 sec)

2）导入备份文件，在新库中重建表及数据

1. [root@dbsvr1 ~]# mysql -u root -p userdb2 < /root/userdb.sql
2. Enter password:                                 //验证口令

3）确认新库正常，启用新库

1. mysql> USE userdb2;                             //切换到新库
2. Reading table information for completion of table and column names
3. You can turn off this feature to get a quicker startup with -A
4.  
5. Database changed
6. mysql> SELECT sn,username,uid,gid,homedir         //查询数据，确认可用
7. -> FROM userlist LIMIT 10;
8. +----+----------+-----+-----+-----------------+
9. | sn | username | uid | gid | homedir |
10. +----+----------+-----+-----+-----------------+
11. | 1 | root | 0 | 0 | /root |
12. | 2 | bin | 1 | 1 | /bin |
13. | 3 | daemon | 2 | 2 | /sbin |
14. | 4 | adm | 3 | 4 | /var/adm |
15. | 5 | lp | 4 | 7 | /var/spool/lpd |
16. | 6 | sync | 5 | 0 | /sbin |
17. | 7 | shutdown | 6 | 0 | /sbin |
18. | 8 | halt | 7 | 0 | /sbin |
19. | 9 | mail | 8 | 12 | /var/spool/mail |
20. | 10 | operator | 11 | 0 | /root |
21. +----+----------+-----+-----+-----------------+
22. 10 rows in set (0.00 sec)

4）废弃或删除旧库

1. mysql> DROP DATABASE userdb;
2. Query OK, 2 rows affected (0.09 sec)

4 案例4：binlog日志

4.1 问题

启用binlog日志，具体要求如下：

• 启用binlog日志，把日志文件存放到系统的/mylog目录下，日志文件为db50
• 手动创建3个新的日志文件
• 删除编号3之前的日志文件

4.2 步骤

实现此案例需要按照如下步骤进行。

步骤一：启用binlog日志

1）修改配置文件，并重启服务。

1. [root@dbsvr1 ~]# vim /etc/my.cnf
2. [mysqld]
3.     server_id=1 //指定server_id
4. log-bin=/mylog/db50 //指定日志目录及名称
5. :wq
6. [root@dbsvr1 ~]# mkdir /mylog //创建目录
7. [root@dbsvr1 ~]# chown mysql /mylog //修改所有者
8. [root@dbsvr1 ~]# systemctl restart mysqld.service //重启服务

2）查看日志信息

1. [root@dbsvr1 ~]#
2. [root@localhost ~]# mysql -uroot -p123qqq...A //管理员登录
3. mysql: [Warning] Using a password on the command line interface can be insecure.
4. Welcome to the MySQL monitor. Commands end with ; or \g.
5. Your MySQL connection id is 3
6. Server version: 5.7.17-log MySQL Community Server (GPL)
7.  
8. Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
9.  
10. Oracle is a registered trademark of Oracle Corporation and/or its
11. affiliates. Other names may be trademarks of their respective
12. owners.
13.  
14. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
15.  
16. mysql> show master status; //查看日志信息
17. +-------------+----------+--------------+------------------+-------------------+
18. | File | Position | Binlog_Do_DB | Binlog_Ignore_DB | Executed_Gtid_Set |
19. +-------------+----------+--------------+------------------+-------------------+
20. | db50.000001 | 154 | | | |
21. +-------------+----------+--------------+------------------+-------------------+
22. 1 row in set (0.00 sec)
23.  
24. mysql>

3）手动创建3个新的日志文件

1. mysql>
2. mysql> flush logs; //刷新日志
3. Query OK, 0 rows affected (0.14 sec)
4.  
5. mysql> flush logs; //刷新日志
6. Query OK, 0 rows affected (0.11 sec)
7.  
8. mysql> flush logs; //刷新日志
9. Query OK, 0 rows affected (0.12 sec)
10.  
11. mysql> system ls /mylog/ //查看日志文件
12. db50.000001 db50.000002 db50.000003 db50.000004 db50.index
13. mysql>
14. mysql> show master status; //查看日志信息
15. +-------------+----------+--------------+------------------+-------------------+
16. | File | Position | Binlog_Do_DB | Binlog_Ignore_DB | Executed_Gtid_Set |
17. +-------------+----------+--------------+------------------+-------------------+
18. | db50.000004 | 154 | | | |
19. +-------------+----------+--------------+------------------+-------------------+
20. 1 row in set (0.00 sec)
21.  
22. mysql>

4）删除编号3之前的日志文件

1. mysql>
2.  
3. mysql> purge master logs to "db50.000003"; //删除日志
4. Query OK, 0 rows affected (0.05 sec)
5.  
6. mysql> system ls /mylog/ //查看日志文件
7. db50.000003 db50.000004 db50.index
8. mysql>
9. mysql> system cat /mylog/db50.index //查看索引文件
10. /mylog/db50.000003
11. /mylog/db50.000004
12. mysql>

5 案例5：使用binlog日志恢复数据

5.1 问题

利用binlog恢复库表，要求如下：

• 启用binlog日志
• 创建db1库tb1表，插入3条记录
• 删除tb1表中刚插入的3条记录
• 使用mysqlbinlog恢复删除的3条记录

5.2 步骤

实现此案例需要按照如下步骤进行。

步骤一：启用binlog日志

1）调整/etc/my.cnf配置，并重启服务

1. [root@dbsvr1 ~]# vim /etc/my.cnf
2. [mysqld]
3. server_id=1 //定义server_id
4. log-bin=mysql-bin //定义日志名
5. binlog_format=”mixed” //定义日志格式
6. [root@dbsvr1 ~]# systemctl restart mysqld.service //重启服务

2）确认binlog日志文件

新启用binlog后，每次启动MySQl服务都会新生成一份日志文件：

1. [root@dbsvr1 ~]# ls /var/lib/mysql/mysql-bin.*
2. /var/lib/mysql/mysql-bin.000001 /var/lib/mysql/mysql-bin.index

其中mysql-bin.index文件记录了当前保持的二进制文件列表：

1. [root@dbsvr1 ~]# cat /var/lib/mysql/mysql-bin.index
2. ./mysql-bin.000001

重启MySQL服务程序，或者执行SQL操作“FLUSH LOGS;”，会生成一份新的日志：

1. [root@dbsvr1 ~]# ls /var/lib/mysql/mysql-bin.*
2. /var/lib/mysql/mysql-bin.000001 /var/lib/mysql/mysql-bin.index
3. /var/lib/mysql/mysql-bin.000002
4.  
5. [root@dbsvr1 ~]# cat /var/lib/mysql/mysql-bin.index
6. ./mysql-bin.000001
7. ./mysql-bin.000002

步骤二：利用binlog日志重做数据库操作

1）执行数据库表添加操作

创建db1·库tb1表，表结构自定义：

1. mysql> CREATE DATABASE db1;
2. Query OK, 1 row affected (0.05 sec)
3.  
4. mysql> USE db1;
5. Database changed
6. mysql> CREATE TABLE tb1(
7. -> id int(4) NOT NULL,name varchar(24)
8. -> );
9. Query OK, 0 rows affected (0.28 sec)

插入3条表记录：

1. mysql> INSERT INTO tb1 VALUES
2. -> (1,'Jack'),
3. -> (2,'Kenthy'),
4. -> (3,'Bob');
5. Query OK, 3 rows affected (0.12 sec)
6. Records: 3 Duplicates: 0 Warnings: 0

确认插入的表记录数据：

1. mysql> SELECT * FROM tb1;
2. +----+--------+
3. | id | name |
4. +----+--------+
5. | 1 | Jack |
6. | 2 | Kenthy |
7. | 3 | Bob |
8. +----+--------+
9. 3 rows in set (0.00 sec)

2）删除前一步添加的3条表记录

执行删除所有表记录操作：

1. mysql> DELETE FROM tb1;
2. Query OK, 3 rows affected (0.09 sec)

确认删除结果：

1. mysql> SELECT * FROM tb1;
2. Empty set (0.00 sec)

步骤三：通过binlog日志恢复表记录

binlog会记录所有的数据库、表更改操作，所以可在必要的时候重新执行以前做过的一部分数据操作，但对于启用binlog之前已经存在的库、表数据将不适用。

根据上述“恢复被删除的3条表记录”的需求，应通过mysqlbinlog工具查看相关日志文件，找到删除这些表记录的时间点，只要恢复此前的SQL操作（主要是插入那3条记录的操作）即可。

1）查看mysql-bin.000002日志内容

1. [root@dbsvr1 ~]# mysqlbinlog /var/lib/mysql/mysql-bin.000002
2. /*!50530 SET @@SESSION.PSEUDO_SLAVE_MODE=1*/;
3. /*!50003 SET @OLD_COMPLETION_TYPE=@@COMPLETION_TYPE,COMPLETION_TYPE=0*/;
4. DELIMITER /*!*/;
5. # at 4
6. #170412 12:05:32 server id 1 end_log_pos 123 CRC32 0x6d8c069c Start: binlog v 4, server v 5.7.17-log created 170412 12:05:32 at startup
7. # Warning: this binlog is either in use or was not closed properly.
8. ROLLBACK/*!*/;
9. BINLOG '
10. jKftWA8BAAAAdwAAAHsAAAABAAQANS43LjE3LWxvZwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
11. AAAAAAAAAAAAAAAAAACMp+1YEzgNAAgAEgAEBAQEEgAAXwAEGggAAAAICAgCAAAACgoKKioAEjQA
12. AZwGjG0=
13. '/*!*/;
14. # at 123
15. #170412 12:05:32 server id 1 end_log_pos 154 CRC32 0x17f50164 Previous-GTIDs
16. # [empty]
17. # at 154
18. #170412 12:05:59 server id 1 end_log_pos 219 CRC32 0x4ba5a976 Anonymous_GTID last_committed=0 sequence_number=1
19. SET @@SESSION.GTID_NEXT= 'ANONYMOUS'/*!*/;
20. # at 219
21. #170412 12:05:59 server id 1 end_log_pos 310 CRC32 0x5b66ae13 Query thread_id=3 exec_time=0 error_code=0
22. SET TIMESTAMP=1491969959/*!*/;
23. SET @@session.pseudo_thread_id=3/*!*/;
24. SET @@session.foreign_key_checks=1, @@session.sql_auto_is_null=0, @@session.unique_checks=1, @@session.autocommit=1/*!*/;
25. SET @@session.sql_mode=1436549152/*!*/;
26. SET @@session.auto_increment_increment=1, @@session.auto_increment_offset=1/*!*/;
27. /*!\C utf8 *//*!*/;
28. SET @@session.character_set_client=33,@@session.collation_connection=33,@@session.collation_server=8/*!*/;
29. SET @@session.lc_time_names=0/*!*/;
30. SET @@session.collation_database=DEFAULT/*!*/;
31. CREATE DATABASE db1
32. /*!*/;
33. # at 310
34. #170412 12:06:23 server id 1 end_log_pos 375 CRC32 0x2967cc28 Anonymous_GTID last_committed=1 sequence_number=2
35. SET @@SESSION.GTID_NEXT= 'ANONYMOUS'/*!*/;
36. # at 375
37. #170412 12:06:23 server id 1 end_log_pos 502 CRC32 0x5de09aae Query thread_id=3 exec_time=0 error_code=0
38. use `db1`/*!*/;
39. SET TIMESTAMP=1491969983/*!*/;
40. CREATE TABLE tb1(
41. id int(4) NOT NULL,name varchar(24)
42. )
43. /*!*/;
44. # at 502
45. #170412 12:06:55 server id 1 end_log_pos 567 CRC32 0x0b8cd418 Anonymous_GTID last_committed=2 sequence_number=3
46. SET @@SESSION.GTID_NEXT= 'ANONYMOUS'/*!*/;
47. # at 567
48. #170412 12:06:55 server id 1 end_log_pos 644 CRC32 0x7e8f2fa0 Query thread_id=3 exec_time=0 error_code=0
49. SET TIMESTAMP=1491970015/*!*/;
50. BEGIN
51. /*!*/;
52. # at 644
53. #170412 12:06:55 server id 1 end_log_pos 772 CRC32 0x4e3f728e Query thread_id=3 exec_time=0 error_code=0 //插入表记录的起始时间点
54. SET TIMESTAMP=1491970015/*!*/;
55. INSERT INTO tb1 VALUES(1,'Jack'),(2,'Kenthy'), (3,'Bob')
56. /*!*/;
57. # at 772
58. #170412 12:06:55 server id 1 end_log_pos 803 CRC32 0x6138b21f Xid = 10
59. //确认事务的时间点
60. COMMIT/*!*/;
61. # at 803
62. #170412 12:07:24 server id 1 end_log_pos 868 CRC32 0xbef3f472 Anonymous_GTID last_committed=3 sequence_number=4
63. SET @@SESSION.GTID_NEXT= 'ANONYMOUS'/*!*/;
64. # at 868
65. #170412 12:07:24 server id 1 end_log_pos 945 CRC32 0x5684e92c Query thread_id=3 exec_time=0 error_code=0
66. SET TIMESTAMP=1491970044/*!*/;
67. BEGIN
68. /*!*/;
69. # at 945
70. #170412 12:07:24 server id 1 end_log_pos 1032 CRC32 0x4c1c75fc Query thread_id=3 exec_time=0 error_code=0 //删除表记录的时间点
71. SET TIMESTAMP=1491970044/*!*/;
72. DELETE FROM tb1
73. /*!*/;
74. # at 1032
75. #170412 12:07:24 server id 1 end_log_pos 1063 CRC32 0xccf549b2 Xid = 12
76. COMMIT/*!*/;
77. SET @@SESSION.GTID_NEXT= 'AUTOMATIC' /* added by mysqlbinlog */ /*!*/;
78. DELIMITER ;
79. # End of log file
80. /*!50003 SET COMPLETION_TYPE=@OLD_COMPLETION_TYPE*/;
81. /*!50530 SET @@SESSION.PSEUDO_SLAVE_MODE=0*/;

2） 执行指定Pos节点范围内的sql命令恢复数据

根据上述日志分析，只要恢复从2014.01.12 20:12:14到2014.01.12 20:13:50之间的操作即可。可通过mysqlbinlog指定时间范围输出，结合管道交给msyql命令执行导入重做：

1. [root@dbsvr1 ~]# mysqlbinlog \
2. --start-datetime="2017-04-12 12:06:55" \
3. --stop-datetime="2017-04-12 12:07:23" \
4. /var/lib/mysql/mysql-bin.000002 | mysql -u root -p
5. Enter password:                                  //验证口令

3）确认恢复结果

1. mysql> SELECT * FROM db1.tb1;
2. +----+--------+
3. | id | name |
4. +----+--------+
5. | 1 | Jack |
6. | 2 | Kenthy |
7. | 3 | Bob |
8. +----+--------+
9. 3 rows in set (0.00 sec)