实际操作上发现系统上存在该文件,所以这里可能需要将该文件先备份改名,然后再根据上面的配置写配置文件:
# mv /etc/my.cnf /etc/my.cnf.bak # vim /usr/local/mysql-5.6.10/my.cnf [mysqld] basedir=/usr/local/mysql-5.6.10 datadir=/data/mysql/data socket=/usr/local/mysql-5.6.10/tmp/mysql.sock user=mysql sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES
修改MySQL用户root的密码,这里使用mysqld_safe安全模式启动:
# mysqld_safe --user=mysql --skip-grant-tables --skip-networking & [1] 3970 [root@iZ94mobdenkZ ~]# 141230 19:02:31 mysqld_safe Logging to '/data/mysql/data/centos.err'. 141230 19:02:32 mysqld_safe Starting mysqld daemon with databases from /data/mysql/data
这个时候已经启动了mysqd_safe安全模式,另开一个窗口作为客户端连入MySQL服务器:
# mysql
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 1
Server version: 5.6.10 Source distribution
Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> use mysql;
mysql> update user set password=password('yourpassword') where user='root';
mysql> flush privileges;
mysql> exit;
修改完毕之后使用kill把mysqld_safe进程杀死:
# ps aux | grep mysql root 3970 0.0 0.2 106308 1492 pts/1 S 19:02 0:00 /bin/sh /usr/local/mysql/bin/mysqld_safe --user=mysql --skip-grant-tables --skip-networking mysql 4143 0.1 18.0 558280 90316 pts/1 Sl 19:02 0:00 /usr/local/mysql-5.6.10/bin/mysqld --basedir=/usr/local/mysql-5.6.10 --datadir=/data/mysql/data --plugin-dir=/usr/local/mysql-5.6.10/lib/plugin --user=mysql --skip-grant-tables --skip-networking --log-error=/data/mysql/data/centos.err --pid-file=/data/mysql/data/centos.pid --socket=/usr/local/mysql-5.6.10/tmp/mysql.sock root 4313 0.0 0.1 103252 836 pts/0 S+ 19:05 0:00 grep mysql # kill -9 3970 # kill -9 4143
或者回到刚才启动mysqld_safe的窗口ctrl+c将进程杀死也行。
复制服务启动脚本:
# cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld # chmod +x /etc/init.d/mysqld
设置开机启动MySQL服务并正常开启MySQL服务(非必要项):
# chkconfig mysqld on
# service mysqld
Usage: mysqld {start|stop|restart|reload|force-reload|status} [ MySQL server options ]
# service mysqld start
Starting MySQL.
以后就可以直接通过service mysqld命令来开启/关闭MySQL数据库了。
最后,建议生产环境下运行安全设置脚本,禁止root用户远程连接,移除test数据库和匿名用户等:
# /usr/local/mysql-5.6.10/bin/mysql_secure_installation NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY! In order to log into MySQL to secure it, we'll need the current password for the root user. If you've just installed MySQL, and you haven't set the root password yet, the password will be blank, so you should just press enter here. Enter current password for root (enter for none):
注:上面输入的root密码指的是前面设置的MySQL的root账户的密码。
至此,MySQL数据库已经安装完毕。
#MySQL的安全配置#
1、确保启动MySQL不能使用系统的root账号,必须是新建的mysql账号,比如:
# mysqld_safe --user=mysql
2、MySQL安装好运行初始化数据库后,默认的root账户密码为空,必须给其设置一个密码,同时保证该密码具有较高的安全性。比如:
mysql> user mysql;
mysql> update user set password=password('yourpassword') where user='root';
mysql> flush privileges;
3、删除默认数据库及用户:
mysql> show databases; +--------------------+ | Database | +--------------------+ | information_schema | | mysql | | performance_schema | | test | +--------------------+ mysql> drop daabase test; mysql> use mysql; mysql> select host,user from user; +--------------+------+ | host | user | +--------------+------+ | 127.0.0.1 | root | | ::1 | root | | centos | | | centos | root | | localhost | | | localhost | root | +--------------+------+ mysql> delete from user where not(host='localhost' and user='root'); mysql> flush privileges;
注:上面的user表中的数据可能会有所不同。
4、当开发网站连接数据库的时候,建议建立一个用户只针对某个库有update/select/delete/insert/drop table/create table等权限,减小某个项目的数据库的用户名和密码被窃取后造成其他项目受影响,比如:
mysql>create database yourdbname default charset utf8 collate utf8_general_ci; mysql>create user 'yourusername'@'localhost' identified by 'yourpassword'; mysql> grant select,insert,update,delete,create,drop privileges on yourdbname.* To 'yourusername'@localhost identified by 'yourpassword';
5、数据库文件所在的目录不允许未经授权的用户访问,需要控制对该目录的访问,比如:
# chown -R mysql:mysql /data/mysql/data # chmod -R go-rwx /data/mysql/data
以上所述是小编给大家介绍的CentOS下安装MySQL5.6.10和安全配置教程详解,希望对大家有所帮助,如果大家有任何疑问请给我留言,小编会及时回复大家的。在此也非常感谢大家对网站的支持!
更多Mysql内容来自木庄网络博客
标签:Mysql
相关阅读 >>
更多相关阅读请进入《mysql》频道 >>
数据库系统概念 第6版
本书主要讲述了数据模型、基于对象的数据库和XML、数据存储和查询、事务管理、体系结构等方面的内容。
