马哥教育N63013-第十周作业

------------恢复内容开始------------

1、在阿里云服务器搭建openv-p-n(有条件的同学再做)

已经在阿里云做过
2、通过编译、二进制安装MySQL5.7

源码编译安装 MySQL5.7.30

1 安装相关依赖包

[root@centos7 ~]# yum -y install gcc gcc-c++ cmake bison bison-devel zlib-devel libcurl-deel libarchivve-devel boost-devel ncurses-devel gnutls-devel libxml2-devel openssl-devel libevent-devel libaio-devel perl-Data-Dumper

2 做准备用户和数据目录

[root@centos7 ~]# useradd -r -s /sbin/nologin -d /data/mysql mysql    #-r 创建一个系统帐户  -s 指定登录的SHELL解释器  -d 指定家目录

3 准备数据库目录

[root@centos7 ~]# mkdir /data/mysql
[root@centos7 ~]# chown mysql.mysql /data/mysql

4. 解压缩源码包

1. [root@centos7 ~]#tar xvf mysql-boost-5.7.30.tar.gz -C /usr/local/src
2.  [root@centos7 ~]#tar xvf boost_1_59_0.tar.gz -C /usr/local/src

5.源码编译安装 MySQL

[root@centos7 ~]#cd /usr/local/src/mysql-5.7.30/
[root@centos7 mysql-5.7.30]#pwd
/usr/local/src/mysql-5.7.30
[root@centos7 mysql-5.7.30]#cmake . \
> -DCMAKE_INSTALL_PREFIX=/apps/mysql \
> -DMYSQL_DATADIR=/data/mysql/ \
> -DSYSCONFDIR=/etc/ \
> -DMYSQL_USER=mysql \
> -DWITH_INNOBASE_STORAGE_ENGINE=1 \
> -DWITH_ARCHIVE_STORAGE_ENGINE=1 \
> -DWITH_BLACKHOLE_STORAGE_ENGINE=1 \
> -DWITH_PARTITION_STORAGE_ENGINE=1 \
> -DWITHOUT_MROONGA_STORAGE_ENGINE=1 \
> -DWITH_DEBUG=0 \
> -DWITH_READLINE=1 \
> -DWITH_SSL=system \
> -DWITH_ZLIB=system \
> -DWITH_LIBWRAP=0 \
> -DENABLED_LOCAL_INFILE=1 \
> -DMYSQL_UNIX_ADDR=/data/mysql/mysql.sock \
> -DDEFAULT_CHARSET=utf8 \
> -DDEFAULT_COLLATION=utf8_general_ci \
> -DDOWNLOAD_BOOST=1 \
> -DWITH_BOOST=/usr/local/src/boost_1_59_0
 
[root@centos7 mysql-5.7.30]#make && make install

6.准备环境变量

[root@centos7 mysql-5.7.30]#echo 'PATH=/apps/mysql/bin:$PATH' >/etc/profile.d/mysql.sh
[root@centos7 mysql-5.7.30]#. /etc/profile.d/mysql.sh

7.修改配置文件

[root@centos7 mysql-5.7.30]#cd /apps/mysql/
[root@centos7 mysql]#pwd
/apps/mysql
 
[root@centos7 mysql]#vim /etc/my.cnf
[mysqld]
explicit_defaults_for_timestamp=true
datadir=/data/mysql/
basedir=/apps/mysql/bin/mysql/
port=3306
pid-file=/data/mysql/mysql.pid
socket=/data/mysql/mysql.socket
symbolic-links=0
character_set_server=utf8
user=mysql
 
[mysqld_safe]
log-error=/data/mysql/mysql.log
 
[client]
port=3306
socket=/data/mysql/mysql.socket
default-character-set=utf8

8.初始化数据库

 [root@centos7 mysql]#bin/mysqld --initialize-insecure --datadir=/data/mysql/ --user=mysql

9.准备启动脚本,并启动服务

[root@centos7 mysql]#cp /apps/mysql/support-files/mysql.server /etc/init.d/mysqld
[root@centos7 mysql]#chkconfig --add mysqld
[root@centos7 mysql]#systemctl start mysqld
[root@centos7 mysql]#ss -ntl
State      Recv-Q Send-Q              Local Address:Port                             Peer Address:Port
LISTEN     0      128                             *:22                                          *:*
LISTEN     0      100                     127.0.0.1:25                                          *:*
LISTEN     0      128                          [::]:22                                       [::]:*
LISTEN     0      100                         [::1]:25                                       [::]:*
LISTEN     0      80                           [::]:3306                                     [::]:*
 

10.修改密码，设置的密码一定要记好（大写字母、小写字母、数字加标点符号，密码要定期更换） 

[root@centos7 mysql]# mysql
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.7.30 Source distribution
 
Copyright (c) 2000, 2020, Oracle and/or its affiliates. All rights reserved.
 
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
 
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
 
mysql> status
--------------
mysql  Ver 14.14 Distrib 5.7.30, for Linux (x86_64) using  EditLine wrapper
 
Connection id:		2
Current database:
Current user:		root@localhost
SSL:			Not in use
Current pager:		stdout
Using outfile:		''
Using delimiter:	;
Server version:		5.7.30 Source distribution
Protocol version:	10
Connection:		Localhost via UNIX socket
Server characterset:	utf8
Db     characterset:	utf8
Client characterset:	utf8
Conn.  characterset:	utf8
UNIX socket:		/data/mysql/mysql.socket
Uptime:			15 min 17 sec
 
Threads: 1  Questions: 5  Slow queries: 0  Opens: 105  Flush tables: 1  Open tables: 98  Queries per second avg: 0.005
--------------
 
mysql> alter user root@'localhost' identified by 'MySQL@2022.';
Query OK, 0 rows affected (0.00 sec)
 
mysql> exit
Bye

二进制安装MySQL5.7.30

1、安装相关包

yum -y install libaio numactl-libs

2、创建用户和组

groupadd mysql
useradd -r -g mysql -s /bin/false mysql

3、准备程序文件

wget http://mirrors.163.com/mysql/Downloads/MySQL-5.7/mysql-5.7.35-linux-glibc2.12-x86_64.tar.gz
tar xvf mysql-5.7.35-linux-glibc2.12-x86_64.tar.gz -C /usr/local
cd /usr/local/
ln -s mysql-5.7.35-linux-glibc2.12-x86_64/ mysql
chown -R root.root /usr/local/mysql/

　　

4、准备环境变量

echo 'PATH=/usr/local/mysql/bin:$PATH' > /etc/profile.d/mysql.sh
. /etc/profile.d/mysql.sh

　　

5、准备配置文件

cp /etc/my.cnf{,.bak}
vim /etc/my.cnf
[mysqld]
datadir=/data/mysql
skip_name_resolve=1
socket=/data/mysql/mysql.sock
log-error=/data/mysql/mysql.log
pid-file=/data/mysql/mysql.pid
[client]
socket=/data/mysql/mysql.sock

 

6、初始化数据库文件并提取root密码，生成 root 空密码

mysqld --initialize-insecure --user=mysql --datadir=/data/mysql

　　

7、准备服务脚本和启动

cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
chkconfig --add mysqld
service mysqld start

　　

8、修改口令
#修改前面生成的空密码为指定密码（密码要定期修改）

mysqladmin -uroot password MySQL@2022.

　　

9、测试登录

mysql -uroot -pMySQL@2022.

　

3、二进制安装mariadb10.4

1、安装相关包

[root@centos7 ~]#yum -y install libaio numactl-libs

　　

2、创建用户和组

[root@centos7 ~]#groupadd mysql
[root@centos7 ~]#useradd -r -g mysql -s /bin/false mysql

　　

3、准备程序文件

[root@centos7 ~]#tar xfv mariadb-10.4.22-linux-glibc_214-x86_64.tar.gz -C /usr/local
[root@centos7 ~]#cd /usr/local/
[root@centos7 local]#ln -s mariadb-10.4.22-linux-glibc_214-x86_64 mysql
[root@centos7 local]#chown -R root.root /usr/local/mysql/

　　

4、准备环境变量

[root@centos7 local]#echo 'PATH=/usr/local/mysql/bin:$PATH' > /etc/profile.d/mysql.sh
[root@centos7 local]#. /etc/profile.d/mysql.sh

　　

5、创建数据库目录，修改权限

[root@centos7 local]#mkdir /data/mysql -pv
mkdir: created directory ‘/data/mysql’
[root@centos7 local]#chown -R mysql:mysql /data/mysql/

　　

6、准备配置文件

[root@centos7 local]#cd /usr/local/mysql/
[root@centos7 mysql]#cp /etc/my.cnf{,.bak}
[root@centos7 mysql]#vim /etc/my.cnf
[root@centos7 mysql]#cat /etc/my.cnf
[mysqld]
#datadir=/var/lib/mysql
datadir=/data/mysql
socket=/var/lib/mysql/mysql.sock
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0
# Settings user and group are ignored when systemd is used.
# If you need to run mysqld under a different user or group,
# customize your systemd unit file for mariadb according to the
# instructions in http://fedoraproject.org/wiki/Systemd

[mysqld_safe]
#log-error=/var/log/mariadb/mariadb.log
log-error=/data/mysql/mysql.log
pid-file=/var/run/mariadb/mariadb.pid

#
# include all files from the config directory
#
!includedir /etc/my.cnf.d

　　

7、创建配置文件中指定的路径并修改权限

[root@centos7 mysql]#mkdir /var/lib/mysql
[root@centos7 mysql]#chown -R mysql:mysql /var/lib/mysql/
[root@centos7 mysql]#touch /var/lib/mysql/mysql.sock
[root@centos7 mysql]#ll /var/lib/mysql
total 0
-rw-r--r-- 1 root root 0 Feb 1 13:00 mysql.sock
[root@centos7 mysql]#chmod guo+wr /var/lib/mysql/mysql.sock
[root@centos7 mysql]#ll /var/lib/mysql
total 0
-rw-rw-rw- 1 root root 0 Feb 1 13:00 mysql.sock
[root@centos7 mysql]#touch /data/mysql/mysql.log
[root@centos7 mysql]#ll /data/mysql/
total 0
-rw-r--r-- 1 root root 0 Feb 1 13:18 mysql.log
[root@centos7 mysql]#chmod guo+rw /data/mysql/mysql.log
[root@centos7 mysql]#ll /data/mysql/mysql.log
-rw-rw-rw- 1 root root 0 Feb 1 13:18 /data/mysql/mysql.log
[root@centos7 mysql]#mkdir /var/run/mariadb
[root@centos7 mysql]#chown -R mysql:mysql /var/run/mariadb/
[root@centos7 mysql]#touch /var/run/mariadb/mariadb.pid
[root@centos7 mysql]#ll /var/run/mariadb/
total 0
-rw-r--r-- 1 root root 0 Feb 1 13:32 mariadb.pid
[root@centos7 mysql]#chmod guo+rw /var/run/mariadb/mariadb.pid
[root@centos7 mysql]#ll /var/run/mariadb/
total 0
-rw-rw-rw- 1 root root 0 Feb 1 13:32 mariadb.pid

8、初始化数据库文件并生成 root 空密码

[root@centos7 mysql]#./scripts/mysql_install_db --user=mysql --datadir=/data/mysql

　　

9、启动MariaDB守护程序

[root@centos7 mysql]#./bin/mysqld_safe --user=mysql --datadir=/data/mysql &

　　

10、测试MariaDB守护程序

[root@centos7 mysql]#cd ./mysql-test ; perl mysql-test-run.pl

　　

11、准备服务脚本和启动

[root@centos7 mysql]#cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
[root@centos7 mysql]#chkconfig --add mysqld
[root@centos7 mysql]#chkconfig --list mysqld

Note: This output shows SysV services only and does not include native
systemd services. SysV configuration data might be overridden by native
systemd configuration.

If you want to list systemd services use 'systemctl list-unit-files'.
To see services enabled on particular target use
'systemctl list-dependencies [target]'.

mysqld 0:off	1:off	2:on	3:on	4:on	5:on	6:off

[root@centos7 mysql]#systemctl start mysqld.service

　　

12、数据库的登录、查询，修改密码，Ctrl+D，退出数据库

[root@centos7 mysql]#ln -s /var/lib/mysql/mysql.sock /tmp/mysql.sock
[root@centos7 mysql]#./bin/mysql -uroot -p
MariaDB [(none)]> show databases;
MariaDB [(none)]> use mysql;
MariaDB [mysql]> select user,host,password from user;
MariaDB [mysql]> SELECT VERSION();
+-----------------+
| VERSION() |
+-----------------+
| 10.4.22-MariaDB |
+-----------------+
MariaDB [mysql]> GRANT ALL PRIVILEGES ON *.* TO root@'localhost' IDENTIFIED BY "MySQL@2022.";
MariaDB [mysql]> FLUSH PRIVILEGES;
MariaDB [mysql]> Bye
[root@centos7 mysql]#

　　

13、登录测试

[root@centos7 mysql]#mysql -uroot -pMySQL@2022.

　　

14、加固MySQL服务器，在安装完成后，运行mysql_secure_installation命令，提高安全性

运行脚本：mysql_secure_installation

设置数据库管理员root口令
禁止root远程登录
删除anonymous用户帐号
删除test数据库

[root@centos7 mysql]#mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
haven't set the root password yet, you should just press enter here.
Enter current password for root (enter for none): #输入root用户的当前密码
OK, successfully used password, moving on...
Setting the root password or using the unix_socket ensures that nobody
can log into the MariaDB root user without the proper authorisation.
You already have your root account protected, so you can safely answer 'n'.
Switch to unix_socket authentication [Y/n] n #root帐户已受保护，回答“n”
... skipping.
You already have your root account protected, so you can safely answer 'n'.
Change the root password? [Y/n] n #已经设置好密码了，不用改，回答“n”
... skipping.
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] y #删除匿名用户，回答“y”
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] y #不允许root用户远程登录，回答“y”
... Success!
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove database and access to it? [Y/n] y #删除test数据库,回答“y”
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] y #重新加载特权表,回答“y”
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!