第18章 使用MariaDB数据库管理系统

章节概述:
MYSQL数据库管理系统被Oracle公司收购后从开源换向到了封闭,导致包括红帽在内的许多Linux发行版选择了MariaDB。
本章节将教会您使用mariaDB数据库管理工具来管理数据库,学习对数据表单的新建、搜索、更新、插入、删除等常用操作。
并且熟练掌握对数据库内用户的创建与授权,数据库的备份与恢复方法,不仅满足了RHCE考题要求,还能帮助您的运维工作。
18.1 数据库管理系统

我们的生活中无时无刻都在接触到数据,而数据库便是通过指定的组织结构将这数据存储的仓库,并且随着互联网和信息技术的发展,数据库也已经从最初只能存储简单表格发展到了存储海量数据的大型分布式模式。

在信息化社会,充分有效地管理和利用各类信息资源,是进行科学研究和决策管理的前提条件。数据库技术是管理信息系统、办公自动化系统、决策支持系统等各类信息系统的核心部分,是进行科学研究和决策管理的重要技术手段。
数据库管理系统(即Database Management System)是一种能够对数据库进行建立、使用和维护的软件程序,数据库管理系统通过将计算机中具体的物理数据转换成适合用户理解的抽象逻辑数据,方便用户维护数据库的安全和可用性。

marialANDmysql

MYSQL是一款大家都非常熟知的数据库管理系统,技术成熟、配置简单、开源免费并且有良好的扩展性,但是MYSQL在被Oracle公司收购后日渐陷从开源转变为了封闭,缓慢的更新让众多Linux发行版(如红帽RHEL7FedoraCentosOpenSUSESlackware等等)以及诸多已经决定放弃使用这个往日最具人气的数据库管理系统,而转向到了MariaDB。
MariaDB是MYSQL数据库管理系统的一个由开源社区维护的分支产品,完全兼容于MYSQL,坦白讲虽然Google与Wikipedia这样的行业巨头已经采用了MariaDB,但并不意味着会比MYSQL有明显的性能提升,而是从技术垄断角度作出的决定。

出现问题?大胆提问!

因读者们硬件不同或操作错误都可能导致实验配置出错,请耐心再仔细看看操作步骤吧,不要气馁~

Linux技术交流请加A群:560843(),B群:340829(推荐),C群:463590(推荐),点此查看全国群

*本群特色:通过口令验证确保每一个群员都是《Linux就该这么学》的读者,答疑更有针对性,不定期免费领取定制礼品。

18.2 初始化mariaDB服务程序

MariaDB相对于MYSQL来讲确实在功能上有很多扩展特性,比如微秒的支持线程池子查询优化组提交进度报告等。

安装mariaDB服务程序:

[root@linuxprobe ~]# yum install mariadb mariadb-server
Loaded plugins: langpacks, product-id, subscription-manager
………………省略部分安装过程………………
Installing:
 mariadb                         x86_64         1:5.5.35-3.el7          rhel7       8.9 M
 mariadb-server                  x86_64         1:5.5.35-3.el7          rhel7        11 M
Installing for dependencie
 perl-Compress-Raw-Bzip2         x86_64         2.061-3.el7             rhel7        32 k
 perl-Compress-Raw-Zlib          x86_64         1:2.061-4.el7           rhel7        57 k
 perl-DBD-MySQL                  x86_64         4.023-5.el7             rhel7       140 k
 perl-DBI                        x86_64         1.627-4.el7             rhel7       802 k
 perl-Data-Dumper                x86_64         2.145-3.el7             rhel7        47 k
 perl-IO-Compress                noarch         2.061-2.el7             rhel7       260 k
 perl-Net-Daemon                 noarch         0.48-5.el7              rhel7        51 k
 perl-PlRPC                      noarch         0.2020-14.el7           rhel7        36 k
………………省略部分安装过程………………
Complete!

启动mariadb服务程序并添加到开机启动项中:

[root@linuxprobe ~]# systemctl start mariadb
[root@linuxprobe ~]# systemctl enable mariadb
ln -s '/usr/lib/systemd/system/mariadb.service' '/etc/systemd/system/multi-user.target.wants/mariadb.service'

为了保证数据库的安全性,一定要进行初始化工作:

第1步:设定root用户密码。
第2步:删除匿名帐号。
第3步:禁止root用户从远程登陆。
第4步:删除test数据库并取消对其的访问权限。
第5步:刷新授权表,让初始化后的设定立即生效。

初始化数据库服务程序:

[root@linuxprobe ~]# mysql_secure_installation 
/usr/bin/mysql_secure_installation: line 379: find_mysql_client: command not found
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user.  If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none): 当前数据库密码为空,直接敲击回车。
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
Set root password? [Y/n] y
New password: 输入要为root用户设置的数据库密码。
Re-enter new password: 重复再输入一次密码。
Password updated successfully!
Reloading privilege tables..
 ... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] y(删除匿名帐号)
 ... Success!
Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] y(禁止root用户从远程登陆)
 ... Success!
By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] y(删除test数据库并取消对其的访问权限)
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] y(刷新授权表,让初始化后的设定立即生效)
 ... Success!
Cleaning up...
All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!

设置防火墙对数据库服务的允许策略:

[root@linuxprobe ~]# firewall-cmd --permanent --add-service=mysql
success
[root@linuxprobe ~]# firewall-cmd --reload
success

使用root用户登陆到数据库中:

[root@linuxprobe ~]# mysql -u root -p
Enter password: 此处输入root用户在数据库中的密码。
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 5
Server version: 5.5.35-MariaDB MariaDB Server
Copyright (c) 2000, 2013, Oracle, Monty Program Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]>

查看当前已有的数据库:

MariaDB [(none)]> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| mysql              |
| performance_schema |
+--------------------+
3 rows in set (0.01 sec)

修改当前用户在数据库中的密码(示例中的密码为redhat):

MariaDB [(none)]> set password = password('redhat');
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> exit
Bye

使用旧的密码将不能再登陆到数据库:

[root@linuxprobe ~]# mysql -u root -p
Enter password:
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
18.3 管理数据库与表单数据

关系型数据库(DataBase)是由一个或多个数据表单(Table)组成的,数据表单则一般会保存着多个数据记录(Record)。

 

 
18.3.1 创建用户并授权

创建一个新的数据库用户:

创建数据库用户的命令:CREATE USER 用户名@主机名 IDENTIFIED BY '密码';

MariaDB [(none)]> create user luke@localhost IDENTIFIED BY 'linuxprobe';
Query OK, 0 rows affected (0.00 sec)

进入到mysql数据库中:

MariaDB [(none)]> use mysql;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

查看新创建的用户主机姓名密码信息

MariaDB [mysql]> select host,user,password from user where user="luke";
+-----------+------+-------------------------------------------+
| host      | user | password                                  |
+-----------+------+-------------------------------------------+
| localhost | luke | *55D9962586BE75F4B7D421E6655973DB07D6869F |
+-----------+------+-------------------------------------------+
1 row in set (0.00 sec)

退出数据库后使用新用户登陆:

MariaDB [mysql]> exit
Bye
[root@linuxprobe ~]# mysql -u luke -p
Enter password: 此处输入luke用户的数据库密码
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 6
Server version: 5.5.35-MariaDB MariaDB Server
Copyright (c) 2000, 2013, Oracle, Monty Program Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

此时只能查看到一个数据库:

MariaDB [(none)]> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
+--------------------+
1 row in set (0.03 sec)

数据库GRANT命令的授权操作常用方案:

编辑
命令 作用
GRANT 权限 ON 数据库.表单名称 TO 用户名@主机名 对某个特定数据库中的特定表单给予授权。
GRANT 权限 ON 数据库.* TO 用户名@主机名 对某个特定数据库中的所有表单给予授权。
GRANT 权限 ON *.* TO 用户名@主机名 对所有数据库及所有表单给予授权。
GRANT 权限1,权限2 ON 数据库.* TO 用户名@主机名 对某个数据库中的所有表单给予多个授权。
GRANT ALL PRIVILEGES ON *.* TO 用户名@主机名 对所有数据库及所有表单给予全部授权,(谨慎操作)。

切换回root用户登陆数据库并进入到mysql数据库中:

[root@linuxprobe ~]# mysql -u root -p
MariaDB [(none)]> use mysql;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed

给予luke用户对user表单的查询更新删除插入权限

MariaDB [mysql]> GRANT SELECT,UPDATE,DELETE,INSERT on mysql.user to luke@localhost;
Query OK, 0 rows affected (0.00 sec)

查看luke用户当前的授权:

MariaDB [(none)]> show grants for luke@localhost;
+-------------------------------------------------------------------------------------------------------------+
| Grants for luke@localhost |
+-------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'luke'@'localhost' IDENTIFIED BY PASSWORD '*55D9962586BE75F4B7D421E6655973DB07D6869F' |
| GRANT SELECT, INSERT, UPDATE, DELETE ON `mysql`.`user` TO 'luke'@'localhost' |
+-------------------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)

再次切换到luke用户后查看可用的数据库:

[root@linuxprobe ~]# mysql -u luke -p
MariaDB [(none)]> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| mysql              |
+--------------------+
2 rows in set (0.01 sec)

进入到mysql数据库中看到user表单了:

MariaDB [(none)]> use mysql
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
MariaDB [mysql]> show tables;
+-----------------+
| Tables_in_mysql |
+-----------------+
| user            |
+-----------------+
1 row in set (0.01 sec)

切换回root用户后取消刚刚全部的授权:

MariaDB [(none)]> revoke SELECT,UPDATE,DELETE,INSERT on mysql.user from luke@localhost;
Query OK, 0 rows affected (0.00 sec)

再次查看luke用户的授权:

MariaDB [(none)]> show grants for luke@localhost;
+-------------------------------------------------------------------------------------------------------------+
| Grants for luke@localhost |
+-------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'luke'@'localhost' IDENTIFIED BY PASSWORD '*55D9962586BE75F4B7D421E6655973DB07D6869F' |
+-------------------------------------------------------------------------------------------------------------+
1 row in set (0.00 sec)
posted @ 2016-08-18 08:13  冯琪  阅读(684)  评论(0编辑  收藏  举报