Glibc安装及安全用户角色权限

一、Glibc安装
安装步骤
1.安装依赖库

[root@localhost ~]# yum list installed |grep libaio
libaio.x86_64 0.3.109-
13.el7 @anaconda
[root@localhost ~]#

2.解压查看

[root@localhost ~]# ls
mysql-8.0.33-linux-glibc2.12-x86_64.tar
[root@localhost ~]# tar -xvf mysql-8.0.33-linuxglibc2.12-x86_64.tar
mysql-8.0.33-linux-glibc2.12-x86_64.tar.xz
mysql-router-8.0.33-linux-glibc2.12-x86_64.tar.xz
[root@localhost ~]# tar -xvf mysql-8.0.33-linuxglibc2.12-x86_64.tar.xz
mysql-8.0.33-linux-glibc2.12-x86_64
[root@localhost ~]# ls mysql-8.0.33-linuxglibc2.12-x86_64/
bin docs include lib LICENSE man README 
share support-files

3.创建⽤户

[root@localhost ~]# useradd -r -s /sbin/nologin
mysql
[root@localhost ~]# id mysql
uid=27(mysql) gid=27(mysql) 组=27(mysql)

4.清空其他环境 mariadb

[root@localhost ~]# rm -rf /etc/my.cnf

5.将解压⽂件放置在根⽬录下

[root@localhost ~]# mv mysql-8.0.33-linuxglibc2.12-x86_64/ /mysql8
[root@localhost ~]# ls /mysql8/
bin docs include lib LICENSE man README 
share support-files

6.切换mysql8⽬录,创建⼀个mysq files

cd /mysql8/
mkdir mysql-files

7.修改mysql-files⽂件权限750和所属 mysql

[root@localhost mysql8]# chown mysql:mysql mysqlfiles/
[root@localhost mysql8]# chmod 750 mysql-files/
[root@localhost mysql8]# ls -l
总⽤量 296
drwxr-xr-x. 2 7161 31415 4096 3⽉ 17 2023 bin
drwxr-xr-x. 2 7161 31415 38 3⽉ 17 2023 docs
drwxr-xr-x. 3 7161 31415 4096 3⽉ 17 2023
include
drwxr-xr-x. 6 7161 31415 201 3⽉ 17 2023 lib
-rw-r--r--. 1 7161 31415 284945 3⽉ 17 2023
LICENSE
drwxr-xr-x. 4 7161 31415 30 3⽉ 17 2023 man
drwxr-x---. 2 mysql mysql 6 8⽉ 3 22:30
mysql-files
-rw-r--r--. 1 7161 31415 666 3⽉ 17 2023
README
drwxr-xr-x. 28 7161 31415 4096 3⽉ 17 2023
share
drwxr-xr-x. 2 7161 31415 77 3⽉ 17 2023
support-files

8.初始化数据库,找到初始密码

[root@localhost mysql8]# ./bin/mysqld --initialize
--user=mysql --basedir=/mysql8
2024-08-03T14:34:53.993391Z 0 [System] [MY-013169]
[Server] /mysql8/bin/mysqld (mysqld 8.0.33)
initializing of server in progress as process 2236
2024-08-03T14:34:54.003043Z 1 [System] [MY-013576]
[InnoDB] InnoDB initialization has started.
2024-08-03T14:34:55.674077Z 1 [System] [MY-013577]
[InnoDB] InnoDB initialization has ended.
2024-08-03T14:34:58.133984Z 6 [Note] [MY-010454]
[Server] A temporary password is generated for
root@localhost: .I//GqI,Z2-k

9.查看是否初始化成功过,可以看⽂件夹中是否有data⽂件夹

[root@localhost mysql8]# ls
bin docs lib man README 
support-files
data include LICENSE mysql-files share

10.设置ssl安全加密连接 敏感数据

[root@localhost mysql8]# ls ./bin/*ssl*
./bin/mysql_ssl_rsa_setup
[root@localhost mysql8]# ./bin/mysql_ssl_rsa_setup
--datadir=/mysql8/data
[root@localhost mysql8]# ls ./data/
auto.cnf #ib_16384_1.dblwr mysql.ibd 
 sys
ca-key.pem ib_buffer_pool 
performance_schema undo_001
ca.pem ibdata1 
private_key.pem undo_002
client-cert.pem #innodb_redo 
public_key.pem
client-key.pem #innodb_temp servercert.pem
#ib_16384_0.dblwr mysql serverkey.pem

11.其他配置

[root@localhost mysql8]# cp supportfiles/mysql.server /etc/init.d/mysql8
[root@localhost mysql8]# ls /etc/init.d/mysql8
/etc/init.d/mysql8
[root@localhost mysql8]# ls /etc/init.d/
functions mysql8 mysql8ls netconsole network 
README
[root@localhost mysql8]#
# 默认情况下,启动⽂件认识安装⽬录在/usr/local/⽬录下
[root@localhost mysql8]# sed -n '/^basedir=/p'
/etc/init.d/mysql8
basedir=
[root@localhost mysql8]# sed -i
'/^basedir=/cbasedir=/mysql8' /etc/init.d/mysql8
[root@localhost mysql8]# sed -n '/^basedir=/p'
/etc/init.d/mysql8
basedir=/mysql8
[root@localhost mysql8]# sed -n '/^datadir=/p'
/etc/init.d/mysql8
datadir=
[root@localhost mysql8]# sed -i
'/^datadir=/cdatadir=/mysql8/data'
/etc/init.d/mysql8

12.启动服务 不能使⽤systemctl

ot@localhost mysql8]# service mysql8 start
Starting MySQL.Logging to
'/mysql8/data/localhost.localdomain.err'.
.. SUCCESS!
[root@localhost mysql8]# ls /mysql8/data/*.err
/mysql8/data/localhost.localdomain.err
# 启动成功后会⽣成err⽇志⽂件,多看看,了解启动的详细原因

二、安全用户角色权限
1.密码安全策略
查看密码策略

mysql> show variables like 'validate%';
+--------------------------------------+--------+
| Variable_name | Value |
+--------------------------------------+--------+
| validate_password.check_user_name | ON |
| validate_password.dictionary_file | |
| validate_password.length | 8 |
| validate_password.mixed_case_count | 1 |
| validate_password.number_count | 1 |
| validate_password.policy | MEDIUM |
| validate_password.special_char_count | 1 |
+--------------------------------------+--------+
7 rows in set (0.00 sec)

修改策略

mysql> set global validate_password.length=0;
mysql> set global validate_password.policy=LOW;
mysql> show variables like 'validate%';
+--------------------------------------+-------+
| Variable_name | Value |
+--------------------------------------+-------+
| validate_password.check_user_name | ON |
| validate_password.dictionary_file | |
| validate_password.length | 4 |
| validate_password.mixed_case_count | 0 |
| validate_password.number_count | 0 |
| validate_password.policy | LOW |
| validate_password.special_char_count | 0 |
+--------------------------------------+-------+

2.⽤户
创建⽤户

ysql> create user 'efg'@'%' identified by 'efg';
ERROR 1819 (HY000): Your password does not satisfy
the current policy requirements
mysql> create user 'efgh'@'%' identified by 'efgh';
Query OK, 0 rows affected (0.01 sec)
mysql> select host,user from mysql.user;
+-----------+------------------+
| host | user |
+-----------+------------------+
| % | efgh |
| % | root |
| % | zhangmin |
| localhost | mysql.infoschema |
| localhost | mysql.session |
| localhost | mysql.sys |
| localhost | test1 |
+-----------+------------------+

删除⽤户

mysql> drop user 'zhangmin';
Query OK, 0 rows affected (0.02 sec)
mysql> select user from mysql.user;
+------------------+
| user |
+------------------+
| efgh |
| root |
| mysql.infoschema |
| mysql.session |
| mysql.sys |
| test1 |
+------------------+
6 rows in set (0.00 sec)

修改⽤户

mysql> alter user 'zhangmin' identified by
'abc123';
Query OK, 0 rows affected (0.01 sec)

3.⻆⾊
创建⻆⾊

mysql> create role 'a';
Query OK, 0 rows affected (0.00 sec)
mysql> show grants for 'a';
+-------------------------------+
| Grants for a@% |
+-------------------------------+
| GRANT USAGE ON *.* TO `a`@`%` |
+-------------------------------+
1 row in set (0.00 sec)

4.权限
刷新权限

mysql> flush privileges;
Query OK, 0 rows affected (0.01 sec)

为root账号添加权限

mysql> grant system_user on *.* to "root";
mysql> show grants for 'root';
相关推荐
Mitch3115 分钟前
【漏洞复现】CVE-2014-3120 & CVE-2015-1427 Expression Injection
运维·web安全·elasticsearch·docker·apache
路飞雪吖~16 分钟前
【Linux】编写简易shell && 深度理解命令行解释器 && 环境变量 && 内建命令
linux·运维·服务器
BUG制造机.17 分钟前
修炼之道 ---其四
linux·c++
神奇侠202438 分钟前
基于Centos7.X系统端口占用处理
linux·运维·服务器
阿智@112 小时前
Node.js 助力前端开发:自动化操作实战
运维·前端·node.js·自动化
万万君2 小时前
Linux 更改Jenkins使用其他账户启动
linux·jenkins
赤叶丶秋枫2 小时前
Jenkins入门使用
运维·jenkins
开心最重要(*^▽^*)2 小时前
Metricbeat安装教程——Linux——Metricbeat监控ES集群
linux·elasticsearch
紫菜(Nori)2 小时前
Jenkins Api Token 访问问题
运维·jenkins
love530love2 小时前
Windows 11 中利用 WSL - Linux 虚拟环境部署 ChatTTS-Enhanced 项目教程
linux·运维·windows