Glibc安装及安全用户角色权限

一、Glibc安装
安装步骤
1.安装依赖库

复制代码
[root@localhost ~]# yum list installed |grep libaio
libaio.x86_64 0.3.109-
13.el7 @anaconda
[root@localhost ~]#

2.解压查看

复制代码
[root@localhost ~]# ls
mysql-8.0.33-linux-glibc2.12-x86_64.tar
[root@localhost ~]# tar -xvf mysql-8.0.33-linuxglibc2.12-x86_64.tar
mysql-8.0.33-linux-glibc2.12-x86_64.tar.xz
mysql-router-8.0.33-linux-glibc2.12-x86_64.tar.xz
[root@localhost ~]# tar -xvf mysql-8.0.33-linuxglibc2.12-x86_64.tar.xz
mysql-8.0.33-linux-glibc2.12-x86_64
[root@localhost ~]# ls mysql-8.0.33-linuxglibc2.12-x86_64/
bin docs include lib LICENSE man README 
share support-files

3.创建⽤户

复制代码
[root@localhost ~]# useradd -r -s /sbin/nologin
mysql
[root@localhost ~]# id mysql
uid=27(mysql) gid=27(mysql) 组=27(mysql)

4.清空其他环境 mariadb

复制代码
[root@localhost ~]# rm -rf /etc/my.cnf

5.将解压⽂件放置在根⽬录下

复制代码
[root@localhost ~]# mv mysql-8.0.33-linuxglibc2.12-x86_64/ /mysql8
[root@localhost ~]# ls /mysql8/
bin docs include lib LICENSE man README 
share support-files

6.切换mysql8⽬录,创建⼀个mysq files

复制代码
cd /mysql8/
mkdir mysql-files

7.修改mysql-files⽂件权限750和所属 mysql

复制代码
[root@localhost mysql8]# chown mysql:mysql mysqlfiles/
[root@localhost mysql8]# chmod 750 mysql-files/
[root@localhost mysql8]# ls -l
总⽤量 296
drwxr-xr-x. 2 7161 31415 4096 3⽉ 17 2023 bin
drwxr-xr-x. 2 7161 31415 38 3⽉ 17 2023 docs
drwxr-xr-x. 3 7161 31415 4096 3⽉ 17 2023
include
drwxr-xr-x. 6 7161 31415 201 3⽉ 17 2023 lib
-rw-r--r--. 1 7161 31415 284945 3⽉ 17 2023
LICENSE
drwxr-xr-x. 4 7161 31415 30 3⽉ 17 2023 man
drwxr-x---. 2 mysql mysql 6 8⽉ 3 22:30
mysql-files
-rw-r--r--. 1 7161 31415 666 3⽉ 17 2023
README
drwxr-xr-x. 28 7161 31415 4096 3⽉ 17 2023
share
drwxr-xr-x. 2 7161 31415 77 3⽉ 17 2023
support-files

8.初始化数据库,找到初始密码

复制代码
[root@localhost mysql8]# ./bin/mysqld --initialize
--user=mysql --basedir=/mysql8
2024-08-03T14:34:53.993391Z 0 [System] [MY-013169]
[Server] /mysql8/bin/mysqld (mysqld 8.0.33)
initializing of server in progress as process 2236
2024-08-03T14:34:54.003043Z 1 [System] [MY-013576]
[InnoDB] InnoDB initialization has started.
2024-08-03T14:34:55.674077Z 1 [System] [MY-013577]
[InnoDB] InnoDB initialization has ended.
2024-08-03T14:34:58.133984Z 6 [Note] [MY-010454]
[Server] A temporary password is generated for
root@localhost: .I//GqI,Z2-k

9.查看是否初始化成功过,可以看⽂件夹中是否有data⽂件夹

复制代码
[root@localhost mysql8]# ls
bin docs lib man README 
support-files
data include LICENSE mysql-files share

10.设置ssl安全加密连接 敏感数据

复制代码
[root@localhost mysql8]# ls ./bin/*ssl*
./bin/mysql_ssl_rsa_setup
[root@localhost mysql8]# ./bin/mysql_ssl_rsa_setup
--datadir=/mysql8/data
[root@localhost mysql8]# ls ./data/
auto.cnf #ib_16384_1.dblwr mysql.ibd 
 sys
ca-key.pem ib_buffer_pool 
performance_schema undo_001
ca.pem ibdata1 
private_key.pem undo_002
client-cert.pem #innodb_redo 
public_key.pem
client-key.pem #innodb_temp servercert.pem
#ib_16384_0.dblwr mysql serverkey.pem

11.其他配置

复制代码
[root@localhost mysql8]# cp supportfiles/mysql.server /etc/init.d/mysql8
[root@localhost mysql8]# ls /etc/init.d/mysql8
/etc/init.d/mysql8
[root@localhost mysql8]# ls /etc/init.d/
functions mysql8 mysql8ls netconsole network 
README
[root@localhost mysql8]#
# 默认情况下,启动⽂件认识安装⽬录在/usr/local/⽬录下
[root@localhost mysql8]# sed -n '/^basedir=/p'
/etc/init.d/mysql8
basedir=
[root@localhost mysql8]# sed -i
'/^basedir=/cbasedir=/mysql8' /etc/init.d/mysql8
[root@localhost mysql8]# sed -n '/^basedir=/p'
/etc/init.d/mysql8
basedir=/mysql8
[root@localhost mysql8]# sed -n '/^datadir=/p'
/etc/init.d/mysql8
datadir=
[root@localhost mysql8]# sed -i
'/^datadir=/cdatadir=/mysql8/data'
/etc/init.d/mysql8

12.启动服务 不能使⽤systemctl

复制代码
ot@localhost mysql8]# service mysql8 start
Starting MySQL.Logging to
'/mysql8/data/localhost.localdomain.err'.
.. SUCCESS!
[root@localhost mysql8]# ls /mysql8/data/*.err
/mysql8/data/localhost.localdomain.err
# 启动成功后会⽣成err⽇志⽂件,多看看,了解启动的详细原因

二、安全用户角色权限
1.密码安全策略
查看密码策略

复制代码
mysql> show variables like 'validate%';
+--------------------------------------+--------+
| Variable_name | Value |
+--------------------------------------+--------+
| validate_password.check_user_name | ON |
| validate_password.dictionary_file | |
| validate_password.length | 8 |
| validate_password.mixed_case_count | 1 |
| validate_password.number_count | 1 |
| validate_password.policy | MEDIUM |
| validate_password.special_char_count | 1 |
+--------------------------------------+--------+
7 rows in set (0.00 sec)

修改策略

复制代码
mysql> set global validate_password.length=0;
mysql> set global validate_password.policy=LOW;
mysql> show variables like 'validate%';
+--------------------------------------+-------+
| Variable_name | Value |
+--------------------------------------+-------+
| validate_password.check_user_name | ON |
| validate_password.dictionary_file | |
| validate_password.length | 4 |
| validate_password.mixed_case_count | 0 |
| validate_password.number_count | 0 |
| validate_password.policy | LOW |
| validate_password.special_char_count | 0 |
+--------------------------------------+-------+

2.⽤户
创建⽤户

复制代码
ysql> create user 'efg'@'%' identified by 'efg';
ERROR 1819 (HY000): Your password does not satisfy
the current policy requirements
mysql> create user 'efgh'@'%' identified by 'efgh';
Query OK, 0 rows affected (0.01 sec)
mysql> select host,user from mysql.user;
+-----------+------------------+
| host | user |
+-----------+------------------+
| % | efgh |
| % | root |
| % | zhangmin |
| localhost | mysql.infoschema |
| localhost | mysql.session |
| localhost | mysql.sys |
| localhost | test1 |
+-----------+------------------+

删除⽤户

复制代码
mysql> drop user 'zhangmin';
Query OK, 0 rows affected (0.02 sec)
mysql> select user from mysql.user;
+------------------+
| user |
+------------------+
| efgh |
| root |
| mysql.infoschema |
| mysql.session |
| mysql.sys |
| test1 |
+------------------+
6 rows in set (0.00 sec)

修改⽤户

复制代码
mysql> alter user 'zhangmin' identified by
'abc123';
Query OK, 0 rows affected (0.01 sec)

3.⻆⾊
创建⻆⾊

复制代码
mysql> create role 'a';
Query OK, 0 rows affected (0.00 sec)
mysql> show grants for 'a';
+-------------------------------+
| Grants for a@% |
+-------------------------------+
| GRANT USAGE ON *.* TO `a`@`%` |
+-------------------------------+
1 row in set (0.00 sec)

4.权限
刷新权限

复制代码
mysql> flush privileges;
Query OK, 0 rows affected (0.01 sec)

为root账号添加权限

复制代码
mysql> grant system_user on *.* to "root";
mysql> show grants for 'root';
相关推荐
网易独家音乐人Mike Zhou13 分钟前
【Linux应用】交叉编译环境配置,以及最简单粗暴的环境移植(直接从目标板上复制)
linux·stm32·mcu·物联网·嵌入式·iot
柳如烟@38 分钟前
Docker安装ES :确保 Kibana 正确连接 Elasticsearch
运维·数据库·elasticsearch·docker·容器·kibana
网络工程师_ling1 小时前
【WLAN】华为无线AC双机热备负载分担—双链路热备份
运维·网络
饭来_1 小时前
配置 RDP 远程桌面协议连接ubuntu服务器桌面
linux·运维·服务器
李菠菜2 小时前
Redis主从/哨兵/集群离线部署指南
linux·运维·redis
qq_400552002 小时前
CI/CD自动化部署(持续集成和持续交付/部署)
运维·ci/cd·自动化
zyx没烦恼2 小时前
线程池&&单例模式
linux·开发语言·c++·单例模式
古德赖可可2 小时前
linux的例行性工作(at)
linux·运维·服务器
猪猪侠|ZZXia2 小时前
# 家庭网络IPv6地址的一些知识
linux·运维·服务器·网络·智能路由器
奋斗者职场日记2 小时前
Jenkins流水线管理工具
运维·jenkins