Glibc安装及安全用户角色权限

墨染默笙2024-08-06 8:31

一、Glibc安装
安装步骤
1.安装依赖库

[root@localhost ~]# yum list installed |grep libaio
libaio.x86_64 0.3.109-
13.el7 @anaconda
[root@localhost ~]#

2.解压查看

[root@localhost ~]# ls
mysql-8.0.33-linux-glibc2.12-x86_64.tar
[root@localhost ~]# tar -xvf mysql-8.0.33-linuxglibc2.12-x86_64.tar
mysql-8.0.33-linux-glibc2.12-x86_64.tar.xz
mysql-router-8.0.33-linux-glibc2.12-x86_64.tar.xz
[root@localhost ~]# tar -xvf mysql-8.0.33-linuxglibc2.12-x86_64.tar.xz
mysql-8.0.33-linux-glibc2.12-x86_64
[root@localhost ~]# ls mysql-8.0.33-linuxglibc2.12-x86_64/
bin docs include lib LICENSE man README 
share support-files

3.创建⽤户

[root@localhost ~]# useradd -r -s /sbin/nologin
mysql
[root@localhost ~]# id mysql
uid=27(mysql) gid=27(mysql) 组=27(mysql)

4.清空其他环境 mariadb

[root@localhost ~]# rm -rf /etc/my.cnf

5.将解压⽂件放置在根⽬录下

[root@localhost ~]# mv mysql-8.0.33-linuxglibc2.12-x86_64/ /mysql8
[root@localhost ~]# ls /mysql8/
bin docs include lib LICENSE man README 
share support-files

6.切换mysql8⽬录,创建⼀个mysq files

cd /mysql8/
mkdir mysql-files

7.修改mysql-files⽂件权限750和所属 mysql

[root@localhost mysql8]# chown mysql:mysql mysqlfiles/
[root@localhost mysql8]# chmod 750 mysql-files/
[root@localhost mysql8]# ls -l
总⽤量 296
drwxr-xr-x. 2 7161 31415 4096 3⽉ 17 2023 bin
drwxr-xr-x. 2 7161 31415 38 3⽉ 17 2023 docs
drwxr-xr-x. 3 7161 31415 4096 3⽉ 17 2023
include
drwxr-xr-x. 6 7161 31415 201 3⽉ 17 2023 lib
-rw-r--r--. 1 7161 31415 284945 3⽉ 17 2023
LICENSE
drwxr-xr-x. 4 7161 31415 30 3⽉ 17 2023 man
drwxr-x---. 2 mysql mysql 6 8⽉ 3 22:30
mysql-files
-rw-r--r--. 1 7161 31415 666 3⽉ 17 2023
README
drwxr-xr-x. 28 7161 31415 4096 3⽉ 17 2023
share
drwxr-xr-x. 2 7161 31415 77 3⽉ 17 2023
support-files

8.初始化数据库,找到初始密码

[root@localhost mysql8]# ./bin/mysqld --initialize
--user=mysql --basedir=/mysql8
2024-08-03T14:34:53.993391Z 0 [System] [MY-013169]
[Server] /mysql8/bin/mysqld (mysqld 8.0.33)
initializing of server in progress as process 2236
2024-08-03T14:34:54.003043Z 1 [System] [MY-013576]
[InnoDB] InnoDB initialization has started.
2024-08-03T14:34:55.674077Z 1 [System] [MY-013577]
[InnoDB] InnoDB initialization has ended.
2024-08-03T14:34:58.133984Z 6 [Note] [MY-010454]
[Server] A temporary password is generated for
root@localhost: .I//GqI,Z2-k

9.查看是否初始化成功过,可以看⽂件夹中是否有data⽂件夹

[root@localhost mysql8]# ls
bin docs lib man README 
support-files
data include LICENSE mysql-files share

10.设置ssl安全加密连接 敏感数据

[root@localhost mysql8]# ls ./bin/*ssl*
./bin/mysql_ssl_rsa_setup
[root@localhost mysql8]# ./bin/mysql_ssl_rsa_setup
--datadir=/mysql8/data
[root@localhost mysql8]# ls ./data/
auto.cnf #ib_16384_1.dblwr mysql.ibd 
 sys
ca-key.pem ib_buffer_pool 
performance_schema undo_001
ca.pem ibdata1 
private_key.pem undo_002
client-cert.pem #innodb_redo 
public_key.pem
client-key.pem #innodb_temp servercert.pem
#ib_16384_0.dblwr mysql serverkey.pem

11.其他配置

[root@localhost mysql8]# cp supportfiles/mysql.server /etc/init.d/mysql8
[root@localhost mysql8]# ls /etc/init.d/mysql8
/etc/init.d/mysql8
[root@localhost mysql8]# ls /etc/init.d/
functions mysql8 mysql8ls netconsole network 
README
[root@localhost mysql8]#
# 默认情况下,启动⽂件认识安装⽬录在/usr/local/⽬录下
[root@localhost mysql8]# sed -n '/^basedir=/p'
/etc/init.d/mysql8
basedir=
[root@localhost mysql8]# sed -i
'/^basedir=/cbasedir=/mysql8' /etc/init.d/mysql8
[root@localhost mysql8]# sed -n '/^basedir=/p'
/etc/init.d/mysql8
basedir=/mysql8
[root@localhost mysql8]# sed -n '/^datadir=/p'
/etc/init.d/mysql8
datadir=
[root@localhost mysql8]# sed -i
'/^datadir=/cdatadir=/mysql8/data'
/etc/init.d/mysql8

12.启动服务 不能使⽤systemctl

ot@localhost mysql8]# service mysql8 start
Starting MySQL.Logging to
'/mysql8/data/localhost.localdomain.err'.
.. SUCCESS!
[root@localhost mysql8]# ls /mysql8/data/*.err
/mysql8/data/localhost.localdomain.err
# 启动成功后会⽣成err⽇志⽂件,多看看,了解启动的详细原因

二、安全用户角色权限
1.密码安全策略
查看密码策略

mysql> show variables like 'validate%';
+--------------------------------------+--------+
| Variable_name | Value |
+--------------------------------------+--------+
| validate_password.check_user_name | ON |
| validate_password.dictionary_file | |
| validate_password.length | 8 |
| validate_password.mixed_case_count | 1 |
| validate_password.number_count | 1 |
| validate_password.policy | MEDIUM |
| validate_password.special_char_count | 1 |
+--------------------------------------+--------+
7 rows in set (0.00 sec)

修改策略

mysql> set global validate_password.length=0;
mysql> set global validate_password.policy=LOW;
mysql> show variables like 'validate%';
+--------------------------------------+-------+
| Variable_name | Value |
+--------------------------------------+-------+
| validate_password.check_user_name | ON |
| validate_password.dictionary_file | |
| validate_password.length | 4 |
| validate_password.mixed_case_count | 0 |
| validate_password.number_count | 0 |
| validate_password.policy | LOW |
| validate_password.special_char_count | 0 |
+--------------------------------------+-------+

2.⽤户
创建⽤户

ysql> create user 'efg'@'%' identified by 'efg';
ERROR 1819 (HY000): Your password does not satisfy
the current policy requirements
mysql> create user 'efgh'@'%' identified by 'efgh';
Query OK, 0 rows affected (0.01 sec)
mysql> select host,user from mysql.user;
+-----------+------------------+
| host | user |
+-----------+------------------+
| % | efgh |
| % | root |
| % | zhangmin |
| localhost | mysql.infoschema |
| localhost | mysql.session |
| localhost | mysql.sys |
| localhost | test1 |
+-----------+------------------+

删除⽤户

mysql> drop user 'zhangmin';
Query OK, 0 rows affected (0.02 sec)
mysql> select user from mysql.user;
+------------------+
| user |
+------------------+
| efgh |
| root |
| mysql.infoschema |
| mysql.session |
| mysql.sys |
| test1 |
+------------------+
6 rows in set (0.00 sec)

修改⽤户

mysql> alter user 'zhangmin' identified by
'abc123';
Query OK, 0 rows affected (0.01 sec)

3.⻆⾊
创建⻆⾊

mysql> create role 'a';
Query OK, 0 rows affected (0.00 sec)
mysql> show grants for 'a';
+-------------------------------+
| Grants for a@% |
+-------------------------------+
| GRANT USAGE ON *.* TO `a`@`%` |
+-------------------------------+
1 row in set (0.00 sec)

4.权限
刷新权限

mysql> flush privileges;
Query OK, 0 rows affected (0.01 sec)

为root账号添加权限

mysql> grant system_user on *.* to "root";
mysql> show grants for 'root';
相关推荐
冰 河12 分钟前
《Nginx核心技术》第16章:实现Nginx的高可用负载均衡
运维·nginx·程序员·负载均衡·高可用
zealous_zzx41 分钟前
深度解析Linux系统和Unix系统的基本概念及优缺点和原理
linux·unix
丢爸1 小时前
网络学习-eNSP配置NAT
linux·网络·学习
沐风ya1 小时前
NAT技术介绍+缺陷(内网穿透+工具),NAPT(介绍,替换过程,原理,NAT转换表)
linux·服务器·网络
天启代理ip2 小时前
HTTP隧道代理:互联网冲浪的隐形翅膀
服务器·网络·爬虫·网络协议·tcp/ip
别挡3 小时前
CentOS Stream 8中安装和使用 Docker
linux·docker·centos
人工智障调包侠4 小时前
Linux 目录介绍
linux·运维·服务器
愤怒的代码4 小时前
Centos使用阿里云镜像安装docker
linux·docker·centos
hakesashou4 小时前
python怎么输入中文
java·服务器·python
Java小白白同学5 小时前
Linux 硬盘扩容操作手册
linux·运维·服务器
热门推荐
0151-2 万字长文,深度解读端到端自动驾驶的挑战和前沿022024年高教社杯数学建模国赛C题超详细解题思路分析03【2024数模国赛赛题思路公开】国赛B题思路丨附可运行代码丨无偿自提04RAG 实践- Ollama+RagFlow 部署本地知识库05【2024高教社杯全国大学生数学建模竞赛】B题 生产过程中的决策问题——解题思路 代码 论文062024 高教社杯 数学建模国赛 (A题)深度剖析|“板凳龙” 闹元宵|数学建模完整代码+建模过程全解全析07Coze扣子平台完整体验和实践(附国内和国际版对比)082024年高教杯国赛(C题)数学建模竞赛解题思路|完整代码论文集合092024 年高教社杯全国大学生数学建模竞赛题目-A 题 “板凳龙” 闹元宵10【SCS-CN】SCS-CN模型中CN值的确定