1. 更新系統(tǒng)
在開始安裝前���,先更新一下系統(tǒng)�����。命令如下:
sudo apt update
sudo apt upgrade
2. 使用APT自動(dòng)安裝MySQL8
使用APT方式安裝MySQL8時(shí)�����,通常會(huì)安裝MySQL的最新版本�,且能夠自動(dòng)配置服務(wù)和環(huán)境變量。
sudo apt install mysql-server
運(yùn)行命令后�,在詢問是否安裝時(shí)選擇“Y”。
安裝完成后����,MySQL會(huì)自動(dòng)啟動(dòng),可以使用以下命令測試MySQL安裝情況:
houor@IIP03:~$ systemctl status mysql
● mysql.service - MySQL Community Server
Loaded: loaded (/lib/systemd/system/mysql.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2022-09-03 12:14:00 CST; 28s ago
Process: 5862 ExecStartPre=/usr/share/mysql/mysql-systemd-start pre (code=exited, status=0/SUCCESS)
Main PID: 5870 (mysqld)
Status: "Server is operational"
Tasks: 38 (limit: 18988)
Memory: 358.3M
CPU: 685ms
CGroup: /system.slice/mysql.service
└─5870 /usr/sbin/mysqld
9月 03 12:14:00 IIP03 systemd[1]: Starting MySQL Community Server...
9月 03 12:14:00 IIP03 systemd[1]: Started MySQL Community Server.
可以確認(rèn)MySQL已經(jīng)安裝成功����。
3. 設(shè)置MySQL安全選項(xiàng)
使用MySQL安全配置向?qū)ysql_secure_installation配置MySQL安全選項(xiàng)。其中的設(shè)置如下:
houor@IIP03:~$ sudo mysql_secure_installation
Securing the MySQL server deployment.
Connecting to MySQL using a blank password.
# 為root用戶設(shè)置密碼
VALIDATE PASSWORD COMPONENT can be used to test passwords
and improve security. It checks the strength of password
and allows the users to set only those passwords which are
secure enough. Would you like to setup VALIDATE PASSWORD component?
Press y|Y for Yes, any other key for No: y
# 可以設(shè)置三種密碼驗(yàn)證策略
There are three levels of password validation policy:
LOW Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters and dictionary file
Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 2
Please set the password for root here.
# 輸入密碼
New password:
Re-enter new password:
Estimated strength of the password: 100
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : y
# 是否刪除匿名用戶
# 生產(chǎn)環(huán)境中一般要?jiǎng)h除匿名用戶
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.
Remove anonymous users? (Press y|Y for Yes, any other key for No) : y
Success.
# 是否運(yùn)行root用戶遠(yuǎn)程登錄
Normally, root should only be allowed to connect from
'localhost'. This ensures that someone cannot guess at
the root password from the network.
Disallow root login remotely? (Press y|Y for Yes, any other key for No) :
... skipping.
By default, MySQL comes with a database named 'test' that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.
# 是否刪除test數(shù)據(jù)庫
Remove test database and access to it? (Press y|Y for Yes, any other key for No) :
... skipping.
Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.
# 開始刷新授權(quán)表���,使設(shè)置生效
Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y
Success.
All done!
4. 遷移MySQL數(shù)據(jù)文件到指定位置
- 關(guān)閉MySQL服務(wù)
systemctl stop mysql
- 創(chuàng)建data文件夾并復(fù)制文件
sudo mkdir /data
注意:mysql用戶應(yīng)有data文件夾的讀寫權(quán)限�����。
創(chuàng)建data文件夾后�,將/var/lib/mysql文件夾復(fù)制到/data下。為確保文件完整復(fù)制�,使用rsync復(fù)制并檢查文件完整性。其中:參數(shù)-a表示修改時(shí)間/鏈接等元信息一同復(fù)制����。如下所示:
sudo rsync -a /var/lib/mysql /data/
- 修改配置文件(/etc/mysql/mysql.conf.d/mysqld.cnf)中數(shù)據(jù)文件信息
在MySQL8中,配置文件是/etc/mysql/mysql.conf.d/mysqld.cnf�。使用vim或nano打開該配置文件,將datadir設(shè)置為修改后的數(shù)據(jù)文件位置��。
sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf
修改屬性datadir到指定位置:
datadir = /data/mysql
- 修改服務(wù)配置文件
MySQL的服務(wù)配置文件位于/etc/apparmor.d/usr.sbin.mysqld�。
打開配置文件:
sudo nano /etc/apparmor.d/usr.sbin.mysqld
打開文件后�,修改以下屬性:
# Allow data dir access
/data/mysql/ r,
/data/mysql/** rwk,
修改控制文件:
sudo nano /etc/apparmor.d/abstractions/mysql
修改訪問控制如下:
/data/mysql{,d}/mysql{,d}.sock rw,
重新啟動(dòng)apparmor:
systemctl restart apparmor
然后啟動(dòng)MySQL:
systemctl start mysql
MySQL數(shù)據(jù)目錄修改成功。
5. 配置遠(yuǎn)程root用戶訪問
- 修改或添加root用戶的遠(yuǎn)程連接Host
執(zhí)行以下SQL語句���,添加延遲訪問權(quán)限:
mysql> use mysql;
mysql> ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'your-pass-word';
mysql> update mysql.user set host='%' where user='root';
mysql> flush privileges;
- 開啟訪問權(quán)限
修改配置文件����,取消IP限制:
sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf
修改bind-address屬性��,或者直接注釋掉該屬性:
bind-address = *
6. 卸載MySQL
- 關(guān)閉MySQL服務(wù)
systemctl stop mysql
- 卸載相關(guān)的依賴
sudo apt remove --purge mysql-*
sudo apt autoremove
在刪除過程中�����,根據(jù)提示確認(rèn)即可。
3. 清理殘余文件
查詢是否還存在相關(guān)的依賴組件:
dpkg --list | grep mysql
如果還存在一些依賴�,則繼續(xù)用“apt remove 依賴包名稱”命令刪除;確認(rèn)刪除完整后��,清理殘余文件:
dpkg -l |grep ^rc|awk '{print $2}' |sudo xargs dpkg -P
sudo rm -rf /etc/mysql
sudo rm -rf /var/lib/mysql
