18.2 初始化mariaDB服务
相较于MySQL,MariaDB数据库管理系统有了很多新鲜的扩展特性,例如对微秒级别的支持、线程池、子查询优化、进程报告等。在配置妥当Yum软件仓库后,即可安装部署MariaDB数据库主程序及服务端程序了。
在安装完毕后,记得启动服务程序,并将其加入到开机启动项中。
- [root@linuxprobe ~]# yum install mariadb mariadb-server
- Loaded plugins: langpacks, product-id, subscription-manager
- ………………省略部分输出信息………………
- Installing:
- mariadb x86_64 1:5.5.35-3.el7 rhel 8.9 M
- mariadb-server x86_64 1:5.5.35-3.el7 rhel 11 M
- Installing for dependencies:
- perl-Compress-Raw-Bzip2 x86_64 2.061-3.el7 rhel 32 k
- perl-Compress-Raw-Zlib x86_64 1:2.061-4.el7 rhel 57 k
- perl-DBD-MySQL x86_64 4.023-5.el7 rhel 140 k
- perl-DBI x86_64 1.627-4.el7 rhel 802 k
- perl-Data-Dumper x86_64 2.145-3.el7 rhel 47 k
- perl-IO-Compress noarch 2.061-2.el7 rhel 260 k
- perl-Net-Daemon noarch 0.48-5.el7 rhel 51 k
- perl-PlRPC noarch 0.2020-14.el7 rhel 36 k
- Transaction Summary
- ================================================================================
- Install 2 Packages (+8 Dependent packages)
- Total download size: 21 M
- Installed size: 107 M
- Is this ok [y/d/N]: y
- Downloading packages:
- --------------------------------------------------------------------------------
- Total 82 MB/s | 21 MB 00:00
- Running transaction check
- Running transaction test
- Transaction test succeeded
- Running transaction
- ………………省略部分输出信息………………
- Installed:
- mariadb.x86_64 1:5.5.35-3.el7 mariadb-server.x86_64 1:5.5.35-3.el7
- Dependency Installed:
- perl-Compress-Raw-Bzip2.x86_64 0:2.061-3.el7
- perl-Compress-Raw-Zlib.x86_64 1:2.061-4.el7
- perl-DBD-MySQL.x86_64 0:4.023-5.el7
- perl-DBI.x86_64 0:1.627-4.el7
- perl-Data-Dumper.x86_64 0:2.145-3.el7
- perl-IO-Compress.noarch 0:2.061-2.el7
- perl-Net-Daemon.noarch 0:0.48-5.el7
- perl-PlRPC.noarch 0:0.2020-14.el7
- Complete!
- [root@linuxprobe ~]# systemctl start mariadb
- [root@linuxprobe ~]# systemctl enable mariadb
- ln -s '/usr/lib/systemd/system/mariadb.service' '/etc/systemd/system/multi-user.target.wants/mariadb.service'
在确认MariaDB数据库软件程序安装完毕并成功启动后请不要立即使用。为了确保数据库的安全性和正常运转,需要先对数据库程序进行初始化操作。这个初始化操作涉及下面5个步骤。
- 设置root管理员在数据库中的密码值(注意,该密码并非root管理员在系统中的密码,这里的密码值默认应该为空,可直接按回车键)。
- 设置root管理员在数据库中的专有密码。
- 随后删除匿名账户,并使用root管理员从远程登录数据库,以确保数据库上运行的业务的安全性。
- 删除默认的测试数据库,取消测试数据库的一系列访问权限。
- 刷新授权列表,让初始化的设定立即生效。对于上述数据库初始化的操作步骤,刘遄老师已经在下面的输出信息旁边进行了简单注释,确保各位读者更直观地了解要输入的内容:
- [root@linuxprobe ~]# mysql_secure_installation
- /usr/bin/mysql_secure_installation: line 379: find_mysql_client: command not found
- NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
- SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
- In order to log into MariaDB to secure it, we'll need the current
- password for the root user. If you've just installed MariaDB, and
- you haven't set the root password yet, the password will be blank,
- so you should just press enter here.
- Enter current password for root (enter for none): 当前数据库密码为空,直接按回车键
- OK, successfully used password, moving on...
- Setting the root password ensures that nobody can log into the MariaDB
- root user without the proper authorisation.
- Set root password? [Y/n] y
- New password:输入要为root管理员设置的数据库密码
- Re-enter new password:再次输入密码
- Password updated successfully!
- Reloading privilege tables..
- ... Success!
- By default, a MariaDB installation has an anonymous user, allowing anyone
- to log into MariaDB without having to have a user account created for
- them. This is intended only for testing, and to make the installation
- go a bit smoother. You should remove them before moving into a
- production environment.
- Remove anonymous users? [Y/n] y(删除匿名账户)
- ... Success!
- Normally, root should only be allowed to connect from 'localhost'. This
- ensures that someone cannot guess at the root password from the network.
- Disallow root login remotely? [Y/n] y(禁止root管理员从远程登录)
- ... Success!
- By default, MariaDB comes with a database named 'test' that anyone can
- access. This is also intended only for testing, and should be removed
- before moving into a production environment.
- Remove test database and access to it? [Y/n] y(删除test数据库并取消对它的访问权限)
- - Dropping test database...
- ... Success!
- - Removing privileges on test database...
- ... Success!
- Reloading the privilege tables will ensure that all changes made so far
- will take effect immediately.
- Reload privilege tables now? [Y/n] y(刷新授权表,让初始化后的设定立即生效)
- ... Success!
- Cleaning up...
- All done! If you've completed all of the above steps, your MariaDB
- installation should now be secure.
- Thanks for using MariaDB!
在很多生产环境中都需要使用站库分离的技术(即网站和数据库不在同一个服务器上),如果需要让root管理员远程访问数据库,可在上面的初始化操作中设置策略,以允许root管理员从远程访问。然后还需要设置防火墙,使其放行对数据库服务程序的访问请求,数据库服务程序默认会占用3306端口,在防火墙策略中服务名称统一叫作mysql:
- [root@linuxprobe ~]# firewall-cmd --permanent --add-service=mysql
- success
- [root@linuxprobe ~]# firewall-cmd --reload
- success
一切准备就绪。现在我们将首次登录MariaDB数据库。其中,-u参数用来指定以root管理员的身份登录,而-p参数用来验证该用户在数据库中的密码值。
- [root@linuxprobe ~]# mysql -u root -p
- Enter password: 此处输入root管理员在数据库中的密码
- Welcome to the MariaDB monitor. Commands end with ; or \g.
- Your MariaDB connection id is 5
- Server version: 5.5.35-MariaDB MariaDB Server
- Copyright (c) 2000, 2013, Oracle, Monty Program Ab and others.
- Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
- MariaDB [(none)]>
在登录MariaDB数据库后执行数据库命令时,都需要在命令后面用分号(;)结尾,这也是与Linux命令最显著的区别。大家需要慢慢习惯数据库命令的这种设定。下面执行如下命令查看数据库管理系统中当前都有哪些数据库:
- MariaDB [(none)]> SHOW databases;
- +--------------------+
- | Database |
- +--------------------+
- | information_schema |
- | mysql |
- | performance_schema |
- +--------------------+
- 3 rows in set (0.01 sec)
小试牛刀过后,接下来使用数据库命令将root管理员在数据库管理系统中的密码值修改为linuxprobe。这样退出后再尝试登录,如果还坚持输入原先的密码,则将提示访问失败。
- MariaDB [(none)]> SET password = PASSWORD('linuxprobe');
- Query OK, 0 rows affected (0.00 sec)
- MariaDB [(none)]> exit
- Bye
- [root@linuxprobe ~]# mysql -u root -p
- Enter password:此处输入root管理员在数据库中的新密码
- ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)