Install mysql5.6.48
1. Install dependencies
yum install -y libaio perl perl-devel
2. Download and install software
gunzip mysql-5.6.48-linux-glibc2.12-x86_64.tar.gz
mkdir /usr/local/mysql56
tar xf mysql-5.6.48-linux-glibc2.12-x86_64.tar -C /usr/local/mysql56
tail -1 /etc/profile
export PATH=/usr/local/mysql56/bin/:$PATH
source /etc/profile
3. Create users and write configuration files
useradd -s /sbin/nologin -M mysql
cat >/etc/my.cnf<<EOF
[mysqld]
basedir=/usr/local/mysql56
datadir=/data/3307/data
user=mysql
server_id=5107
log-error=/data/3307/error.log
log_bin=/data/3307/mysql-bin
skip_name_resolve
port=3307
[mysql]
socket=/data/3307/mysql.sock
EOF
4. Initialize and start
yum -y install autoconf
/usr/local/mysql56/scripts/mysql_install_db --user=mysql --basedir=/usr/local/mysql56 --datadir=/data/3307/data
/usr/local/mysql56/support-files/mysql.server start
The two initialization options
-initialize: will write a random root password in the error log, search for password in error.log
-initialize-secure: initialization will not generate a password
5. Security reinforcement
- Delete non-root or non-localhost users and change the root password
mysql> select user,host from mysql.user;
+------+-----------+
| user | host |
+------+-----------+
| root | 127.0.0.1 |
| root | ::1 |
| | centos7 |
| root | centos7 |
| | localhost |
| root | localhost |
+------+-----------+
6 rows in set (0.00 sec)
mysql> delete from mysql.user where user !='root' or host!='localhost';
Query OK, 5 rows affected (0.00 sec)
mysql> select user,host from mysql.user;
+------+-----------+
| user | host |
+------+-----------+
| root | localhost |
+------+-----------+
1 row in set (0.00 sec)
- Delete test library
mysql> use mysql;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> desc db;
+-----------------------+---------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+-----------------------+---------------+------+-----+---------+-------+
| Host | char(60) | NO | PRI | | |
| Db | char(64) | NO | PRI | | |
| User | char(16) | NO | PRI | | |
| Select_priv | enum('N','Y') | NO | | N | |
| Insert_priv | enum('N','Y') | NO | | N | |
| Update_priv | enum('N','Y') | NO | | N | |
| Delete_priv | enum('N','Y') | NO | | N | |
| Create_priv | enum('N','Y') | NO | | N | |
| Drop_priv | enum('N','Y') | NO | | N | |
| Grant_priv | enum('N','Y') | NO | | N | |
| References_priv | enum('N','Y') | NO | | N | |
| Index_priv | enum('N','Y') | NO | | N | |
| Alter_priv | enum('N','Y') | NO | | N | |
| Create_tmp_table_priv | enum('N','Y') | NO | | N | |
| Lock_tables_priv | enum('N','Y') | NO | | N | |
| Create_view_priv | enum('N','Y') | NO | | N | |
| Show_view_priv | enum('N','Y') | NO | | N | |
| Create_routine_priv | enum('N','Y') | NO | | N | |
| Alter_routine_priv | enum('N','Y') | NO | | N | |
| Execute_priv | enum('N','Y') | NO | | N | |
| Event_priv | enum('N','Y') | NO | | N | |
| Trigger_priv | enum('N','Y') | NO | | N | |
+-----------------------+---------------+------+-----+---------+-------+
22 rows in set (0.01 sec)
mysql> select * from mysql.db;
+------+---------+------+-------------+-------------+-------------+-------------+-------------+-----------+------------+-----------------+------------+------------+-----------------------+------------------+------------------+----------------+---------------------+--------------------+--------------+------------+--------------+
| Host | Db | User | Select_priv | Insert_priv | Update_priv | Delete_priv | Create_priv | Drop_priv | Grant_priv | References_priv | Index_priv | Alter_priv | Create_tmp_table_priv | Lock_tables_priv | Create_view_priv | Show_view_priv | Create_routine_priv | Alter_routine_priv | Execute_priv | Event_priv | Trigger_priv |
+------+---------+------+-------------+-------------+-------------+-------------+-------------+-----------+------------+-----------------+------------+------------+-----------------------+------------------+------------------+----------------+---------------------+--------------------+--------------+------------+--------------+
| % | test | | Y | Y | Y | Y | Y | Y | N | Y | Y | Y | Y | Y | Y | Y | Y | N | N | Y | Y |
| % | test\_% | | Y | Y | Y | Y | Y | Y | N | Y | Y | Y | Y | Y | Y | Y | Y | N | N | Y | Y |
+------+---------+------+-------------+-------------+-------------+-------------+-------------+-----------+------------+-----------------+------------+------------+-----------------------+------------------+------------------+----------------+---------------------+--------------------+--------------+------------+--------------+
2 rows in set (0.00 sec)
mysql> select * from mysql.db\G
*************************** 1. row ***************************
Host: %
Db: test
User:
Select_priv: Y
Insert_priv: Y
Update_priv: Y
Delete_priv: Y
Create_priv: Y
Drop_priv: Y
Grant_priv: N
References_priv: Y
Index_priv: Y
Alter_priv: Y
Create_tmp_table_priv: Y
Lock_tables_priv: Y
Create_view_priv: Y
Show_view_priv: Y
Create_routine_priv: Y
Alter_routine_priv: N
Execute_priv: N
Event_priv: Y
Trigger_priv: Y
*************************** 2. row ***************************
Host: %
Db: test\_%
User:
Select_priv: Y
Insert_priv: Y
Update_priv: Y
Delete_priv: Y
Create_priv: Y
Drop_priv: Y
Grant_priv: N
References_priv: Y
Index_priv: Y
Alter_priv: Y
Create_tmp_table_priv: Y
Lock_tables_priv: Y
Create_view_priv: Y
Show_view_priv: Y
Create_routine_priv: Y
Alter_routine_priv: N
Execute_priv: N
Event_priv: Y
Trigger_priv: Y
2 rows in set (0.00 sec)
mysql> drop database test;
Query OK, 0 rows affected (0.00 sec)
Note : In mysql5.6.x, the db table library level permissions of the mysql library are for any user of the test library, and any address has access permissions, that is, users without permissions can operate on the test library. Therefore, the table should be cleaned up in the mysql5.6 version. The test library is removed in the mysql5.7 version, but the sys library is added, which has the corresponding sys library permissions. Please ignore to clean the table in the mysql5.7 version.
mysql> truncate table mysql.db;
Query OK, 0 rows affected (0.00 sec)
/*
如果是mysql5.7版本或mysql8.0的请忽略掉下面几个用户
*/
mysql> delete from mysql.db where user not in ('mysql.sys','mysql.session','mysqlxsys','root','mysql.infoschema') or host not in ('localhost');
Query OK, 0 rows affected (0.00 sec)
/* 验证数据*/
mysql> select * from mysql.db;
Empty set (0.00 sec)
- In the mysql5.6.x version, you can use the mysql_secure_installation script or delete the non-test library