Linux (redhat8) installation and configuration of mysql8

This article installs mysql8 in the redhat8 system (192.168.100.100), and successfully accesses it through Navicat remotely in Ubuntu Kylin.

Installation command:yum install mysql-server

One, the path of the mysql file

After redhat8 installs mysql8 through yum, the configuration file is /etc/my.cnfthe /etc/my.cnf.d/directory called , the mysql-server.cnfmain configuration file mysql-default-authentication-plugin.cnfis the authentication file

mysql-server.cnfInitial parameters:

[root@hollowman ~]# vim /etc/my.cnf.d/mysql-server.cnf 
[mysqld]
datadir=/var/lib/mysql                #数据目录
socket=/var/lib/mysql/mysql.sock      #socket
log-error=/var/log/mysql/mysqld.log   #日志文件
pid-file=/run/mysqld/mysqld.pid       #PID文件

Two, mysql initialization

The initial installation of mysql8 does not have a password:

[root@hollowman ~]# cat /var/log/mysql/mysqld.log | grep password
2021-01-24T15:42:44.955519Z 5 [Warning] [MY-010453] [Server] root@localhost is created with an empty password ! Please consider switching off the --initialize-insecure option.

Secure initialization, set Root password and perform security settings

[root@hollowman ~]#mysql_secure_installation
Enter current password for root (enter for none):   #输入当前 root 用户密码，安装完后默认为空，可直接回车，除非已经设置过密码。
Set root password? [Y/n] y > >                      #是否设置root密码？
Remove anonymous users? [Y/n] y                     #是否要移除掉匿名用户？
Disallow root login remotely? [Y/n] y               #是否禁止root远程登陆？
Remove test database and access to it? [Y/n] y      #是否删除test数据库？
Reload privilege tables now? [Y/n] y                #是否重新加载权限？

You can also directly modify the password after entering with an empty password:

alter user 'root'@'localhost' identified with mysql_native_password by '密码`;

[root@hollowman mysql]# mysql -u root -p
Enter password: 
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 19
Server version: 8.0.13 Source distribution

Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> alter user 'root'@'localhost' identified with mysql_native_password by 'redhat';
Query OK, 0 rows affected (0.10 sec)

Three, add users who can be accessed by Navicat

mysql> use mysql;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Database changed

mysql> create user 'admin'@'%' identified by 'redhat';
Query OK, 0 rows affected (0.10 sec)

mysql> grant all on *.* to 'admin'@'%';
Query OK, 0 rows affected (0.04 sec)

mysql> select host,user,plugin from user;
+-----------+------------------+-----------------------+
| host      | user             | plugin                |
+-----------+------------------+-----------------------+
| %         | admin            | mysql_native_password |
| localhost | mysql.infoschema | caching_sha2_password |
| localhost | mysql.session    | caching_sha2_password |
| localhost | mysql.sys        | caching_sha2_password |
| localhost | root             | mysql_native_password |
+-----------+------------------+-----------------------+
5 rows in set (0.01 sec)

Fourth, the solution to the error prompt of Navicat remote connection

Navicat connects to the database and prompts the following error message:
2003-can't connect to mysql_server on '192.168.100.100' (113 "The route to the host was not found")

Problem judgment:
Redhat firewall is playing tricks, there are two redhat firewalls, iptables (pre-redhat8 version), firewalld (redhat7 later version)

iptables disable firewall rules (redhat8 does not install iptables by default):

iptables -F   #因为redhat8未装iptables，此处可成功，但无意义
service iptables save   #因为redhat8未安装iptables，所以此处失败，只是体验一下关闭防火墙的过程，无关紧要

Firewalld configuration method:

The first method: turn off the firewall directly

[root@hollowman ~]# systemctl stop firewalld 
[root@hollowman ~]# systemctl disabled firewalld

The second method: to determine that the firewall should prohibit the mysql service, just add the mysql service

[root@hollowman ~]# firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: ens160
  sources: 
  services: cockpit dhcpv6-client ssh
  ports: 
  protocols: 
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules: 

[root@hollowman ~]# firewall-cmd --add-service=mysql --permanent --zone=public 
success

[root@hollowman ~]# firewall-cmd --reload 
success

[root@hollowman ~]# firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: ens160
  sources: 
  services: cockpit dhcpv6-client mysql ssh
  ports: 
  protocols: 
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules: 

Screenshot of Navicat connection test: