案例1:授权数据库用户
案例2:查看及撤销授权
案例3:重置数据库管理密码
案例4:远程维护数据库
案例5:企业OA系统部署
案例6:企业OA系统迁移1 Case 1: Authorized User Database
1.1 issue
This embodiment requires the operation authorization master MariaDB user accounts database, the following tasks:
1) the establishment of specialized warehouses oadb for the OA system, and authorized users
允许用户 runoa 从本机访问,对库 oadb 有全部权限
访问密码为 pwd@123
测试用户runoa的数据库访问权限2) The new administrator is named tarzan
允许从任何客户机('%')访问,对所有库有全部权限
访问密码为 tedu.cn1234
测试用户tarzan的数据库访问权限Step 1.2
This case needs to be achieved in the following steps.
Step one: the establishment of specialized warehouses oadb for the OA system, and authorized users
1) Create a database oadb
MariaDB [(none)]> CREATE DATABASE oadb;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]>2) authorized user to access this machine from runoa, have full access to the library oadb, access password is pwd @ 123
MariaDB [(none)]> GRANT all ON oadb.* TO runoa@localhost IDENTIFIED BY 'pwd@123';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]>3) test runoa database access
Another open a command line terminal, connect the unit to runoa user database, delete and rebuild oadb test library.
[root@zbx ~]# mysql -urunoa -ppwd@123
.. ..
MariaDB [(none)]> DROP DATABASE oadb;
Query OK, 0 rows affected (0.01 sec)
MariaDB [(none)]> CREATE DATABASE oadb;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> QUIT;
Bye
[root@zbx ~]#Step Two: Create a new administrator named tarzan
1) increase administrator user
Allow access from any other client ( '%'), you have full access to all the libraries, access password tedu.cn1234.
By GRANT administrator user has permission to authorized users.
MariaDB [(none)]> GRANT all ON *.* to tarzan@'%' IDENTIFIED BY 'tedu.cn1234' WITH GRANT OPTION;
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]>2) a new administrator user access, database access testing
When other hosts connect to the database using the mysql command to add -h host address options, such as access to MariaDB database located 192.168.10.7 from the client svr8.
[root@svr8 ~]# mysql -utarzan -ptedu.cn1234 -h192.168.10.7
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 2797
Server version: 5.5.56-MariaDB MariaDB Server
Copyright (c) 2000, 2017, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> Test new database zhdb:
MariaDB [(none)]> CREATE DATABASE zhdb;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]>Testing authorized database user zhwuji:
MariaDB [(none)]> GRANT all ON zhdb.* TO zhwuji@localhost IDENTIFIED BY 'pwd@123';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]>drop out:
MariaDB [(none)]> QUIT;
Bye
[root@zbx ~]#2 Case 2: View and revoke the authorization
2.1 problem
This example requires learn to view the MariaDB database and revoke the designation of the user's authorization to complete the following tasks:
1) Check the user permissions to access native database tarzan
2) revocation of all rights to the user tarzan visit all the libraries from any client
3) once again view the user tarzan access to native database of
2.2 steps
This case needs to be achieved in the following steps.
Step one: View user permissions to access native database tarzan
MariaDB [(none)]> SHOW GRANTS FOR tarzan@'%';
+----------------------------------------------------------------------------------------------------------------------------------+
| Grants for tarzan@% |
+----------------------------------------------------------------------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'tarzan'@'%' IDENTIFIED BY PASSWORD '*8AB2CB3B8352A05A9C4AB822AAF421001382BD5E' WITH GRANT OPTION |
+----------------------------------------------------------------------------------------------------------------------------------+
1 row in set (0.00 sec)
MariaDB [(none)]>Step two: revocation of all rights to the user tarzan visit all the libraries from any client
MariaDB [(none)]> REVOKE all ON *.* FROM tarzan@'%';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> Step three: Check again tarzan user rights to access native database
MariaDB [(none)]> SHOW GRANTS FOR tarzan@'%';
+-------------------------------------------------------------------------------------------------------------------------+
| Grants for tarzan@% |
+-------------------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'tarzan'@'%' IDENTIFIED BY PASSWORD '*8AB2CB3B8352A05A9C4AB822AAF421001382BD5E' WITH GRANT OPTION |
+-------------------------------------------------------------------------------------------------------------------------+
1 row in set (0.00 sec)
MariaDB [(none)]>3 Case 3: Reset Password Management Database
3.1 issue
The basic method of this example to reset the password database management requirements to learn, in order to obtain management rights in the case of forget or not know the MariaDB database management password, complete the following tasks:
1) Stop mariadb Service
2) Skip authorized to start database processes mysqld_safe
3) Reset Password Management
4) Close mysqld_safe process, the normal start mariadb Service
5) Verify new password
3.2 Step
This case needs to be achieved in the following steps.
Step one: Stop mariadb Service
[root@svr7 ~]# systemctl stop mariadb //停服务Step two: Skip authorized to start database processes mysqld_safe
[root@svr7 ~]# mysqld_safe --skip-grant-tables & //直起进程
[1] 105799
[root@svr7 ~]#Step three: Reset Password Management
1) Free password database
[root@svr7 ~]# mysql -uroot //免密码登入
.. ..
MariaDB [(none)]>2) Set a new password
MariaDB [(none)]> UPDATE mysql.user SET Password=password('pwd@123') WHERE User='root' AND Host='localhost'; //设置新密码
Query OK, 0 rows affected (0.00 sec)
Rows matched: 1 Changed: 0 Warnings: 0
MariaDB [(none)]> FLUSH PRIVILEGES; //刷新授权
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> 3) Exit connection
MariaDB [(none)]> QUIT //退出
ByeStep four: Turn off mysqld_safe process, the normal start mariadb Service
1) Close mysqld_safe process
[root@svr7 ~]# pkill -9 mysqld_safe //强关mysqld_safe
[1]+ 已杀死 mysqld_safe --skip-grant-tables2) normal startup mariadb Service
[root@svr7 ~]# systemctl restart mariadb //起正常服务Step Five: Verify new password
[root@svr7 ~]# mysql -uroot -ppwd@123 //验证新密码登入
.. ..
MariaDB [(none)]> QUIT
Bye
[root@svr7 ~]#4 Case 4: Remote maintenance of the database
4.1 problem
This example requires learn to maintain MariaDB database server MySQL-Front system by remote graphics software, complete the following tasks:
1) The authorized administrative user on the server MariaDB
允许root从任何IP地址访问本机,密码为 pwd@1232) From the Win client remote management server MariaDB
安装MySQL-Front管理软件
运行MySQL-Front程序,远程连接MariaDB服务器
查看studb库stuinfo表的数据内容
备份studb库Step 4.2
This case needs to be achieved in the following steps.
Step one: The authorized administrative user in the server MariaDB
Allow root access to the machine from any IP address, password pwd @ 123
[root@svr7 ~]# mysql -uroot -ppwd@123
.. ..
MariaDB [(none)]> GRANT all ON *.* to root@'%' IDENTIFIED BY 'pwd@123' WITH GRANT OPTION;
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> QUIT
Bye
[root@zbx ~]#Step two: Win the client from the remote management server MariaDB
1) install MySQL-Front Management Software
Double click the installer MySQL-Front_Setup.exe, shown in Figure -1, and then complete the installation interface prompts 
2) run MySQL-Front program, the remote connection server MariaDB
Double-click on the desktop shortcut icon of MySQL-Front, you can open the software program. In the initial startup screen, the prompt may be correctly filled in accordance with the database server information, as shown in FIG -2, the determination may add a database connection. 
And then select the connection you just created, as shown in Figure -3, click "Open." 
Next will be a successful connection to the target database server, as -4, the default will list all the user has permission to see the library. 
3) View data table of contents studb library stuinfo
In MySQL-Front connected to the database server's management interface, can operate on the specified database table.
For example, to expand the library studb, stuinfo selected table, view or modify the structure of the table by "Object Browser" on the right side, as shown in FIG -5. 
Click on the right side of the "Data Explorer" view or modify data content of the table, as shown in Figure-6. 
4) Backup studb library
In MySQL-Front interface, right-click on the left side of a library, select "Export" -> "SQL file", you can select the storage location, backup, shown in Figure -7, click the "Run" button perform a backup. 
5 Case 5: enterprise OA system deployment
5.1 Issues
This example requires the rapid deployment of virtual machine 192.168.10.7 "letter calling cooperative office" system, good environment to prepare for the next migration cases, complete the following tasks:
1) prepare LAMP environment, local domain name registration oa.tedu.cn
2) the virtual host configuration oa.tedu.cn, use the "call letter collaborative office" Code
3) to prepare a dedicated database oadb, full access to authorized users runoa
4) attributable to adjust / var / www / oa directory, Web services have write access
5) access http://oa.tedu.cn/ , follow the prompts to install the OA system
5.2 steps
This case needs to be achieved in the following steps.
Step one: Prepare LAMP environment, local domain name registration oa.tedu.cn
1) ensure started LAMP web platform
[root@svr7 ~]# yum -y install httpd mariadb-server maria php php-mysql
[root@svr7 ~]# systemctl restart httpd mariadb
[root@svr7 ~]# systemctl enable httpd mariadb2)注册本地域名 oa.tedu.cn
[root@svr7 ~]# vim /etc/hosts //注册本地域名
.. ..
192.168.10.7 svr7.tedu.cn oa.tedu.cn步骤二:配置虚拟主机 oa.tedu.cn ,使用“信呼协同办公”代码
1)解包及部署
[root@svr7 ~]# unzip /root/信呼协同办公_v1.8.1.zip -d /var/www/
.. .. //解包并部署到位2)为oa.tedu.cn添加虚拟主机
[root@svr7 ~]# vim /etc/httpd/conf.d/vhosts.conf //配置虚拟主机
<VirtualHost *:80>
ServerName oa.tedu.cn
DocumentRoot /var/www/oa
</VirtualHost>
[root@svr7 ~]# systemctl restart httpd //重启Web服务步骤三:准备专用数据库oadb,授权用户runoa全权访问
如果之前已经执行过此操作,则此处可跳过。
[root@svr7 ~]# mysql -uroot -ppwd@123 //连接
MariaDB [(none)]> CREATE DATABASE oadb; //建库
MariaDB [(none)]> GRANT all ON oadb.* to runoa@localhost IDENTIFIED BY 'pwd@123'; //授权用户
MariaDB [(none)]> QUIT; //退出
[root@svr7 ~]# 步骤五:调整/var/www/oa目录的归属,使Web服务有写入权限
[root@svr7 ~]# chown -R apache /var/www/oa/
[root@svr7 ~]# ls -ld /var/www/oa/
drwxr-xr-x. 10 apache root 231 9月 24 22:27 /var/www/oa/步骤五:访问http://oa.tedu.cn/,按提示安装OA系统
在svr7主机上启动Firefox火狐浏览器,访问http://oa.tedu.cn/,可以看到信呼协同系统的安装页面,如图-8所示。
单击“知道了”,在下一个页面中正确填写数据库连接信息,如图-9所示,确定无误后单击“提交安装”即可。
注意:若提示“无法写入文件夹Webmain”,请检查SELinux安全机制是否关闭。
完成安装后,请根据页面提示删除安装目录、记录默认管理用户(admin)及密码(123456),如图-10所示,然后单击“前去登录页面”。
成功登录即可看到信息系统的管理界面,如图-11所示。
6 案例6:企业OA系统迁移
6.1 问题
本例要求通过LAMP网站平台的离线迁移过程,进一步熟悉网站和数据库的备份、恢复相关操作,完成下列任务:
1)备份 svr7.tedu.cn 上的OA系统网站和数据库资料
2)准备一台新虚拟机(svr8.tedu.cn-->192.168.10.8)
安装并启动LAMP网站平台
注册本地域名 oa.tedu.cn-->192.168.10.83)通过备份将OA系统迁移到 svr8.tedu.cn 上
4)在svr8上访问http://oa.tedu.cn/,验证结果
6.2 步骤
实现此案例需要按照如下步骤进行。
步骤一:备份 svr7.tedu.cn 上的OA系统网站和数据库资料
1)备份网站
停Web服务:
[root@svr7 ~]# systemctl stop httpd 执行备份:
[root@svr7 ~]# tar -zcPf /root/oa_web.tgz /etc/httpd/conf.d/vhosts.conf /var/www/oa/ //注意选项P是大写的2)备份数据库
执行备份:
[root@svr7 ~]# mysqldump -uroot -ppwd@123 --databases oadb > /root/oa_database.sql //按多库方式备份确认备份文件:
[root@svr7 ~]# ls -lh /root/oa_*
-rw-r--r--. 1 root root 1021K 9月 25 02:12 /root/oa_database.sql
-rw-r--r--. 1 root root 2.0M 9月 25 02:06 /root/oa_web.tgzStep two: Prepare a new virtual machine (svr8.tedu.cn 192.168.10.8)
1) Install and launch the LAMP web platform
[root@svr8 ~]# yum -y install httpd mariadb-server maria php php-mysql
[root@svr8 ~]# systemctl restart httpd mariadb //开启网站和数据库服务
[root@svr8 ~]# systemctl enable httpd mariadb2) local domain name registration oa.tedu.cn, the corresponding IP address 192.168.10.8
[root@svr8 ~]# vim /etc/hosts
192.168.10.8 oa.tedu.cnStep 3: OA migrate through the backup system to svr8.tedu.cn
1) upload a backup data
Note in advance will be uploaded on the website svr7, database data backup files to svr8. For example, on svr7 you can use scp directly upload a backup file.
[root@svr7 ~]# scp /root/oa_* [email protected]:/root
[email protected]'s password:
oa_database.sql 100% 518KB 51.1MB/s 00:00
oa_web.tgz 100% 1947KB 65.4MB/s 00:00
[root@svr7 ~]#2) Verify that the backup data on svr8
[root@svr8 ~]# ls -lh /root/oa_*
-rw-r--r--. 1 root root 518K 1月 15 18:11 /root/oa_database.sql
-rw-r--r--. 1 root root 2.0M 1月 15 18:11 /root/oa_web.tgz3) recovery site database
[root@svr8 ~]# tar -xPf /root/oa_web.tgz //导入网站文档
[root@svr8 ~]# mysql -uroot < /root/oa_database.sql //导入数据库4) Prepare the database user
[root@svr8 ~]# mysql -uroot //新数据库服务器无密码
MariaDB [(none)]> GRANT all ON oadb.* to runoa@localhost IDENTIFIED BY 'pwd@123'; //授权用户
MariaDB [(none)]> QUIT; //退出
[root@svr8 ~]# Step Four: Access http://oa.tedu.cn/ on svr8, validation results
After the migration is complete, you can access http://oa.tedu.cn/ on svr8, direct access to the original run of OA platform on svr7. Can log in directly through the administrator admin, data are intact, as shown in Figure -12.