RPM5.7.28企業版本的MySQL安裝,部署,開mysqlbinlog
企業版本的MySQL不一樣於社區版本的MySQL。多了許多噁心人的安全機制。固然也更安全。node
首先密碼只能用強密碼。弱密碼是不被容許的。python
其次若是默認使用3306端口只能本機登錄,想遠程登錄必須修改端口。mysql
第三會默認使用SELinux的安全標籤機制。不被容許的文件和目錄是不能被數據庫接受的。sql
首先安裝:安裝只有進度條,也不知道文件都丟哪去了,反正散落在系統的各個妥善的地方。彷佛安裝Linux的文件規則就應該這樣。按照配置文件應該能夠找到所有文件。主要我對MySQL也不熟。沒細找。數據庫
[infa@infatest infa_install]$ ll安全
-rwxrw-rw-. 1 infa oracle12 45128772 Feb 4 18:24 mysql-commercial-client-5.7.28-1.1.el7.x86_64.rpmsession
-rwxrw-rw-. 1 infa oracle12 324248 Feb 4 18:22 mysql-commercial-common-5.7.28-1.1.el7.x86_64.rpmoracle
-rwxrw-rw-. 1 infa oracle12 4380008 Feb 4 18:24 mysql-commercial-libs-5.7.28-1.1.el7.x86_64.rpmtcp
-rwxrw-rw-. 1 infa oracle12 245478672 Feb 4 18:27 mysql-commercial-server-5.7.28-1.1.el7.x86_64.rpmide
上傳這四個文件。其他不知道作什麼的。
卸載低版本的mariadb-libs
[root@mysql infa_install]# rpm -e mariadb-libs-* --nodeps
開始依次按照:注意!按順序!!!注意!按順序!!!注意!按順序!!!
[root@infatest infa_install]# rpm -ivh mysql-commercial-common-5.7.28-1.1.el7.x86_64.rpm
warning: mysql-commercial-common-5.7.28-1.1.el7.x86_64.rpm: Header V3 DSA/SHA1 Signature, key ID 5072e1f5: NOKEY
Preparing... ################################# [100%]
Updating / installing...
1:mysql-commercial-common-5.7.28-1.################################# [100%]
[root@infatest infa_install]# rpm -ivh mysql-commercial-libs-5.7.28-1.1.el7.x86_64.rpm
warning: mysql-commercial-libs-5.7.28-1.1.el7.x86_64.rpm: Header V3 DSA/SHA1 Signature, key ID 5072e1f5: NOKEY
Preparing... ################################# [100%]
Updating / installing...
1:mysql-commercial-libs-5.7.28-1.1.################################# [100%]
[root@infatest infa_install]# rpm -ivh mysql-commercial-client-5.7.28-1.1.el7.x86_64.rpm
warning: mysql-commercial-client-5.7.28-1.1.el7.x86_64.rpm: Header V3 DSA/SHA1 Signature, key ID 5072e1f5: NOKEY
Preparing... ################################# [100%]
Updating / installing...
1:mysql-commercial-client-5.7.28-1.################################# [100%]
[root@infatest infa_install]# rpm -ivh mysql-commercial-server-5.7.28-1.1.el7.x86_64.rpm
warning: mysql-commercial-server-5.7.28-1.1.el7.x86_64.rpm: Header V3 DSA/SHA1 Signature, key ID 5072e1f5: NOKEY
Preparing... ################################# [100%]
Updating / installing...
1:mysql-commercial-server-5.7.28-1.################################# [100%]
中間報缺什麼本身yum吧。我是沒報。系統是:CentOS Linux release 7.5.1804 (Core)
重啓系統(我估計這步不必。直接執行那個初始化命令而後啓動服務就行。可是我沒試反正是本地虛擬機,重啓就重啓了)
社區版的初始化命令【mysqld --initialize --user=mysql --basedir=/usr/local/mysql --datadir=/usr/local/mysql/data】須要制定兩個目錄。在 /etc/my.cnf 配置文件裏有這倆目錄。沒有就只能本身找了。哈哈……
[root@mysql infa]# netstat -antp|grep 33
tcp6 0 0 :::3306 :::* LISTEN 1902/mysqld
MySQL端口已經啓動
[root@mysql infa]# grep 'password' /var/log/mysqld.log
2020-02-05T03:03:06.785067Z 1 [Note] A temporary password is generated for root@localhost: SlPxe%guv5fA
找到初始密碼
而後啓動MySQL
[root@mysql infa]# mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.7.28-enterprise-commercial-advanced
Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
注意:啓動數據庫之後要先修改密碼才能使用,不然報錯。提示你要先修改密碼!
mysql> alter user 'root'@'localhost' identified by '一個強密碼';
Query OK, 0 rows affected (0.00 sec)
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| sys |
+--------------------+
4 rows in set (0.00 sec)
mysql> select user,host from mysql.user;
+---------------+-----------+
| user | host |
+---------------+-----------+
| mysql.session | localhost |
| mysql.sys | localhost |
| root | localhost |
+---------------+-----------+
3 rows in set (0.00 sec)
mysql> use mysql
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> update user set host='%' where user='root' limit 1;
Query OK, 1 row affected (0.00 sec)
Rows matched: 1 Changed: 1 Warnings: 0
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
設置ROOT能夠遠程登錄,這步可選。
mysql> select user,host from mysql.user;
+---------------+-----------+
| user | host |
+---------------+-----------+
| root | % |
| mysql.session | localhost |
| mysql.sys | localhost |
+---------------+-----------+
3 rows in set (0.00 sec)
mysql> exit
Bye
[root@infatest infa]#
完成安裝
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
創建存放binlog的文件夾。而後受權。
MySQL5.7版本中(5.6如下不須要),my.cnf 的位置通常在/etc/my.cnf,要在my.cnf中添加server-id:
[mysqld]
server-id = [序列號]
log-bin =[路徑] [文件名前綴]
例子1:
[mysqld]
log-bin=/mysqlbin-log/mysqlbinlog
server-id=11
例子2:
log-bin=mysqlbinlog
server-id=11
[root@mysql /]#mkdir /mysqlbin-log
[root@mysql /]#chown -R mysql:mysql /mysqlbin-log
[root@mysql /]# chmod -R 775 /mysqlbin-log
按理說編輯完/etc/my.cnf。啓動就OK了。
可是我遇到了SELinux權限錯誤。
剛開始我看了啓動日誌。
[root@mysql log]# cat mysqld.log
關鍵行:
mysqld: File '/mysqlbin-log/mysql-bin.index' not found (Errcode: 13 - Permission denied)
什麼鬼沒權限我去。
[root@mysql mysqlbin-log]# service mysqld start
Redirecting to /bin/systemctl start mysqld.service
Job for mysqld.service failed because the control process exited with error code. See "systemctl status mysqld.service" and "journalctl -xe" for details.
仍是先看啓動錯誤提示的倆東西吧。
[root@mysql mysqlbin-log]# systemctl status mysqld.service
關鍵行:
Feb 24 13:55:24 mysql.cdc.test systemd[1]: mysqld.service failed.
這裏沒啥玩意。看不出什麼問題。
[root@mysql mysqlbin-log]# journalctl -xe
關鍵行:
Feb 24 12:58:54 mysql.cdc.test python[12374]: SELinux is preventing /usr/sbin/mysqld from write access on the directory mysqlbin-log.
***** Plugin catchall_labels (83.8 confidence) suggests *******************
If you want to allow mysqld to have write access on the mysqlbin-log directory
Then you need to change the label on mysqlbin-log
Do
# semanage fcontext -a -t FILE_TYPE 'mysqlbin-log'
where FILE_TYPE is one of the following: faillog_t, krb5_host_rcache_t, mysqld_db_t, mysqld_log_t, mysqld_tmp_t, mysqld_var_run_t, tm
Then execute:
restorecon -v 'mysqlbin-log'
***** Plugin catchall (17.1 confidence) suggests **************************
If you believe that mysqld should be allowed write access on the mysqlbin-log directory by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'mysqld' --raw | audit2allow -M my-mysqld
# semodule -i my-mysqld.pp
提示還挺舒適呢。內含完整的解決方案。
查詢了semanage命令
SELinux semanage命令
semanage命令是用來查詢與修改SELinux默認目錄的安全上下文。SELinux的策略與規則管理相關命令:seinfo命令、sesearch命令、getsebool命令、setsebool命令、semanage命令。
semanage {login|user|port|interface|fcontext|translation} -l
semanage fcontext -{a|d|m} [-frst] file_spec
選項
-l:查詢。
fcontext:主要用在安全上下文方面。
-a:增長,你能夠增長一些目錄的默認安全上下文類型設置。
-m:修改。
-d:刪除。
[root@mysql mysqlbin-log]# semanage fcontext -l|grep mysql
關鍵行:
/var/log/mariadb(/.*)? all files system_u:object_r:mysqld_log_t:s0
模仿這個寫一個試試吧。
[root@mysql mysqlbin-log]# semanage fcontext -a -t mysqld_log_t "/mysqlbin-log(/.*)?"
[root@mysql mysqlbin-log]# restorecon -v 'mysqlbin-log'
[root@mysql mysqlbin-log]# semanage fcontext -l|grep mysql
關鍵行:
/mysqlbin-log(/.*)? all files system_u:object_r:mysqld_log_t:s0
設置好後重啓MySQL
[root@ mysql mysqlbin-log]# service mysqld restart
或啓動MySQL
[root@ mysql mysqlbin-log]# service mysqld start
[root@ mysql mysqlbin-log]# netstat -antp|grep 3306
tcp6 0 0 :::33060 :::* LISTEN 17868/mysqld
[root@mysql /]# ll -Z
關鍵行:
drwxrwxr-x. mysql mysql unconfined_u:object_r:mysqld_log_t:s0 mysqlbin-log
[root@mysql mysqlbin-log]# ll
-rw-r-----. 1 mysql mysql 177 Feb 24 13:49 mysqlbinlog.000001
-rw-r-----. 1 mysql mysql 66 Feb 24 14:12 mysqlbinlog.index
文件也被創建了。
[root@mysql mysqlbinlog]# mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.7.28-enterprise-commercial-advanced-log MySQL Enterprise Server - Advanced Edition (Commercial)
Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> show variables like 'log_bin';
+---------------+-------+
| Variable_name | Value |
+---------------+-------+
| log_bin | ON |
+---------------+-------+
1 row in set (0.01 sec)
Log-bin開啓完成!
- 1. mysql企業版本
- 2. 部署SQL Server2008企業版
- 3. ELK6.3版本安裝部署
- 4. 企業搜索 Solr7 安裝部署
- 5. ZABBIX企業級監控安裝部署
- 6. MySQL 57安裝部署(Zip版)(Windows版)
- 7. nacos的安裝部署(windows版本)
- 8. ActiveMQ Windows版本的安裝部署
- 9. ActiveMQ_Windows版本的安裝部署
- 10. lync 2013 企業版部署 (三) 安裝前端服務器
- 更多相關文章...
- • Eclipse 安裝(Neon 版本) - Eclipse 教程
- • MySQL的版本以及版本號 - MySQL教程
- • Composer 安裝與使用
- • 漫談MySQL的鎖機制
-
每一个你不满意的现在,都有一个你没有努力的曾经。