一, 一键安装 MySQL 脚本
- [root@linuxidc ~]# cat InstallMysql01.sh
- #!/bin/bash
- #2018-10-13
- # 旅行者 - Travel
- #1. 安装 wget
- yum -y install wget
- #2, 下载 MySQL 的 yum 源
- URL="https://repo.mysql.com//mysql80-community-release-el7-1.noarch.rpm"
- wget $URL -P /etc/yum.repos.d/
- yum -y install yum-utils #如果没有该包, 下边执行 yum-config-manager 不生效
- yum -y install /etc/yum.repos.d/mysql80-community-release-el7-1.noarch.rpm
- if [ $? -eq 0 ];then
- rm -rf /etc/yum.repos.d/mysql80-community-release-el7-1.noarch*
- fi
- yum-config-manager --disable mysql80-community
- yum-config-manager --enable mysql57-community
- yum -y install MySQL-community-server
- sleep 5
- systemctl start mysqld
- systemctl enable mysqld
- systemctl status mysqld
- if [ $? -eq 0 ];then
- echo -e "install succefull"
- result="`grep'temporary password'/var/log/mysqld.log`"
- p1="`echo $result |awk'{print $NF}'`"
- echo "数据库密码为:$p1"
- fi
- [root@linuxidc ~]#
二, 修改策略和密码
执行完以上脚本可以看到 MySQL 的密码, 如下方法登录修改策略, 因为默认密码要求比较高, 可以根据自己需求来决定是否更改策略:
install succefull
数据库密码为: 9aTR&ok>f;1K
- [root@linuxidc ~]# MySQL -uroot -p
- Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
- Your MySQL connection id is 2
- Server version: 5.7.23
Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
- Oracle is a registered trademark of Oracle Corporation and/or its
- affiliates. Other names may be trademarks of their respective
owners.
- Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
- MySQL> set global validate_password_policy=0;
- Query OK, 0 rows affected (0.00 sec)
- MySQL> set global validate_password_length=4;
- Query OK, 0 rows affected (0.00 sec)
- MySQL> alter user 'root'@'localhost' identified by 'Yanglt123.';
- Query OK, 0 rows affected (0.00 sec)
- MySQL> flush privileges;
- Query OK, 0 rows affected (0.00 sec)
- MySQL> quit
三, 数据库密码策略:
1, 查看数据库策略:
因为上文已经将 validate_password_length 值改为 4, 所以下文显示为 4, 默认情况下为 8
- [root@linuxidc ~]# MySQL -uroot -p
- .....
- Server version: 5.7.23 MySQL Community
- ......
- MySQL> show variables like 'validate_password%';
- +--------------------------------------+-------+
- | Variable_name | Value |
- +--------------------------------------+-------+
- | validate_password_check_user_name | OFF |
- | validate_password_dictionary_file | |
- | validate_password_length | 4 |
- | validate_password_mixed_case_count | 1 |
- | validate_password_number_count | 1 |
- | validate_password_policy | LOW |
- | validate_password_special_char_count | 1 |
- +--------------------------------------+-------+
- 7 rows in set (0.00 sec)
- MySQL>
2, 各项值说明
validate_password_policy: 密码安全策略, 默认 MEDIUM 策略
策略 检查规则
- or LOW Length
- or MEDIUM Length; numeric, lowercase/uppercase, and special characters
- or STRONG Length; numeric, lowercase/uppercase, and special characters; dictionary file
validate_password_dictionary_file: 密码策略文件, 策略为 STRONG 才需要
validate_password_length: 密码最少长度 , 测试发现最小值得为 4.
validate_password_mixed_case_count: 大小写字符长度, 至少 1 个
validate_password_number_count : 数字至少 1 个
validate_password_special_char_count: 特殊字符至少 1 个
3, 修改策略, 跟上文第二操作一样
- MySQL> set global validate_password_policy=0;
- Query OK, 0 rows affected (0.00 sec)
- MySQL> set global validate_password_length=4;
- Query OK, 0 rows affected (0.00 sec),
- MySQL> flush privileges;
- Query OK, 0 rows affected (0.00 sec)
4, 修改简单密码测试
- MySQL> alter user 'root'@'localhost' identified by '1234'; #测试发现密码长度最少为 4 位
- Query OK, 0 rows affected (0.00 sec)
- MySQL> flush privileges;
- Query OK, 0 rows affected (0.01 sec)
- MySQL> quit
- Bye
- [root@linuxidc ~]# MySQL -p
- Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
- Your MySQL connection id is 5
- Server version: 5.7.23 MySQL Community Server (GPL)
Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
- Oracle is a registered trademark of Oracle Corporation and/or its
- affiliates. Other names may be trademarks of their respective
owners.
- Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
- MySQL>
来源: http://www.linuxidc.com/Linux/2018-10/154810.htm