1、安装
#同时安装mariadb和mariadb-server [root@bigdata-senior01 yum.repos.d]# yum -y install mariadb mariadb-server #启动服务 [root@bigdata-senior01 ~]# systemctl start mariadb
#mariadb其实就是mysql的一个分支
#在防火墙上开启service,mariadb和mysql两个服务占用相同的端口3306,所以防火墙里添加mysql服务就可以。
#也可以直接开通端口
[root@bigdata-senior01 ~]# cat /etc/services | grep mysql
mysql 3306/tcp # MySQL
mysql 3306/udp # MySQL
mysql-cluster 1186/tcp # MySQL Cluster Manager
mysql-cluster 1186/udp # MySQL Cluster Manager
mysql-cm-agent 1862/tcp # MySQL Cluster Manager Agent
mysql-cm-agent 1862/udp # MySQL Cluster Manager Agent
mysql-im 2273/tcp # MySQL Instance Manager
mysql-im 2273/udp # MySQL Instance Manager
mysql-proxy 6446/tcp # MySQL Proxy
mysql-proxy 6446/udp # MySQL Proxy
[root@bigdata-senior01 ~]# firewall-cmd --add-service=mysql --permanent
success
[root@bigdata-senior01 ~]# firewall-cmd --reload
success
[root@bigdata-senior01 ~]# firewall-cmd --list-service
ssh dhcpv6-client ftp mysql
2、安全设置
[root@bigdata-senior01 ~]# mysql_secure_installation NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY! In order to log into MariaDB to secure it, we'll need the current password for the root user. If you've just installed MariaDB, and you haven't set the root password yet, the password will be blank, so you should just press enter here. Enter current password for root (enter for none): OK, successfully used password, moving on... Setting the root password ensures that nobody can log into the MariaDB root user without the proper authorisation. Set root password? [Y/n] y #设置root用户密码 New password: Re-enter new password: Password updated successfully! Reloading privilege tables.. ... Success! By default, a MariaDB installation has an anonymous user, allowing anyone to log into MariaDB without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment. Remove anonymous users? [Y/n] y #移除匿名用户 ... Success! Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network. Disallow root login remotely? [Y/n] y #禁止root用户远程登陆,只能在本机登陆 ... Success! By default, MariaDB comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment. Remove test database and access to it? [Y/n] y #移除test数据库 - Dropping test database... ... Success! - Removing privileges on test database... ... Success! Reloading the privilege tables will ensure that all changes made so far will take effect immediately. Reload privilege tables now? [Y/n] y #重新载入权限表 ... Success! Cleaning up... All done! If you've completed all of the above steps, your MariaDB installation should now be secure. Thanks for using MariaDB!
3、登入数据库
#使用root用户,密码登陆
[root@bigdata-senior01 ~]# mysql -u root -p Enter password: Welcome to the MariaDB monitor. Commands end with ; or g. Your MariaDB connection id is 13 Server version: 5.5.60-MariaDB MariaDB Server Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or 'h' for help. Type 'c' to clear the current input statement. MariaDB [(none)]>
#查看状态
MariaDB [(none)]> status
--------------
mysql Ver 15.1 Distrib 5.5.60-MariaDB, for Linux (x86_64) using readline 5.1
Connection id: 18
Current database:
Current user: root@localhost
SSL: Not in use
Current pager: stdout
Using outfile: ''
Using delimiter: ;
Server: MariaDB
Server version: 5.5.60-MariaDB MariaDB Server
Protocol version: 10
Connection: Localhost via UNIX socket
Server characterset: latin1
Db characterset: latin1
Client characterset: utf8
Conn. characterset: utf8
UNIX socket: /var/lib/mysql/mysql.sock
Uptime: 2 hours 15 min 58 sec
Threads: 1 Questions: 79 Slow queries: 0 Opens: 15 Flush tables: 2 Open tables: 41 Queries per second avg: 0.009
#查看数据库,命令基本和mysql一致
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
+--------------------+
3 rows in set (0.00 sec)
4、修改密码
设定密码: 使用set password = password('密码') ; MariaDB [mysql]> set password=password('123@abc.com'); Query OK, 0 rows affected (0.00 sec) 数据库中的用户root和当前操作系统用户名无关。
修改其他用户密码:
set password for hive@'192.168.31.10' = password('123@abc.com');
5、管理用户
5.1、创建用户和删除用户
语法为:CREATE USER 用户名@主机名(ip) IDENTIFIED BY '密码';
MariaDB [(none)]> create user es@192.168.31.1 identified by '123@abc.com'; Query OK, 0 rows affected (0.00 sec) MariaDB [mysql]> select host,user,password from user; +--------------+------+-------------------------------------------+ | host | user | password | +--------------+------+-------------------------------------------+ | localhost | root | *B4782DF7E6EE07C7BEE69CC751A177C4B81477F2 | | 127.0.0.1 | root | *B4782DF7E6EE07C7BEE69CC751A177C4B81477F2 | | ::1 | root | *B4782DF7E6EE07C7BEE69CC751A177C4B81477F2 | | 192.168.31.1 | es | *C1E43362094D2C72FF3DE6570DE1965152F678CA | +--------------+------+-------------------------------------------+ 4 rows in set (0.00 sec)
#删除用户,drop user 用户名@主机名(ip) MariaDB [mysql]> drop user es@192.168.31.1; Query OK, 0 rows affected (0.00 sec) MariaDB [mysql]> select host,user,password from user; +-----------+------+-------------------------------------------+ | host | user | password | +-----------+------+-------------------------------------------+ | localhost | root | *B4782DF7E6EE07C7BEE69CC751A177C4B81477F2 | | 127.0.0.1 | root | *B4782DF7E6EE07C7BEE69CC751A177C4B81477F2 | | ::1 | root | *B4782DF7E6EE07C7BEE69CC751A177C4B81477F2 | +-----------+------+-------------------------------------------+ 3 rows in set (0.00 sec)
创建用户除了可以明确指定登陆IP、域名、主机名外,还可以使用通配的方式
用户名@IP地址 用户只能在该IP下才能访问 用户名@192.168.31.% 用户只能在该IP段下才能访问(通配符%表示任意) 用户名@% 用户可以再任意IP下访问(默认IP地址为%)
SQL 中 LIKE 的通配符 % 及 -,在此都可使用。如若使用 “%” 或 “-” 本身,则需使用 “” 对其转义。
MariaDB [mysql]> create user es@'192.168.31.%' identified by '123@abc.com'; Query OK, 0 rows affected (0.00 sec) MariaDB [mysql]> select host,user,password from user; +--------------+------+-------------------------------------------+ | host | user | password | +--------------+------+-------------------------------------------+ | localhost | root | *B4782DF7E6EE07C7BEE69CC751A177C4B81477F2 | | 127.0.0.1 | root | *B4782DF7E6EE07C7BEE69CC751A177C4B81477F2 | | ::1 | root | *B4782DF7E6EE07C7BEE69CC751A177C4B81477F2 | | 192.168.31.% | es | *C1E43362094D2C72FF3DE6570DE1965152F678CA | +--------------+------+-------------------------------------------+ 4 rows in set (0.00 sec)
[root@bigdata-senior01 ~]# mysql -u es -p
Enter password:
ERROR 1045 (28000): Access denied for user 'es'@'localhost' (using password: YES)
#创建bus用户,可以在任何地方登陆 MariaDB [mysql]> create user bus@'%' identified by '123@abc.com'; Query OK, 0 rows affected (0.00 sec) MariaDB [mysql]> select host,user,password from user; +--------------+------+-------------------------------------------+ | host | user | password | +--------------+------+-------------------------------------------+ | localhost | root | *B4782DF7E6EE07C7BEE69CC751A177C4B81477F2 | | 127.0.0.1 | root | *B4782DF7E6EE07C7BEE69CC751A177C4B81477F2 | | ::1 | root | *B4782DF7E6EE07C7BEE69CC751A177C4B81477F2 | | % | bus | *C1E43362094D2C72FF3DE6570DE1965152F678CA | | 192.168.31.% | es | *C1E43362094D2C72FF3DE6570DE1965152F678CA | +--------------+------+-------------------------------------------+ 5 rows in set (0.00 sec) [root@bigdata-senior01 ~]# mysql -u bus -p Enter password: Welcome to the MariaDB monitor. Commands end with ; or g. Your MariaDB connection id is 36 Server version: 5.5.60-MariaDB MariaDB Server Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or 'h' for help. Type 'c' to clear the current input statement. MariaDB [(none)]> select user(); +---------------+ | user() | +---------------+ | bus@localhost | +---------------+ 1 row in set (0.00 sec)
#上面,es和bus用户密码相同,加密后存储的密文也相同,说明加密方式比较差,并不安全。
PS:在windows下用mysql workbench登陆:
6、授权
6.1、语法
授权
GRANT privileges (columns) ON what To account [IDENTIFIED BY ‘password’][REQUIRE encryption requirements] [WITH grant or resource management options];
GRANT 语句里,如果用户存在,GRANT 语句则将改变它的权限;如果不存在 GRANT 语句则创建它,再将给定的权限分配给它。
语法元素:
- privileges,授权账户的权限。
- columns,权限将作用的数据列。如若需要列举多个数据列,则用逗号分隔。
- what,权限的级别。
- account,被授权的账户。account 的格式为 ‘user_name’@’host_name’。
- password,账户的口令。类似于 CREATE USER 中的 IDENTIED BY。
常用: GRANT 权限 ON 数据库.表单名称 TO 用户名@主机名 对某个特定数据库中的特定表单给予授权。 GRANT 权限 ON 数据库.* TO 用户名@主机名 对某个特定数据库中的所有表单给予授权。 GRANT 权限 ON *.* TO 用户名@主机名 对所有数据库及所有表单给予授权。 GRANT 权限1,权限2 ON 数据库.* TO 用户名@主机名 对某个数据库中的所有表单给予多个授权。 GRANT ALL PRIVILEGES ON *.* TO 用户名@主机名 对所有数据库及所有表单给予全部授权。
撤销用户授权用 REVOKE 语句,下面是 REVOKE 语句的语法:
REVOKE preivileges [ columns ] ON what FROM account;
6.2、权限内容
管理权限
CREATE USER 使用高级账户管理语句 FILE 读、写 MariaDB 服务器主机上的文件 GRANT OPTION 把账户权限授予其他账户 PROCESS 查看在运行的线程的信息 RELOAD 重新加载权限数据或更新日志及缓存 REPLICATION CLIENT 查询主/从服务器的运行地点 REPLICATION SLAVE 以复制的从服务器运行 SHOW DATBASES 用 SHOW DATABASES 语句查看全部数据库名称 SHUTDOWN 关闭服务器 SUPER 用 KILL 命令终止线程以及进行其他超级用户操作
操作权限
ALTER 更改数据表或索引的定义
ALTER ROUTINE 更改或删除存储函数或存储过程
CREATE 创建数据库或数据表
CRATE ROUTINE 创建存储函数或存储过程
CREATE TEMPORARY TABLE 用 TEMPORARY 关键字创建临时表
CREATE VIEW 创建视图
DELETE 删除数据库中现有的数据行
DROP 删除数据库、数据表或其他对象
EVENT 为时间调度程序创建、删除或修改各种事件
EXECUTE 执行存储函数或存储过程
INDEX 创建或删除索引
INSERT 往数据表中插入新数据行
LOCK TABLE 用 LOCK TABLE 语句明确地锁定数据表
REFERENCE 未使用(保留字)
SELECT 检索数据表里的数据行
SHOW VIEW 查看视图的定义
TRGGER 创建或删除触发器
UPDATE 修改数据行
其他
ALL [PRIVILEGES] 所有操作权限(但不包含 GRANT)
USAGE 一个特殊的“无权限”权限
6.3、用例
#给root@192.168.31.1授权select,update,insert,delete
MariaDB [(none)]> grant select,update,insert,delete on mysql.user to root@192.168.31.1; Query OK, 0 rows affected (0.00 sec) MariaDB [mysql]> show grants for root@192.168.31.1; +----------------------------------------------------------------------------------------------------------------+ | Grants for root@192.168.31.1 | +----------------------------------------------------------------------------------------------------------------+ | GRANT USAGE ON *.* TO 'root'@'192.168.31.1' IDENTIFIED BY PASSWORD '*B4782DF7E6EE07C7BEE69CC751A177C4B81477F2' | | GRANT SELECT, INSERT, UPDATE, DELETE ON `mysql`.`user` TO 'root'@'192.168.31.1' | +----------------------------------------------------------------------------------------------------------------+ 2 rows in set (0.00 sec)
#取消delete授权
MariaDB [mysql]> revoke delete on mysql.user from root@192.168.31.1;
Query OK, 0 rows affected (0.00 sec)
MariaDB [mysql]> show grants for root@192.168.31.1;
+----------------------------------------------------------------------------------------------------------------+
| Grants for root@192.168.31.1 |
+----------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'root'@'192.168.31.1' IDENTIFIED BY PASSWORD '*B4782DF7E6EE07C7BEE69CC751A177C4B81477F2' |
| GRANT SELECT, INSERT, UPDATE ON `mysql`.`user` TO 'root'@'192.168.31.1' |
+----------------------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
#给bus用户所有对busdata的权限
MariaDB [mysql]> grant all on busdata.* to bus@'%';
Query OK, 0 rows affected (0.00 sec)
MariaDB [mysql]> show grants for bus@%;
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '%' at line 1
MariaDB [mysql]> show grants for bus@'%';
+----------------------------------------------------------------------------------------------------+
| Grants for bus@% |
+----------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'bus'@'%' IDENTIFIED BY PASSWORD '*C1E43362094D2C72FF3DE6570DE1965152F678CA' |
| GRANT ALL PRIVILEGES ON `busdata`.* TO 'bus'@'%' |
+----------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
7、数据库和表操作
在操作数据库前,需要先确认一下数据库的字符集,避免出现中文乱码的情况
#服务器存储字符集不是utf8
MariaDB [(none)]> show variables like '%char%'; +--------------------------+----------------------------+ | Variable_name | Value | +--------------------------+----------------------------+ | character_set_client | utf8 | | character_set_connection | utf8 | | character_set_database | latin1 | | character_set_filesystem | binary | | character_set_results | utf8 | | character_set_server | latin1 | | character_set_system | utf8 | | character_sets_dir | /usr/share/mysql/charsets/ | +--------------------------+----------------------------+ 8 rows in set (0.00 sec)
修改默认字符集设置
[root@bigdata-senior01 etc]# vi my.cnf 在[mysqld]中加入 [mysqld] default-storage-engine = innodb innodb_file_per_table max_connections = 4096 collation-server = utf8_general_ci character-set-server = utf8 #重启数据库 [root@bigdata-senior01 etc]# systemctl restart mariadb MariaDB [(none)]> show variables like '%char%'; +--------------------------+----------------------------+ | Variable_name | Value | +--------------------------+----------------------------+ | character_set_client | utf8 | | character_set_connection | utf8 | | character_set_database | utf8 | | character_set_filesystem | binary | | character_set_results | utf8 | | character_set_server | utf8 | | character_set_system | utf8 | | character_sets_dir | /usr/share/mysql/charsets/ | +--------------------------+----------------------------+ 8 rows in set (0.00 sec)
7.1、创建和删除数据库
MariaDB [(none)]> show databases; +--------------------+ | Database | +--------------------+ | information_schema | | busdata | +--------------------+ 2 rows in set (0.00 sec) #删除 MariaDB [(none)]> drop database busdata; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> show databases; +--------------------+ | Database | +--------------------+ | information_schema | +--------------------+ 1 row in set (0.00 sec)
#创建 MariaDB [(none)]> create database busdata; Query OK, 1 row affected (0.00 sec) MariaDB [(none)]> show databases; +--------------------+ | Database | +--------------------+ | information_schema | | busdata | +--------------------+ 2 rows in set (0.00 sec)
#因为上例的权限设置,只能创建名字叫busdata的数据库, MariaDB [(none)]> create database busdata2; ERROR 1044 (42000): Access denied for user 'bus'@'%' to database 'busdata2'
7.2、表操作
#切换数据库
MariaDB [(none)]> use busdata; Database changed
#创建表 MariaDB [busdata]> create table vehicle (name varchar(20), price int,location varchar(50)); Query OK, 0 rows affected (0.00 sec) MariaDB [busdata]> show tables; +-------------------+ | Tables_in_busdata | +-------------------+ | vehicle | +-------------------+ 1 row in set (0.00 sec)
#删除表 MariaDB [busdata]> drop table vehicle; Query OK, 0 rows affected (0.00 sec) MariaDB [busdata]> show tables; Empty set (0.00 sec)
#建表
MariaDB [busdata]> create table vehicle (name varchar(20), price int,location varchar(50)); Query OK, 0 rows affected (0.01 sec)
#表结构 MariaDB [busdata]> desc vehicle; +----------+-------------+------+-----+---------+-------+ | Field | Type | Null | Key | Default | Extra | +----------+-------------+------+-----+---------+-------+ | name | varchar(20) | YES | | NULL | | | price | int(11) | YES | | NULL | | | location | varchar(50) | YES | | NULL | | +----------+-------------+------+-----+---------+-------+ 3 rows in set (0.00 sec)
#插入 MariaDB [busdata]> insert into vehicle values('公交1路',2,'东站'); Query OK, 1 row affected (0.01 sec) MariaDB [busdata]> insert into vehicle values('公交2路',2,'西站'); Query OK, 1 row affected (0.00 sec) MariaDB [busdata]> select * from vehicle; +------------+-------+----------+ | name | price | location | +------------+-------+----------+ | 公交1路 | 2 | 东站 | | 公交2路 | 2 | 西站 | +------------+-------+----------+ 2 rows in set (0.00 sec)
#更新表,update MariaDB [busdata]> update vehicle set price=5 where name='公交1路'; Query OK, 1 row affected (0.00 sec) Rows matched: 1 Changed: 1 Warnings: 0 MariaDB [busdata]> select * from vehicle; +------------+-------+----------+ | name | price | location | +------------+-------+----------+ | 公交1路 | 5 | 东站 | | 公交2路 | 2 | 西站 | +------------+-------+----------+ 2 rows in set (0.00 sec)
语法与mysql基本相同。
8、备份和恢复
备份: [root@bigdata-senior01 ~]# mysqldump -u root -p busdata > mariadb.dump/busdata2.dump Enter password: [root@bigdata-senior01 ~]# cat mariadb.dump/busdata2.dump -- MySQL dump 10.14 Distrib 5.5.60-MariaDB, for Linux (x86_64) -- -- Host: localhost Database: busdata -- ------------------------------------------------------ -- Server version 5.5.60-MariaDB /*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */; /*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */; /*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */; /*!40101 SET NAMES utf8 */; /*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */; /*!40103 SET TIME_ZONE='+00:00' */; /*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */; /*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */; /*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */; /*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */; -- -- Table structure for table `vehicle` -- DROP TABLE IF EXISTS `vehicle`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `vehicle` ( `name` varchar(20) DEFAULT NULL, `price` int(11) DEFAULT NULL, `location` varchar(50) DEFAULT NULL ) ENGINE=InnoDB DEFAULT CHARSET=utf8; /*!40101 SET character_set_client = @saved_cs_client */; -- -- Dumping data for table `vehicle` -- LOCK TABLES `vehicle` WRITE; /*!40000 ALTER TABLE `vehicle` DISABLE KEYS */; INSERT INTO `vehicle` VALUES ('公交1路',5,'东站'),('公交2路',2,'西站'),('公交3路',2,'西站'),('公交4路',2,'西站'),('公交5路',2,'西站'),('公交6路',2,'西站'),('公交7路',2,'西站'),('公交8路',2,'西站'); /*!40000 ALTER TABLE `vehicle` ENABLE KEYS */; UNLOCK TABLES; /*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */; /*!40101 SET SQL_MODE=@OLD_SQL_MODE */; /*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */; /*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */; /*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */; /*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */; /*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */; /*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */; -- Dump completed on 2019-01-25 16:30:00
恢复备份: [root@bigdata-senior01 ~]# mysql -u root -p busdata < mariadb.dump/busdata2.dump Enter password: