一、一键安装Mysql脚本
[root@uat01 ~]# cat InstallMysql01.sh #!/bin/bash #2018-10-13 #旅行者-Travel #1.安装wget yum -y install wget #2、下载mysql的yum源 URL="https://repo.mysql.com//mysql80-community-release-el7-1.noarch.rpm" wget $URL -P /etc/yum.repos.d/ yum -y install yum-utils #如果没有该包,下边执行yum-config-manager不生效 yum -y install /etc/yum.repos.d/mysql80-community-release-el7-1.noarch.rpm if [ $? -eq 0 ];then rm -rf /etc/yum.repos.d/mysql80-community-release-el7-1.noarch* fi yum-config-manager --disable mysql80-community yum-config-manager --enable mysql57-community yum -y install mysql-community-server sleep 5 systemctl start mysqld systemctl enable mysqld systemctl status mysqld if [ $? -eq 0 ];then echo -e "install succefull" result="`grep 'temporary password' /var/log/mysqld.log`" p1="`echo $result |awk '{print $NF}'`" echo "数据库密码为:$p1" fi [root@uat01 ~]#
二、修改策略和密码
执行完以上脚本可以看到Mysql的密码,如下方法登录修改策略,因为默认密码要求比较高,可以根据自己需求来决定是否更改策略:
install succefull 数据库密码为:9aTR&ok>f;1K [root@uat01 ~]# mysql -uroot -p Enter password: Welcome to the MySQL monitor. Commands end with ; or g. Your MySQL connection id is 2 Server version: 5.7.23 Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or 'h' for help. Type 'c' to clear the current input statement. mysql> set global validate_password_policy=0; Query OK, 0 rows affected (0.00 sec) mysql> set global validate_password_length=4; Query OK, 0 rows affected (0.00 sec) mysql> alter user 'root'@'localhost' identified by 'Yanglt123.'; Query OK, 0 rows affected (0.00 sec) mysql> flush privileges; Query OK, 0 rows affected (0.00 sec) mysql> quit
三、数据库密码策略:
1、查看数据库策略:
因为上文已经将 validate_password_length 值改为4,所以下文显示为4,默认情况下为8
[root@uat01 ~]# mysql -uroot -p ..... Server version: 5.7.23 MySQL Community
...... mysql> show variables like 'validate_password%'; +--------------------------------------+-------+ | Variable_name | Value | +--------------------------------------+-------+ | validate_password_check_user_name | OFF | | validate_password_dictionary_file | | | validate_password_length | 4 | | validate_password_mixed_case_count | 1 | | validate_password_number_count | 1 | | validate_password_policy | LOW | | validate_password_special_char_count | 1 | +--------------------------------------+-------+ 7 rows in set (0.00 sec) mysql>
2、各项值说明
validate_password_policy:密码安全策略,默认MEDIUM策略
| 策略 | 检查规则 |
| 0 or LOW | Length |
| 1 or MEDIUM | Length; numeric, lowercase/uppercase, and special characters |
| 2 or STRONG | Length; numeric, lowercase/uppercase, and special characters; dictionary file |
validate_password_dictionary_file:密码策略文件,策略为STRONG才需要
validate_password_length:密码最少长度 ,测试发现最小值得为4。
validate_password_mixed_case_count:大小写字符长度,至少1个
validate_password_number_count :数字至少1个
validate_password_special_char_count:特殊字符至少1个
3、修改策略,跟上文第二操作一样
mysql> set global validate_password_policy=0; Query OK, 0 rows affected (0.00 sec) mysql> set global validate_password_length=4; Query OK, 0 rows affected (0.00 sec), mysql> flush privileges; Query OK, 0 rows affected (0.00 sec)
4、修改简单密码测试
mysql> alter user 'root'@'localhost' identified by '1234'; #测试发现密码长度最少为4位 Query OK, 0 rows affected (0.00 sec) mysql> flush privileges; Query OK, 0 rows affected (0.01 sec) mysql> quit Bye [root@uat01 ~]# mysql -p Enter password: Welcome to the MySQL monitor. Commands end with ; or g. Your MySQL connection id is 5 Server version: 5.7.23 MySQL Community Server (GPL) Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or 'h' for help. Type 'c' to clear the current input statement. mysql>