Ubuntu24.04安裝mysql-server小計(jì)，解決mysql_secure_installation時(shí)不能重置密碼的問(wèn)題

為什么要寫(xiě)這往篇文章？

一般情況下，我安裝mysql都用源碼編譯，以此方便安裝更多自定義插件，但這次只需要安裝一臺(tái)開(kāi)發(fā)機(jī)，無(wú)需太多要求。機(jī)器上安裝的是ubuntu24.04，本著省時(shí)省力的想法，用官方的apt安裝。結(jié)果，，，，很久沒(méi)有搞定重設(shè)密碼問(wèn)題。繞了一圈，終究搞定了，但花的時(shí)間也不少，因此，寫(xiě)個(gè)備忘錄，以便后需。

安裝

1. apt倉(cāng)庫(kù)方式安裝

sudo apt update
sudo apt install mysql-server -y
sudo systemctl status mysql
sudo systemctl start mysql

2.設(shè)置賬號(hào)

sudo mysql_secure_installation

按照提示完成以下步驟：

• 設(shè)置root用戶密碼
• 移除匿名用戶
• 禁止root遠(yuǎn)程登錄
• 移除測(cè)試數(shù)據(jù)庫(kù)并重新加載權(quán)限表

執(zhí)行過(guò)程需要輸入 Y N Y Y，根據(jù)情況自行選擇

root@fred-4:/home/fred-4# sudo mysql_secure_installationSecuring the MySQL server deployment.Connecting to MySQL using a blank password.
The 'validate_password' component is installed on the server.
The subsequent steps will run with the existing configuration
of the component.Skipping password set for root as authentication with auth_socket is used by default.
If you would like to use password authentication instead, this can be done with the "ALTER_USER" command.
See https://dev.mysql.com/doc/refman/8.0/en/alter-user.html#alter-user-password-management for more information.By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.Remove anonymous users? (Press y|Y for Yes, any other key for No) : Y
Success.Normally, root should only be allowed to connect from
'localhost'. This ensures that someone cannot guess at
the root password from the network.Disallow root login remotely? (Press y|Y for Yes, any other key for No) : N... skipping.
By default, MySQL comes with a database named 'test' that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.Remove test database and access to it? (Press y|Y for Yes, any other key for No) : Y- Dropping test database...
Success.- Removing privileges on test database...
Success.Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.Reload privilege tables now? (Press y|Y for Yes, any other key for No) : Y
Success.All done! 

注意：Skipping password set for root as authentication with auth_socket is used by default. 密碼設(shè)置已被跳過(guò)。

By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them.
設(shè)置了匿名用戶。。
那該怎么登錄呢？

就是不要輸?shù)卿浻脩糁苯舆M(jìn)入：

$ mysql
ERROR 1045 (28000): Access denied for user 'my-ubuntu-user'@'localhost' (using password: NO)

完?duì)僮?#xff0c;明明只輸入了mysql ,執(zhí)行的卻是mysql -u ‘my-ubuntu-user’@‘localhost’

咋辦？繼續(xù)看吧

匿名登錄方法

進(jìn)入超級(jí)用戶環(huán)境，再進(jìn)mysql

$ sudo su
$ mysql

Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 10
Server version: 8.0.37-0ubuntu0.24.04.1 (Ubuntu)Copyright (c) 2000, 2024, Oracle and/or its affiliates.Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.mysql> 

OK，搞定

進(jìn)去了，接下來(lái)要改密碼

修改密碼

mysql> select user, plugin,host from mysql.user;
+------------------+-----------------------+-----------+
| user             | plugin                | host      |
+------------------+-----------------------+-----------+
| root             | auth_socket           | localhost |
+------------------+-----------------------+-----------+
5 rows in set (0.00 sec)

plugin auth_socket 要換掉
換成下面的

mysql> select user, plugin,host from mysql.user;
+------------------+-----------------------+-----------+
| user             | plugin                | host      |
+------------------+-----------------------+-----------+
| root             | mysql_native_password | localhost |
+------------------+-----------------------+-----------+
5 rows in set (0.00 sec)

mysql> ALTER USER 'root'@'%' IDENTIFIED WITH mysql_native_password BY '123456';
ERROR 1819 (HY000): Your password does not satisfy the current policy requirements

服了吧，報(bào)錯(cuò)了，這是密碼強(qiáng)度不夠

SHOW VARIABLES LIKE 'validate_password%';
+-------------------------------------------------+--------+
| Variable_name                                   | Value  |
+-------------------------------------------------+--------+
| validate_password.changed_characters_percentage | 0      |
| validate_password.check_user_name               | ON     |
| validate_password.dictionary_file               |        |
| validate_password.length                        | 8      |
| validate_password.mixed_case_count              | 1      |
| validate_password.number_count                  | 1      |
| validate_password.policy                        | MEDIUM |
| validate_password.special_char_count            | 1      |
+-------------------------------------------------+--------+

validate_password.policy由于是內(nèi)部測(cè)試機(jī)，這項(xiàng)改低一點(diǎn)，不然以前的項(xiàng)目都得改

mysql> set global validate_password.policy=0;
Query OK, 0 rows affected (0.00 sec)
mysql>  set global validate_password.length=6;
Query OK, 0 rows affected (0.00 sec)

現(xiàn)在可以改簡(jiǎn)單密碼了

mysql> ALTER USER 'root'@'%' IDENTIFIED WITH mysql_native_password BY '123456';
Query OK, 0 rows affected (0.08 sec)
mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.03 sec)

查看plugin

mysql> select user, plugin,host from mysql.user;
+------------------+-----------------------+-----------+
| user             | plugin                | host      |
+------------------+-----------------------+-----------+
| root             | mysql_native_password | localhost |
+------------------+-----------------------+-----------+
5 rows in set (0.00 sec)

搞定了

接下來(lái)可以exit退出超級(jí)用戶登錄了

mysql -u root -p
Enter password: 
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 8
Server version: 8.0.37-0ubuntu0.24.04.1 (Ubuntu)Copyright (c) 2000, 2024, Oracle and/or its affiliates.Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.mysql> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| mysql              |
| performance_schema |
| sys                |
+--------------------+
4 rows in set (0.03 sec)

其它配置

$ sudo nano /etc/mysql/my.cnf

如下配置安需修改

GNU nano 7.2                                                    /etc/mysql/my.cnf                                                              
#
# The MySQL database server configuration file.
#
# You can copy this to one of:
# - "/etc/mysql/my.cnf" to set global options,
# - "~/.my.cnf" to set user-specific options.
# 
# One can use all long options that the program supports.
# Run program with --help to get a list of available options and with
# --print-defaults to see which it would actually understand and use.
#
# For explanations see
# http://dev.mysql.com/doc/mysql/en/server-system-variables.html#
# * IMPORTANT: Additional settings that can override those from this file!
#   The files must end with '.cnf', otherwise they'll be ignored.
#
!includedir /etc/mysql/conf.d/
!includedir /etc/mysql/mysql.conf.d/
[mysqld]
bind-address = 0.0.0.0
mysqlx-bind-address = 0.0.0.0
port = 3307
mysqlx_port = 33070
default_authentication_plugin = mysql_native_password

重啟，自啟

 sudo systemctl restart mysqlsudo systemctl enable mysql

修改root用戶，允許遠(yuǎn)程登錄

mysql> update mysql.user set host = '%' where user='root' and host='localhost';
mysql> FLUSH PRIVILEGES;

新建用戶

mysql> set global validate_password.policy=0;
mysql> set global validate_password.length=6;mysql> create user 'my'@'%' identified by '123456';
mysql> grant all privileges on *.* to 'my'@'%' with grant option;

回收權(quán)限

mysql> REVOKE privileges ON *.* FROM 'my'@'%';
1227 - Access denied; you need (at least one of) the SYSTEM_USER privilege(s) for this operation

root用戶沒(méi)有SYSTEM_USER權(quán)限。

mysql> grant SYSTEM_USER on *.*  to 'root';
mysql> flush privileges;

刪除用戶

mysql> DROP USER 'my'@'%';