前言
一直以來,MySQL的應用和學習環境都是MySQL 5.6和之前的版本,也沒有去關注新版本MySQL 5.7的變化和新特性。今天幫人處理忘記root密碼的時時候,發現以前的方法不奏效了。
具體情況如下所示:
案例環境如下:
操作系統 : Red Hat Enterprise Linux Server release 6.6 (Santiago)
數據庫版本: 5.7.18 MySQL Community Server (GPL)
忘記密碼,輸入錯誤的密碼時遇到下面錯誤信息:
1
2
3
4
|
[root@mytestlnx02 ~]
# mysql -u root -p
Enter password:
ERROR 1045 (28000): Access denied
for
user
'root'
@
'localhost'
(using password: YES)
[root@mytestlnx02 ~]
#
|
檢查MySQL服務是否啟動,如果啟動,關閉MySQL服務
1
2
3
4
5
6
7
|
[root@mytestlnx02 ~]
# ps -ef | grep -i mysql
root 22972 1 0 14:18 pts
/0
00:00:00
/bin/sh
/usr/bin/mysqld_safe
--datadir=
/var/lib/mysql
--socket=
/var/lib/mysql/mysql
.sock --pid-
file
=
/var/run/mysqld/mysqld
.pid --basedir=
/usr
--user=mysql
mysql 23166 22972 0 14:18 pts
/0
00:00:00
/usr/sbin/mysqld
--basedir=
/usr
--datadir=
/var/lib/mysql
--plugin-
dir
=
/usr/lib/mysql/plugin
--user=mysql --log-error=
/var/log/mysqld
.log --pid-
file
=
/var/run/mysqld/mysqld
.pid --socket=
/var/lib/mysql/mysql
.sock
root 23237 21825 0 14:22 pts
/0
00:00:00
grep
-i mysql
[root@mytestlnx02 ~]
# service mysqld stop
Stopping mysqld: [ OK ]
[root@mytestlnx02 ~]
#
|
找到MySQL的my.cnf配置文件,在/etc/my.cnf (有些版本是/etc/mysql/my.cnf)在里面增加下面一段信息:
1
2
3
|
[mysqld]
skip-grant-tables
|
然后啟動MySQL,進入MySQL后,修改root密碼,操作過程中遇到ERROR 1054 (42S22): Unknown column 'password' in 'field list'
,查了一下user表的表結構,發現原來MySQL 5.7下,user表已經沒有Password字段。加密后的用戶密碼存儲於authentication_string字段。
具體操作過程如下所示:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
[root@mytestlnx02 ~]
# service mysqld start
Starting mysqld: [ OK ]
[root@mytestlnx02 ~]
# mysql -u root
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection
id
is 4
Server version: 5.7.18 MySQL Community Server (GPL)
Copyright (c) 2000, 2017, Oracle and
/or
its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and
/or
its
affiliates. Other names may be trademarks of their respective
owners.
Type
'help;'
or
'\h'
for
help. Type
'\c'
to
clear
the current input statement.
mysql> use mysql;
Reading table information
for
completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> update user
set
password=PASSWORD(
'Kd8k&dfdl023'
)
-> where user=
'root'
;
ERROR 1054 (42S22): Unknown column
'password'
in
'field list'
mysql> update mysql.user
set
authentication_string=password(
'Kd8k&dfdl023'
) where user=
'root'
;
Query OK, 1 row affected, 1 warning (0.00 sec)
Rows matched: 1 Changed: 1 Warnings: 1
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
mysql>
exit
|
在my.cnf文件中,把剛才加入的那一行“skip-grant-tables”注釋或刪除掉。 然后重啟MySQL服務后需要執行命令set password=password('newpassword');
后,問題搞定。
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
|
[root@mytestlnx02 ~]
# service mysqld start
Starting mysqld: [ OK ]
[root@mytestlnx02 ~]
# mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection
id
is 4
Server version: 5.7.18
Copyright (c) 2000, 2017, Oracle and
/or
its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and
/or
its
affiliates. Other names may be trademarks of their respective
owners.
Type
'help;'
or
'\h'
for
help. Type
'\c'
to
clear
the current input statement.
mysql> use mysql;
ERROR 1820 (HY000): You must reset your password using ALTER USER statement before executing this statement.
mysql>
set
password=password(
'Kd8k&dfdl023'
);
Query OK, 0 rows affected, 1 warning (0.00 sec)
|
后面查詢了一下相關資料,發現MySQL 5.7在安全方面有下一些新特性。
1. 用戶表 mysql.user 的 plugin字段不允許為空, 默認值是 mysql_native_password,而不是 mysql_old_password,不再支持舊密碼格式;
2. 增加密碼過期機制,過期后需要修改密碼,否則可能會被禁用,或者進入沙箱模式; 是否啟用密碼過期由參數default_password_lifetime控制。
1
2
3
4
5
6
7
8
9
|
mysql> show variables like
'default_password_lifetime'
;
+---------------------------+-------+
| Variable_name | Value |
+---------------------------+-------+
| default_password_lifetime | 0 |
+---------------------------+-------+
1 row
in
set
(0.00 sec)
mysql>
|
3:增加了密碼安全等級以及密碼復雜度設置。參數如下:
1
2
3
4
5
6
7
8
9
10
11
12
13
|
mysql> show variables like
'validate_password%'
;
+--------------------------------------+--------+
| Variable_name | Value |
+--------------------------------------+--------+
| validate_password_check_user_name | OFF |
| validate_password_dictionary_file | |
| validate_password_length | 8 |
| validate_password_mixed_case_count | 1 |
| validate_password_number_count | 1 |
| validate_password_policy | MEDIUM |
| validate_password_special_char_count | 1 |
+--------------------------------------+--------+
7 rows
in
set
(0.00 sec)
|
4. 使用 mysql_install_db 初始化時,默認會自動生成隨機密碼,隨機密碼放在/var/log/mysqld.log中,並且不創建除 root@localhost和mysql.sys@localhost 外的其他賬號,也不創建 test 庫;
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
[root@mytestlnx02 mysql]
# yum localinstall mysql-community-{server,client,common,libs}-*
[root@mytestlnx02 mysql]
# rpm -qa | grep -i mysql
mysql-community-client-5.7.18-1.el6.i686
mysql-community-libs-5.7.18-1.el6.i686
perl-DBD-MySQL-4.013-3.el6.x86_64
mysql-community-server-5.7.18-1.el6.i686
mysql-community-common-5.7.18-1.el6.i686
mysql-community-libs-compat-5.7.18-1.el6.i686
[root@mytestlnx02 mysql]
# service mysqld start
Initializing MySQL database: [ OK ]
Installing validate password plugin: [ OK ]
Starting mysqld: [ OK ]
[root@mytestlnx02 mysql]
#
[root@mytestlnx02 mysql]
# grep 'temporary password' /var/log/mysqld.log
2017-05-05T06:10:57.802143Z 1 [Note] A temporary password is generated
for
root@localhost: w99s(m-q_ML:
mysql>
select
user ,host from user;
+-----------+-----------+
| user | host |
+-----------+-----------+
| mysql.sys | localhost |
| root | localhost |
+-----------+-----------+
2 rows
in
set
(0.00 sec)
|
總結
以上就是這篇文章的全部內容了,希望本文的內容對大家的學習或者工作能帶來一定的幫助,如果有疑問大家可以留言交流,謝謝大家對腳本之家的支持。
轉自:http://www.jb51.net/article/113145.htm
本站转载的文章为个人学习借鉴使用,本站对版权不负任何法律责任。如果侵犯了您的隐私权益,请联系我们删除。