test Environment system version:
CentOS Linux release 7.3.1611 (Core)
1.Installing the MARIADB package
This package contains a Mariadb-server and some tool kits
[email protected] conf.d]# yum groupinfo mariadbloaded plugins:fastestmirrorloading mirror speeds from cached Hostfile G ROUP:MARIADB database server group-id:mariadb description:the MariaDB SQL database server, and associated packages. Mandatory Packages: =mariadb-server Optional packages:mariadb-bench mariadb-test[[email protected] conf.d] #yum Grou Pinstall mariadb
2.Execute Security Control script Mysql_secure_installation
[[Email protected] conf.d]# mysql_secure_installation note: running all PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB SERVERS IN PRODUCTION USE! PLEASE READ EACH Step carefully! in order to log into mariadb to secure it, we ' ll need the currentpassword for the root user. if You ' Ve just installed mariadb, andyou haven ' t set the root password yet, the password will be blank,so you should just press enter here. enter current password for root (enter for none): ok, successfully used password, moving on... setting the root password ensures that nobody can log into the mariadbroot user without the proper authorisation. set root password? [y/n] y // Whether to set the root password new password: re-enter new password: password updated successfully! Reloading privilege tables. ... success! by default, a mariadb installation has an anonymous user, allowing anyoneto log into MariaDB without Having to have a user account created forthem. this is intended only for testing, and to make the installationgo a bit smoother. you should remove them before moving into aproduction environment. remove anonymous users? [y/n] y //Whether to remove anonymous users ... success! normally, root should only be allowed to connect from ' localhost '. thisensures that someone cannot guess at the root password from the network. disallow root login remotely? [y/n] y //whether to block root telnet to ... success! by default, MariaDB comes with a database named ' Test ' that anyone canaccess. this is also intended only for testing, and Should be removedbefore moving into a production environment. remove test database and access to it? [y/n] y //whether to remove the test library - dropping test database... ... success! - removing privileges on test daTabase... ... success! reloading the privilege tables will ensure that all changes made so farwill take effect immediately. reload privilege tables now? [y/n] y //whether to reload permissions ... success! cleaning up... all done! if you ' ve completed all of the above steps, your mariadbinstallation should now be secure. Thanks for using mariadb! systemctl enable mariadb.servicesystemctl start mariadb.servicesystemctl status mariadb.service
3.Use root login mariadb to create users and databases
[[Email protected] conf.d]# mysql -uroot -p enter password: welcome to the mariadb monitor. commands end with ; or \g. Your mariadb connection id is 12server version: 5.5.52-mariadb mariadb Server Copyright (c) 2000, 2016, oracle, mariadb corporation ab and others. Type ' help; ' or ' \h ' for help. Type ' \c ' to clear the current input statement. mariadb [(none)]> show databases; //View Database list +--------------- -----+| database |+--------------------+ | information_schema | | mysql | | performance_schema |+--------------------+3 rows in set (0.00 sec) mariadb [(none)]> use mysql // Switch to MySQL library reading table information for completion of table and column namesYou can turn off this feature to get a quicker Startup with -a database changedmariadb [mysql]> select host,user, password from user; //Query user list +-----------+------+----------------------------------------- --+| host | user | password |+-----------+------+----------------- --------------------------+| localhost | root | * 84bb5df4823da319bbf86c99624479a198e6eee9 | | 127.0.0.1 | root | *84bb5df4823da319bbf86c99624479a198e6eee9 | | ::1 | root | * 84bb5df4823da319bbf86c99624479a198e6eee9 |+-----------+------+------------------------------------------- +3 rows in set (0.00 sec) MariaDB [mysql]> help grant //View user creation and authorization Help information name: ' GRANT ' description:syntax:grant priv_type [( column_list)] [, priv_type [(column_list)]] ... on [object_type] priv_level to user_specification [, user_specification] ... [require {none | ssl_option [[ AND] SSL_OPTION]&NBSP, ...}]     [WITH WITH_OPTION&NBSP, ...] grant proxy on user_specification to user_specification [, user_specification] ... [with grant option] object_type: TABLE | FUNCTION | PROCEDURE priv_level: * | *.* | db_name.* | db_name.tbl_name | tbl_name | db_name.routine_name user_specification: User [ identified by [password ] ' Password ' | identified with auth_plugin [as ' auth_string '] ] ssl_option: ssl | x509 | cipher ' CIPHER ' | ISSUER ' ISSUER ' | subject ' Subject ' with_option: grant option | max_queries_per_ Hour count | max_updates_per_hour count | max_connections_per_hour count | max_user_connections count the grant statement grants privileges to mysql user accounts. grantalso serves to specify other account characteristics such as use ofsecure connections and limits on access to server resources. to usegrant, you must have the grant option privilege, and you must have theprivileges that you are granting. normally, a database administrator first uses create user to create anaccount, then grant to define its privileges and characteristics. forexample:--The following 4 behaviors create user and Empowered statements create user ' Jeffrey ' @ ' localhost ' identified by ' Mypass '; grant all on db1.* to ' Jeffrey ' @ ' localhost '; grant select on db2.invoice to ' Jeffrey ' @ ' localhost '; grant usage on *.* to ' Jeffrey ' @ ' localhost ' WITH MAX_QUERIES_PER_HOUR 90; however, if an account named in a grant statement does not alreadyexist, GRANT may create it under the conditions Described later in thediscussion of the no_auto_create_user sql mode. The REVOKE statement is related to GRANT and enables administrators toremove account privileges. see [help revoke]. when Successfully executed from the mysql program, grant responds withquery ok, 0 rows affected. to determine what privileges result from theoperation, use show grants. see [ help show grants]. url: http://dev.mysql.com/doc/refman/5.5/en/grant.html mariadb [mysql]> create user ' Jeffrey ' @ '% ' IDENTIFIED BY ' mypass '; Create a Jeffrey user who can log on from any host query ok, 0 rows affected (0.01 SEC) mariadb [mysql]> create database Contacts; query ok, 1 row affected (0.00 sec) mariadb [mysql]> grant SELECT ON Contacts.* TO ' Jeffrey ' @ '% '; // Grant Effrey user Contacts database query permissions query ok, 0 rows affected (0.01 SEC) mariadb [mysql]> flush privileges; query ok, 0 rows affected (0.00 sec) mariadb [mysql]> exitbye
4.To log on from another host by using a new user
[[email protected] ~]# mysql -h 10.20.2.237 -ujeffrey -pmypasswelcome to the mysql monitor. commands end with ; or \g.your Mysql connection id is 16server version: 5.5.52-mariadb mariadb server Copyright (c) 2000, 2013, oracle and/or its affiliates. all rights reserved. oracle is a registered trademark of oracle Corporation and/or itsaffiliates. Other names may be trademarks of their respectiveowners. type ' help; ' or ' \h ' for help. Type ' \c ' to clear the current input statement. mysql> show databases;+--------------------+| database |+--------------------+| information_schema | | contacts |+--------------------+2 rows in set (0.00 sec) mysql> drop database Contacts; error 1044 (42000): access denied for user ' Jeffrey ' @ '% ' to database ' Contacts ' //jeffrey for read-only users and of course no permissions mysql>
This article is from the "11528244" blog, please be sure to keep this source http://11538244.blog.51cto.com/11528244/1910848
Install mariadb with Yum under Linux