使用普通使用者替代root來管理IEE
環境:RHEL 6.4 + IEE 4.0.6
需求:IEE資料庫之前是使用root使用者部署和管理的,現在安全強化,將資料庫交給普通使用者iee來管理。
一、當前環境
二、安全強化
IEE資料庫安裝嚮導:
根據當前的IEE進程確定那些檔案/檔案夾許可權需要修改:
[root@JingyuDB ~]# ps -ef|grep mysql|grep -v greproot 4833 1 0 16:23 pts/0 00:00:00 /bin/sh /usr/local/infobright-4.0.6-x86_64/bin/mysqld_safe --defaults-file=/etc/my-ib.cnf --log-queries-not-using-indexes --user=root --pid-file=/oradata/app/iee/data/JingyuDB.pidroot 4981 4833 0 16:23 pts/0 00:00:00 /usr/local/infobright-4.0.6-x86_64/bin/mysqld --defaults-file=/etc/my-ib.cnf --basedir=/usr/local/infobright-4.0.6-x86_64 --datadir=/oradata/app/iee/data --user=root --log-queries-not-using-indexes --log-error=/oradata/app/iee/data.err --pid-file=/oradata/app/iee/data/JingyuDB.pid --socket=/tmp/mysql-ib.sock --port=5029[root@JingyuDB ~]# ls -lh /etc/my-ib.cnf -rw-r--r--. 1 root root 2.2K Jan 27 16:08 /etc/my-ib.cnf[root@JingyuDB ~]# ls -lh /etc/init.d/mysqld-ib -rwxr--r--. 1 root root 14K Sep 9 2013 /etc/init.d/mysqld-ib[root@JingyuDB ~]# ls -lh /oradata/app|grep ieedrwxr-xr-x. 4 root root 4.0K Jan 27 16:09 iee[root@JingyuDB ~]# ls -lh /usr/local|grep infobrightdrwxr-xr-x. 11 root root 4.0K Jan 27 16:09 infobright-4.0.6-x86_64上面用到的命令列表:
--查詢IEE進程,根據mysql關鍵字ps -ef|grep mysql|grep -v grep--根據進程可以看到相關的各個檔案/檔案夾ls -lh /etc/my-ib.cnf ls -lh /etc/init.d/mysqld-ib ls -lh /oradata/app|grep ieels -lh /usr/local|grep infobrightroot使用者建立iee使用者並設定iee使用者密碼:
useradd ieepasswd ieeroot使用者關閉資料庫:
/etc/init.d/mysqld-ib stoproot使用者修改相關檔案及檔案夾的使用者及使用者組:
chown iee:iee /etc/my-ib.cnfchown iee:iee /etc/init.d/mysqld-ib chown -R iee:iee /usr/local/infobright-4.0.6-x86_64chown -R iee:iee /oradata/app/iee使用iee使用者登入主機啟動資料庫:
/etc/init.d/mysql-ib start此時再次查看IEE進程,確定進程已由普通使用者iee管理控制:
[iee@JingyuDB ~]$ ps -ef|grep mysql|grep -v grepiee 6769 1 0 16:39 pts/0 00:00:00 /bin/sh /usr/local/infobright-4.0.6-x86_64/bin/mysqld_safe --defaults-file=/etc/my-ib.cnf --log-queries-not-using-indexes --user=root --pid-file=/oradata/app/iee/data/JingyuDB.pidiee 6915 6769 0 16:39 pts/0 00:00:00 /usr/local/infobright-4.0.6-x86_64/bin/mysqld --defaults-file=/etc/my-ib.cnf --basedir=/usr/local/infobright-4.0.6-x86_64 --datadir=/oradata/app/iee/data --log-queries-not-using-indexes --log-error=/oradata/app/iee/data.err --pid-file=/oradata/app/iee/data/JingyuDB.pid --socket=/tmp/mysql-ib.sock --port=5029mysql-ib登入進IEE資料庫,驗證資料確定沒有問題:
[iee@JingyuDB ~]$ mysql-ibWelcome to the MySQL monitor. Commands end with ; or \g.Your MySQL connection id is 8Server version: 5.1.40 build number (revision)=IB_4.0.6_r16086_16275(iee - commercial) (static)Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.mysql> show databases;+--------------------+| Database |+--------------------+| information_schema || BH_RSI_Repository || jingyu || mysql || sys_infobright || test |+--------------------+6 rows in set (0.01 sec)mysql> use jingyuDatabase changedmysql> show tables;+------------------+| Tables_in_jingyu |+------------------+| T1 || t1 |+------------------+2 rows in set (0.00 sec)mysql> select count(1) from T1;+----------+| count(1) |+----------+| 4 |+----------+1 row in set (0.00 sec)mysql> 至此,完成IEE資料庫交付給普通使用者iee來管理維護。
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
