1、首先到http://dev.mysql.com/downloads/下载安装文件,一般分为两种,一种是rpm安装包,另外一种是免安装版,解压后配置下,就可使用,我用的是源码包,MySQL Community Server 版本的mysql-5.1.42-linux-i686-icc-glibc23.tar.gz,大小为121.1M。
2、添加组(mysql)和用户(mysql),添加组的命令为groupadd, 添加用户命令为useradd,实例如下:
用su切换到root用户
#groupadd mysql
#useradd -g mysql mysql
3、将下载好的mysql-5.1.42-linux-i686-icc-glibc23.tar.gz解压到/usr/local目录下,创建软链接为mysql,实例如下:
#cd /usr/local
#gunzip mysql-5.1.42-linux-i686-icc-glibc23.tar.gz
#tar -xvf mysql-5.1.42-linux-i686-icc-glibc23.tar
#ln -s mysql-5.1.42-linux-i686-icc-glibc23 mysql
4、设置目录权限为mysql,实例如下:
#chown -R mysql:mysql mysql
5、执行安装数据库脚本scripts/mysql_install_db --user=mysql
6、拷贝配置文件和启动文件到etc目录下,实例如下:
#cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
#cp /usr/local/mysql/support-files/my-medium.cnf /etc/my.cnf
7、启动数据库,实例如下:
#/usr/local/mysql/bin/mysqld_safe --user=mysql &
[1] 3734
# 091027 12:42:59 mysqld_safe Logging to '/usr/local/mysql/data/localhost.localdomain.err'.
091027 12:43:00 mysqld_safe Starting mysqld daemon with databases from /usr/local/mysql/data
8、用netstat -atln,查看端口列表中是否有3306(默认),如果有则代表启动成功。
# netstat -atln
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 127.0.0.1:2208 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:11111 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:16851 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:698 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:2207 0.0.0.0:* LISTEN
tcp 0 0 :::22 :::* LISTEN
tcp 0 0 ::ffff:10.10.6.207:22 ::ffff:10.10.6.196:1528 ESTABLISHED
tcp 0 0 ::ffff:10.10.6.207:22 ::ffff:10.10.6.196:1215 ESTABLISHED
tcp 0 0 ::ffff:10.10.6.207:22 ::ffff:10.10.6.196:1526 ESTABLISHED
9、用root用户,密码默认为空,登录mysql,如果出现mysql>命令提示,则登录成功,实例如下:
#/usr/local/mysql/bin/mysql -u root -p
#mysql>
10、此时mysql服务端安装完成,当我们试图远程连接时,可能出现“Host XXX.XXX.XXX.XXX is not allowed to connect to this MySQL server”拒绝的连接的提示,这是没有设置防火墙的问题,增加3306端口的权限,实例如下:
#vim /etc/sysconfig/iptables
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 2049 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 137 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 138 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 139 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 445 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 23 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
增加一行3306的权限,修改后如下:
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 2049 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 137 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 138 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 139 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 445 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 23 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
保存退出
#service iptables restart
重新启动,使生效
11、赋予用户权限
#mysql> grant all privileges on *.* to root@'%' identified by '123456';
12、添加用户,可以使用grant添加用户
#mysql> GRANT ALL PRIVILEGES ON *.* TO monty@localhost
IDENTIFIED BY 'something' WITH GRANT OPTION;
#mysql> GRANT ALL PRIVILEGES ON *.* TO monty@"%"
IDENTIFIED BY 'something' WITH GRANT OPTION;
#mysql> GRANT RELOAD,PROCESS ON *.* TO admin@localhost;
#mysql> GRANT USAGE ON *.* TO dummy@localhost;
这些GRANT语句安装3个新用户:
monty:可以从任何地方连接服务器的一个完全的超级用户,但是必须使用一个口令('something'做这个。注意,我们必须对monty@localhost和monty@"%"发出GRANT语句。如果我们增加localhost条目,对localhost的匿名用户条目在我们从本地主机连接接时由mysql_install_db创建的条目将优先考虑,因为它有更特定的Host字段值,所以以user表排列顺序看更早到来。
admin:可以从localhost没有一个口令进行连接并且被授予reload和process管理权限的用户。这允许用户执行mysqladmin reload、mysqladmin refresh和mysqladmin flush-*命令,还有mysqladmin processlist。没有授予数据库有关的权限。他们能在以后通过发出另一个GRANT语句授权。
dummy:可以不用一个口令连接的一个用户,但是只能从本地主机。全局权限被设置为'N'--USAGE权限类型允许你无需权限就可设置一个用户。它假定你将在以后授予数据库相关的权限。
13、修改密码
用户密码信息存在mysql数据库,user表下,实例如下:
[mysql@bssin1 bin]$ /usr/local/mysql/bin/mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or /g.
Your MySQL connection id is 11
Server version: 5.1.42-log MySQL Community Server (GPL)
Type 'help;' or '/h' for help. Type '/c' to clear the current input statement.
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| test |
+--------------------+
3 rows in set (0.00 sec)
mysql> use mysql;
Database changed
mysql> show tables;
+---------------------------+
| Tables_in_mysql |
+---------------------------+
| columns_priv |
| db |
| event |
| func |
| general_log |
| help_category |
| help_keyword |
| help_relation |
| help_topic |
| host |
| ndb_binlog_index |
| plugin |
| proc |
| procs_priv |
| servers |
| slow_log |
| tables_priv |
| time_zone |
| time_zone_leap_second |
| time_zone_name |
| time_zone_transition |
| time_zone_transition_type |
| user |
+---------------------------+
23 rows in set (0.00 sec)
mysql> update user set password=password("123456") where user="root";
mysql> FLUSH PRIVILEGES;
刷新权限后,更改成功!