Difference between revisions of "Installing MySQL on CentOS 7"
From rdkwiki
Line 22: | Line 22: | ||
* '''flush privileges;''' --> reload all privileges | * '''flush privileges;''' --> reload all privileges | ||
− | == allow (the older) more compatible password authentication == | + | == allow (the older) more compatible password authentication on MySQL 8.0 == |
* add '''default-authentication-plugin=mysql_native_password''' to /etc/my.cnf | * add '''default-authentication-plugin=mysql_native_password''' to /etc/my.cnf | ||
Latest revision as of 07:23, 29 June 2018
Contents
Intro
The steps below will configure a working MySQL 5.6, 5.7 or 8.0 server. The steps assume that you have a (fresh) CentOS 7 server running.
Make MySQL available for installation
!! This step will replace CentOS's default MariaDB
- rpm -Uvh http://dev.mysql.com/get/mysql-community-release-el7-5.noarch.rpm --> Make MySQL 5.6 available for installation
- rpm -Uvh http://dev.mysql.com/get/mysql57-community-release-el7-8.noarch.rpm --> Make MySQL 5.7 available for installation
- rpm -Uvh http://dev.mysql.com/get/mysql80-community-release-el7-1.noarch.rpm --> Make MySQL 8.0 available for installation
Installing MySQL
- yum install mysql-server --> install the MySQL server
- systemctl start mysqld --> start the MySQL server
- systemctl status mysqld --> check if the MySQL server is running
- systemctl enable mysqld --> make the MySQL server start at boot
Securing MySQL
- grep "temporary password" /var/log/mysqld.log --> get the random password that is generated during the MySQL 5.7 or MySQL 8.0 installation
- mysql_secure_installation --> default script with a few questions to harden the MySQL security
- mysql -h localhost -u root -p --> connect with the new password from the previous step
- create user '<user>'@'<ip/subnet>' identified by '<password>'; --> here you can use wildcards for the ip/subnet (for example: '192.168.0.%' or '%' for all hosts)
- grant all privileges on *.* to '<user>'@'<ip/subnet>' with grant option; --> give the new user all rights
- flush privileges; --> reload all privileges
allow (the older) more compatible password authentication on MySQL 8.0
- add default-authentication-plugin=mysql_native_password to /etc/my.cnf
Firewall configuration
- firewall-cmd --permanent --add-service=mysql --> add MySQL service to firewall
- firewall-cmd --reload --> reload firewall with changed configuration
Move MySQL data (optional)
if you want to move the MySQL databases to another location (directory / filesystem) on your server follow the steps below.
- systemctl stop mysqld --> stop the MySQL server
- mkdir /<path>/<directory> --> create a directory of choice
- cd /var/lib/mysql --> goto the default directory
- mv * /<path>/<directory> --> move data to folder of choice
- nano /etc/my.cnf
change datadir=/var/lib/mysql to match the new path
- chown mysql.mysql /<path>/<folder> --> make MySQL owner of the new location
- systemctl start mysqld --> start the MySQL server
SELINUX restore context
if you have selinux enabled you have to restore the security settings else mysqld won't start.
- sudo yum install policycoreutils-python --> install utils
- semanage fcontext -a -t mysqld_db_t "/<path>/<folder>(/.*)?" --> apply context
- sudo restorecon -Rv /<path>/<folder> --> restore context
MySQL should start successfully again after doing this.