当前位置：首页 > news >正文

在linux系统中使用通用包安装 Mysql

news 2025/10/23 9:12:06

一、Linux 通用包安装 MySQL

1、下载并校验安装包（以 8.0.33 为例，建议校验 sha256）

https://downloads.mysql.com/archives/community/

cd /data
wget https://dev.mysql.com/get/Downloads/MySQL-8.0/mysql-8.0.33-linux-glibc2.12-x86_64.tar.xz.
# 可选：校验 sha256（从官网下载页复制对应校验值）
# sha256sum mysql-8.0.33-linux-glibc2.12-x86_64.tar.xz

2、解压并放置到统一目录（统一使用 /usr/local/mysql8）

tar -xf mysql-8.0.33-linux-glibc2.12-x86_64.tar.xz -C /usr/local
ln -s /usr/local/mysql-8.0.33-linux-glibc2.12-x86_64 /usr/local/mysql8

3、创建 mysql 用户与数据目录

groupadd -r mysql
useradd -r -g mysql -s /sbin/nologin -d /usr/local/mysql8 mysql

4、创建 data 数据存储目录

mkdir -p /usr/local/mysql8/data /usr/local/mysql8/log

5、授权mysql用户

chown -R mysql.mysql /data/mysql8/

6、初始化数据库

这里需要记住初始密码

/usr/local/mysql8/bin/mysqld --user=mysql --basedir=/usr/local/mysql8 --datadir=/usr/local/mysql8/data/ --initialize --lower-case-table-names=1

在这里插入图片描述

7、安装为系统服务（systemd，推荐）

cp /usr/local/mysql8/support-files/mysql.server /etc/systemd/system/mysqld.servicesystemctl daemon-reloadsystemctl enable --now mysqld

8、基本配置文件（/etc/my.cnf）

[mysqld]
# 目录
basedir=/usr/local/mysql8
datadir=/usr/local/mysql8/data
socket=/usr/local/mysql8/mysql.sock
log-error=/usr/local/mysql8/log/mysqld.log
pid-file=/usr/local/mysql8/log/mysqld.pid# 端口
port=3306# 字符集与排序规则
character-set-server=utf8mb4
collation-server=utf8mb4_unicode_ci
skip-character-set-client-handshake# InnoDB
default-storage-engine=INNODB
innodb_buffer_pool_size=1G
innodb_log_file_size=256M
innodb_flush_method=O_DIRECT
innodb_file_per_table=ON
innodb_flush_log_at_trx_commit=1
sync_binlog=1# 连接与安全
max_connections=200
skip-name-resolve
default_authentication_plugin=mysql_native_password# 严格模式与 SQL 模式
sql_mode=STRICT_TRANS_TABLES,NO_ENGINE_SUBSTITUTION,NO_ZERO_DATE,NO_ZERO_IN_DATE,ERROR_FOR_DIVISION_BY_ZERO,ONLY_FULL_GROUP_BY[client]
socket=/usr/local/mysql8/mysql.sock
default-character-set=utf8mb4[mysql]
prompt="\\u@\\h [\\d]> "
no-auto-rehash

9、启动与验证

systemctl restart mysqld
systemctl status mysqld# 首次登录（使用初始化时记录的临时密码）
/usr/local/mysql8/bin/mysql -uroot -p

10、首次登录后的安全设置（在 mysql 客户端内执行）

-- 1) 修改 root 本地密码（满足策略）
ALTER USER 'root'@'localhost' IDENTIFIED BY 'YourP@ssw0rd';
FLUSH PRIVILEGES;-- 2) 安全基线（删除匿名、禁止远程 root、删测试库、验证密码）
DELETE FROM mysql.user WHERE User='';
DROP DATABASE IF EXISTS test;
DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%';
ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'YourP@ssw0rd';
-- 如需本机应用以 root 连接，可添加：
-- CREATE USER 'root'@'127.0.0.1' IDENTIFIED WITH mysql_native_password BY 'YourP@ssw0rd';
-- GRANT ALL ON *.* TO 'root'@'127.0.0.1' WITH GRANT OPTION;
-- FLUSH PRIVILEGES;-- 3) 创建应用用户（示例，按需调整权限与来源）
CREATE USER 'app'@'10.0.0.%' IDENTIFIED WITH mysql_native_password BY 'AppP@ssw0rd_456!';
GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP,INDEX,ALTER ON appdb.* TO 'app'@'10.0.0.%';
FLUSH PRIVILEGES;

11、开放远程访问（可选，谨慎）

# 仅在确有需要时创建远程用户，并限制来源网段
/usr/local/mysql8/bin/mysql -uroot -p -e "
CREATE USER 'app'@'10.0.0.%' IDENTIFIED WITH mysql_native_password BY 'AppStrongP@ssw0rd_456!';
GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP,INDEX,ALTER ON appdb.* TO 'app'@'10.0.0.%';
FLUSH PRIVILEGES;"# 系统防火墙（CentOS/RHEL）
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="10.0.0.0/24" port protocol="tcp" port="3306" accept'
firewall-cmd --reload# Ubuntu/Debian
# sudo ufw allow from 10.0.0.0/24 to any port 3306 proto tcp

12、常用维护命令

# 查看状态/重启
systemctl status mysqld
systemctl restart mysqld# 登录
/usr/local/mysql8/bin/mysql -uroot -p# 设置开机自启/关闭
systemctl enable mysqld
systemctl disable mysqld