程序師世界是廣大編程愛好者互助、分享、學習的平台,程序師世界有你更精彩!
首頁
編程語言
C語言|JAVA編程
Python編程
網頁編程
ASP編程|PHP編程
JSP編程
數據庫知識
MYSQL數據庫|SqlServer數據庫
Oracle數據庫|DB2數據庫
 程式師世界 >> 數據庫知識 >> MYSQL數據庫 >> 關於MYSQL數據庫 >> Mysql從5.6.14安全升級至mysql5.6.25的方法

Mysql從5.6.14安全升級至mysql5.6.25的方法

編輯:關於MYSQL數據庫

服務器上Mysql的版本為:社區版的mysql-community-server-5.6.14。近日局方對服務器進行漏洞掃描,發現zhyh08上的mysql存在幾個高危漏洞,要求進行修復。受這幾個漏洞影響的主要是5.6.17及以前的版本,所以將mysql升級至最新的5.6.25即可解決問題。

1、下載最新的mysql安裝包(rpm文件),鏈接如下:

MySQL-5.6.25-1.el6.x86_64.rpm-bundle.tar

2、備份數據庫數據,這裡使用的是mysqldump命令。

3、備份/etc/my.cnf:cp /etc/my.cnf /etc/my.cnf_backup

3、停止mysql服務:service mysql stop

4、解壓上面的tar包:tar -xvf MySQL-5.6.25-1.el6.x86_64.rpm-bundle.tar

5、確認服務器上所安裝的mysql的各個組件,這裡我們只升級server和client。

[hadoop@zlyh08 chx]$ rpm -qa|grep -i mysql
mysql-community-libs-compat-5.6.14-3.el6.x86_64
mysql-community-devel-5.6.14-3.el6.x86_64
mysql-community-common-5.6.14-3.el6.x86_64
mysql-community-libs-5.6.14-3.el6.x86_64
mysql-community-server-5.6.14-3.el6.x86_64
mysql-community-client-5.6.14-3.el6.x86_64
perl-DBD-MySQL-4.013-3.el6.x86_64
[hadoop@zlyh08 chx]$ 

6、將server和client卸載:

rpm -e mysql-community-server-5.6.14-3.el6.x86_64
rpm -e mysql-community-client-5.6.14-3.el6.x86_64

注:如若不先卸載的話,安裝時會報文件沖突:

[root@zlyh08 chx]# rpm -Uvh MySQL-server-5.6.25-1.el6.x86_64.rpm 
Preparing... ########################################### [100%]
file /usr/share/mysql/bulgarian/errmsg.sys from install of MySQL-server-5.6.25-1.el6.x86_64 conflicts with file from package mysql-community-common-5.6.14-3.el6.x86_64
…………
file /usr/share/mysql/french/errmsg.sys from install of MySQL-server-5.6.25-1.el6.x86_64 conflicts with file from package mysql-community-common-5.6.14-3.el6.x86_64

7、重新安裝server和client:

[root@zlyh08 chx]# rpm -ivh MySQL-server-5.6.25-1.el6.x86_64.rpm
Preparing... ########################################### [100%]
1:MySQL-server ########################################### [100%]
2015-07-01 16:02:40 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_for_timestamp server option (see documentation for more details).
2015-07-01 16:02:40 0 [Note] /usr/sbin/mysqld (mysqld 5.6.25) starting as process 28611 ...
2015-07-01 16:02:40 28611 [Note] InnoDB: Using atomics to ref count buffer pool pages
2015-07-01 16:02:40 28611 [Note] InnoDB: The InnoDB memory heap is disabled
…………
2015-07-01 16:02:44 28633 [Note] InnoDB: FTS optimize thread exiting.
2015-07-01 16:02:44 28633 [Note] InnoDB: Starting shutdown...
2015-07-01 16:02:45 28633 [Note] InnoDB: Shutdown completed; log sequence number 1625987
A RANDOM PASSWORD HAS BEEN SET FOR THE MySQL root USER !
You will find that password in '/root/.mysql_secret'.#竟然沒發現這一行,難怪裝完一直連不上
----------
[root@appserver ~]# cat /root/.mysql_secret
# The random password set for the root user at Thu Nov 20 15:52:02 2014 (local time): sFpJCf6WLhyYKc35
----------
You must change that password on your first connect,
no other statement but 'SET PASSWORD' will be accepted.
See the manual for the semantics of the 'password expired' flag.
Also, the account for the anonymous user has been removed.
In addition, you can run:
/usr/bin/mysql_secure_installation
which will also give you the option of removing the test database.
This is strongly recommended for production servers.
See the manual for more instructions.
Please report any problems at http://bugs.mysql.com/
The latest information about MySQL is available on the web at
http://www.mysql.com
Support MySQL by buying support/licenses at http://shop.mysql.com
New default config file was created as /usr/my.cnf and
will be used by default by the server when you start it.
You may edit this file to change server settings
[root@zlyh08 chx]# rpm -ivh MySQL-client-5.6.25-1.el6.x86_64.rpm 
Preparing... ########################################### [100%]
1:MySQL-client ########################################### [100%]
[root@zlyh08 chx]#

8、恢復my.cnf:cp /etc/my.cnf_backup /etc/my.cnf

9、啟動mysql服務:service mysql start

[root@zlyh08 chx]# service mysql start
Starting MySQL... SUCCESS!

10、使用客戶端連接mysql:

[root@zlyh08 mysql-5.6.25]# mysql
ERROR 2002 (HY000): Can t connect to local MySQL server through socket '/data1/mysql/mysql.sock' (2)

11、查看/data1/mysql目錄下,確實沒有mysql.sock文件。

12、查看/etc/my.cnf文件,發現只在[mysql]下面配置了

[mysql]
socket=/data1/mysql/mysql.sock
default-character-set=utf8
[mysqld] #mysqld下面沒有配置socket
#skip-grant-tables
interactive_timeout=300
wait_timeout=300

13、編輯/etc/my.cnf,在[mysqld]下面添加socket的配置,使用服務器和客戶端都使用同一個socket文件,如下:

[mysql]
socket=/data1/mysql/mysql.sock
default-character-set=utf8
[mysqld]
#skip-grant-tables
socket=/data1/mysql/mysql.sock #增加此行,之前只[mysql]加了這一項
interactive_timeout=300
wait_timeout=300

14、重啟mysql服務。

15、使用升級前的root用戶連接mysql:

[hadoop@zlyh08 report_script]$ mysql -hzlyh08 -uroot -p
Enter password: 
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 233
Server version: 5.6.25 MySQL Community Server (GPL)
Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| apollo_v1.0 |
| hive |
| log |
| metastore |
| mysql |
| oozie |
| performance_schema |
| test |
+--------------------+
9 rows in set (0.00 sec)
mysql>

16、至此,升級完成。

以上所述是小編給大家介紹的Mysql從5.6.14安全升級至mysql5.6.25的方法,希望對大家有所幫助,如果大家有任何疑問請給我留言,小編會及時回復大家的。在此也非常感謝大家對網站的支持!

  1. 上一頁:
  2. 下一頁:
Copyright © 程式師世界 All Rights Reserved