服務器上Mysql的版本為:社區版的mysql-community-server-5.6.14。近日局方對服務器進行漏洞掃描,發現zhyh08上的mysql存在幾個高危漏洞,要求進行修復。受這幾個漏洞影響的主要是5.6.17及以前的版本,所以將mysql升級至最新的5.6.25即可解決問題。
1、下載最新的mysql安裝包(rpm文件),鏈接如下:
MySQL-5.6.25-1.el6.x86_64.rpm-bundle.tar
2、備份數據庫數據,這裡使用的是mysqldump命令。
3、備份/etc/my.cnf:cp /etc/my.cnf /etc/my.cnf_backup
3、停止mysql服務:service mysql stop
4、解壓上面的tar包:tar -xvf MySQL-5.6.25-1.el6.x86_64.rpm-bundle.tar
5、確認服務器上所安裝的mysql的各個組件,這裡我們只升級server和client。
[hadoop@zlyh08 chx]$ rpm -qa|grep -i mysql mysql-community-libs-compat-5.6.14-3.el6.x86_64 mysql-community-devel-5.6.14-3.el6.x86_64 mysql-community-common-5.6.14-3.el6.x86_64 mysql-community-libs-5.6.14-3.el6.x86_64 mysql-community-server-5.6.14-3.el6.x86_64 mysql-community-client-5.6.14-3.el6.x86_64 perl-DBD-MySQL-4.013-3.el6.x86_64 [hadoop@zlyh08 chx]$
6、將server和client卸載:
rpm -e mysql-community-server-5.6.14-3.el6.x86_64 rpm -e mysql-community-client-5.6.14-3.el6.x86_64
注:如若不先卸載的話,安裝時會報文件沖突:
[root@zlyh08 chx]# rpm -Uvh MySQL-server-5.6.25-1.el6.x86_64.rpm Preparing... ########################################### [100%] file /usr/share/mysql/bulgarian/errmsg.sys from install of MySQL-server-5.6.25-1.el6.x86_64 conflicts with file from package mysql-community-common-5.6.14-3.el6.x86_64 ………… file /usr/share/mysql/french/errmsg.sys from install of MySQL-server-5.6.25-1.el6.x86_64 conflicts with file from package mysql-community-common-5.6.14-3.el6.x86_64
7、重新安裝server和client:
[root@zlyh08 chx]# rpm -ivh MySQL-server-5.6.25-1.el6.x86_64.rpm Preparing... ########################################### [100%] 1:MySQL-server ########################################### [100%] 2015-07-01 16:02:40 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_for_timestamp server option (see documentation for more details). 2015-07-01 16:02:40 0 [Note] /usr/sbin/mysqld (mysqld 5.6.25) starting as process 28611 ... 2015-07-01 16:02:40 28611 [Note] InnoDB: Using atomics to ref count buffer pool pages 2015-07-01 16:02:40 28611 [Note] InnoDB: The InnoDB memory heap is disabled ………… 2015-07-01 16:02:44 28633 [Note] InnoDB: FTS optimize thread exiting. 2015-07-01 16:02:44 28633 [Note] InnoDB: Starting shutdown... 2015-07-01 16:02:45 28633 [Note] InnoDB: Shutdown completed; log sequence number 1625987 A RANDOM PASSWORD HAS BEEN SET FOR THE MySQL root USER ! You will find that password in '/root/.mysql_secret'.#竟然沒發現這一行,難怪裝完一直連不上 ---------- [root@appserver ~]# cat /root/.mysql_secret # The random password set for the root user at Thu Nov 20 15:52:02 2014 (local time): sFpJCf6WLhyYKc35 ---------- You must change that password on your first connect, no other statement but 'SET PASSWORD' will be accepted. See the manual for the semantics of the 'password expired' flag. Also, the account for the anonymous user has been removed. In addition, you can run: /usr/bin/mysql_secure_installation which will also give you the option of removing the test database. This is strongly recommended for production servers. See the manual for more instructions. Please report any problems at http://bugs.mysql.com/ The latest information about MySQL is available on the web at http://www.mysql.com Support MySQL by buying support/licenses at http://shop.mysql.com New default config file was created as /usr/my.cnf and will be used by default by the server when you start it. You may edit this file to change server settings [root@zlyh08 chx]# rpm -ivh MySQL-client-5.6.25-1.el6.x86_64.rpm Preparing... ########################################### [100%] 1:MySQL-client ########################################### [100%] [root@zlyh08 chx]#
8、恢復my.cnf:cp /etc/my.cnf_backup /etc/my.cnf
9、啟動mysql服務:service mysql start
[root@zlyh08 chx]# service mysql start Starting MySQL... SUCCESS!
10、使用客戶端連接mysql:
[root@zlyh08 mysql-5.6.25]# mysql ERROR 2002 (HY000): Can t connect to local MySQL server through socket '/data1/mysql/mysql.sock' (2)
11、查看/data1/mysql目錄下,確實沒有mysql.sock文件。
12、查看/etc/my.cnf文件,發現只在[mysql]下面配置了
[mysql] socket=/data1/mysql/mysql.sock default-character-set=utf8 [mysqld] #mysqld下面沒有配置socket #skip-grant-tables interactive_timeout=300 wait_timeout=300
13、編輯/etc/my.cnf,在[mysqld]下面添加socket的配置,使用服務器和客戶端都使用同一個socket文件,如下:
[mysql] socket=/data1/mysql/mysql.sock default-character-set=utf8 [mysqld] #skip-grant-tables socket=/data1/mysql/mysql.sock #增加此行,之前只[mysql]加了這一項 interactive_timeout=300 wait_timeout=300
14、重啟mysql服務。
15、使用升級前的root用戶連接mysql:
[hadoop@zlyh08 report_script]$ mysql -hzlyh08 -uroot -p Enter password: Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 233 Server version: 5.6.25 MySQL Community Server (GPL) Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> show databases; +--------------------+ | Database | +--------------------+ | information_schema | | apollo_v1.0 | | hive | | log | | metastore | | mysql | | oozie | | performance_schema | | test | +--------------------+ 9 rows in set (0.00 sec) mysql>
16、至此,升級完成。
以上所述是小編給大家介紹的Mysql從5.6.14安全升級至mysql5.6.25的方法,希望對大家有所幫助,如果大家有任何疑問請給我留言,小編會及時回復大家的。在此也非常感謝大家對網站的支持!