原文鏈接:http://www.cnblogs.com/jonsea/p/5510219.html
---------------------------------------------------------------------------
松門一枝花補充
最簡單的方法:
1、配置文件中把密碼策略關了。本文中間部分有介紹。
2、重啟服務
3、用mysql生成的臨時密碼登錄。見本文末尾。
4、修改root密碼。set password=password('新密碼');
5、退出登錄,再登錄。就可以操作了。
在Centos6.6上安裝MySQL5.7.12時,遇到了一個問題
安裝后在/root目錄下沒有發現有.mysql_secret這個文件,所以沒有沒法按照官方文檔上說的那樣使用,這里記錄下,
解決方式:
首先修改MySQL授權登錄方式---(跳過授權驗證方式啟動MySQL):
[root@test ~]# mysqld_safe --skip-grant-tables & [1] 3401 [root@test ~]# 2016-05-19T12:47:56.564385Z mysqld_safe Logging to '/var/log/mysqld.log'. 2016-05-19T12:47:56.589376Z mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql
檢查MySQL啟動情況 [root@test ~]# ps -ef | grep mysql root 3401 2880 0 20:47 pts/1 00:00:00 /bin/sh /usr/bin/mysqld_safe --skip-grant-tables mysql 3548 3401 0 20:47 pts/1 00:00:00 /usr/sbin/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib64/mysql/plugin --user=mysql --skip-grant-tables --log-error=/var/log/mysqld.log --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/lib/mysql/mysql.sock
這時登錄MySQL不再需要驗證
[root@test ~]# mysql
成功登錄MySQL后:
切換到mysql系統庫: mysql> use mysql;修改root賬戶登錄密碼: mysql> update user set password=password('') where user='root'; ERROR 1054 (42S22): Unknown column 'password' in 'field list' ---報錯沒有password這個數據字段列 描述user表 mysql> desc user; ... | authentication_string | text | YES | | NULL | | | password_expired | enum('N','Y') | NO | | N | | | password_last_changed | timestamp | YES | | NULL | | | password_lifetime | smallint(5) unsigned | YES | | NULL | | | account_locked | enum('N','Y') | NO | | N | | +------------------------+-----------------------------------+------+-----+-----------------------+-------+ ---沒發現password列,但是找到這5個跟密碼相關的數據字段 查詢一下相關的密碼信息: mysql> select user,host,authentication_string,password_expired from user; +-----------+-----------+-------------------------------------------+------------------+ | user | host | authentication_string | password_expired | +-----------+-----------+-------------------------------------------+------------------+ | root | localhost | *9AA01F6E2A80A823ACB72CC07337E2911404B5B8 | Y | | mysql.sys | localhost | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE | N | +-----------+-----------+-------------------------------------------+------------------+ ---到這里不難發現root賬戶的密碼已過期,還比5.6多出了一個mysql.sys用戶 修改密碼 mysql> update user set authentication_string=password('123abc') where user='root'; Query OK, 1 row affected (0.00 sec) Rows matched: 1 Changed: 1 Warnings: 0mysql> flush privileges; Query OK, 0 rows affected (0.00 sec)mysql> exit
密碼修改成功,測試:
重啟MySQL: [root@test ~]# /etc/init.d/mysqld restart登錄測試: [root@test ~]# mysql -p Enter password: Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 3 Server version: 5.7.12-enterprise-commercial-advanced ... mysql> show databases; ERROR 1820 (HY000): You must reset your password using ALTER USER statement before executing this statement. ---報錯,需要使用alter user 修改密碼
mysql> alter user root@'localhost' identified by 'oracle'; ERROR 1819 (HY000): Your password does not satisfy the current policy requirements ---報錯,密碼不滿足制定的密碼負責度要求
mysql> alter user 'root'@'localhost' identified by 'Abc!123D'; Query OK, 0 rows affected (0.01 sec)mysql> show databases; +--------------------+ | Database | +--------------------+ | information_schema | | mysql | | performance_schema | | sys | +--------------------+ 4 rows in set (0.00 sec)
?關于密碼策略
mysql> SHOW VARIABLES LIKE 'validate_password%'; +--------------------------------------+--------+ | Variable_name | Value | +--------------------------------------+--------+ | validate_password_dictionary_file | | | validate_password_length | 8 | | validate_password_mixed_case_count | 1 | | validate_password_number_count | 1 | | validate_password_policy | MEDIUM | | validate_password_special_char_count | 1 | +--------------------------------------+--------+ 6 rows in set (0.02 sec) mysql> show plugins; +----------------------------+----------+--------------------+----------------------+-------------+ | Name | Status | Type | Library | License | +----------------------------+----------+--------------------+----------------------+-------------+ | binlog | ACTIVE | STORAGE ENGINE | NULL | PROPRIETARY |... | validate_password | ACTIVE | VALIDATE PASSWORD | validate_password.so | PROPRIETARY | +----------------------------+----------+--------------------+----------------------+-------------+ ---可以通過在配置文件[mysqld]標簽中添加 validate_passwor=off ,來關閉密碼策略 如下: ... | validate_password | DISABLED | VALIDATE PASSWORD | validate_password.so | PROPRIETARY | +----------------------------+----------+--------------------+----------------------+-------------+
配置文件位置
[root@master ~]# find / -name my.cnf
/etc/my.cnf
總結
1)?安裝好mysql后,第一次啟動時,root管理密碼會在/root/.mysql_secret中隨機生成
2)?至5.7后,MySQL的 mysql.user 表中的密碼字段由之前的 password 改為 authentication_string
3)?使用--skip-grant-tables 參數啟動,跳過MySQL的授權驗證,--skip-networking參數,跳過遠程登錄
4) 修改MySQL密碼方式:
法1:update?user?set authentication_string=password('123abc')?where?user='root';
法2:set?password=password('newpassword');
法3:alter?user?root@'localhost'?identified by?'oracle';
法4:在shell下使用MySQL工具:mysqladmin?-uroot?-poldpassword?pasword?"newpassword"
5) 關于MySQL密碼策略:
決定是否使用該插件(及強制/永久強制使用)
--validate-password=ON/OFF/FORCE/FORCE_PLUS_PERMANENT
validate_password_dictionary_file ? ? ? ? ??> 插件用于驗證密碼強度的字典文件路徑。
validate_password_length ? ? ? ? ? ? ? ? ? ? ? ?> 密碼最小長度。
validate_password_mixed_case_count ? ??> 密碼至少要包含的小寫字母個數和大寫字母個數。
validate_password_number_count > 密碼至少要包含的數字個數。
validate_password_policy ? ? ? ? ? ? ? ? ? ? ? ??> 密碼強度檢查等級,0/LOW、1/MEDIUM、2/STRONG。
validate_password_special_char_count ? ?> 密碼至少要包含的特殊字符數。
其中關于validate_password_policy-密碼強度檢查等級:
0/LOW >?只檢查長度。
1/MEDIUM ? ? ?>?檢查長度、數字、大小寫、特殊字符。
2/STRONG ? ? ?>?檢查長度、數字、大小寫、特殊字符字典文件。
后記
經過一段時間后,發現mysql初始密碼原來被記錄到了日志文件中
查找日志位置
[root@test /var/lib/mysql]# ps -ef | grep mysql root 5604 1 0 22:40 pts/1 00:00:00 /bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql --socket=/var/lib/mysql/mysql.sock --pid-file=/var/run/mysqld/mysqld.pid --basedir=/usr --user=mysql mysql 5802 5604 5 22:40 pts/1 00:00:00 /usr/sbin/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib64/mysql/plugin --user=mysql --log-error=/var/log/mysqld.log --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/lib/mysql/mysql.sock root 5837 2880 0 22:40 pts/1 00:00:00 grep --color mysql
藏在日志文件中的臨時密碼 [root@test /var/lib/mysql]# grep "A temporary password" /var/log/mysqld.log 2016-05-17T16:46:53.059632Z 1 [Note] A temporary password is generated for root@localhost: +wGVA#to(4tu
?
