기존 MariaDB 제거 (설치되어 있는 경우)
|
1 2 3 |
sudo dnf remove mariadb* -y |
MySQL 공식 저장소 추가
|
1 2 3 4 5 6 7 |
# Rocky Linux 8 sudo rpm -Uvh https://dev.mysql.com/get/mysql80-community-release-el8-9.noarch.rpm # Rocky Linux 9 sudo rpm -Uvh https://dev.mysql.com/get/mysql80-community-release-el9-1.noarch.rpm |
Rocky Linux 8 전용 — 기본 MySQL 모듈 비활성화
|
1 2 3 4 |
# Rocky 8만 필요 (Rocky 9는 생략) sudo dnf module disable mysql -y |
MySQL 설치
|
1 2 3 |
sudo dnf install mysql-community-server -y |
MySQL 시작 및 자동실행 등록
|
1 2 3 4 5 6 7 |
sudo systemctl start mysqld sudo systemctl enable mysqld # 상태 확인 sudo systemctl status mysqld |
초기 임시 비밀번호 확인
|
1 2 3 4 5 |
sudo grep 'temporary password' /var/log/mysqld.log [Note] A temporary password is generated for root@localhost: Ab!1xxxxxx; |
보안 초기 설정
|
1 2 3 4 5 6 7 |
sudo mysql_secure_installation 임시 비밀번호 입력 새 root 비밀번호 설정 (대문자+소문자+숫자+특수문자 포함, 8자 이상) 나머지 질문은 알아서 Y,N 권장 |
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 |
# sudo mysql_secure_installation Securing the MySQL server deployment. Enter password for user root: The existing password for the user account root has expired. Please set a new password. New password: Re-enter new password: ... Failed! Error: Your password does not satisfy the current policy requirements New password: Re-enter new password: Sorry, passwords do not match. New password: Re-enter new password: ... Failed! Error: Your password does not satisfy the current policy requirements New password: Re-enter new password: ... Failed! Error: Your password does not satisfy the current policy requirements New password: Re-enter new password: The 'validate_password' component is installed on the server. The subsequent steps will run with the existing configuration of the component. Using existing password for root. Estimated strength of the password: 100 Change the password for root ? ((Press y|Y for Yes, any other key for No) : y New password: Re-enter new password: Estimated strength of the password: 100 Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : y By default, a MySQL installation has an anonymous user, allowing anyone to log into MySQL without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment. Remove anonymous users? (Press y|Y for Yes, any other key for No) : y Success. Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network. Disallow root login remotely? (Press y|Y for Yes, any other key for No) : n ... skipping. By default, MySQL comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment. Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y - Dropping test database... Success. - Removing privileges on test database... Success. Reloading the privilege tables will ensure that all changes made so far will take effect immediately. Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y Success. All done! |
방화벽 설정 (외부 접속 허용 시)
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 |
# sudo mysql_secure_installation Securing the MySQL server deployment. Enter password for user root: The existing password for the user account root has expired. Please set a new password. New password: Re-enter new password: ... Failed! Error: Your password does not satisfy the current policy requirements New password: Re-enter new password: Sorry, passwords do not match. New password: Re-enter new password: ... Failed! Error: Your password does not satisfy the current policy requirements New password: Re-enter new password: ... Failed! Error: Your password does not satisfy the current policy requirements New password: Re-enter new password: The 'validate_password' component is installed on the server. The subsequent steps will run with the existing configuration of the component. Using existing password for root. Estimated strength of the password: 100 Change the password for root ? ((Press y|Y for Yes, any other key for No) : y New password: Re-enter new password: Estimated strength of the password: 100 Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : y By default, a MySQL installation has an anonymous user, allowing anyone to log into MySQL without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment. Remove anonymous users? (Press y|Y for Yes, any other key for No) : y Success. Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network. Disallow root login remotely? (Press y|Y for Yes, any other key for No) : n ... skipping. By default, MySQL comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment. Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y - Dropping test database... Success. - Removing privileges on test database... Success. Reloading the privilege tables will ensure that all changes made so far will take effect immediately. Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y Success. All done! |
MySQL 외부 접속 허용 설정
|
1 2 3 |
sudo vi /etc/my.cnf |
아래에 추가
|
1 2 3 4 5 6 7 8 |
[mysqld] # 모든 IP에서 접속 허용 (기본값이 127.0.0.1이면 외부 차단됨) bind-address = 0.0.0.0 # 포트 (기본 3306) port = 3306 |
재시작
sudo systemctl restart mysqld
MySQL 외부 접속 계정 권한 부여
root 계정 확
|
1 2 3 4 5 6 7 8 9 10 11 12 13 |
mysql -u root -p SELECT user, host, plugin FROM mysql.user WHERE user='root'; +------+-----------+-----------------------+ | user | host | plugin | +------+-----------+-----------------------+ | root | localhost | caching_sha2_password | +------+-----------+-----------------------+ |
외부 root 계정 생성
|
1 2 3 4 5 6 7 |
CREATE USER 'root'@'%' IDENTIFIED BY '비밀번호'; GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' WITH GRANT OPTION; FLUSH PRIVILEGES; |
기존 root를 ‘%’로 변경하는 방법
MySQL 재시작
sudo systemctl restart mysqld
