🌍
MySQLインストールしてrootユーザーのパスワードを設定する
この記事を書くにあたって
バックエンド自作WEBアプリを作り公開する際にMySQLをインストールしました。
その際に、ネットで調べてインストールしましたが、過去にMySQLの初期設定やrootパスワードの設定をしていた際、毎回ネットで調べていて今回の調査も時間の無駄に感じたので、今後のメモ代わりとして残しておきたいと思ったので書き留めておきます。
MySQLインストール
sudo apt updat
sudo apt install mysql-server-8.0 -f
MySQL初期設定
下記コマンドで対話式の初期設定を行う。
ubuntu@ip-10-0-1-157:~$ sudo /usr/bin/mysql_secure_installation
mysql_secure_installationの設定内容
Securing the MySQL server deployment.
Connecting to MySQL using a blank password.
VALIDATE PASSWORD COMPONENT can be used to test passwords
and improve security. It checks the strength of password
and allows the users to set only those passwords which are
secure enough. Would you like to setup VALIDATE PASSWORD component?
################################ VALIDATE PASSWORD プラグイン の利用確認。「y」を押下
Press y|Y for Yes, any other key for No: y
There are three levels of password validation policy:
LOW Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters and dictionary file
################################ セキュリティレベルを設定。今回は「LOW」を選択。「0」を入力。
Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 0
Skipping password set for root as authentication with auth_socket is used by default.
If you would like to use password authentication instead, this can be done with the "ALTER_USER" command.
See https://dev.mysql.com/doc/refman/8.0/en/alter-user.html#alter-user-password-management for more information.
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.
################################ 不要なanonymousユーザーを削除。「y」を押下
Remove anonymous users? (Press y|Y for Yes, any other key for No) : y
Success.
Normally, root should only be allowed to connect from
'localhost'. This ensures that someone cannot guess at
the root password from the network.
################################ rootのリモート接続を不許可に設定。(筆者は諸事情でnを選択した)
Disallow root login remotely? (Press y|Y for Yes, any other key for No) : N
... skipping.
By default, MySQL comes with a database named 'test' that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.
################################ 不要なtestデータベースを削除。「y」を押下
Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y
- Dropping test database...
Success.
- Removing privileges on test database...
Success.
Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.
##########################################「y」を押下
Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y
Success.
All done!
rootパスワード設定。
初期状態のrootは、パスワードでのログインではなく、UNIXソケットを利用したログイン方法になっているため設定していく。
mysqlに接続
インストール直後は、sudo mysql -u rootでコンソールを起動できる。
ubuntu@ip-10-0-1-157:~$ sudo mysql -u root
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 14
Server version: 8.0.39-0ubuntu0.24.04.2 (Ubuntu)
Copyright (c) 2000, 2024, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> USE mysql;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
rootユーザーのログイン設定を確認。
UNIXソケットを利用したログイン設定になっていることを確認。
mysql> SELECT User, Host, plugin FROM user;
+------------------+-----------+-----------------------+
| User | Host | plugin |
+------------------+-----------+-----------------------+
| debian-sys-maint | localhost | caching_sha2_password |
| mysql.infoschema | localhost | caching_sha2_password |
| mysql.session | localhost | caching_sha2_password |
| mysql.sys | localhost | caching_sha2_password |
| root | localhost | auth_socket |
+------------------+-----------+-----------------------+
5 rows in set (0.00 sec)
rootパスワード設定。
ALTER USERでパスワードを設定します。今回は"password"に設定します。
そのあと、FLUSH PRIVILEGES;で設定を反映させます。
そのあと、rootユーザーのpluginがcaching_sha2_passwordになっているか確認します。
mysql> ALTER USER 'root'@'localhost' IDENTIFIED WITH 'caching_sha2_password' BY 'password';
Query OK, 0 rows affected (0.01 sec)
mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.01 sec)
mysql> SELECT user, host, plugin FROM mysql.user WHERE user = 'root';
+------+-----------+-----------------------+
| user | host | plugin |
+------+-----------+-----------------------+
| root | localhost | caching_sha2_password |
+------+-----------+-----------------------+
1 row in set (0.00 sec)
mysql> exit
Bye
そのあとは、sudo mysql -u root -pでパスワードを利用してログインできます。
ubuntu@ip-10-0-1-157:~$ sudo mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 18
Server version: 8.0.39-0ubuntu0.24.04.2 (Ubuntu)
Copyright (c) 2000, 2024, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> exit
おまけ
OS起動時にMySQLを自動起動させる
sudo systemctl enable mysql
アンインストール
sudo service mysql stop
sudo apt-get remove --purge mysql-server* mysql-common
sudo apt-get autoremove --purge
sudo rm -r /etc/mysql
sudo rm -r /var/lib/mysql
ps aux | grep mysql | grep -v grep
sudo kill XXXXXX
Discussion