MySQL远程访问设置终极方法
数据库对于服务端开发人员来说,几乎就是左膀右臂。几乎每一个服务端开发人员都要和数据库打交道。而MySQL又以其开源免费,小巧玲珑,简单易用,功能强大占据中国数据库使用份额的半壁江山。从去年接触到Vagrant以来,Vagrant以其方便易用深深吸引了D瓜哥。为了尽可能地和生产环境保持尽可能的一致性,减少不必要的问题的发生,Vagrant+Ubuntu+MySQL几乎是绝配。
MySQL允许远程访问的设置
1.注释bind-address = 127.0.0.1。
>cd /etc/mysql
>sudo vim my.cnf
将bind-address = 127.0.0.1注释掉(即在行首加#),如下:
# Instead of skip-networking the default is now to listen only on
# localhost which is more compatible and is not less secure.
# bind-address = 127.0.0.1
除了注视掉这句话之外,还可以把后面的IP地址修改成允许连接的IP地址。但是,如果只是开发用的数据库,为了方便起见,还是推荐直接注释掉。
从上面的注释中,可以看出,旧版本的MySQL(从一些资料上显示是5.0及其以前的版本)上使用的是skip-networking。所以,善意提醒一下,使用旧版本的小伙伴请注意一下。
2.删除匿名用户
登录进数据库:
>mysql -uroot -p123456
然后,切换到数据库mysql。SQL如下:
use mysql;
然后,删除匿名用户。SQL如下:
delete from user where user='';
3.增加允许远程访问的用户或者允许现有用户的远程访问。
接着上面,删除匿名用户后,给root授予在任意主机(%)访问任意数据库的所有权限。SQL语句如下:
mysql> grant all privileges on *.* to 'root'@'%' identified by '123456' with grant option;
如果需要指定访问主机,可以把%替换为主机的IP或者主机名。另外,这种方法会在数据库mysql的表user中,增加一条记录。如果不想增加记录,只是想把某个已存在的用户(例如root)修改成允许远程主机访问,则可以使用如下SQL来完成:
update user set host='%' where user='root' and host='localhost';
4.退出数据库
mysql> exit
在MySQL Shell执行完SQL后,需要退出到Bash执行系统命令,需要执行exit。因为这个太常用也太简单。以下内容就提示“退出”,不再重复列出这个命令。
5.重启数据库
完成上述所有步骤后,需要重启一下数据库,才能让修改的配置生效。执行如下命令重启数据库:
>sudo service mysql restart
到此为止,应该就可以远程访问数据库了。
当然,“雄关漫道真如铁”,世界并不是想象的那么图样图森破,可能还会遇到一些问题,影响到正常使用。下面,D瓜哥把自己遇到的一些问题整理处理,方便各位朋友参考解决。(退一步讲,没有这些问题来撑门面,D瓜哥该叫“终极解决办法”吗?!哈哈)
常见问题解答
华仔说的好啊,“出来混的都是要还的”。对于我们从事挨踢行业的小伙伴来说,“出来混的都是从问题堆里走的”。冯巩也说的好,“作为北京人,兜里没揣两千块钱都不好意思给别人打招呼”。D瓜哥想,对于干挨踢的小伙伴们来说,没遇到过问题,都不好意思说自己是干挨踢的。所以,对于一些常见的问题,或者说是常用操作可能引发的问题来说,有必要整理一下,方便以后随时查阅使用。
ERROR 1045 (28000)错误的原因以及解决办法
>mysql -uroot -p123456
Warning: Using a password on the command line interface can be insecure.
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
如果没有按照上面流程,删除匿名用户,再或者你是按照网上查的资料来进行设置(大多都没有“删除匿名用户”这步),都可能导致这个问题。至于这个问题的原因说起来,D瓜哥感觉“怪怪”的。要说清楚这个原因,还得从MySQL数据库的用户认证机制说起。
MySQL中,用户相关的信息存在数据库mysql的user。然我们看一下该表的结构,命令以及返回值如下:
mysql> desc user;
+------------------------+-----------------------------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+------------------------+-----------------------------------+------+-----+---------+-------+
| Host | char(60) | NO | PRI | | |
| User | char(16) | NO | PRI | | |
| Password | char(41) | NO | | | |
| Select_priv | enum('N','Y') | NO | | N | |
| Insert_priv | enum('N','Y') | NO | | N | |
| Update_priv | enum('N','Y') | NO | | N | |
| Delete_priv | enum('N','Y') | NO | | N | |
| Create_priv | enum('N','Y') | NO | | N | |
| Drop_priv | enum('N','Y') | NO | | N | |
| Reload_priv | enum('N','Y') | NO | | N | |
| Shutdown_priv | enum('N','Y') | NO | | N | |
| Process_priv | enum('N','Y') | NO | | N | |
| File_priv | enum('N','Y') | NO | | N | |
| Grant_priv | enum('N','Y') | NO | | N | |
| References_priv | enum('N','Y') | NO | | N | |
| Index_priv | enum('N','Y') | NO | | N | |
| Alter_priv | enum('N','Y') | NO | | N | |
| Show_db_priv | enum('N','Y') | NO | | N | |
| Super_priv | enum('N','Y') | NO | | N | |
| Create_tmp_table_priv | enum('N','Y') | NO | | N | |
| Lock_tables_priv | enum('N','Y') | NO | | N | |
| Execute_priv | enum('N','Y') | NO | | N | |
| Repl_slave_priv | enum('N','Y') | NO | | N | |
| Repl_client_priv | enum('N','Y') | NO | | N | |
| Create_view_priv | enum('N','Y') | NO | | N | |
| Show_view_priv | enum('N','Y') | NO | | N | |
| Create_routine_priv | enum('N','Y') | NO | | N | |
| Alter_routine_priv | enum('N','Y') | NO | | N | |
| Create_user_priv | enum('N','Y') | NO | | N | |
| Event_priv | enum('N','Y') | NO | | N | |
| Trigger_priv | enum('N','Y') | NO | | N | |
| Create_tablespace_priv | enum('N','Y') | NO | | N | |
| ssl_type | enum('','ANY','X509','SPECIFIED') | NO | | | |
| ssl_cipher | blob | NO | | NULL | |
| x509_issuer | blob | NO | | NULL | |
| x509_subject | blob | NO | | NULL | |
| max_questions | int(11) unsigned | NO | | 0 | |
| max_updates | int(11) unsigned | NO | | 0 | |
| max_connections | int(11) unsigned | NO | | 0 | |
| max_user_connections | int(11) unsigned | NO | | 0 | |
| plugin | char(64) | YES | | | |
| authentication_string | text | YES | | NULL | |
| password_expired | enum('N','Y') | NO | | N | |
+------------------------+-----------------------------------+------+-----+---------+-------+
43 rows in set (0.00 sec)
或者查看一下该表的建表语句。命令如下:
mysql> show create table user;
由于返回值中掺杂了一些不必要的无用信息,为了方便大家查看,D瓜哥对返回值做了简单的处理,只把最主要的建表语句部分提取出来。如下:
CREATE TABLE `user` (
`Host` char(60) COLLATE utf8_bin NOT NULL DEFAULT '',
`User` char(16) COLLATE utf8_bin NOT NULL DEFAULT '',
`Password` char(41) CHARACTER SET latin1 COLLATE latin1_bin NOT NULL DEFAULT '',
`Select_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Insert_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Update_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Delete_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Create_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Drop_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Reload_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Shutdown_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Process_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`File_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Grant_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`References_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Index_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Alter_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Show_db_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Super_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Create_tmp_table_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Lock_tables_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Execute_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Repl_slave_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Repl_client_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Create_view_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Show_view_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Create_routine_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Alter_routine_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Create_user_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Event_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Trigger_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Create_tablespace_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`ssl_type` enum('','ANY','X509','SPECIFIED') CHARACTER SET utf8 NOT NULL DEFAULT '',
`ssl_cipher` blob NOT NULL,
`x509_issuer` blob NOT NULL,
`x509_subject` blob NOT NULL,
`max_questions` int(11) unsigned NOT NULL DEFAULT '0',
`max_updates` int(11) unsigned NOT NULL DEFAULT '0',
`max_connections` int(11) unsigned NOT NULL DEFAULT '0',
`max_user_connections` int(11) unsigned NOT NULL DEFAULT '0',
`plugin` char(64) COLLATE utf8_bin DEFAULT '',
`authentication_string` text COLLATE utf8_bin,
`password_expired` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
PRIMARY KEY (`Host`,`User`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin COMMENT='Users and global privileges'
从上面两个方法中的任何一个都可以看出,MySQL中,使用(Host, User)这样的组合键作为主键,也就是标识唯一一个用户。换句话说,即使对于同一个用户名,例如root,随着host的不同,也表示不同的用户,就可以由不同的密码和权限。这是,我们可以查看一下该表内的数据。SQL以及返回值如下:
mysql> select user, host, password from user;
+------------------+--------------------------+-------------------------------------------+
| user | host | password |
+------------------+--------------------------+-------------------------------------------+
| root | % | *6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9 |
| root | vagrant-ubuntu-trusty-64 | *6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9 |
| root | 127.0.0.1 | *6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9 |
| root | ::1 | *6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9 |
| | localhost | |
| | vagrant-ubuntu-trusty-64 | |
| debian-sys-maint | localhost | *9B8E84CA988E1CA66CEB919A0D9D3BF1532942B6 |
+------------------+--------------------------+-------------------------------------------+
7 rows in set (0.00 sec)
可以看到数据库中有如上这些用户。那么,如果有'root'@'localhost'登录时,怎么匹配呢?
根据MySQL官方文档MySQL :: MySQL 5.6 Reference Manual :: 6.2.4 Access Control, Stage 1: Connection Verification里是如下面这样说的:
When multiple matches are possible, the server must determine which of them to use. It resolves this issue as follows:
Whenever the server reads the user table into memory, it sorts the rows.
When a client attempts to connect, the server looks through the rows in sorted order.
The server uses the first row that matches the client host name and user name.
The server uses sorting rules that order rows with the most-specific Host values first. Literal host names and IP addresses are the most specific. (The specificity of a literal IP address is not affected by whether it has a netmask, so 192.168.1.13 and 192.168.1.0/255.255.255.0 are considered equally specific.) The pattern ‘%' means “any host” and is least specific. The empty string ” also means “any host” but sorts after ‘%'. Rows with the same Host value are ordered with the most-specific User values first (a blank User value means “any user” and is least specific).
以上是 MySQL远程访问设置终极方法 的全部内容, 来源链接: utcz.com/z/347016.html
