最近在ubuntu平臺安裝最新版本mysql5.7,遇到坑:
- Mysql出現任何用戶不用密碼|使用任何密碼都能登錄的問題 【主要是因爲沒有刪除匿名用戶】
- 修改用戶密碼,提示沒有password字段
對於第一個坑
直接導致結果是:項目上線後,發現連續幾天有人半夜攻擊服務器數據庫,導致mysql數據庫再也連接不上,整個產品線數據請求接口癱瘓。
對於第二個坑
無法實現更改用戶密碼,以前版本一直都是這樣的呀。
解決方案:
坑1:
- 刪除user表中用戶名爲“”的數據(我使用navicat刪除的話沒有效果,應該是沒有刷新權限導致的,執行flush
privileges): - use mysql;
- delete from user where user = “”;
- flush privileges;
再試一下,完美解決.
坑2:
update user set password=password(“新密碼”) where user=”用戶名”;
執行後報錯 ERROR 1054(42S22) Unknown column ‘password’ in ‘field list’
錯誤的原因是 5.7版本下的mysql數據庫下已經沒有password這個字段了,password字段改成了authentication_string
所以請使用一下命令:
>mysql -u root -p
Enter password: ********
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 12
Server version: 5.7.18-log MySQL Community Server (GPL)
Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> use mysql;
Database changed
mysql> select User from user; #此處爲查詢用戶命令
+-----------+
| User |
+-----------+
| ******* |
| mysql.sys |
| root |
+-----------+
rows in set (0.00 sec)
mysql> update user set password=password("*******") where user="*******"; #修改密碼報錯
ERROR 1054 (42S22): Unknown column 'password' in 'field list'
mysql> update mysql.user set authentication_string=password('*******') where user='*******'; #修改密碼成功
Query OK, 1 row affected, 1 warning (0.00 sec)
Rows matched: 1 Changed: 1 Warnings: 1
mysql> flush privileges; #立即生效
Query OK, 0 rows affected (0.00 sec)
mysql> quit
Bye
n>mysql -u ******* -p #以該用戶登錄成功.
Enter password: ********
…………………………
mysql>
最重要的執行命令:
example:
update mysql.user set authentication_string=password('wanxiang2016') where user='root';
允許遠程訪問
- 更改配置
註釋bind-address = 127.0.0.1。
sudo vim /etc/mysql/mysql.conf.d/mysqld.cnf
將bind-address = 127.0.0.1註釋掉(即在行首加#),如下:
# Instead of skip-networking the default is now to listen only on
# localhost which is more compatible and is not less secure.
# bind-address = 127.0.0.1
- 增加允許遠程訪問的用戶或者允許現有用戶的遠程訪問
給root授予在任意主機(%)訪問任意數據庫的所有權限。SQL語句如下:
mysql> grant all privileges on *.* to 'root'@'%' identified by '你的密碼' with grant option;