今天來說說我在mysql上踩的一個坑,河河河河河。。。。
今天因爲要去搞主從庫備份,但是有一個問題是,主從庫備份的時候,要保持數據的一致(目前我的做法這裏是這樣的,應該有更好的方法可以修改)。因爲我們的數據庫是有好多人在一起用的,而且還有定時器在往裏邊刷數據。這真是一個蛋疼的時候。
這時候我先看了看我的數據庫的鏈接,都是在進行什麼操作。使用了命令:show processlist 去查看數據谷中的進程如何。
mysql> show processlist;
+-------+-----------+---------------------+-----------+-------------+-------+-----------------------------------------------------------------------+------------------+
| Id | User | Host | db | Command | Time | State | Info |
+-------+-----------+---------------------+-----------+-------------+-------+-----------------------------------------------------------------------+------------------+
| 43 | mysqluser | 172.16.10.191:46434 | NULL | Binlog Dump | 39481 | Master has sent all binlog to slave; waiting for binlog to be updated | NULL |
| 61524 | root | 172.18.34.34:50288 | NULL | Sleep | 1232 | | NULL |
| 62167 | root | 172.18.34.13:60514 | yree | Sleep | 850 | | NULL |
| 63458 | root | 172.16.10.183:34377 | MEIZU_BRO | Sleep | 31 | | NULL |
| 63461 | root | 172.16.10.183:34395 | MEIZU_BRO | Sleep | 24 | | NULL |
| 63462 | root | 172.18.34.34:51643 | MEIZU_BRO | Sleep | 21 | | NULL |
| 63463 | root | 172.18.34.34:51644 | MEIZU_BRO | Sleep | 21 | | NULL |
| 63464 | root | 172.18.34.34:51645 | MEIZU_BRO | Sleep | 21 | | NULL |
| 63465 | root | 172.18.34.34:51646 | MEIZU_BRO | Sleep | 21 | | NULL |
| 63466 | root | 172.18.34.34:51647 | MEIZU_BRO | Sleep | 21 | | NULL |
| 63467 | root | 172.18.34.34:51648 | MEIZU_BRO | Sleep | 21 | | NULL |
| 63468 | root | 172.18.34.34:51649 | MEIZU_BRO | Sleep | 21 | | NULL |
| 63469 | root | 172.18.34.34:51650 | MEIZU_BRO | Sleep | 21 | | NULL |
| 63470 | root | 172.16.10.183:34418 | MEIZU_BRO | Sleep | 19 | | NULL |
| 63471 | root | 172.16.10.183:34419 | MEIZU_BRO | Sleep | 19 | | NULL |
| 63472 | root | 172.16.10.183:34420 | MEIZU_BRO | Sleep | 19 | | NULL |
| 63473 | root | 172.16.10.183:34421 | MEIZU_BRO | Sleep | 19 | | NULL |
| 63474 | root | 172.16.10.183:34422 | MEIZU_BRO | Sleep | 19 | | NULL |
| 63475 | root | 172.16.10.183:34423 | MEIZU_BRO | Sleep | 19 | | NULL |
| 63476 | root | 172.16.10.183:34424 | MEIZU_BRO | Sleep | 19 | | NULL |
| 63477 | root | 172.16.10.183:34425 | MEIZU_BRO | Sleep | 19 | | NULL |
| 63478 | root | 172.16.10.183:34426 | MEIZU_BRO | Sleep | 19 | | NULL |
| 63479 | root | 172.16.10.183:34428 | MEIZU_BRO | Sleep | 19 | | NULL |
| 63480 | root | 172.16.10.183:34429 | MEIZU_BRO | Sleep | 19 | | NULL |
| 63481 | root | 172.18.34.13:55538 | MEIZU_BRO | Sleep | 17 | | NULL |
| 63482 | root | 172.18.34.13:55536 | MEIZU_BRO | Sleep | 17 | | NULL |
| 63483 | root | 172.18.34.13:55537 | MEIZU_BRO | Sleep | 17 | | NULL |
| 63484 | root | 172.18.34.13:55540 | MEIZU_BRO | Sleep | 17 | | NULL |
| 63485 | root | 172.18.34.13:55541 | MEIZU_BRO | Sleep | 17 | | NULL |
| 63486 | root | 172.16.10.183:34439 | MEIZU_BRO | Sleep | 14 | | NULL |
| 63487 | root | 172.18.34.13:55775 | MEIZU_BRO | Sleep | 12 | | NULL |
| 63488 | root | 172.18.34.13:55776 | MEIZU_BRO | Sleep | 12 | | NULL |
| 63489 | root | 172.18.34.13:55777 | MEIZU_BRO | Sleep | 12 | | NULL |
| 63490 | root | 172.18.34.13:55787 | MEIZU_BRO | Sleep | 12 | | NULL |
| 63491 | root | 172.18.34.13:55788 | MEIZU_BRO | Sleep | 12 | | NULL |
| 63492 | root | 172.18.34.34:51659 | MEIZU_BRO | Sleep | 11 | | NULL |
| 63493 | root | 172.16.10.183:34453 | MEIZU_BRO | Sleep | 9 | | NULL |
| 63494 | root | 172.16.10.183:34454 | MEIZU_BRO | Sleep | 9 | | NULL |
| 63495 | root | 172.16.10.183:34455 | MEIZU_BRO | Sleep | 9 | | NULL |
| 63496 | root | 172.16.10.183:34456 | MEIZU_BRO | Sleep | 9 | | NULL |
| 63497 | root | 172.16.10.183:34457 | MEIZU_BRO | Sleep | 9 | | NULL |
| 63498 | root | 172.16.10.183:34458 | MEIZU_BRO | Sleep | 9 | | NULL |
| 63499 | root | 172.16.10.184:51669 | NULL | Query | 0 | NULL | show processlist |
| 63500 | root | 172.16.10.183:34473 | MEIZU_BRO | Sleep | 4 | | NULL |
| 63501 | root | 172.18.34.34:51662 | MEIZU_BRO | Sleep | 1 | | NULL |
+-------+-----------+---------------------+-----------+-------------+-------+-----------------------------------------------------------------------+------------------+
45 rows in set (0.00 sec)
mysql>
好的首先我看到,確實是有很多機子在對其進行操作的,雖然有很多都已經sleep掉了,但是以防萬一,首先我先將root 的遠程寫權限給它幹掉。這樣的話,沒有用本地去連接的話,就不可以修改數據庫。
這個操作就是去掉root權限的插入和修改操作
revoke insert,update on *.* from root ;
查看一下權限再:
mysql> select * from mysql.user\G
*************************** 1. row ***************************
Host: %
User: root
Password: *3A307C6C3EB8C91C40676C2428752F3616A5BF63
Select_priv: Y
Insert_priv: N
Update_priv: N
Delete_priv: Y
Create_priv: Y
Drop_priv: Y
Reload_priv: Y
Shutdown_priv: Y
Process_priv: Y
File_priv: Y
Grant_priv: Y
References_priv: Y
Index_priv: Y
Alter_priv: Y
Show_db_priv: Y
Super_priv: Y
Create_tmp_table_priv: Y
Lock_tables_priv: Y
Execute_priv: Y
Repl_slave_priv: Y
Repl_client_priv: Y
Create_view_priv: Y
Show_view_priv: Y
Create_routine_priv: Y
Alter_routine_priv: Y
Create_user_priv: Y
Event_priv: Y
Trigger_priv: Y
Create_tablespace_priv: Y
ssl_type:
ssl_cipher:
x509_issuer:
x509_subject:
max_questions: 0
max_updates: 0
max_connections: 0
max_user_connections: 0
plugin:
authentication_string:
好的,下來一陣亂操作。最後在主從庫修改好後,那麼問題來咯。我要恢復我root用戶的權限的時候。發現不可以了哦,說沒有權限。因爲恢復權限說白了實際上還是在用root用戶去進行寫操作,但是被我搞掉了==
mysql> grant insert,update on *.* to root@'%' IDENTIFIED by'mysqluser' ;
ERROR 1045 (28000): Access denied for user 'root'@'%' (using password: YES)
略尷尬。
這時候有點矇蔽,後來去網上查了下,這種情況可以用安全模式去搞。
首先找到到自己的mysql目錄下的bin下的mysqld_safe
mysqld_safe –skip-grant-tables &
使用了這個命令之後。就會出現兩行日誌。
[root@cloudmoban-184 bin]# ./mysqld_safe --skip-grant-tables
161207 09:53:24 mysqld_safe Logging to '/data/mysql/cloudmoban-184.err'.
161207 09:53:24 mysqld_safe Starting mysqld daemon with databases from /data/mysql
這時候重新開一個窗口。使用mysql -u root 登錄進去。注意這裏是不需要密碼的,因爲是安全模式。
[root@cloudmoban-184 ~]# mysql -u root
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 82
Server version: 5.5.52-log MySQL Community Server (GPL)
Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
這時候在這裏。我就想直接在這裏將權限給上不就OK?
於是我就試了一下
mysql>grant insert,update on *.* to root@'%' IDENTIFIED by'mysqluser' ;
ERROR 1290 (HY000): The MySQL server is running with the --skip-grant-tables option so it cannot execute this statement
mysql> grant all on *.* to root@'%';
ERROR 1290 (HY000): The MySQL server is running with the --skip-grant-tables option so it cannot execute this statement
河河河河河河河 又是滿面尷尬。
後來網上查了一下,可以這樣搞
mysql> use mysql
Database changed
mysql> update user set Insert_priv ='Y' where user = 'root';
Query OK, 1 row affected (0.00 sec)
Rows matched: 4 Changed: 1 Warnings: 0
這時候首先先關掉mysql一下,然後正常的重啓,否則安全模式不能退出。
哈哈哈。終於好了,看一下權限試試。
mysql> select * from mysql.user\G
*************************** 1. row ***************************
Host: %
User: root
Password: *3A307C6C3EB8C91C40676C2428752F3616A5BF63
Select_priv: Y
Insert_priv: Y
Update_priv: Y
Delete_priv: Y
Create_priv: Y
Drop_priv: Y
Reload_priv: Y
Shutdown_priv: Y
Process_priv: Y
File_priv: Y
Grant_priv: Y
References_priv: Y
Index_priv: Y
Alter_priv: Y
Show_db_priv: Y
Super_priv: Y
Create_tmp_table_priv: Y
Lock_tables_priv: Y
Execute_priv: Y
Repl_slave_priv: Y
Repl_client_priv: Y
Create_view_priv: Y
Show_view_priv: Y
Create_routine_priv: Y
Alter_routine_priv: Y
Create_user_priv: Y
Event_priv: Y
Trigger_priv: Y
Create_tablespace_priv: Y
ssl_type:
ssl_cipher:
x509_issuer:
x509_subject:
max_questions: 0
max_updates: 0
max_connections: 0
max_user_connections: 0
plugin:
authentication_string:
嗯,心滿意足。