MySQL运维实战(2.2)忘记密码如何处理
如果忘记了一个普通用户的密码,可以使用管理员账号登录,修改其他用户的密码。
但是如果所有管理员账号的密码都忘记了,应该怎么处理呢?
如果忘记root密码,可以使用skip-grant-tables参数启动数据库,重新设置root密码。
使用skip-grant-tables启动实例后,所有人都可以免密码登陆数据库,并且拥有所有权限。
使用时可以配合bind-address或skip-networking参数一起使用,只允许从本机登陆数据库。
具体操作步骤:
1、停止数据库实例。
停止mysql实例。可以使用多种方法停止实例。这里使用serivce停止mysql
service mysqld stop
2、配置文件中增加skip-grant-tables和skip-networking参数
# /etc/my.cnf skip-grant-tables skip-networking
3、重新启动实例
2021-04-06T15:53:17.250207Z 0 [Note] /usr/sbin/mysqld: ready for connections. Version: '5.7.32' socket: '/var/lib/mysql/mysql.sock' port: 0 MySQL Community Server (GPL)
4、登陆数据库
由于加了skip-networking参数,只能通过socket登陆数据库
[root@box1 ~]# mysql -h 127.0.0.1 ERROR 2003 (HY000): Cant connect to MySQL server on '127.0.0.1' (111) [root@box1 ~]# mysql -S /var/lib/mysql/mysql.sock Welcome to the MySQL monitor. Commands end with ; or \g. ... mysql>
5、重新加载权限
实例使用skip-grant-tables参数启动,无法直接修改账号密码。需要执行flush privileges后才能修改密码。
使用alter user或set password命名修改密码。
mysql> alter user 'root'@'localhost' identified by 'helloww';
ERROR 1290 (HY000): The MySQL server is running with the --skip-grant-tables option so it cannot execute this statement
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
mysql> alter user 'root'@'localhost' identified by 'helloww';
Query OK, 0 rows affected (0.00 sec)
mysql> set password for 'root'@'localhost' = 'helloww';
Query OK, 0 rows affected (0.00 sec)
mysql> set password for 'root'@'localhost' = password('helloww');
Query OK, 0 rows affected, 1 warning (0.00 sec)
mysql> show warnings;
+---------+------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Level | Code | Message |
+---------+------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Warning | 1287 | 'SET PASSWORD FOR <user> = PASSWORD('<plaintext_password>')' is deprecated and will be removed in a future release. Please use SET PASSWORD FOR <user> = '<plaintext_password>' instead |
+---------+------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
1 row in set (0.00 sec)6、修改参数,重新启动数据库
[root@box1 ~]# sed -i '/skip-networking/d' /etc/my.cnf [root@box1 ~]# sed -i '/skip-grant-tables/d' /etc/my.cnf [root@box1 ~]# grep skip /etc/my.cnf [root@box1 ~]# service mysqld restart Redirecting to /bin/systemctl restart mysqld.service [root@box1 ~]# tail -2 /var/log/mysqld.log 2021-04-06T16:02:20.527113Z 0 [Note] /usr/sbin/mysqld: ready for connections. Version: '5.7.32' socket: '/var/lib/mysql/mysql.sock' port: 3306 MySQL Community Server (GPL)
7、验证数据库恢复正常
重启后需要使用密码才能登陆数据。
[root@box1 ~]# mysql -uroot -h127.0.0.1 ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO) [root@box1 ~]# mysql -uroot -h127.0.0.1 -phelloww Welcome to the MySQL monitor. Commands end with ; or \g. ... mysql>
