1、 Running MySQL server as an unprivileged user
Before discussing how to start the MySQL server, let’s consider what user should be running the MySQL server as.serviceThe actuator can be started manually or automatically. If you start it manually,serviceThe device starts as the user who logs in to UNIX (Linux), that is, if you log in to UNIX with Paul and startserviceIt runs with Paul; If you use the Su command to switch to root, and then run startservice, it runs as root. However, in most cases you may not want to start it manuallyserviceThe most likely reason is that you arrange the MySQL server tosystemIt starts automatically during boot. As part of the standard boot process, under UNIX, the boot process is controlled bysystemAnd any process running in this process runs with root privileges.
You should keep in mind the two objectives of the MySQL server startup process:
- You want toserviceThe is running as a non root user. Generally, you want to limit the ability of any process to run, unless you really need root permission, which MySQL does not.
- You want toserviceThe manager always runs as the same user, with one user at this time and another different user at other timesserviceThe device is very inconvenient, which causes files and directories to be created under data directories with different owners, and may causeserviceThe server cannot access databases or tables, depending on which user you are running. Run uniformly with the same userserviceThe device is for you to avoid this problem.
To run a normal non privileged userserviceAs per the following steps:
- Select one to runserviceMysqld can be run by any user. But what is clear in concept is to create a separate user for MySQL operations. You can also select a user group specifically for MySQL. This article uses mysqladm and mysqlgrp as user names and user group names respectively.
If you are already under your own accountinstallOK, MySQL and nosystemWith special administrative rights on, you may run under your own user IDserviceDevice. In this case, replace mysqladm and mysqlgrp with your own login name and user group.
If you use RPM files on RedHat LinuxinstallMysql, theinstallAn account named MySQL will be automatically created to replace mysqladm.
- If necessary, usesystemNormal user creation processserviceYou need to use root for the account.
- IfserviceThe controller is running. Stop it.
- Modify the ownership of the data directory and any subdirectories and files so that mysqladm users have them. For example, if the data directory is /usr/local/var, you canset upOwner of mysqladm (you need to run these commands as root):
#chown -R mysqladm.mysqlgrp
- Modify the permissions of the data directory and any subdirectories and files so that they can only be accessed by mysqladm users. If the data directory is /usr/local/var, you canset upAnything owned by mysqladm:
# cd /usr/local/var
# chmod -R go-rwx
When youset upWhen the data directory and its contents belong to the master and mode, pay attention to the symbolic connection. You need to follow them and change the ownership and mode of the file or directory they point to. If the directory of the connection file is located in a place that does not belong to you, there will be some trouble. You may need the root identity.
After you have completed the above process, you should ensure that you always start when you log in as mysqladm or rootserviceIn the latter, confirm to specify the –user=mysqladm option so thatserviceThe server can switch its user ID to mysqladm (also applicable tosystemStart process).
After we identified theserviceYou can choose how to arrange the startupserviceDevice. You can either manually from the command line or in thesystemIt runs automatically during boot. For startupserviceThere are three mainmethod：
- Call mysqld directly.
This is probably the least commonly usedmethod, it is recommended not to use more, so this article will not describe it in detail.
- Call safe_ Mysqld script.
Safe_ Mysqld tried to determineserviceLocation of the program and data directories for the. Then call with options that reflect these valuesserviceDevice. Safe_ Mysqld transfers standard error devices fromserviceThe device relocates to an error file in the data directory so that it has a record. At startupserviceAfter the filter, safe_ Mysqld also monitors it and restarts it if it dies. Safe_ Mysqld is often used in BSD style UNIX systems.
If you use root orsystemStart sqfe during boot_ Mysqld, the error log is owned by root, which may be used to call safe by an unprivileged user in the future_ Mysqld will cause a “permission denied” error. Delete the error log and try again.
- Call mysql Server script.
This script is used intentionally to start and stop system vsystemSafe on_ Mysqld Mysql Server to startserviceDevice, thissystemContains several directories that contain scripts that are invoked when the machine enters or exits a given runlevel. It can use a start or stop parameter to indicate whether you want to start or stopserviceDevice.
Safe_ Mysqld scriptinstallIt can be found in the bin directory of the MySQL installation directory or in the scripts directory of the MySQL source code distribution. Mysql Server scriptinstallUnder the share/mysqld directory under the MySQL installation directory or the support that can be distributed in the MySQL source code_ Files directory. If you want to use them, you need to copy them to the appropriate directory.
For BSD stylesystem(FreeBSD, OpenBSD, etc.), there are usually several files in the /etc directory that are initialized during bootserviceThese files usually have names beginning with “RC”, and it may be a file named “rc.local” (or something similar) that is specifically used to start localinstallofservice. In thissystemOn, you might add a line similar to the following to rc Local file to startserviceIf the directory of safe_mysqld is in yoursystemIf it is different, you can modify it):
if [ -x /usr/local/bin/safe_mysqld ]; then /usr/local/bin/safe_mysqld & fi
For System V stylesystem, you can use mysql Put the server in the appropriate startup directory under /etcinstallIt. If you run Linux andinstallMysql, these have been done for you. Otherwise, the scriptinstallUnder the main boot directory, and put the connection to it under the appropriate run level directory. You can also enable scripts to be started only by root.
Directory layout of startup filessystemDifferent, so you need to check yoursystemHow to organize them. For example, on Linux PPC, the directory is /etc/rc D and /etc/rc D/rc3 d. So you caninstallScript:
#cp mysql.server /etc/rc.d/init.d #cd /etc/init.d #chmod 500 mysql.server #cd /etc/rc.d/rc3.d #ln -s ../init.d/mysql.server S99mysql
On Solaris, the main script directory is /etc/init d. And the run level directory is /etc/rd2 d. So the command looks like this:
#cp mysql.server /etc/rc.d/init.d #cd /etc/init.d #chmod 500 mysql.server #cd /etc/rc2.d #ln -s ../init.d/mysql.server S99mysql
staysystemWhen starting, the s99mysql script will automatically be called with a start parameter. If you have the chkconfig command (available on Linux), you can use it to helpinstallMysql The server script instead of running the above command manually as above.
2.1 specify startup options
If you want toserviceYou can specify additional startup options when themethod. You can modify the startup script you use (safe_mysqld or mysql.server) and directly callserviceSpecify options on the line of the, or in an options file. It is recommended that you specify options in a global options file if possible, which is usually located in /etc/my CNF (Unix) or c:\my CNF (Windows).
Some kinds of information cannot beserviceManager option assignment. For these, you may need to modify safe_ Mysqld. For example, if yourserviceThe timer cannot correctly select the local time zone and return the time value in GMT. you canset upThe TZ environment variable gives it an indication. If you use safe_ Mysqld or mysql Server startupserviceDevice, you can set a time zoneset upAdd to safe_ Mysqld. Found startupserviceAnd add the following command before the line:
TZ=US/Central export TZ
The syntax of the above command is Solaris. For other commandssystemThe syntax may be different, please refer to the relevant manuals. If you do modify your startup script, remember that the next time youinstallDuring MySQL (such as upgrading to a new version), your modifications will be lost unless you first copy the startup script elsewhere. stayinstallAfter the new version, compare the old and new versions of the script to see what changes you need to rebuild.
2.2 check your watch at startup
Except for arranging yourserviceDevice insystemBoot time startup, you may want toinstallMyisamchk and isamchk scripts toserviceCheck your watch before the device starts. You may restart after a crash. It is possible that the table has been damaged. Checking it before startup is a good way to find problemsmethod。
To start manuallyserviceUsing mysqladmin:
To stop automaticallyserviceYou don’t have to do anything special. The BSD system normally stops by sending a term signal to the processserviceThey either answered it correctly or were killed rudely. Mysqld responds with termination when it receives this signal. For mysql Server startupserviceSystem V stylesystemTo stop the process, the script will be called with a stop parameter, tellingserviceThe device terminates, assuming, of course, that you haveinstallMysql Server.
In some cases, you may restart manually because you cannot connect to itserviceDevice. Of course, this is a bit contradictory. Because usually you connectserviceAnd manually turn it off, so how does this happen.
First, the MySQL root password can beset upFor values you do not know, this may occur when you change the password, for example, if you accidentally type an invisible control character when entering a new password. You may also forget your password.
Secondly, the connection to localhost is usually made through a UNIX domain socket file, usually /tmp/mysql Sock. If the socket file is deleted, the local client cannot connect. This could happen to yousystemRun a cron task to delete the temporary files under /tmp.
If you can’t connect because you lost the socket file, you can simply restartserviceTo recreate it. becauseserviceThe manager recreates it on startup. The trick here is that you can’t use a socket to establish a connection because it’s missing. You must establish a tcp/ip connection. For example, ifserviceThe device host is pit Snake Net, you can connect as follows:
%mysqladmin -p -u root -h pit.snake.net shutdown
If the socket file is deleted by a cron task, the problem will recur. Unless you modify the cron task or use a different socket file, you can use the global options file to specify a different socket. For example, if the data directory is /usr /local/var, you can add the following line to /etc/my In CNF, move the socket file there:
[mysqld] socket=/usr/local/var/mysql.sock [client] socket=/usr/local/var/mysql.sock
rightserviceBoth the adapter and the client specify pathnames so that they both use the same socket file. If you justserviceimplementset upPath, the client will still expect to execute the socket in the original location, and restart after modificationserviceTo create a socket in a new location.
If you forget the root password or haveset upUnable to connect because the value is different from what you think. You need to regain theserviceThe control of the device is that you canset upPassword:
If you log in as rootserviceYou can use the kill command to terminate theserviceDevice. You can use the PS command or findservicePID file of the controller (usually in the data directory)serviceThe ID of the manager process.
It’s best to try using aserviceThe transmitter sends a normal kill of term signal to see if it will terminate the response normally. In this way, tables and logs will be cleared correctly. IfserviceIf the timer is blocked and does not respond to a normal termination signal, you can use kill -9 to forcibly terminate it. This is the last resort, because there may be changes that have not been cleared, and you risk leaving the table in an inconsistent state.
If you use kill -9 to terminateserviceBefore startingserviceUse myisamchk and isamchk to check your table before using.
- Restart with the –skip grant table optionserviceDevice.
This tellsserviceThe server does not use the authorization table to verify the connection, which allows you to connect as root without a password. After you have connected, change the root password.
- Use mysqladmin flush privileges to tellserviceThe manager starts again using the authorization table
If your mysqladmin version doesn’t know flash privileges, try reload.
5、 Run multipleserviceimplement
Most run a single MySQL server on a given machine, but in many cases, multipleserviceThe filter is useful:
- You might want to test oneserviceA new version of the production manager while keeping the production you are runningserviceDevice. In this case, you will run differentserviceDevice code.
- operationsystemGenerally, the number of open file handles per process is limited. If yoursystemIt is difficult to raise this limit and run multipleserviceDevice issolveA kind of restrictionmethod. In this case, you may run unifiedserviceMultiple instances of the.
- ISPs often provide their own MySQL installation for their customers. It is necessary to involve separateserviceDevice. In this case, you may run multiple instances of the same version or different versions if different customers want different versions of MySQL.
Naturally, run multipleserviceOnly oneserviceThe device is much more complicated. If youinstallMultiple versions, you can’t be in the same placeinstallEverything. WhenserviceWhen theserviceDevices are unique, they includeserviceWhere is the filterinstall, path name of its data directory, tcp/ip port and UNIX domain socket path name, and path name for runningserviceUNIX account of the device (if you no longer run all under the same accountserviceDevice). If you decide to run multipleserviceYou must pay attention to the parameters you use so that you won’t lose track of what happened.
If you want to run a different version ofserviceInstead of multiple instances of the same version, you must be in different locationsinstallThey. If youinstallBinary distributions (without RPMs), which willinstallUnder a directory name that contains different version numbers. If you start from the source codeinstall, the simplestmethodThe –with-prefix option is used to separate different distributions during MySQL installation by running configure for each version, which will make everythinginstallIn a separate directory, you can associate the directory domain distribution version number. For example, you can configure a MySQL distribution like this, where version is the MySQL version number:
–The with prefix option also determinesserviceA unique data directory for the. You might want to add something elseserviceDevice specific options, such as tcp/ip port number and socket pathname (–with TCP port and –with UNIX socket).
5.2 multipleserviceStartup process of actuator
Start multipleserviceIt is better to use oneserviceThe device should be complex. Because safe_ Mysqld and mysql Servers are in a singleserviceimplementset upHe works best in school. I suggest you study safe carefully_ Mysqld and use it as the basis of your startup process. With your modified version, you can tailor it more precisely to your own needs.
One problem you have to deal with is how to specify options in the options file (my.cnf). For manyserviceFor each differentserviceimplementset upUse /etc/my CNF, you can onlyserviceSame asset upUse this file. IfserviceThe compiler has a different directory location for the compiled data. You canserviceMy Specify all in CNFserviceDevice to be usedset upInstead, use datadir/my CNF assignmentserviceDevice specificset upHere, dataDirserviceDifferent devices.
Another designationserviceOfmethodYes –default-file=path_ Name, as the first option on the command line, tellsserviceThe slave name is path_ Name, so that you can put aserviceTheserviceAnd then tellserviceThe reader reads the file at startup. Note that if you specify this option, the usual option files such as /etc/my Any of CNF.