Pulogalamu ya ProHoster > Blog > Ulamuliro > Momwe Mungagwiritsire Ntchito MySQL Popanda Mawu Achinsinsi (ndi Zowopsa Zachitetezo)

Momwe Mungagwiritsire Ntchito MySQL Popanda Mawu Achinsinsi (ndi Zowopsa Zachitetezo)

Momwe Mungagwiritsire Ntchito MySQL Popanda Mawu Achinsinsi (ndi Zowopsa Zachitetezo)

Amanena kuti mawu achinsinsi abwino kwambiri ndi omwe simuyenera kukumbukira. Pankhani ya MySQL izi ndizotheka chifukwa cha plugin auth_socket ndi mtundu wake wa MariaDB - alireza.

Mapulagini onsewa si atsopano konse, akambirana zambiri mubulogu iyi, mwachitsanzo m'nkhani ya momwe mungasinthire mapasiwedi mu MySQL 5.7 pogwiritsa ntchito plugin auth_socket. Komabe, ndikuyang'ana zatsopano mu MariaDB 10.4, ndinapeza kuti unix_socket tsopano yakhazikitsidwa mwachisawawa ndipo ndi imodzi mwa njira zovomerezeka ("imodzi mwa", chifukwa mu MariaDB 10.4 zowonjezera zowonjezera zimapezeka kwa wogwiritsa ntchito m'modzi kuti zitsimikizidwe, zomwe zafotokozedwa mu chikalata "Kutsimikizika" kuchokera ku MariaDB 10.04).

Monga ndanenera, izi si nkhani, ndipo poika MySQL pogwiritsa ntchito mapepala a .deb omwe amathandizidwa ndi gulu la Debian, wogwiritsa ntchito mizu amapangidwa kuti azitsimikizira socket. Izi ndi zoona kwa onse a MySQL ndi MariaDB.

root@app:~# apt-cache show mysql-server-5.7 | grep -i maintainers
Original-Maintainer: Debian MySQL Maintainers <[email protected]>
Original-Maintainer: Debian MySQL Maintainers <<a href="mailto:[email protected]">[email protected]</a>>

Ndi phukusi la Debian la MySQL, wogwiritsa ntchito mizu amatsimikiziridwa motere:

root@app:~# whoami
root=
root@app:~# mysql
Welcome to the MySQL monitor.  Commands end with ; or g.
Your MySQL connection id is 4
Server version: 5.7.27-0ubuntu0.16.04.1 (Ubuntu)

Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.

mysql> select user, host, plugin, authentication_string from mysql.user where user = 'root';
+------+-----------+-------------+-----------------------+
| user | host      | plugin | authentication_string |
+------+-----------+-------------+-----------------------+
| root | localhost | auth_socket |                       |
+------+-----------+-------------+-----------------------+
1 row in set (0.01 sec)

Momwemonso ndi phukusi la .deb la MariaDB:

10.0.38-MariaDB-0ubuntu0.16.04.1 Ubuntu 16.04

MariaDB [(none)]> show grants;
+------------------------------------------------------------------------------------------------+
| Grants for root@localhost                                                                      |
+------------------------------------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED VIA unix_socket WITH GRANT OPTION |
| GRANT PROXY ON ''@'%' TO 'root'@'localhost' WITH GRANT OPTION                                  |
+------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)

Maphukusi a .deb ochokera kumalo ovomerezeka a Percona amakonzanso kutsimikizika kwa mizu pansi pa auth-socket ndi Percona Server. Tiyeni tipereke chitsanzo ndi Percona Server ya MySQL 8.0.16-7 ndi Ubuntu 16.04:

root@app:~# whoami
root
root@app:~# mysql
Welcome to the MySQL monitor.  Commands end with ; or g.
Your MySQL connection id is 9
Server version: 8.0.16-7 Percona Server (GPL), Release '7', Revision '613e312'

Copyright (c) 2009-2019 Percona LLC and/or its affiliates
Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.

mysql> select user, host, plugin, authentication_string from mysql.user where user ='root';
+------+-----------+-------------+-----------------------+
| user | host      | plugin | authentication_string |
+------+-----------+-------------+-----------------------+
| root | localhost | auth_socket |                       |
+------+-----------+-------------+-----------------------+
1 row in set (0.00 sec)

Ndiye matsenga ndi chiyani? Pulagiyi imayang'ana kuti wogwiritsa ntchito wa Linux akufanana ndi wogwiritsa ntchito MySQL pogwiritsa ntchito njira ya SO_PEERCRED socket kuti atole zambiri za wogwiritsa ntchito pulogalamu ya kasitomala. Chifukwa chake, pulogalamu yowonjezera ingagwiritsidwe ntchito pamakina omwe amathandizira njira ya SO_PEERCRED, monga Linux. Njira ya socket ya SO_PEERCRED imakupatsani mwayi wodziwa njira yolumikizirana ndi socket. Kenako amalandila kale dzina lolowera lomwe likugwirizana ndi uid iyi.

Nachi chitsanzo chogwiritsa ntchito "vagrant":

vagrant@mysql1:~$ whoami
vagrant
vagrant@mysql1:~$ mysql
ERROR 1698 (28000): Access denied for user 'vagrant'@'localhost'

Popeza palibe wogwiritsa ntchito "vagrant" mu MySQL, sitiloledwa kulowa. Tiyeni tipange munthu woteroyo ndikuyesanso:

MariaDB [(none)]> GRANT ALL PRIVILEGES ON *.* TO 'vagrant'@'localhost' IDENTIFIED VIA unix_socket;
Query OK, 0 rows affected (0.00 sec)

vagrant@mysql1:~$ mysql
Welcome to the MariaDB monitor.  Commands end with ; or g.
Your MariaDB connection id is 45
Server version: 10.0.38-MariaDB-0ubuntu0.16.04.1 Ubuntu 16.04
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.

MariaDB [(none)]> show grants;
+---------------------------------------------------------------------------------+
| Grants for vagrant@localhost                                                    |
+---------------------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'vagrant'@'localhost' IDENTIFIED VIA unix_socket |
+---------------------------------------------------------------------------------+
1 row in set (0.00 sec)

Zachitika!

Nanga bwanji zogawa zomwe sizili za Debian pomwe izi siziperekedwa mwachisawawa? Tiyeni tiyese Percona Server ya MySQL 8 yoyikidwa pa CentOS 7:

mysql> show variables like '%version%comment';
+-----------------+---------------------------------------------------+
| Variable_name   | Value                                   |
+-----------------+---------------------------------------------------+
| version_comment | Percona Server (GPL), Release 7, Revision 613e312 |
+-----------------+---------------------------------------------------+
1 row in set (0.01 sec)

mysql> CREATE USER 'percona'@'localhost' IDENTIFIED WITH auth_socket;
ERROR 1524 (HY000): Plugin 'auth_socket' is not loaded

Bomba. Kodi chinali kusowa chiyani? Pulogalamu yowonjezera sinakweze:

mysql> pager grep socket
PAGER set to 'grep socket'
mysql> show plugins;
47 rows in set (0.00 sec)

Tiyeni tiwonjezere pulogalamu yowonjezera panjirayi:

mysql> nopager
PAGER set to stdout
mysql> INSTALL PLUGIN auth_socket SONAME 'auth_socket.so';
Query OK, 0 rows affected (0.00 sec)

mysql> pager grep socket; show plugins;
PAGER set to 'grep socket'
| auth_socket                     | ACTIVE | AUTHENTICATION | auth_socket.so | GPL     |
48 rows in set (0.00 sec)

Tsopano tili ndi zonse zomwe tikufuna. Tiyeni tiyesenso:

mysql> CREATE USER 'percona'@'localhost' IDENTIFIED WITH auth_socket;
Query OK, 0 rows affected (0.01 sec)
mysql> GRANT ALL PRIVILEGES ON *.* TO 'percona'@'localhost';
Query OK, 0 rows affected (0.01 sec)

Tsopano mutha kulowa pogwiritsa ntchito dzina lolowera "percona".

[percona@ip-192-168-1-111 ~]$ whoami
percona
[percona@ip-192-168-1-111 ~]$ mysql -upercona
Welcome to the MySQL monitor.  Commands end with ; or g.
Your MySQL connection id is 19
Server version: 8.0.16-7 Percona Server (GPL), Release 7, Revision 613e312

Copyright (c) 2009-2019 Percona LLC and/or its affiliates
Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.

mysql> select user, host, plugin, authentication_string from mysql.user where user ='percona';
+---------+-----------+-------------+-----------------------+
| user    | host   | plugin   | authentication_string |
+---------+-----------+-------------+-----------------------+
| percona | localhost | auth_socket |                       |
+---------+-----------+-------------+-----------------------+
1 row in set (0.00 sec)

Ndipo zinathandizanso!

Funso: kodi zingatheke kulowa mudongosolo pansi pa malowedwe a percona, koma ngati wogwiritsa ntchito wina?

[percona@ip-192-168-1-111 ~]$ logout
[root@ip-192-168-1-111 ~]# mysql -upercona
ERROR 1698 (28000): Access denied for user 'percona'@'localhost'

Ayi, sizingagwire ntchito.

Pomaliza

MySQL ndi yosinthika muzinthu zingapo, imodzi mwazomwe ndi njira yotsimikizira. Monga mukuwonera pa positiyi, mwayi ungapezeke popanda mapasiwedi, kutengera ogwiritsa ntchito OS. Izi zitha kukhala zothandiza pazochitika zina, ndipo imodzi mwazo ndi pamene mukusamuka kuchokera ku RDS/Aurora kupita ku MySQL yokhazikika pogwiritsa ntchito Kutsimikizika kwa database ya IAMkuti mupezebe mwayi, koma opanda mawu achinsinsi.

Source: www.habr.com

Kuwonjezera ndemanga