MySQL入门03:MySQL修改root密码的方法

2022-08-19 20:15:42 浏览数 (2)

目录结构:MySQL修改root密码的方法

  • 知道密码的情况
    • 1.使用ALTER USER命令修改密码
    • 2.使用SET PASSWORD命令修改密码
  • 忘记密码的情况
    • 使用--init-file
    • 使用--skip-grant-tables
  • 常见问题及解决
    • 降低策略的级别
    • 单独修改策略项
    • 密码没有加上引号
    • ERROR 1819 (HY000)
    • ERROR 1396 (HY000)
    • ERROR 1064 (42000)
    • 使用--skip-grant-tables --user=mysql选项启动出错:Permission denied

MySQL修改root密码的方法

作为守护数据库安全的第一道关卡是root账户及其密码。 学会对root密码管理无疑是守门人和开锁人的一项基础技能。

知道密码的情况

在已知密码的情况下,可以登录MySQL数据库后,通过ALTER USER(MySQL 5.7.6以上版本)或者SET PASSWORD命令进行修改。

1.使用ALTER USER命令修改密码

在MySQL 5.7.6或则MariaDB 10.1.20以上的版本可以使用ALTER USER命令修改用户密码

例:

代码语言:javascript复制
--登录mysql
-bash-4.1$ mysql -u root -p
mysql> alter user root  identified by 'MyNewPass4!';
Query OK, 0 rows affected (0.02 sec)

2.使用SET PASSWORD命令修改密码

使用SET PASSWORD命令修改Mysql的用户密码。

MySQL 5.7以后版本:

例:

代码语言:javascript复制
SET PASSWORD FOR <用户名>@<host名> = 'my_new_password';

--当前用户
mysql> SET PASSWORD = 'my_new_password';
Query OK, 0 rows affected (0.33 sec)

MySQL 5.7以前版本需要PASSWORD()函数。

例:

代码语言:javascript复制
mysql> SET PASSWORD = PASSWORD('new_password');

参考: https://dev.mysql.com/doc/refman/8.0/en/alter-user.html

13.7.1.1 ALTER USER Statement https://dev.mysql.com/doc/refman/8.0/en/set-password.html 13.7.1.10 SET PASSWORD Statement

忘记密码的情况

在不知道root密码(密码丢失)的情况下,可以通过如下方法登录mysql修改密码。

使用--init-file

可以通过创建一个包含密码语句本地文件,然后使用--init-file选项启动MySQL。

例:

  1. 创建一个本地文件
代码语言:javascript复制
-bash-4.1$ vi /refresh/home/init-file.txt

文件内容如下:

代码语言:javascript复制
ALTER USER 'root'@'localhost' IDENTIFIED BY 'MyNewPass2!';

确认文件内容:

代码语言:javascript复制
-bash-4.1$ cat /refresh/home/init-file.txt

ALTER USER 'root'@'localhost' IDENTIFIED BY 'MyNewPass2!';
  1. 关闭MySQL
代码语言:javascript复制
-bash-4.1$ sudo service mysqld status
mysqld (pid  2031) is running...
-bash-4.1$ sudo service mysqld stop
Stopping mysqld:                                           [  OK  ]
-bash-4.1$ sudo service mysqld status
mysqld is stopped

Linux 7以后可以使用如下systemctl命令。

代码语言:javascript复制
systemctl stop mysqld.service 
或者
/etc/init.d/mysqld stop
  1. 使用如下命令启动MySQL
代码语言:javascript复制
   -bash-4.1$ sudo mysqld --user=mysql --init-file=/refresh/home/init-file.txt  &
[1] 2255

  1. 通过新密码进行连接测试。 mysql -u root -p

使用--skip-grant-tables

可以使用使用--skip-grant-tables选项启动Mysql ,从而跳过权限验证登录MySQL后修改root密码。

  1. 关闭MySQL
代码语言:javascript复制
-bash-4.1$ sudo service mysqld status
mysqld (pid  2031) is running...
-bash-4.1$ sudo service mysqld stop
Stopping mysqld:                                           [  OK  ]
-bash-4.1$ sudo service mysqld status
mysqld is stopped

Linux 7以后可以使用如下systemctl命令。

代码语言:javascript复制
systemctl stop mysqld.service 
或者
/etc/init.d/mysqld stop
  1. 使用--skip-grant-tables启动MySQL
代码语言:javascript复制
-bash-4.1$ sudo mysqld --skip-grant-tables --user=mysql &
[1] 29840
-bash-4.1$ mysql
Welcome to the MySQL monitor.  Commands end with ; or g.
Your MySQL connection id is 7
Server version: 8.0.23 MySQL Community Server - GPL

Copyright (c) 2000, 2021, Oracle and/or its affiliates.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.

mysql>

  1. 重新加载授权表,以便帐户管理语句起作用。
代码语言:javascript复制
mysql> flush privileges;
Query OK, 0 rows affected (0.05 sec)
  1. 修改root密码
代码语言:javascript复制
mysql> ALTER USER root identified by 'MyNewPass1!';
Query OK, 0 rows affected (0.02 sec)
  1. 测试用新密码登录MySQL
代码语言:javascript复制
-bash-4.1$ mysql -u root -p
Enter password:
Welcome to the MySQL monitor.  Commands end with ; or g.
Your MySQL connection id is 9
Server version: 8.0.23 MySQL Community Server - GPL

Copyright (c) 2000, 2021, Oracle and/or its affiliates.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.

mysql>
  1. 正常重启MySQL
代码语言:javascript复制
-bash-4.1$ sudo service mysqld status
mysqld (pid  29841) is running...
-bash-4.1$ sudo service mysqld stop
Stopping mysqld:                                           [  OK  ]
[1]   Done                    sudo mysqld --skip-grant-tables --user=mysql
-bash-4.1$ sudo service mysqld status
mysqld is stopped
-bash-4.1$ sudo service mysqld start
Starting mysqld:                                           [  OK  ]

或者
-bash-4.1$ sudo service mysqld restart
Stopping mysqld:                                           [  OK  ]
Starting mysqld:                                           [  OK  ]

测试连接:

代码语言:javascript复制
-bash-4.1$ mysql -u root -p

参考: https://dev.mysql.com/doc/refman/8.0/en/server-options.html

5.1.7 Server Command Options

https://dev.mysql.com/doc/refman/8.0/en/resetting-permissions.html

B.3.3.2 How to Reset the Root Password B.3.3.2.2 Resetting the Root Password: Unix and Unix-Like Systems B.3.3.2.3 Resetting the Root Password: Generic Instructions

常见问题及解决

代码语言:javascript复制
mysql> set password for root@localhost = password(‘123’);
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'password(‘123’)' at line 1

密码没有加上引号

代码语言:javascript复制
mysql> alter user root@localhost identified by pass;
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'pass' at line 1

ERROR 1819 (HY000)

修改密码时发生ERROR 1819 (HY000) 错误

代码语言:javascript复制
mysql> alter user root@localhost identified by 'pass';
ERROR 1819 (HY000): Your password does not satisfy the current policy requirements

原因:密码不满足安全要求

MySQL数据库的高版本(5.7以后)默认会有validate_password插件,该插件启用后将强制实施密码验证策略。如果新密码不满足密码验证策略就会报ERROR 1819 (HY000) 错误。

级别

长度

字符类型

单词匹配

LOW

至少为8个字符

N/A

N/A

MEDIUM

同上

必须包含至少1个数字字符,1个小写字符,1个大写字符和1个特殊(非字母数字)字符

N/A

STRONG

同上

同上

必须与字典文件中的单词不匹配

参数(5.7)

validate_password_length

validate_password_number_count validate_password_mixed_case_count validate_password_special_char_count

validate_passwor

参数(8.0)

validate_password.length

validate_password.number_count validate_password.mixed_case_count validate_password.special_char_count

validate_password.dictionary_file

默认密码策略是MEDIUM。

代码语言:javascript复制
mysql> SHOW VARIABLES LIKE 'validate_password%';
 -------------------------------------- -------- 
| Variable_name                        | Value  |
 -------------------------------------- -------- 
| validate_password.check_user_name    | ON     |
| validate_password.dictionary_file    |        |
| validate_password.length             | 8      |
| validate_password.mixed_case_count   | 1      |
| validate_password.number_count       | 1      |
| validate_password.policy             | MEDIUM |
| validate_password.special_char_count | 1      |
 -------------------------------------- -------- 
7 rows in set (0.14 sec)

解决方法:

降低策略的级别
代码语言:javascript复制
--5.7
mysql> SET GLOBAL validate_password_policy=LOW;
OR
mysql> SET GLOBAL validate_password_policy=0;

--8.0
mysql>  set global validate_password.policy=LOW;
OR
mysql> set global validate_password.policy=0;

例:

代码语言:javascript复制
mysql>  set global validate_password.policy=LOW;
Query OK, 0 rows affected (0.00 sec)

mysql> SHOW VARIABLES LIKE 'validate_password%';
 -------------------------------------- ------- 
| Variable_name                        | Value |
 -------------------------------------- ------- 
| validate_password.check_user_name    | ON    |
| validate_password.dictionary_file    |       |
| validate_password.length             | 8     |
| validate_password.mixed_case_count   | 1     |
| validate_password.number_count       | 1     |
| validate_password.policy             | LOW   |
| validate_password.special_char_count | 1     |
 -------------------------------------- ------- 
7 rows in set (0.00 sec)
单独修改策略项

例:

代码语言:javascript复制
mysql> alter user root  identified by 'pass';
ERROR 1819 (HY000): Your password does not satisfy the current policy requirements
mysql> SET GLOBAL validate_password.length = 4;
Query OK, 0 rows affected (0.00 sec)

mysql> alter user root  identified by 'pass';
Query OK, 0 rows affected (0.05 sec)

mysql> SHOW VARIABLES LIKE 'validate_password%';
 -------------------------------------- ------- 
| Variable_name                        | Value |
 -------------------------------------- ------- 
| validate_password.check_user_name    | ON    |
| validate_password.dictionary_file    |       |
| validate_password.length             | 4     |  ★★
| validate_password.mixed_case_count   | 1     |
| validate_password.number_count       | 1     |
| validate_password.policy             | LOW   |
| validate_password.special_char_count | 1     |
 -------------------------------------- ------- 
7 rows in set (0.00 sec)

参考: https://dev.mysql.com/doc/refman/8.0/en/validate-password.html

6.4.3 The Password Validation Component

ERROR 1396 (HY000)

代码语言:javascript复制
mysql> alter user root@localhost identified by 'my_new_pass';
ERROR 1396 (HY000): Operation ALTER USER failed for 'root'@'localhost'

原因: 用户的host不一致。

代码语言:javascript复制
mysql>  alter user root@localhost identified by 'my_new_pass';
ERROR 1396 (HY000): Operation ALTER USER failed for 'root'@'localhost'
mysql> show databases
    -> ;
 -------------------- 
| Database           |
 -------------------- 
| information_schema |
| mysql              |
| performance_schema |
| sys                |
 -------------------- 
4 rows in set (0.00 sec)

mysql> use mysql;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Database changed
mysql> select user,host from user;
 ------------------ ----------- 
| user             | host      |
 ------------------ ----------- 
| root             | %         |
| mysql.infoschema | localhost |
| mysql.session    | localhost |
| mysql.sys        | localhost |
 ------------------ ----------- 
4 rows in set (0.00 sec)

解决方法: 修改host名或者去掉host名。

例:

代码语言:javascript复制
mysql> alter user root@'%' identified by 'my_new_pass';
Query OK, 0 rows affected (0.02 sec)
或者
mysql> alter user root identified by 'my_new_pass';
Query OK, 0 rows affected (0.04 sec)

ERROR 1064 (42000)

代码语言:javascript复制
mysql>  SET PASSWORD = PASSWORD('new_password');
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'PASSWORD('new_password')' at line 1

原因:MySQL 5.7 以后不需要PASSWORD()函数。

例:

代码语言:javascript复制
mysql>  SET PASSWORD = 'my_new_password';
Query OK, 0 rows affected (0.02 sec)

使用--skip-grant-tables --user=mysql选项启动出错:Permission denied

使用--skip-grant-tables --user=mysql选项启动出错:Permission denied

代码语言:javascript复制
-bash-4.1$ mysqld --skip-grant-tables --user=mysql &
[1] 29806
-bash-4.1$ 2021-02-26T00:10:32.691961Z 0 [Warning] [MY-010091] [Server] Can't create test file /var/lib/mysql/mysqld_tmp_file_case_insensitive_test.lower-test
2021-02-26T00:10:32.692079Z 0 [System] [MY-010116] [Server] /usr/sbin/mysqld (mysqld 8.0.23) starting as process 29806
2021-02-26T00:10:32.698349Z 0 [Warning] [MY-010091] [Server] Can't create test file /var/lib/mysql/mysqld_tmp_file_case_insensitive_test.lower-test
2021-02-26T00:10:32.698375Z 0 [Warning] [MY-010159] [Server] Setting lower_case_table_names=2 because file system for /var/lib/mysql/ is case insensitive
2021-02-26T00:10:32.698711Z 0 [Warning] [MY-010122] [Server] One can only use the --user switch if running as root
2021-02-26T00:10:32.699063Z 0 [ERROR] [MY-010187] [Server] Could not open file '/var/log/mysqld.log' for error logging: Permission denied
2021-02-26T00:10:32.699141Z 0 [ERROR] [MY-010119] [Server] Aborting
2021-02-26T00:10:32.699366Z 0 [System] [MY-010910] [Server] /usr/sbin/mysqld: Shutdown complete (mysqld 8.0.23)  MySQL Community Server - GPL.

[1]   Exit 1                  mysqld --skip-grant-tables --user=mysql
-bash-4.1$
-bash-4.1$
-bash-4.1$ mysql
ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2)

解决方法:使用sudo 或者root用户

例:

代码语言:javascript复制
-bash-4.1$ sudo mysqld --skip-grant-tables --user=mysql &
[1] 29840
-bash-4.1$ mysql
Welcome to the MySQL monitor.  Commands end with ; or g.
Your MySQL connection id is 7
Server version: 8.0.23 MySQL Community Server - GPL

Copyright (c) 2000, 2021, Oracle and/or its affiliates.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.

mysql>

0 人点赞