Page tree
Skip to end of metadata
Go to start of metadata

このページの内容:

検証環境:

  • OS

    Ubuntu 18.04.1 LTSにて検証を行いました。
    本検証環境はGCPのShielded VMを用いております。

MySQL 5.7のインストール

  • MySQL 5.7のインストール手順を記載しております。

    # MySQL 5.7のインストール
    apt-get install mysql-client-5.7 mysql-client-core-5.7 mysql-common mysql-server-5.7 mysql-server-core-5.7
    
    
    # MySQLの自動起動設定
    systemctl enable mysql



  • MySQLの起動確認

    # MySQL 起動確認
    systemctl status mysql
    確認例
    ● mysql.service - MySQL Community Server
       Loaded: loaded (/lib/systemd/system/mysql.service; enabled; vendor preset: enabled)
       Active: active (running) since Thu 2019-01-03 16:17:26 UTC; 54s ago
     Main PID: 14061 (mysqld)
        Tasks: 27 (limit: 640)
       CGroup: /system.slice/mysql.service
               mq14061 /usr/sbin/mysqld --daemonize --pid-file=/run/mysqld/mysqld.pid
    
    Jan 03 16:17:25 wordpress systemd[1]: Starting MySQL Community Server...
    Jan 03 16:17:26 wordpress systemd[1]: Started MySQL Community Server.
  • MySQLのセキュアインストール

     Click here to expand...


    本項はMySQL5.7移行にて簡易的にセキュアな設定を施す手順を記載しております。

    mysql_secure_installation
    mysql_secure_installation操作例

    root@localhost:~# mysql_secure_installation

    Securing the MySQL server deployment.

    Connecting to MySQL using a blank password.

    VALIDATE PASSWORD PLUGIN can be used to test passwords
    and improve security. It checks the strength of password
    and allows the users to set only those passwords which are
    secure enough. Would you like to setup VALIDATE PASSWORD plugin?

    Press y|Y for Yes, any other key for No: Y # パスワード検証プラグインの使用を確認

    There are three levels of password validation policy:

    LOW Length >= 8
    MEDIUM Length >= 8, numeric, mixed case, and special characters
    STRONG Length >= 8, numeric, mixed case, special characters and dictionary file

    Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 2 # パスワードの強度の指定
    Please set the password for root here.

    New password: # パスワード入力

    Re-enter new password: # パスワード再入力

    Estimated strength of the password: 50
    Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : Y # 指定したパスワードを使用するかどうかの確認
    By default, a MySQL installation has an anonymous user,
    allowing anyone to log into MySQL without having to have
    a user account created for them. This is intended only for
    testing, and to make the installation go a bit smoother.
    You should remove them before moving into a production
    environment.

    Remove anonymous users? (Press y|Y for Yes, any other key for No) : Y # アノニマスユーザの削除の確認
    Success.


    Normally, root should only be allowed to connect from
    'localhost'. This ensures that someone cannot guess at
    the root password from the network.

    Disallow root login remotely? (Press y|Y for Yes, any other key for No) : Y # Rootユーザのリモートアクセスを無効化の確認
    Success.

    By default, MySQL comes with a database named 'test' that
    anyone can access. This is also intended only for testing,
    and should be removed before moving into a production
    environment.


    Remove test database and access to it? (Press y|Y for Yes, any other key for No) : Y # testデータベースの削除の確認
    - Dropping test database...
    Success.

    - Removing privileges on test database...
    Success.

    Reloading the privilege tables will ensure that all changes
    made so far will take effect immediately.

    Reload privilege tables now? (Press y|Y for Yes, any other key for No) : Y # 権限の適用の確認
    Success.

    All done!


  • No labels
Write a comment…