基于 Linux 安装glibc版mysql 5.7.12

###准备安装介质
下载地址：http://mirrors.sohu.com/mysql/MySQL-5.7/mysql-5.7.12-linux-glibc2.5-x86_64.tar.gz 

###或者使用wget方式直接下载对应的版本
# wget http://mirrors.sohu.com/mysql/MySQL-5.7/mysql-5.7.12-linux-glibc2.5-x86_64.tar.gz

# mkdir -pv /u01/app
# mkdir -pv /u01/soft
# mkdir -pv /u02/mysqldata

# cd /u01/soft
# wget http://mirrors.sohu.com/mysql/MySQL-5.7/mysql-5.7.12-linux-glibc2.5-x86_64.tar.gz 
# tar -xf mysql-5.7.12-linux-glibc2.5-x86_64.tar.gz

# ln -sv /u01/soft/mysql-5.7.12-linux-glibc2.5-x86_64 /u01/app/mysql
`/u01/app/mysql' -> `/u01/soft/mysql-5.7.12-linux-glibc2.5-x86_64'

###下面添加mysql用户
# useradd -r mysql -s /sbin/nologin
# chown -R mysql:mysql /u01/app/mysql
# chown -R mysql:mysql /u02/mysqldata 

###使用以下的方式来初始化
# cd /u01/app/mysql/bin
# ./mysqld --initialize --basedir=/u01/app/mysql --datadir=/u02/mysqldata --user=mysql --explicit_defaults_for_timestamp
2016-06-28T02:18:23.437852Z 0 [Warning] InnoDB: New log files created, LSN=45790
2016-06-28T02:18:23.718104Z 0 [Warning] InnoDB: Creating foreign key constraint system tables.
2016-06-28T02:18:23.866501Z 0 [Warning] No existing UUID has been found, so we assume that this is the first time that this
     server has been started. Generating a new UUID: 9731b834-3cd6-11e6-8654-fcaa14e34b30.
2016-06-28T02:18:23.896540Z 0 [Warning] Gtid table is not ready to be used. Table 'mysql.gtid_executed' cannot be opened.
2016-06-28T02:18:23.898416Z 1 [Note] A temporary password is generated for root@localhost: )%%D0pr,mU.Y

# ls /u02/mysqldata/
auto.cnf    client-cert.pem  ibdata1      performance_schema  sys
ca-key.pem  client-key.pem   ib_logfile0  server-cert.pem
ca.pem      client-req.pem   ib_logfile1  server-key.pem
ca-req.pem  ib_buffer_pool   mysql        server-req.pem
###从上面的结果可以看出 mysql 5.7多出了证书相关文件，安全较5.6有较大提升

###mysql_install_db方式初始化数据已经被废弃
# ./mysql_install_db --basedir=/u01/app/mysql --datadir=/u02/mysqldata --user=mysql
2016-06-28 10:04:56 [WARNING] mysql_install_db is deprecated. 
Please consider switching to mysqld --initialize
2016-06-28 10:05:15 [WARNING] The bootstrap log isn't empty:
2016-06-28 10:05:15 [WARNING] 2016-06-28T02:04:56.688237Z 0 
[Warning] --bootstrap is deprecated. Please consider using --initialize instead
2016-06-28T02:04:56.688654Z 0 [Warning] Changed limits: max_open_files: 1024 (requested 5000)
2016-06-28T02:04:56.688657Z 0 [Warning] Changed limits: table_open_cache: 431 (requested 2000)
###如上书提示，mysql_install_db方式初始化数据已经被废弃，建议使用mysqld --initialize，同时也给出了参数限制的警告

# cp /u01/app/mysql/support-files/my-default.cnf /etc/my.cnf
# cp /u01/app/mysql/support-files/mysql.server /etc/init.d/mysqld
# vim /etc/my.cnf 

[mysqld]
sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES
basedir=/u01/app/mysql
datadir=/u02/mysqldata
user=mysql
port=3306

# vim /etc/profile.d/mysql.sh
export MYSQL_HOME=/u01/app/mysql
export PATH=$PATH:$MYSQL_HOME/bin

# source /etc/profile.d/mysql.sh

# service mysqld start
Starting MySQL.                                            [  OK  ]

###使用初始化时得到的密码配置安全选项
# /u01/app/mysql/bin/mysql_secure_installation -p)%%D0pr,mU.Y
mysql_secure_installation: [Warning] Using a password on the command line interface can be insecure.

Securing the MySQL server deployment.

The existing password for the user account root has expired. Please set a new password.

New password: 

Re-enter new password: 

VALIDATE PASSWORD PLUGIN can be used to test passwords
and improve security. It checks the strength of password
and allows the users to set only those passwords which are
secure enough. Would you like to setup VALIDATE PASSWORD plugin?

Press y|Y for Yes, any other key for No: y   ###是否校验密码插件

There are three levels of password validation policy:

LOW    Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters and dictionary file

Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 2  ###设定密码策略等级
Using existing password for root.

Estimated strength of the password: 100 
Change the password for root ? ((Press y|Y for Yes, any other key for No) : 

 ... skipping.
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.

Remove anonymous users? (Press y|Y for Yes, any other key for No) : y  ###是否移除匿名用户
Success.

Normally, root should only be allowed to connect from
'localhost'. This ensures that someone cannot guess at
the root password from the network.

Disallow root login remotely? (Press y|Y for Yes, any other key for No) : y  ###是否关闭root远程登陆功能
Success.

By default, MySQL comes with a database named 'test' that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.

Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y  ###是否移除测试数据库
 - Dropping test database... 
Success.

 - Removing privileges on test database...
Success.

Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.

Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y  ###是否立即生效权限表
Success.

All done! 

###以下为安全增强相关的部分参数

mysql> show variables like 'valid%';
+--------------------------------------+--------+
| Variable_name                        | Value  |
+--------------------------------------+--------+
| validate_password_dictionary_file    |        |
| validate_password_length             | 8      |
| validate_password_mixed_case_count   | 1      |
| validate_password_number_count       | 1      |
| validate_password_policy             | STRONG |
| validate_password_special_char_count | 1      |
+--------------------------------------+--------+

###按上面描述的步骤创建其对应的目录及授权后，再执行初始化
###使用新的配置文件，如下文本示例使用的为3317
# mkdir -pv /u02/mysqldata3317
# chown -R mysql:mysql /u02/mysqldata 3317
# grep -v ^# /etc/my3317.cnf

[mysqld]
basedir=/u01/app/mysql
datadir=/u02/mysqldata3317
user=mysql
port=3317
socket=/tmp/mysql3317.sock

# cd /u01/app/mysql/bin
# ./mysqld --defaults-file=/etc/my3317.cnf --initialize --user=mysql --explicit_defaults_for_timestamp
# 2016-06-30T08:32:52.497519Z 0 [Warning] InnoDB: New log files created, LSN=45790
2016-06-30T08:32:52.852457Z 0 [Warning] InnoDB: Creating foreign key constraint system tables.
2016-06-30T08:32:53.042621Z 0 [Warning] No existing UUID has been found, 
so we assume that this is the first time that this server has been started.
   Generating a new UUID: 3cb1686d-3e9d-11e6-a71f-fcaa14e34b30.
2016-06-30T08:32:53.081210Z 0 [Warning] Gtid table is not ready to be used. 
Table 'mysql.gtid_executed' cannot be opened.
2016-06-30T08:32:53.082538Z 1 [Note] A temporary password is generated for root@localhost: :8#l!MCYoCNY

### Author : Leshami
### Blog   : http://blog.csdn.net/leshami

# mysqld_safe --defaults-file=/etc/my3317.cnf &
[1] 5825
2016-06-30T08:11:49.468176Z mysqld_safe Logging to '/u02/mysqldata3317/ydq4.err'.
2016-06-30T08:11:49.480379Z mysqld_safe The file /usr/local/mysql/bin/mysqld
does not exist or is not executable. Please cd to the mysql installation
directory and restart this script from there as follows:
./bin/mysqld_safe&
See http://dev.mysql.com/doc/mysql/en/mysqld-safe.html for more information

###如果执行mysqld_safe出现上述错误，可以创建软链。这个地方有问题，对于安装在非缺省目录时出现了这个问题。
# mkdir -pv /usr/local/mysql/bin/

# ln -sv /u01/app/mysql/bin/mysqld /usr/local/mysql/bin/mysqld      
"/usr/local/mysql/bin/mysqld" -> "/u01/app/mysql/bin/mysqld"

# ./mysqld_safe --defaults-file=/etc/my3317.cnf &
[1] 8287
2016-06-30T08:38:38.455961Z mysqld_safe Logging to '/u02/mysqldata3317/ydq4.err'.
2016-06-30T08:38:38.471542Z mysqld_safe Starting mysqld daemon with databases from /u02/mysqldata3317

###配置安全选项
# /u01/app/mysql/bin/mysql_secure_installation -P3317 -S /tmp/mysql3317.sock -p