2. FreeBSD 10.4 RELEASE - MySQL - mysql_secure_installation

 
2.1 mysql_secure_installation
2.2 root パスワードの設定

2.1 mysql_secure_installation

 MySQL 5.7 からインストール後に mysql_secure_installation というスクリプトを実行してパスワード等を設定するのが正式な設定方法のようです。

> mysql_secure_installation
mysql_secure_installation: [ERROR] unknown variable 'prompt=\u@\h [\d]>\_'
                        プロンプトが変と言っているのですが無視して先へ進めます
Securing the MySQL server deployment.

Connecting to MySQL server using password in '/root/.mysql_secret'

VALIDATE PASSWORD PLUGIN can be used to test passwords
and improve security. It checks the strength of password
and allows the users to set only those passwords which are
secure enough. Would you like to setup VALIDATE PASSWORD plugin?

Press y|Y for Yes, any other key for No:
                        パスワードのレベルを決めますかってんで 「y」

There are three levels of password validation policy:

LOW    Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters and dictionary                  file

Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG:
                        パスワードのレベルを0、1、2のいずれかで入力します(レベルは後述)
Using existing password for root.

Estimated strength of the password: 100
Change the password for root ? ((Press y|Y for Yes, any other key for No) :
                         root のパスワードを変更するかってんで 「y」を入力します。
New password:            パスワードを入力します。

Re-enter new password:   パスワードを再度入力します。

Estimated strength of the password: 50
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) :
                        レベル 50 だがよいかってことかな?「y」(笑)

By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.

Remove anonymous users? (Press y|Y for Yes, any other key for No) :
                        アノニマスユーザを削除しますかってんで 「y」
Success.


Normally, root should only be allowed to connect from
'localhost'. This ensures that someone cannot guess at
the root password from the network.

Disallow root login remotely? (Press y|Y for Yes, any other key for No) :
                        root ユーザのリモートログインを禁止しますかってんで 「y」
Success.

By default, MySQL comes with a database named 'test' that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.


Remove test database and access to it? (Press y|Y for Yes, any other key for No) :
                        テストデーターベースを削除しますかってんで 「y」
 - Dropping test database...
Success.

 - Removing privileges on test database...
Success.

Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.

Reload privilege tables now? (Press y|Y for Yes, any other key for No) :
                       権限が変更されたテーブルを再度読み込みますかってんで 「y」
Success.

All done!

2.2 root パスワードの設定

 root のパスワードを変更した場合は、ログインして再度パスワードの設定を行います。  そうしないとスクリプトファイルを読ませるときに

> mysql -u root -p < ファイル名
Enter password:
Please use --connect-expired-password option or invoke mysql in interactive mode.
 てな感じで怒られちゃうのです。  以下の手順で root パスワードを設定しておきます。

> mysql -u root -p
Enter password:
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 4
Server version: 5.7.21-log

Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

root@localhost [(none)]> set password=password('パスワード');
Query OK, 0 rows affected, 1 warning (0.00 sec)

mysql> quit
Bye