1.1. 关于root(其他)用户拒绝登陆的处理方法
问题描述:
[[email protected] mysql-install]# mysql -uroot-p
Enter password:
ERROR 1045 (28000): Access denied for user‘root‘@‘localhost‘ (using password: YES)
1.1.1. 跳过权限表登陆
(1)重启数据库,跳过权限表方式登陆:
[[email protected] mysql-install]# /etc/init.d/mysqldstart --skip-grant-table
Starting MySQL......... [ OK ]
[[email protected] mysql-install]# mysql -uroot
Welcome to the MySQL monitor. Commands end with ; or g.
Your MySQL connection id is 1
Server version: 5.5.37-log Sourcedistribution
Copyright (c) 2000, 2014, Oracle and/or itsaffiliates. All rights reserved.
Oracle is a registered trademark of OracleCorporation and/or its
affiliates. Other names may be trademarksof their respective
owners.
Type ‘help;‘ or ‘h‘ for help. Type ‘c‘ toclear the current input statement.
mysql>
(2)更该root密码
mysql> update user set host=‘%‘ whereuser=‘root‘ and password =‘*6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9‘;
Query OK, 0 rows affected (0.01 sec)
Rows matched: 1 Changed: 0 Warnings: 0
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
(3)重启数据库并重新登陆
[[email protected] mysql-install]#service mysqlrestart
如果问题还是不能解决,继续向下看。
1.1.2. 远程可以本地无法登陆
本地无法登陆,但是远程或者其他用户可以登陆,root无法登陆。
[[email protected] mysql-install]# mysql -urgf-p
Enter password:
ERROR 1045 (28000): Access denied for user‘rgf‘@‘localhost‘ (using password: YES)
(1)查看user表中分布用户
mysql> select user,host,password from user;
+------+------+----------------------------------------------------------------------------+
| user | host | password |
+------+------+----------------------------------------------------------------------------+
| root | % | *6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9 |
| root | gflinux3 |
| root | 127.0.0.1 |
| root | ::1 |
| rgf | % | *6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9 |
+------+------+---------------------------------------------------------------------------+
2 rows in set (0.00 sec)
(2)查看文件/etc/hosts
[[email protected] mysql-install]# vi/etc/hosts
# Do not remove the following line, orvarious programs
# that require network functionality willfail.
127.0.0.1 gflinux3 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6
192.168.6.103 gflinux3
(3)分析
mysql初始化时root用户根据hosts配置文件中的主机及主机名在user表中产生上述记录(127.0.0.1,gflinux3,localhost,::1,192.168.6.103),而安装完数据库,使用mysqladmin初始化密码时,是对user表中localhost,即上述表中第一条记录做的修改:
mysql> select user,host,password from user;
+------+------+----------------------------------------------------------------------------+
| user | host | password |
+------+------+----------------------------------------------------------------------------+
| root | localhost | *6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9 |
+------+------+---------------------------------------------------------------------------+
而其他“主机”密码都为空,这时再以root及其密码登陆时当然无法登陆。
更值得提醒的时,这些“主机”的存在,在安全上及其危险。
(4)处理方法
首先,修改hosts文件为:
[[email protected] mysql-install]# vi/etc/hosts
# Do not remove the following line, orvarious programs
# that require network functionality willfail.
127.0.0.1 gflinux3 localhost.localdomain localhost
#::1 localhost6.localdomain6 localhost6
192.168.6.103 gflinux3
其次,删除user表中所有相关主机记录。
mysql>delete from user where hostin(‘gflinux3‘,‘127.0.0.1‘,‘::1‘,‘localhost‘);
Query OK,5 rows affected (0.01 sec)
mysql>update privileges;
mysql>select user,host,password from user;
+------+------+-------------------------------------------+
| user |host | password |
+------+------+-------------------------------------------+
| root |% |*6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9 |
|rgf | % | *6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9|
+------+------+-------------------------------------------+
2 rows inset (0.00 sec)
(3)登陆验证
[[email protected]]# mysql -uroot -p
Enterpassword:
Welcometo the MySQL monitor. Commands end with; or g.
YourMySQL connection id is 22
Serverversion: 5.5.37-log Source distribution
Copyright(c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
Oracle isa registered trademark of Oracle Corporation and/or its
affiliates.Other names may be trademarks of their respective
owners.
Type‘help;‘ or ‘h‘ for help. Type ‘c‘ to clear the current input statement.
mysql>
当然,不建议使root用户从远程连接,这样很危险,因此,作如下操作取消使用root远程连接:
mysql>update user set host=‘localhost‘ where user=‘root‘;
Query OK,1 row affected (0.00 sec)
Rowsmatched: 1 Changed: 1 Warnings: 0
mysql>flush privileges;
Query OK,0 rows affected (0.00 sec)
1.1.3. 关于登陆
(1)如果host字段更新为localhost:
如下方式可以登陆成功:
[[email protected]]# mysql -uroot -p
[[email protected]]# mysql -hlocalhost -uroot -p
但是如下方式无法登陆:
[[email protected]]# mysql -h127.0.0.1 -uroot -p
[[email protected]]# mysql -h gflinux3 -uroot -p
[[email protected]]# mysql -h192.168.6.103 -uroot -p
原因是user表中host字段值只有记录localhost。其他登陆方式无法在user表中得到认证。
(2)如果host字段更新为%
所有的方式都可以登陆:
[[email protected]]# mysql -uroot -p
[[email protected]]# mysql -hlocalhost -uroot -p
[[email protected]]# mysql -h127.0.0.1 -uroot -p
[[email protected]]# mysql -h gflinux3 -uroot -p
[[email protected]]# mysql -h192.168.6.103 -uroot -p
原因是user表中host字段值匹配所有主机。(127.0.0.1,gflinux3,localhost,::1,192.168.6.103)这些都是指的一台主机,在user表中可以通过认证,从而可以登陆。