之前在使用LNMP一键安装包(其中的有些默认配置还是不够安全的,比如php.ini中的一些设置)的时候看到了其中的MySQL设置密码功能的脚本片断,觉得很有用,就摘录如下:
#!/bin/bash
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin
export PATH
# Check if user is root
if [ $(id -u) != "0" ]; then
echo "Error: You must be root to run this script, please use root to install lnmp"
exit 1
fi
#set mysql root password
mysqlrootpwd="root"
echo "Please input the root password of mysql:"
read -p "(Default password: root):" mysqlrootpwd
if [ "$mysqlrootpwd" = "" ]; then
mysqlrootpwd="root"
fi
echo "==========================="
echo "mysqlrootpwd=$mysqlrootpwd"
echo "==========================="
/etc/init.d/mysql start
/usr/local/mysql/bin/mysqladmin -u root password $mysqlrootpwd
cat > /tmp/mysql_sec_script<<EOF
use mysql;
update user set password=password('$mysqlrootpwd') where user='root';
delete from user where not (user='root') ;
delete from user where user='root' and password='';
drop database test;
DROP USER ''@'%';
flush privileges;
EOF
/usr/local/mysql/bin/mysql -u root -p$mysqlrootpwd -h localhost < /tmp/mysql_sec_script
其中的一些代码片段其实都可以独自摘录下来单独使用。
《 “Linux下的MySQL密码重置脚本” 》 有 2 条评论
mysql-unsha1: 在不知道 MySQL 明文密码的情况下绕过认证
https://github.com/cyrus-and/mysql-unsha1
关于MySQL密码你应该知道的那些事
http://cenalulu.github.io/mysql/myall-about-mysql-password/