千万个美丽的未来,抵不上一个温暖的现在,每一个真实的现在,都是我们曾经幻想的未来!
Jul
5
因为最近遇到一些超时的问题,正好就把所有的timeout参数都理一遍,首先数据库里查一下看有哪些超时:
root@localhost : test 12:55:50> SHOW global VARIABLES LIKE “%timeout%”;
+—————————-+——–+
| Variable_name | VALUE |
+—————————-+——–+
| connect_timeout | 10 |
| delayed_insert_timeout | 300 |
| innodb_lock_wait_timeout | 120 |
| innodb_rollback_on_timeout | ON |
| interactive_timeout | 172800 |
| net_read_timeout | 30 |
| net_write_timeout | 60 |
| slave_net_timeout | 3600 |
| table_lock_wait_timeout | 50 | # 这个参数已经没用了
| wait_timeout | 172800 |
+—————————-+——–+
我们一个个来看
connect_timeout
手册描述:
The number of seconds that the mysqld server waits for a connect packet before responding with Bad handshake. The default value is 10 seconds as of MySQL 5.1.23 and 5 seconds before that.
Increasing the connect_timeout value might help if clients frequently encounter errors of the form Lost connection to MySQL server at ‘XXX’, system error: errno.
解释:在获取链接时,等待握手的超时时间,只在登录时有效,登录成功这个参数就不管事了。主要是为了防止网络不佳时应用重连导致连接数涨太快,一般默认即可。
delayed_insert_timeout
手册描述:
How many seconds an INSERT DELAYED handler thread should wait for INSERT statements before terminating.
解释:这是为MyISAM INSERT DELAY设计的超时参数,在INSERT DELAY中止前等待INSERT语句的时间。
innodb_lock_wait_timeout
手册描述:
The timeout in seconds an InnoDB transaction may wait for a row lock before giving up. The default value is 50 seconds. A transaction that tries to access a row that is locked by another InnoDB transaction will hang for at most this many seconds before issuing the following error:
ERROR 1205 (HY000): LOCK wait timeout exceeded; try restarting TRANSACTION
When a lock wait timeout occurs, the current statement is not executed. The current transaction is not rolled back. (To have the entire transaction roll back, start the server with the –innodb_rollback_on_timeout option, available as of MySQL 5.1.15. See also Section 13.6.12, “InnoDB Error Handling”.)
innodb_lock_wait_timeout applies to InnoDB row locks only. A MySQL table lock does not happen inside InnoDB and this timeout does not apply to waits for table locks.
InnoDB does detect transaction deadlocks in its own lock table immediately and rolls back one transaction. The lock wait timeout value does not apply to such a wait.
For the built-in InnoDB, this variable can be set only at server startup. For InnoDB Plugin, it can be set at startup or changed at runtime, and has both global and session values.
解释:描述很长,简而言之,就是事务遇到锁等待时的Query超时时间。跟死锁不一样,InnoDB一旦检测到死锁立刻就会回滚代价小的那个事务,锁等待是没有死锁的情况下一个事务持有另一个事务需要的锁资源,被回滚的肯定是请求锁的那个Query。
innodb_rollback_on_timeout
手册描述:
In MySQL 5.1, InnoDB rolls back only the last statement on a transaction timeout by default. If –innodb_rollback_on_timeout is specified, a transaction timeout causes InnoDB to abort and roll back the entire transaction (the same behavior as in MySQL 4.1). This variable was added in MySQL 5.1.15.
解释:这个参数关闭或不存在的话遇到超时只回滚事务最后一个Query,打开的话事务遇到超时就回滚整个事务。
interactive_timeout/wait_timeout
手册描述:
The number of seconds the server waits for activity on an interactive connection before closing it. An interactive client is defined as a client that uses the CLIENT_INTERACTIVE option to mysql_real_connect(). See also
解释:一个持续SLEEP状态的线程多久被关闭。线程每次被使用都会被唤醒为acrivity状态,执行完Query后成为interactive状态,重新开始计时。wait_timeout不同在于只作用于TCP/IP和Socket链接的线程,意义是一样的。
net_read_timeout / net_write_timeout
手册描述:
The number of seconds to wait for more data from a connection before aborting the read. Before MySQL 5.1.41, this timeout applies only to TCP/IP connections, not to connections made through Unix socket files, named pipes, or shared memory. When the server is reading from the client, net_read_timeout is the timeout value controlling when to abort. When the server is writing to the client, net_write_timeout is the timeout value controlling when to abort. See also slave_net_timeout.
On Linux, the NO_ALARM build flag affects timeout behavior as indicated in the description of the net_retry_count system variable.
解释:这个参数只对TCP/IP链接有效,分别是数据库等待接收客户端发送网络包和发送网络包给客户端的超时时间,这是在Activity状态下的线程才有效的参数
slave_net_timeout
手册描述:
The number of seconds to wait for more data from the master before the slave considers the connection broken, aborts the read, and tries to reconnect. The first retry occurs immediately after the timeout. The interval between retries is controlled by the MASTER_CONNECT_RETRY option for the CHANGE MASTER TO statement or –master-connect-retry option, and the number of reconnection attempts is limited by the –master-retry-count option. The default is 3600 seconds (one hour).
解释:这是Slave判断主机是否挂掉的超时设置,在设定时间内依然没有获取到Master的回应就人为Master挂掉了
root@localhost : test 12:55:50> SHOW global VARIABLES LIKE “%timeout%”;
+—————————-+——–+
| Variable_name | VALUE |
+—————————-+——–+
| connect_timeout | 10 |
| delayed_insert_timeout | 300 |
| innodb_lock_wait_timeout | 120 |
| innodb_rollback_on_timeout | ON |
| interactive_timeout | 172800 |
| net_read_timeout | 30 |
| net_write_timeout | 60 |
| slave_net_timeout | 3600 |
| table_lock_wait_timeout | 50 | # 这个参数已经没用了
| wait_timeout | 172800 |
+—————————-+——–+
我们一个个来看
connect_timeout
手册描述:
The number of seconds that the mysqld server waits for a connect packet before responding with Bad handshake. The default value is 10 seconds as of MySQL 5.1.23 and 5 seconds before that.
Increasing the connect_timeout value might help if clients frequently encounter errors of the form Lost connection to MySQL server at ‘XXX’, system error: errno.
解释:在获取链接时,等待握手的超时时间,只在登录时有效,登录成功这个参数就不管事了。主要是为了防止网络不佳时应用重连导致连接数涨太快,一般默认即可。
delayed_insert_timeout
手册描述:
How many seconds an INSERT DELAYED handler thread should wait for INSERT statements before terminating.
解释:这是为MyISAM INSERT DELAY设计的超时参数,在INSERT DELAY中止前等待INSERT语句的时间。
innodb_lock_wait_timeout
手册描述:
The timeout in seconds an InnoDB transaction may wait for a row lock before giving up. The default value is 50 seconds. A transaction that tries to access a row that is locked by another InnoDB transaction will hang for at most this many seconds before issuing the following error:
ERROR 1205 (HY000): LOCK wait timeout exceeded; try restarting TRANSACTION
When a lock wait timeout occurs, the current statement is not executed. The current transaction is not rolled back. (To have the entire transaction roll back, start the server with the –innodb_rollback_on_timeout option, available as of MySQL 5.1.15. See also Section 13.6.12, “InnoDB Error Handling”.)
innodb_lock_wait_timeout applies to InnoDB row locks only. A MySQL table lock does not happen inside InnoDB and this timeout does not apply to waits for table locks.
InnoDB does detect transaction deadlocks in its own lock table immediately and rolls back one transaction. The lock wait timeout value does not apply to such a wait.
For the built-in InnoDB, this variable can be set only at server startup. For InnoDB Plugin, it can be set at startup or changed at runtime, and has both global and session values.
解释:描述很长,简而言之,就是事务遇到锁等待时的Query超时时间。跟死锁不一样,InnoDB一旦检测到死锁立刻就会回滚代价小的那个事务,锁等待是没有死锁的情况下一个事务持有另一个事务需要的锁资源,被回滚的肯定是请求锁的那个Query。
innodb_rollback_on_timeout
手册描述:
In MySQL 5.1, InnoDB rolls back only the last statement on a transaction timeout by default. If –innodb_rollback_on_timeout is specified, a transaction timeout causes InnoDB to abort and roll back the entire transaction (the same behavior as in MySQL 4.1). This variable was added in MySQL 5.1.15.
解释:这个参数关闭或不存在的话遇到超时只回滚事务最后一个Query,打开的话事务遇到超时就回滚整个事务。
interactive_timeout/wait_timeout
手册描述:
The number of seconds the server waits for activity on an interactive connection before closing it. An interactive client is defined as a client that uses the CLIENT_INTERACTIVE option to mysql_real_connect(). See also
解释:一个持续SLEEP状态的线程多久被关闭。线程每次被使用都会被唤醒为acrivity状态,执行完Query后成为interactive状态,重新开始计时。wait_timeout不同在于只作用于TCP/IP和Socket链接的线程,意义是一样的。
net_read_timeout / net_write_timeout
手册描述:
The number of seconds to wait for more data from a connection before aborting the read. Before MySQL 5.1.41, this timeout applies only to TCP/IP connections, not to connections made through Unix socket files, named pipes, or shared memory. When the server is reading from the client, net_read_timeout is the timeout value controlling when to abort. When the server is writing to the client, net_write_timeout is the timeout value controlling when to abort. See also slave_net_timeout.
On Linux, the NO_ALARM build flag affects timeout behavior as indicated in the description of the net_retry_count system variable.
解释:这个参数只对TCP/IP链接有效,分别是数据库等待接收客户端发送网络包和发送网络包给客户端的超时时间,这是在Activity状态下的线程才有效的参数
slave_net_timeout
手册描述:
The number of seconds to wait for more data from the master before the slave considers the connection broken, aborts the read, and tries to reconnect. The first retry occurs immediately after the timeout. The interval between retries is controlled by the MASTER_CONNECT_RETRY option for the CHANGE MASTER TO statement or –master-connect-retry option, and the number of reconnection attempts is limited by the –master-retry-count option. The default is 3600 seconds (one hour).
解释:这是Slave判断主机是否挂掉的超时设置,在设定时间内依然没有获取到Master的回应就人为Master挂掉了
Feb
27
目的:
1.监控mysql服务器的状态
2.当发现mysql down机就自动重启mysql服务
3.重启mysql不成功,发邮件给管理员警告mysql down机
#vi /usr/local/sbin/check_mysql.sh
赋予check_mysql.sh可执行的权限
#chmod u+x /usr/local/sbin/check_mysql.sh
加入crontab,让系统五分钟检测一次mysql状态
#crontab -l
*/5 * * * * /usr/local/sbin/check_mysql.sh > /dev/null 2>&1
1.监控mysql服务器的状态
2.当发现mysql down机就自动重启mysql服务
3.重启mysql不成功,发邮件给管理员警告mysql down机
#vi /usr/local/sbin/check_mysql.sh
#!/bin/sh
cat << EOF
+--------------------------------------------------------------------------+
| === Welcome to LinuxTone=== |
|-------------------------http://www.linuxtone.org------------------------ |
+--------------------------------------------------------------------------+
EOF
PORT=`netstat -na|grep "LISTEN"|grep "3306"|awk -F[:" "]+ '{print $5}'`
MYSQLIP=`ifconfig eth0|awk '/inet/{print $2}'|cut -c 6-`
while [ `whoami` == "root" ]
do
if [ "$PORT" == "3306" ];then
echo "mysql is running......"
else
echo "restart mysql"
/etc/init.d/mysqld restart
if [ "$PORT" == "3306" ];then
echo "mysql restart successful......"
else
echo "mysql restart failure......"
echo "server: $MYSQLIP mysql is down,please try to restart mysql!" > /var/log/mymsg
mail -s "warn!server: $MYSQLIP mysql is down" hamgua\@gmail.com < /var/log/mymsg
fi
fi
break
done
cat << EOF
+--------------------------------------------------------------------------+
| === Welcome to LinuxTone=== |
|-------------------------http://www.linuxtone.org------------------------ |
+--------------------------------------------------------------------------+
EOF
PORT=`netstat -na|grep "LISTEN"|grep "3306"|awk -F[:" "]+ '{print $5}'`
MYSQLIP=`ifconfig eth0|awk '/inet/{print $2}'|cut -c 6-`
while [ `whoami` == "root" ]
do
if [ "$PORT" == "3306" ];then
echo "mysql is running......"
else
echo "restart mysql"
/etc/init.d/mysqld restart
if [ "$PORT" == "3306" ];then
echo "mysql restart successful......"
else
echo "mysql restart failure......"
echo "server: $MYSQLIP mysql is down,please try to restart mysql!" > /var/log/mymsg
mail -s "warn!server: $MYSQLIP mysql is down" hamgua\@gmail.com < /var/log/mymsg
fi
fi
break
done
赋予check_mysql.sh可执行的权限
#chmod u+x /usr/local/sbin/check_mysql.sh
加入crontab,让系统五分钟检测一次mysql状态
#crontab -l
*/5 * * * * /usr/local/sbin/check_mysql.sh > /dev/null 2>&1
May
20
我一直习惯用phpMyAdmin对MySQL数据库进行管理,曾修改了一个《可管理多台远程MySQL服务器的phpMyAdmin 2.10.2》。但有些机器上因为安全等因素,只设置了允许从本机访问自身的MySQL端口,而且没有安装Apache和PHP,因而不能使用phpMyAdmin。于是,我只好使用命令行方式来对MySQL数据库进行管理。为了方便以后从命令行操作数据库可以更方便(拷贝、粘贴),我写下了这篇文章。
一、从命令行登录MySQL数据库服务器
1、登录使用默认3306端口的MySQL
/usr/local/mysql/bin/mysql -u root -p
2、通过TCP连接管理不同端口的多个MySQL(注意:MySQL4.1以上版本才有此项功能)
/usr/local/mysql/bin/mysql -u root -p --protocol=tcp --host=localhost --port=3307
3、通过socket套接字管理不同端口的多个MySQL
/usr/local/mysql/bin/mysql -u root -p --socket=/tmp/mysql3307.sock
4、通过端口和IP管理不同端口的多个MySQL
/usr/local/mysql/bin/mysql -u root -p -P 3306 -h 127.0.0.1
--------------------------------------------------------------------------------
二、数据库操作SQL语句
1、显示服务器上当前存在什么数据库
SHOW DATABASES;
2、创建名称为rewin的数据库
CREATE DATABASE rewin;
3、删除名称为rewin的数据库
DROP DATABASE rewin;
4、选择rewin数据库
USE rewin;
--------------------------------------------------------------------------------
三、表操作SQL语句(登录之后必须用以上的USE命令选择一个数据库,再进行表操作)
1、显示当前数据库中存在什么表
SHOW TABLES;
2、创建数据库表zhangyan:在mysql>后粘贴以下SQL语句,存储引擎为MYISAM,字段id为主键、唯一索引。
CREATE TABLE `zhangyan` (
`id` INT( 5 ) UNSIGNED NOT NULL AUTO_INCREMENT ,
`username` VARCHAR( 20 ) NOT NULL ,
`password` CHAR( 32 ) NOT NULL ,
`time` DATETIME NOT NULL ,
`number` FLOAT( 10 ) NOT NULL ,
`content` TEXT NOT NULL ,
PRIMARY KEY ( `id` )
) ENGINE = MYISAM ;
3、查看zhangyan表结构
DESCRIBE zhangyan;
4、从表中检索信息
4.1、从zhangyan表中检索所有记录
SELECT * FROM zhangyan;
4.2、从zhangyan表中检索特定的行:字段username等于abc,字段number等于1,按字段id降序排列
SELECT * FROM zhangyan WHERE username = 'abc' AND number='1' ORDER BY id DESC;
4.3、从zhangyan表中检索指定的字段:username和password
SELECT username, password FROM zhangyan;
4.4、从zhangyan表中检索出唯一的不重复记录:
SELECT DISTINCT username FROM zhangyan;
5、插入信息到zhangyan表
INSERT INTO zhangyan (id, username, password, time, number, content) VALUES ('', 'abc', '123456', '2007-08-06 14:32:12', '23.41', 'hello world');
6、更新zhangyan表中的指定信息
UPDATE zhangyan SET content = 'hello china' WHERE username = 'abc';
7、删除zhangyan表中的指定信息
DELETE FROM zhangyan WHERE id = 1;
8、清空zhangyan表
DELETE FROM zhangyan;
9、删除zhangyan表
DROP TABLE zhangyan;
10、更改表结构,将zhangyan表username字段的字段类型改为CHAR(25)
ALTER TABLE zhangyan CHANGE username username CHAR(25);
11、将当前目录下的mysql.sql导入数据库
SOURCE ./mysql.sql;
--------------------------------------------------------------------------------
四、数据库权限操作SQL语句
1、创建一个具有root权限,可从任何IP登录的用户sina,密码为zhangyan
GRANT ALL PRIVILEGES ON *.* TO 'sina'@'%' IDENTIFIED BY 'zhangyan';
2、创建一个具有“数据操作”、“结构操作”权限,只能从192.168.1.***登录的用户sina,密码为zhangyan
GRANT SELECT , INSERT , UPDATE , DELETE , FILE , CREATE , DROP , INDEX , ALTER , CREATE TEMPORARY TABLES , CREATE VIEW , SHOW VIEW , CREATE ROUTINE, ALTER ROUTINE, EXECUTE ON *.* TO 'sina'@'192.168.1.%' IDENTIFIED BY 'zhangyan';
3、创建一个只拥有“数据操作”权限,只能从192.168.1.24登录,只能操作rewin数据库的zhangyan表的用户sina,密码为zhangyan
GRANT SELECT , INSERT , UPDATE , DELETE ON rewin.zhangyan TO 'sina'@'192.168.1.24' IDENTIFIED BY 'zhangyan';
4、创建一个拥有“数据操作”、“结构操作”权限,可从任何IP登录,只能操作rewin数据库的用户sina,密码为zhangyan
GRANT SELECT , INSERT , UPDATE , DELETE , CREATE , DROP , INDEX , ALTER , CREATE TEMPORARY TABLES , CREATE VIEW , SHOW VIEW , CREATE ROUTINE, ALTER ROUTINE, EXECUTE ON rewin.* TO 'sina'@'%' IDENTIFIED BY 'zhangyan';
5、删除用户
DROP USER 'sina'@'%';
PS:如果想了解更多的MySQL操作资料,请参考MySQL官方的中文参考手册
[文章作者:张宴 本文版本:v1.0 最后修改:2007.08.06 出处:http://blog.s135.com]
一、从命令行登录MySQL数据库服务器
1、登录使用默认3306端口的MySQL
/usr/local/mysql/bin/mysql -u root -p
2、通过TCP连接管理不同端口的多个MySQL(注意:MySQL4.1以上版本才有此项功能)
/usr/local/mysql/bin/mysql -u root -p --protocol=tcp --host=localhost --port=3307
3、通过socket套接字管理不同端口的多个MySQL
/usr/local/mysql/bin/mysql -u root -p --socket=/tmp/mysql3307.sock
4、通过端口和IP管理不同端口的多个MySQL
/usr/local/mysql/bin/mysql -u root -p -P 3306 -h 127.0.0.1
--------------------------------------------------------------------------------
二、数据库操作SQL语句
1、显示服务器上当前存在什么数据库
SHOW DATABASES;
2、创建名称为rewin的数据库
CREATE DATABASE rewin;
3、删除名称为rewin的数据库
DROP DATABASE rewin;
4、选择rewin数据库
USE rewin;
--------------------------------------------------------------------------------
三、表操作SQL语句(登录之后必须用以上的USE命令选择一个数据库,再进行表操作)
1、显示当前数据库中存在什么表
SHOW TABLES;
2、创建数据库表zhangyan:在mysql>后粘贴以下SQL语句,存储引擎为MYISAM,字段id为主键、唯一索引。
CREATE TABLE `zhangyan` (
`id` INT( 5 ) UNSIGNED NOT NULL AUTO_INCREMENT ,
`username` VARCHAR( 20 ) NOT NULL ,
`password` CHAR( 32 ) NOT NULL ,
`time` DATETIME NOT NULL ,
`number` FLOAT( 10 ) NOT NULL ,
`content` TEXT NOT NULL ,
PRIMARY KEY ( `id` )
) ENGINE = MYISAM ;
3、查看zhangyan表结构
DESCRIBE zhangyan;
4、从表中检索信息
4.1、从zhangyan表中检索所有记录
SELECT * FROM zhangyan;
4.2、从zhangyan表中检索特定的行:字段username等于abc,字段number等于1,按字段id降序排列
SELECT * FROM zhangyan WHERE username = 'abc' AND number='1' ORDER BY id DESC;
4.3、从zhangyan表中检索指定的字段:username和password
SELECT username, password FROM zhangyan;
4.4、从zhangyan表中检索出唯一的不重复记录:
SELECT DISTINCT username FROM zhangyan;
5、插入信息到zhangyan表
INSERT INTO zhangyan (id, username, password, time, number, content) VALUES ('', 'abc', '123456', '2007-08-06 14:32:12', '23.41', 'hello world');
6、更新zhangyan表中的指定信息
UPDATE zhangyan SET content = 'hello china' WHERE username = 'abc';
7、删除zhangyan表中的指定信息
DELETE FROM zhangyan WHERE id = 1;
8、清空zhangyan表
DELETE FROM zhangyan;
9、删除zhangyan表
DROP TABLE zhangyan;
10、更改表结构,将zhangyan表username字段的字段类型改为CHAR(25)
ALTER TABLE zhangyan CHANGE username username CHAR(25);
11、将当前目录下的mysql.sql导入数据库
SOURCE ./mysql.sql;
--------------------------------------------------------------------------------
四、数据库权限操作SQL语句
1、创建一个具有root权限,可从任何IP登录的用户sina,密码为zhangyan
GRANT ALL PRIVILEGES ON *.* TO 'sina'@'%' IDENTIFIED BY 'zhangyan';
2、创建一个具有“数据操作”、“结构操作”权限,只能从192.168.1.***登录的用户sina,密码为zhangyan
GRANT SELECT , INSERT , UPDATE , DELETE , FILE , CREATE , DROP , INDEX , ALTER , CREATE TEMPORARY TABLES , CREATE VIEW , SHOW VIEW , CREATE ROUTINE, ALTER ROUTINE, EXECUTE ON *.* TO 'sina'@'192.168.1.%' IDENTIFIED BY 'zhangyan';
3、创建一个只拥有“数据操作”权限,只能从192.168.1.24登录,只能操作rewin数据库的zhangyan表的用户sina,密码为zhangyan
GRANT SELECT , INSERT , UPDATE , DELETE ON rewin.zhangyan TO 'sina'@'192.168.1.24' IDENTIFIED BY 'zhangyan';
4、创建一个拥有“数据操作”、“结构操作”权限,可从任何IP登录,只能操作rewin数据库的用户sina,密码为zhangyan
GRANT SELECT , INSERT , UPDATE , DELETE , CREATE , DROP , INDEX , ALTER , CREATE TEMPORARY TABLES , CREATE VIEW , SHOW VIEW , CREATE ROUTINE, ALTER ROUTINE, EXECUTE ON rewin.* TO 'sina'@'%' IDENTIFIED BY 'zhangyan';
5、删除用户
DROP USER 'sina'@'%';
PS:如果想了解更多的MySQL操作资料,请参考MySQL官方的中文参考手册
[文章作者:张宴 本文版本:v1.0 最后修改:2007.08.06 出处:http://blog.s135.com]
May
17
[AutoAPM作者:张宴 版本:v1.0.5 最后修改:2007.02.19 转载请注明出处:http://blog.s135.com]
因工作需要,编写了一个在Linux操作系统下自动从源码包编译安装Apache2.0.59、PHP5.2.1(支持freetype、libpng、jpegsrc、gd、libxml扩展)、MySQL5.0.33、ZendOptimizer3.2.2的bash脚本——AutoAPM,源代码完全公开,可根据自己的需要修改(命令行下tar zxvf autoapm-1.0.4.tar.gz解压缩后,vi autoapm即可)。
脚本前列的基本配置信息说明:
#---------------------config start-------------------------
mysql_tar_gz_name="mysql-5.0.33.tar.gz"
#MySQL的源码压缩包
mysql_source_dir_name="mysql-5.0.33"
#tar zxvf解压MySQL源码压缩包后的默认目录名
mysql_download_url="http://www.vista.ac.cn/autoapm/src/1.0.5/mysql-5.0.33.tar.gz"
#MySQL源码压缩包的下载网址
#---------------------config end---------------------------
使用说明:
在Linux字符界面中用wget http://www.vista.ac.cn/autoapm/down/autoapm-1.0.5.tar.gz下载autoapm压缩包,然后用tar zxvf autoapm-1.0.4.tar.gz解压,最后输入./autoapm执行即可。
接下来会提示要您选择源码包来源,如果当前目录中有相应的源码包,可选择Current directory.,如果没有,可选择Download from Internet.,脚本会根据配置信息中的下载地址自动下载源码包并编译安装。编译安装的时间需要20至50分钟。
脚本源码:http://www.vista.ac.cn/autoapm/down/autoapm-1.0.5.src.txt
下载地址:http://www.vista.ac.cn/autoapm/down/autoapm-1.0.5.tar.gz
AutoAPM 1.0.5 for Linux Written by Zhang Yan, SINA Corp., Beijing, China
A tool to auto-compile & install Apache, PHP, MySQL on Linux from sources
For more information please visit http://autoapm.vista.ac.cn
Usage:
[root@sina var]# wget http://www.vista.ac.cn/autoapm/down/autoapm-1.0.5.tar.gz
[root@sina var]# tar zxvf autoapm-1.0.5.tar.gz
[root@sina var]# ./autoapm
The path of some dirs (If install to /opt/sina):
Apache dir: /opt/sina/apache/
Webpages dir: /opt/sina/apache/htdocs/
MySQL dir: /opt/sina/mysql/
PHP dir: /opt/sina/php/
The path of some files (If install to /opt/sina):
apachectl: /opt/sina/apache/bin/apachectl
httpd.conf: /opt/sina/apache/conf/httpd.conf
mysql: /opt/sina/mysql/bin/mysql
my.cnf: /etc/my.cnf
php: /opt/sina/php/php
php.ini: /opt/sina/php/etc/php.ini (Before install ZendOptimizer?)
php.ini: /opt/sina/zend/etc/php.ini (After install ZendOptimizer?)
Restart Apache: service httpd restart
Restart MySQL: service mysql restart
更新记录:
2007.01.19 AutoAPM v1.0.5 修正了源码包下载链接
2007.01.15 AutoAPM v1.0.4 第一个公开版本
因工作需要,编写了一个在Linux操作系统下自动从源码包编译安装Apache2.0.59、PHP5.2.1(支持freetype、libpng、jpegsrc、gd、libxml扩展)、MySQL5.0.33、ZendOptimizer3.2.2的bash脚本——AutoAPM,源代码完全公开,可根据自己的需要修改(命令行下tar zxvf autoapm-1.0.4.tar.gz解压缩后,vi autoapm即可)。
脚本前列的基本配置信息说明:
#---------------------config start-------------------------
mysql_tar_gz_name="mysql-5.0.33.tar.gz"
#MySQL的源码压缩包
mysql_source_dir_name="mysql-5.0.33"
#tar zxvf解压MySQL源码压缩包后的默认目录名
mysql_download_url="http://www.vista.ac.cn/autoapm/src/1.0.5/mysql-5.0.33.tar.gz"
#MySQL源码压缩包的下载网址
#---------------------config end---------------------------
使用说明:
在Linux字符界面中用wget http://www.vista.ac.cn/autoapm/down/autoapm-1.0.5.tar.gz下载autoapm压缩包,然后用tar zxvf autoapm-1.0.4.tar.gz解压,最后输入./autoapm执行即可。
接下来会提示要您选择源码包来源,如果当前目录中有相应的源码包,可选择Current directory.,如果没有,可选择Download from Internet.,脚本会根据配置信息中的下载地址自动下载源码包并编译安装。编译安装的时间需要20至50分钟。
脚本源码:http://www.vista.ac.cn/autoapm/down/autoapm-1.0.5.src.txt
下载地址:http://www.vista.ac.cn/autoapm/down/autoapm-1.0.5.tar.gz
AutoAPM 1.0.5 for Linux Written by Zhang Yan, SINA Corp., Beijing, China
A tool to auto-compile & install Apache, PHP, MySQL on Linux from sources
For more information please visit http://autoapm.vista.ac.cn
Usage:
[root@sina var]# wget http://www.vista.ac.cn/autoapm/down/autoapm-1.0.5.tar.gz
[root@sina var]# tar zxvf autoapm-1.0.5.tar.gz
[root@sina var]# ./autoapm
The path of some dirs (If install to /opt/sina):
Apache dir: /opt/sina/apache/
Webpages dir: /opt/sina/apache/htdocs/
MySQL dir: /opt/sina/mysql/
PHP dir: /opt/sina/php/
The path of some files (If install to /opt/sina):
apachectl: /opt/sina/apache/bin/apachectl
httpd.conf: /opt/sina/apache/conf/httpd.conf
mysql: /opt/sina/mysql/bin/mysql
my.cnf: /etc/my.cnf
php: /opt/sina/php/php
php.ini: /opt/sina/php/etc/php.ini (Before install ZendOptimizer?)
php.ini: /opt/sina/zend/etc/php.ini (After install ZendOptimizer?)
Restart Apache: service httpd restart
Restart MySQL: service mysql restart
更新记录:
2007.01.19 AutoAPM v1.0.5 修正了源码包下载链接
2007.01.15 AutoAPM v1.0.4 第一个公开版本
Apr
27
使用MySQL,安全问题不能不注意。以下是MySQL提示的23个注意事项:
1.如果客户端和服务器端的连接需要跨越并通过不可信任的网络,那么就需要使用SSH隧道来加密该连接的通信。
2.用set password语句来修改用户的密码,三个步骤,先“mysql -u root”登陆数据库系统,然后“mysql> update mysql.user set password=password(‘newpwd’)”,最后执行“flush privileges”就可以了。
3.需要提防的攻击有,防偷听、篡改、回放、拒绝服务等,不涉及可用性和容错方面。对所有的连接、查询、其他操作使用基于ACL即访问控制列表的安全措施来完成。也有一些对SSL连接的支持。
4.除了root用户外的其他任何用户不允许访问mysql主数据库中的user表;
加密后存放在user表中的加密后的用户密码一旦泄露,其他人可以随意用该用户名/密码相应的数据库;
5.用grant和revoke语句来进行用户访问控制的工作;
6.不使用明文密码,而是使用md5()和sha1()等单向的哈系函数来设置密码;
7.不选用字典中的字来做密码;
8.采用防火墙来去掉50%的外部危险,让数据库系统躲在防火墙后面工作,或放置在DMZ区域中;
9.从因特网上用nmap来扫描3306端口,也可用telnet server_host 3306的方法测试,不能允许从非信任网络中访问数据库服务器的3306号TCP端口,因此需要在防火墙或路由器上做设定;
10.为了防止被恶意传入非法参数,例如where ID=234,别人却输入where ID=234 or 1=1导致全部显示,所以在web的表单中使用”或”"来用字符串,在动态URL中加入%22代表双引号、%23代表井号、%27代表单引号;传递未检查过的值给mysql数据库是非常危险的;
11.在传递数据给mysql时检查一下大小;
12.应用程序需要连接到数据库应该使用一般的用户帐号,只开放少数必要的权限给该用户;
13.在各编程接口(C C++ PHP Perl Java JDBC等)中使用特定‘逃脱字符’函数;
在因特网上使用mysql数据库时一定少用传输明文的数据,而用SSL和SSH的加密方式数据来传输;
14.学会使用tcpdump和strings工具来查看传输数据的安全性,例如tcpdump -l -i eth0 -w -src or dst port 3306 | strings。以普通用户来启动mysql数据库服务;
15.不使用到表的联结符号,选用的参数 –skip-symbolic-links;
16.确信在mysql目录中只有启动数据库服务的用户才可以对文件有读和写的权限;
17.不许将process或super权限付给非管理用户,该mysqladmin processlist可以列举出当前执行的查询文本;super权限可用于切断客户端连接、改变服务器运行参数状态、控制拷贝复制数据库的服务器;
18.file权限不付给管理员以外的用户,防止出现load data ‘/etc/passwd’到表中再用select 显示出来的问题;
19.如果不相信DNS服务公司的服务,可以在主机名称允许表中只设置IP数字地址;
20.使用max_user_connections变量来使mysqld服务进程,对一个指定帐户限定连接数;
21.grant语句也支持资源控制选项;
22.启动mysqld服务进程的安全选项开关,–local-infile=0或1 若是0则客户端程序就无法使用local load data了,赋权的一个例子grant insert(user) on mysql.user to ‘user_name’@'host_name’;若使用–skip-grant-tables系统将对任何用户的访问不做任何访问控制,但可以用mysqladmin flush-privileges或mysqladmin reload来开启访问控制;默认情况是show databases语句对所有用户开放,可以用–skip-show-databases来关闭掉。
23.碰到Error 1045(28000) Access Denied for user ‘root’@'localhost’ (Using password:NO)错误时,你需要重新设置密码,具体方法是:先用–skip-grant-tables参数启动mysqld,然后执行mysql -u root mysql,mysql>update user set password=password(‘newpassword’) where user=’root’;mysql>Flush privileges;,最后重新启动mysql就可以了。
1.如果客户端和服务器端的连接需要跨越并通过不可信任的网络,那么就需要使用SSH隧道来加密该连接的通信。
2.用set password语句来修改用户的密码,三个步骤,先“mysql -u root”登陆数据库系统,然后“mysql> update mysql.user set password=password(‘newpwd’)”,最后执行“flush privileges”就可以了。
3.需要提防的攻击有,防偷听、篡改、回放、拒绝服务等,不涉及可用性和容错方面。对所有的连接、查询、其他操作使用基于ACL即访问控制列表的安全措施来完成。也有一些对SSL连接的支持。
4.除了root用户外的其他任何用户不允许访问mysql主数据库中的user表;
加密后存放在user表中的加密后的用户密码一旦泄露,其他人可以随意用该用户名/密码相应的数据库;
5.用grant和revoke语句来进行用户访问控制的工作;
6.不使用明文密码,而是使用md5()和sha1()等单向的哈系函数来设置密码;
7.不选用字典中的字来做密码;
8.采用防火墙来去掉50%的外部危险,让数据库系统躲在防火墙后面工作,或放置在DMZ区域中;
9.从因特网上用nmap来扫描3306端口,也可用telnet server_host 3306的方法测试,不能允许从非信任网络中访问数据库服务器的3306号TCP端口,因此需要在防火墙或路由器上做设定;
10.为了防止被恶意传入非法参数,例如where ID=234,别人却输入where ID=234 or 1=1导致全部显示,所以在web的表单中使用”或”"来用字符串,在动态URL中加入%22代表双引号、%23代表井号、%27代表单引号;传递未检查过的值给mysql数据库是非常危险的;
11.在传递数据给mysql时检查一下大小;
12.应用程序需要连接到数据库应该使用一般的用户帐号,只开放少数必要的权限给该用户;
13.在各编程接口(C C++ PHP Perl Java JDBC等)中使用特定‘逃脱字符’函数;
在因特网上使用mysql数据库时一定少用传输明文的数据,而用SSL和SSH的加密方式数据来传输;
14.学会使用tcpdump和strings工具来查看传输数据的安全性,例如tcpdump -l -i eth0 -w -src or dst port 3306 | strings。以普通用户来启动mysql数据库服务;
15.不使用到表的联结符号,选用的参数 –skip-symbolic-links;
16.确信在mysql目录中只有启动数据库服务的用户才可以对文件有读和写的权限;
17.不许将process或super权限付给非管理用户,该mysqladmin processlist可以列举出当前执行的查询文本;super权限可用于切断客户端连接、改变服务器运行参数状态、控制拷贝复制数据库的服务器;
18.file权限不付给管理员以外的用户,防止出现load data ‘/etc/passwd’到表中再用select 显示出来的问题;
19.如果不相信DNS服务公司的服务,可以在主机名称允许表中只设置IP数字地址;
20.使用max_user_connections变量来使mysqld服务进程,对一个指定帐户限定连接数;
21.grant语句也支持资源控制选项;
22.启动mysqld服务进程的安全选项开关,–local-infile=0或1 若是0则客户端程序就无法使用local load data了,赋权的一个例子grant insert(user) on mysql.user to ‘user_name’@'host_name’;若使用–skip-grant-tables系统将对任何用户的访问不做任何访问控制,但可以用mysqladmin flush-privileges或mysqladmin reload来开启访问控制;默认情况是show databases语句对所有用户开放,可以用–skip-show-databases来关闭掉。
23.碰到Error 1045(28000) Access Denied for user ‘root’@'localhost’ (Using password:NO)错误时,你需要重新设置密码,具体方法是:先用–skip-grant-tables参数启动mysqld,然后执行mysql -u root mysql,mysql>update user set password=password(‘newpassword’) where user=’root’;mysql>Flush privileges;,最后重新启动mysql就可以了。
