Java LAMP How-To Part 2
Build and Install MySQL
First, we will create the group and user that owns MySQL. For security purposes, we do not want MySQL running as the root user on the system. To be able to easily identify MySQL processes in top or a ps listing, we will make a user and group named mysql:
groupadd mysql
useradd -g mysql -c "MySQL Server" mysql |
If you get any messages about the group or user already existing, that's fine. The goal is just to make sure we have them on the system.
| Tech Note: What the useradd command is doing is creating a user mysql in the group mysql with the "name" of MySQL Server. This way when it's showed in various user and process watching apps, you'll be able to tell what it is right away. |
Now we will change the working directory to where the source code is, change the file 'ownership' for these source code directories and start building the compiled applications.
The configure command has many options you can specify. I have listed the ones we used in our build. If you would like to see others, do:
| ./configure --help | less |
... to see them all. Read the documentation on the MySQL website for a more detailed explanation of each option.
|
cd /usr/local/src/mysql-4.1.21
chown -R root.root *
make clean
./configure --prefix=/usr/local/mysql --localstatedir=/usr/local/mysql/data --disable-maintainer-mode --with-mysqld-user=mysql --with-unix-socket-path=/tmp/mysql.sock --without-comment --without-debug --without-bench |
Now comes the long part, where the source code is actually compiled and then installed. Plan to get some coffee or take a break while this step runs. It could be 10-15 minutes or more, depending on your system's free memory, load average, etc.
Some people like to combine the two commands above with make && make install but I am not so trustful.
Configure MySQL
MySQL is installed but we have a few more steps until it's actually done and ready to start using. First, run the script which actually sets up MySQL's internal database (named, oddly enough, mysql).
| /usr/local/mysql/bin/mysql_install_db |
|
The following is the results from this command:
[root@localhost mysql-4.1.21]# /usr/local/mysql/bin/mysql_install_db
Installing all prepared tables
Fill help tables
To start mysqld at boot time you have to copy support-files/mysql.server
to the right place for your system
PLEASE REMEMBER TO SET A PASSWORD FOR THE MySQL root USER !
To do so, start the server, then issue the following commands:
/usr/local/mysql/bin/mysqladmin -u root password 'new-password'
/usr/local/mysql/bin/mysqladmin -u root -h localhost.localdomain password 'new-password'
See the manual for more instructions.
You can start the MySQL daemon with:
cd /usr/local/mysql ; /usr/local/mysql/bin/mysqld_safe &
You can test the MySQL daemon with the benchmarks in the 'sql-bench' directory:
cd sql-bench ; perl run-all-tests
Please report any problems with the /usr/local/mysql/bin/mysqlbug script!
|
Next, we want to set the proper ownership for the MySQL directories and data files, so that only MySQL (and root) can do anything with them.
|
chown -R root:mysql /usr/local/mysql
chown -R mysql:mysql /usr/local/mysql/data |
In order for MySQL to start up at boot time, a configuration file must be installed under the /etc folder. Copy one of the default configuration files for the expected size of your database (small, medium, large, huge), and set the owner of the file to the root user and change the file properties for security.
|
cp support-files/my-medium.cnf /etc/my.cnf
chown root:sys /etc/my.cnf
chmod 644 /etc/my.cnf |
If you get an error message about the data directory not existing, or some other failure, something went wrong in the mysql_install_db step above. Go back and review that and make sure you did not get some sort of error message when you ran it, etc.
Now we have to tell the system where to find some of the dynamic libraries that MySQL will need to run. We use dynamic libraries instead of static to keep the memory usage of the MySQL program itself to a minimum.
|
echo "/usr/local/mysql/lib/mysql" >> /etc/ld.so.conf
ldconfig |
| TECHSNIP: Applications in Linux are linked to an external function in one of two ways: either statically linked at build time, with static libraries (lib*.a) and having the library code include in the application's executable file, or dynamically linked at runtime with shared libraries (lib*.so). The dynamic libraries are mapped into the application execution memory by the dynamic linking loader. Before the application is started, the dynamic linking loader maps the required shared object libraries into the application's memory or uses system shared objects and resolves the required external references for the application. |
Now the application is ready to run. Lets create a startup script, which enables MySQL auto-start each time your server is restarted.
|
cp ./support-files/mysql.server /etc/rc.d/init.d/mysql
chmod +x /etc/rc.d/init.d/mysql
/sbin/chkconfig --level 3 mysql on (creates the sym link in /etc/rc.d/rc3.d) |
Its handy to set up symlinks for all the MySQL binaries, so they can be run from anyplace without having to include/specify long paths, etc.
|
cd /usr/local/mysql/bin
for file in *; do ln -s /usr/local/mysql/bin/$file /usr/bin/$file; done |
|
TECHSNIP: /usr/bin is a directory in the path where applications are generally loaded. We provided a symbolic link rather than copying the native files there to save disk space and if we ever upgrade these apps in the future to their native location they are automatically available. |
MySQL Security Issues
IF we assume that only applications on the same server will be allowed to access the database (i.e., not a program running on a physically separate server), then we should tell MySQL not to even listen on port 3306 for TCP connections like it does by default. Edit /etc/my.cnf and uncomment the line:
Start MySQL
First, test the linked copy of the startup script in the normal server runlevel start directory, to make sure the symlink was properly set up:
|
cd ~
/etc/rc.d/rc3.d/S64mysql start |
|
TECHSNIP:
cd ~ (changed me to my home directory of /root)
/etc/rc.d/rc3.d/S64mysql start (check your /etc/rc.d/rc3.d directory for the correct symlink) |
If you ever want to manually start or stop the MySQL server, use these commands:
|
/etc/rc.d/init.d/mysql start
/etc/rc.d/init.d/mysql stop |
Let's "test" the install to see what version of MySQL we're running now:
|
mysqladmin version
[root@localhost ~]# mysqladmin version
mysqladmin Ver 8.41 Distrib 4.1.21, for pc-linux-gnu on i686
Copyright (C) 2000 MySQL AB & MySQL Finland AB & TCX DataKonsult AB
This software comes with ABSOLUTELY NO WARRANTY. This is free software,
and you are welcome to modify and redistribute it under the GPL license
Server version 4.1.21-log
Protocol version 10
Connection Localhost via UNIX socket
UNIX socket /tmp/mysql.sock
Uptime: 30 sec
Threads: 1 Questions: 1 Slow queries: 0 Opens: 11 Flush tables: 1 Open tables: 5 Queries per second avg: 0.033
[root@localhost ~]# |
|
Now we'll set a password for the MySQL root user (note that the MySQL root user is not the same as the system root user, and definitely should not have the same password as the system root user!).
| mysqladmin -u root password new-password |
You're done! MySQL is now installed and running on your server. It is highly recommended that you read about MySQL security and lock down your server as much as possible. The MySQL site has info at
http://www.mysql.com/doc/en/Privilege_system.html.
Test MySQL
To run a quick test, use the command line program mysql:
and enter your new root user password when prompted. You will then see the MySQL prompt:
First, create a new database:
You should see the result:
|
Query OK, 1 row affected (0.04 sec)
|
Delete the database:
You should see the result:
|
Query OK, 0 rows affected (0.06 sec)
mysql> |
To exit from mysql enter:
