4.4.2 mysql_install_db — Initialize MySQL Data Directory (original) (raw)

4.4.2 mysql_install_db — Initialize MySQL Data Directory

mysql_install_db handles initialization tasks that must be performed before the MySQL server,mysqld, is ready to use:

• It initializes the MySQL data directory and creates the system tables that it contains.
• It initializes thesystem tablespace and related data structures needed to manage InnoDB tables.
• It loads the server-side help tables.
• It installs the sys schema.
• It creates an administrative account. Older versions ofmysql_install_db may create anonymous-user accounts.

Secure-by-Default Deployment

Current versions of mysql_install_db produce a MySQL deployment that is secure by default, with these characteristics:

• A single administrative account named'root'@'localhost' is created with a randomly generated password, which is marked expired.
• No anonymous-user accounts are created.
• No test database accessible by all users is created.
• --admin-_`xxx`_ options are available to control characteristics of the administrative account.
• The--random-password-file option is available to control where the random password is written.
• The --insecure option is available to suppress random password generation.

If mysql_install_db generates a random administative password, it writes the password to a file and displays the file name. The password entry includes a timestamp to indicate when it was written. By default, the file is.mysql_secret in the home directory of the effective user running the script..mysql_secret is created with mode 600 to be accessible only to the operating system user for whom it is created.

Important

When mysql_install_db generates a random password for the administrative account, it is necessary aftermysql_install_db has been run to start the server, connect using the administrative account with the password written to the .mysql_secret file, and specify a new administrative password. Until this is done, the administrative account cannot be used for anything else. To change the password, you can use theSET PASSWORD statement (for example, with the mysql ormysqladmin client). After resetting the password, remove the .mysql_secret file; otherwise, if you runmysql_secure_installation, that command may see the file and expire the root password again as part of ensuring secure deployment.

Invocation Syntax

Change location to the MySQL installation directory and use this invocation syntax:

bin/mysql_install_db --datadir=path/to/datadir [other_options]

The --datadir option is mandatory. mysql_install_db creates the data directory, which must not already exist:

• If the data directory does already exist, you are performing an upgrade operation (not an install operation) and should run mysql_upgrade, notmysql_install_db. SeeSection 4.4.7, “mysql_upgrade — Check and Upgrade MySQL Tables”.
• If the data directory does not exist butmysql_install_db fails, you must remove any partially created data directory before runningmysql_install_db again.

Because the MySQL server, mysqld, must access the data directory when it runs later, you should either runmysql_install_db from the same system account used for running mysqld, or run it asroot and specify the--user option to indicate the user name that mysqld runs under. It might be necessary to specify other options such as--basedir ifmysql_install_db does not use the correct location for the installation directory. For example:

bin/mysql_install_db --user=mysql \
    --basedir=/opt/mysql/mysql \
    --datadir=/opt/mysql/mysql/data

Note

If you have set a custom TMPDIR environment variable when performing the installation, and the specified directory is not accessible,mysql_install_db may fail. If so, unsetTMPDIR or set TMPDIR to point to the system temporary directory (usually/tmp).

Administrative Account Creation

mysql_install_db creates an administrative account named 'root'@'localhost' by default.

mysql_install_db provides options that enable you to control several aspects of the administrative account:

• To change the user or host parts of the account name, use--login-path, or--admin-user and--admin-host.
• --insecure suppresses generation of a random password.
• --admin-auth-plugin specifies the authentication plugin.
• --admin-require-ssl specifies whether the account must use SSL connections.

For more information, see the descriptions of those options.

mysql_install_db assignsmysql.user system table rows a nonemptyplugin column value to set the authentication plugin. The default value ismysql_native_password. The value can be changed using the--admin-auth-plugin option.

Default my.cnf File

mysql_install_db creates no defaultmy.cnf file.

Note

As of MySQL 5.7.18, my-default.cnf is no longer included in or installed by distribution packages.

With one exception, the settings in the default option file are commented and have no effect. The exception is that the file sets the sql_mode system variable toNO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES. This setting produces a server configuration that results in errors rather than warnings for bad data in operations that modify transactional tables. See Section 5.1.10, “Server SQL Modes”.

Command Options

mysql_install_db supports the following options, which can be specified on the command line or in the[mysql_install_db] group of an option file. For information about option files used by MySQL programs, seeSection 4.2.2.2, “Using Option Files”.

• --help,-?

  Command-Line Format	--help
  Display a help message and exit.

• --admin-auth-plugin=plugin_name

  Command-Line Format	--admin-auth-plugin=plugin_name
  Type	String
  The authentication plugin to use for the administrative account. The default ismysql_native_password.

• --admin-host=host_name

  Command-Line Format	--admin-host=host_name
  Type	String
  The host part to use for the adminstrative account name. The default is localhost. This option is ignored if--login-path is also specified.

• --admin-require-ssl

  Command-Line Format	--admin-require-ssl
  Type	Boolean
  Default Value	FALSE
  Whether to require SSL for the administrative account. The default is not to require it. With this option enabled, the statement that mysql_install_db uses to create the account includes a REQUIRE SSL clause. As a result, the administrative account must use secure connections when connecting to the server.

• --admin-user=user_name

  Command-Line Format	--admin-user=user_name
  Type	String
  The user part to use for the adminstrative account name. The default is root. This option is ignored if --login-path is also specified.

• --basedir=dir_name

  Command-Line Format	--basedir=dir_name
  Type	Directory name
  The path to the MySQL installation directory.

• --builddir=dir_name

  Command-Line Format	--builddir=dir_name
  Type	Directory name
  For use with--srcdir and out-of-source builds. Set this to the location of the directory where the built files reside.

• --datadir=dir_name

  Command-Line Format	--datadir=dir_name
  Type	Directory name
  The path to the MySQL data directory. Only the last component of the path name is created if it does not exist; the parent directory must already exist or an error occurs.
  Note
  The --datadir option is mandatory and the data directory must not already exist.

• --defaults

  Command-Line Format	--defaults
  Type	Boolean
  Default Value	FALSE
  This option causes mysql_install_db to invoke mysqld in such a way that it reads option files from the default locations. If given as--no-defaults, and--defaults-file or--defaults-extra-file is not also specified, mysql_install_db passes --no-defaults tomysqld, to prevent option files from being read. This may help if program startup fails due to reading unknown options from an option file.

• --defaults-extra-file=file_name

  Command-Line Format	--defaults-extra-file=file_name
  Type	File name
  Read this option file after the global option file but (on Unix) before the user option file. If the file does not exist or is otherwise inaccessible, an error occurs. If_filename_ is not an absolute path name, it is interpreted relative to the current directory.
  This option is passed by mysql_install_db to mysqld.
  For additional information about this and other option-file options, see Section 4.2.2.3, “Command-Line Options that Affect Option-File Handling”.

• --defaults-file=file_name

  Command-Line Format	--defaults-file=file_name
  Type	File name
  Use only the given option file. If the file does not exist or is otherwise inaccessible, an error occurs. If_filename_ is not an absolute path name, it is interpreted relative to the current directory.
  This option is passed by mysql_install_db to mysqld.
  For additional information about this and other option-file options, see Section 4.2.2.3, “Command-Line Options that Affect Option-File Handling”.

• --extra-sql-file=file_name,-f _`filename`_

  Command-Line Format	--extra-sql-file=file_name
  Type	File name
  This option names a file containing additional SQL statements to be executed after the standard bootstrapping statements. Accepted statement syntax in the file is like that of the mysql command-line client, including support for multiple-line C-style comments and delimiter handling to enable definition of stored programs.

• --insecure

  Command-Line Format	--insecure
  Type	Boolean
  Default Value	FALSE
  Do not generate a random password for the adminstrative account.
  If --insecure is_not_ given, it is necessary aftermysql_install_db has been run to start the server, connect using the administrative account with the password written to the.mysql_secret file, and specify a new administrative password. Until this is done, the administrative account cannot be used for anything else. To change the password, you can use theSET PASSWORD statement (for example, with the mysql ormysqladmin client). After resetting the password, remove the .mysql_secret file; otherwise, if you runmysql_secure_installation, that command may see the file and expire the root password again as part of ensuring secure deployment.

• --lc-messages=name

  Command-Line Format	--lc-messages=name
  Type	String
  Default Value	en_US
  The locale to use for error messages. The default isen_US. The argument is converted to a language name and combined with the value of--lc-messages-dir to produce the location for the error message file. SeeSection 10.12, “Setting the Error Message Language”.

• --lc-messages-dir=dir_name

  Command-Line Format	--lc-messages-dir=dir_name
  Type	Directory name
  The directory where error messages are located. The value is used together with the value of--lc-messages to produce the location for the error message file. SeeSection 10.12, “Setting the Error Message Language”.

• --login-file=file_name

  Command-Line Format	--login-file=file_name
  Type	File name
  The file from which to read the login path if the--login-path=file_name option is specified. The default file is.mylogin.cnf.

• --login-path=name

  Command-Line Format	--login-path=name
  Type	String
  Read options from the named login path in the.mylogin.cnf login path file. The default login path is client. (To read a different file, use the--login-file=name option.) A “login path” is an option group containing options that specify which MySQL server to connect to and which account to authenticate as. To create or modify a login path file, use themysql_config_editor utility. SeeSection 4.6.6, “mysql_config_editor — MySQL Configuration Utility”.
  If the --login-path option is specified, the user, host, and password values are taken from the login path and used to create the administrative account. The password must be defined in the login path or an error occurs, unless the--insecure option is also specified. In addition, with--login-path, any--admin-host and--admin-user options are ignored.
  For additional information about this and other option-file options, see Section 4.2.2.3, “Command-Line Options that Affect Option-File Handling”.

• --mysqld-file=file_name

  Command-Line Format	--mysqld-file=file_name
  Type	File name
  The path name of the mysqld binary to execute. The option value must be an absolute path name or an error occurs.
  If this option is not given,mysql_install_db searches formysqld in these locations:

  • In the bin directory under the--basedir option value, if that option was given.
  • In the bin directory under the--srcdir option value, if that option was given.
  • In the bin directory under the--builddir option value, if that option was given.
  • In the local directory and in thebin and sbin directories under the local directory.
  • In /usr/bin,/usr/sbin,/usr/local/bin,/usr/local/sbin,/opt/local/bin,/opt/local/sbin.
• --no-defaults

  Command-Line Format	--no-defaults
  For behavior of this option, see the description of--defaults.
  For additional information about this and other option-file options, see Section 4.2.2.3, “Command-Line Options that Affect Option-File Handling”.

• --random-password-file=file_name

  Command-Line Format	--random-password-file=file_name
  Type	File name
  The path name of the file in which to write the randomly generated password for the administrative account. The option value must be an absolute path name or an error occurs. The default is$HOME/.mysql_secret.

• --skip-sys-schema

  Command-Line Format	--skip-sys-schema
  Type	Boolean
  Default Value	FALSE
  mysql_install_db installs thesys schema. The--skip-sys-schema option suppresses this behavior.

• --srcdir=dir_name

  Command-Line Format	--srcdir=dir_name
  Type	Directory name
  For internal use. This option specifies the directory under which mysql_install_db looks for support files such as the error message file and the file for populating the help tables.

• --user=user_name,-u _`username`_

  Command-Line Format	--user=user_name
  The system (login) user name to use for runningmysqld. Files and directories created bymysqld are owned by this user. You must be the system root user to use this option. By default, mysqld runs using your current login name; files and directories that it creates are owned by you.

• --verbose,-v

  Command-Line Format	--verbose
  Verbose mode. Print more information about what the program does. You can use this option to see themysqld command thatmysql_install_db invokes to start the server in bootstrap mode.

• --version,-V

  Command-Line Format	--version
  Display version information and exit.