1.背景
由于客户进行等保漏扫和渗透,生成环境mysql数据库被扫描出了 高危漏洞。
如图:部分漏洞
查看漏洞详细信息,建议升级到指定版本解决:
说明:
本文仅适合使用当前数据库为 RPM 安装方式
2.升级前准备
查看环境当前版本:
查看系统版本:
# cat /etc/redhat-release
CentOS Linux release 7.9.2009 (Core)
查看mysql版本:
# mysql -V
mysql Ver 14.14 Distrib 5.7.32, for Linux (x86_64) using EditLine wrapper
mysql数据备份:
mysql备份所有数据库:
# mysqldump -u your_username -pyour_password --single-transaction --all-databases > backup20240426.sql
备份mysql数据目录:
# cp -r /var/lib/mysql mysql20240426
mysql配置文件备份:
备份mysql配置文件my.cnf
# cp -r /etc/my.cnf my.cnf20240426
下载软件包:
链接: 官方下载地址
为了方便,直接下载完整的tar包:
https://downloads.mysql.com/archives/get/p/23/file/mysql-5.7.44-1.el7.x86_64.rpm-bundle.tar
3.升级操作
停止数据库服务:
命令操作:
# systemctl stop mysqld
按照如下顺序升级安装mysql:
命令操作:
# rpm -Uvh mysql-community-common-5.7.44-1.el7.x86_64.rpm --nodeps
warning: mysql-community-common-5.7.44-1.el7.x86_64.rpm: Header V4 RSA/SHA256 Signature, key ID 3a79bd29: NOKEY
Preparing... ################################# [100%]
Updating / installing...
1:mysql-community-common-5.7.44-1.e################################# [ 50%]
Cleaning up / removing...
2:mysql-community-common-5.7.32-1.e################################# [100%]# rpm -Uvh mysql-community-libs-5.7.44-1.el7.x86_64.rpm --nodeps
warning: mysql-community-libs-5.7.44-1.el7.x86_64.rpm: Header V4 RSA/SHA256 Signature, key ID 3a79bd29: NOKEY
Preparing... ################################# [100%]
Updating / installing...
1:mysql-community-libs-5.7.44-1.el7################################# [ 50%]
Cleaning up / removing...
2:mysql-community-libs-5.7.32-1.el7################################# [100%]# rpm -Uvh mysql-community-client-5.7.44-1.el7.x86_64.rpm --nodeps
warning: mysql-community-client-5.7.44-1.el7.x86_64.rpm: Header V4 RSA/SHA256 Signature, key ID 3a79bd29: NOKEY
Preparing... ################################# [100%]
Updating / installing...
1:mysql-community-client-5.7.44-1.e################################# [ 50%]
Cleaning up / removing...
2:mysql-community-client-5.7.32-1.e################################# [100%]# rpm -Uvh mysql-community-server-5.7.44-1.el7.x86_64.rpm --nodeps
warning: mysql-community-server-5.7.44-1.el7.x86_64.rpm: Header V4 RSA/SHA256 Signature, key ID 3a79bd29: NOKEY
Preparing... ################################# [100%]
Updating / installing...
1:mysql-community-server-5.7.44-1.e################################# [ 50%]
Cleaning up / removing...
2:mysql-community-server-5.7.32-1.e################################# [100%]
注意:
如果先更新server,可能会出现缺失依赖问题。
启动mysql服务:
命令操作:
# systemctl start mysqld
升级表结构:
命令操作:
# mysql_upgrade -u you_username -pyou_passsword
mysql_upgrade: [Warning] Using a password on the command line interface can be insecure.
Checking if update is needed.
Checking server version.
Running queries to upgrade MySQL server.
Checking system database.
mysql.columns_priv OK
mysql.db OK
...
Upgrade process completed successfully.
Checking if update is needed.
注意:
此时需要数据库用户名和密码
升级完成后重启mysql服务
命令操作:
# systemctl restart mysqld
4.升级后检查
mysql版本检查:
命令操作:
# mysql -V
mysql Ver 14.14 Distrib 5.7.44, for Linux (x86_64) using EditLine wrapper
随机验证数据库表和数据:
SELECT COUNT(*) AS table_count FROM information_schema.tables WHERE table_schema ='database_name';
-- 已知结果:42
select count(*) from database_name.table_name;
-- 已知结果: 41
SELECT COUNT(*) AS table_count FROM information_schema.tables WHERE table_schema ='database_name';
-- 已知结果: 93select count(*) from database_name.table_name;
-- 已知结果: 40
SELECT COUNT(*) AS table_count FROM information_schema.tables WHERE table_schema ='database_name';
-- 已知结果:50
select count(*) from database_name.table_name;
-- 已知结果:55
说明:
通过验证升级后数据正常,本次mysql升级成功。
版权归原作者 闫利朋 所有, 如有侵权,请联系我们删除。