{"id":3090,"date":"2013-05-27T20:20:38","date_gmt":"2013-05-27T20:20:38","guid":{"rendered":"http:\/\/blog.shineservers.com\/?p=149"},"modified":"2013-05-27T20:20:38","modified_gmt":"2013-05-27T20:20:38","slug":"centos-6-mysql-server-phpmyadmin","status":"publish","type":"post","link":"https:\/\/www.shineservers.com\/2013\/05\/27\/centos-6-mysql-server-phpmyadmin\/","title":{"rendered":"CentOS 6 – MySQL Server & PHPMyAdmin"},"content":{"rendered":"

Install and Configure<\/h2>\n

Notes<\/h3>\n

If you already have MySQL installed from the yum repositories, then you won’t be able to follow this guide as your MySQL version is too old. Please see\u00a0[here]<\/a>\u00a0which may be able to help you (untested).<\/p>\n

Environment<\/h3>\n

Fresh install of\u00a0CentOS-6.3-x86_64-minimal<\/a>\u00a0with the latest updates\u00a0yum update -y<\/code><\/p>\n

\n
# uname -sro\nLinux 2.6.32-279.22.1.el6.x86_64 GNU\/Linux<\/pre>\n<\/blockquote>\n
I have also disabled SELINUX. Please see\u00a0[here]<\/a>\u00a0for a guide.<\/p>\n
Prerequisites<\/h3>\n
Additional Repositories<\/h4>\n
Nb. You can check for the latest EPEL repository from\u00a0http:\/\/mirror.datacenter.by\/pub\/fedoraproject.org\/epel\/6\/x86_64\/repoview\/epel-release.html<\/a><\/p>\n
\n
rpm -ivh http:\/\/mirror.datacenter.by\/pub\/fedoraproject.org\/epel\/6\/x86_64\/epel-release-6-8.noarch.rpm rpm -ivh http:\/\/rpms.famillecollet.com\/enterprise\/remi-release-6.rpm<\/div>\n<\/blockquote>\n
Then you need to enable the REMI repository<\/p>\n
nano \/etc\/yum.repos.d\/remi.repo<\/div>\n
\n
[remi]\nenabled=1<\/pre>\n<\/blockquote>\n
Additional Packages<\/h4>\n
I used\u00a0nano<\/strong>\u00a0as the text editor, but you can just as easily use\u00a0vi<\/strong>\u00a0if you are familiar with it.<\/p>\n
\n
yum install -y wget nano perl<\/div>\n<\/blockquote>\n
Configure Firewall<\/h4>\n
nano \/etc\/sysconfig\/iptables<\/div>\n
Make sure you add any other rules you are using which aren’t listed here.<\/em><\/p>\n
\n
*filter\n:INPUT ACCEPT [0:0]\n:FORWARD ACCEPT [0:0]\n:OUTPUT ACCEPT [0:0]\n-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT\n-A INPUT -p icmp -j ACCEPT\n-A INPUT -i lo -j ACCEPT\n-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT\n\n-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT\n-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT\n\n# Uncomment the following line to allow direct remote access to your mysql server, \n# changing -s 192.168.0.0\/16 to your own network or remove it to allow access from anywhere\n# This has serious security implications so only do it if you know what you're doing\n#-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT -s 192.168.0.0\/16\n\n-A INPUT -j REJECT --reject-with icmp-host-prohibited\n-A FORWARD -j REJECT --reject-with icmp-host-prohibited\nCOMMIT<\/pre>\n<\/blockquote>\n
service iptables restart<\/strong><\/div>\n
Create SSL Certificates<\/h4>\n
\n
mkdir \/etc\/ssl\/certs\/mysql
\nopenssl req -new -nodes -x509 -keyout \/etc\/ssl\/certs\/ca-cert.pem -out \/etc\/ssl\/certs\/ca-cert.pem -days 3650
\nopenssl req -new -nodes -days 3650 -keyout \/etc\/ssl\/certs\/mysql\/server-key.pem -out \/etc\/ssl\/certs\/mysql\/server-req.pem openssl rsa -in \/etc\/ssl\/certs\/mysql\/server-key.pem -out \/etc\/ssl\/certs\/mysql\/server-key.pem openssl x509 -req -in \/etc\/ssl\/certs\/mysql\/server-req.pem -CA \/etc\/ssl\/certs\/ca-cert.pem -CAcreateserial -days 3650 -out \/etc\/ssl\/certs\/mysql\/server-cert.pem
\nopenssl req -new -nodes -days 3650 -keyout \/etc\/ssl\/certs\/mysql\/client-key.pem -out \/etc\/ssl\/certs\/mysql\/client-req.pem openssl rsa -in \/etc\/ssl\/certs\/mysql\/client-key.pem -out \/etc\/ssl\/certs\/mysql\/client-key.pem openssl x509 -req -in \/etc\/ssl\/certs\/mysql\/client-req.pem -CA \/etc\/ssl\/certs\/ca-cert.pem -CAcreateserial -days 3650 -out \/etc\/ssl\/certs\/mysql\/client-cert.pem<\/div>\n<\/blockquote>\n
Example of what to fill in but input your own answers.<\/p>\n
Country Name (2 letter code)<\/a> [XX]:IM\nState or Province Name (full name) []:Isle of Man\nLocality Name (eg, city) [Default City]:Colby\nOrganization Name (eg, company) [Default Company Ltd]:ITManx Ltd\nOrganizational Unit Name (eg, section) []:ICT\nCommon Name (eg, your name or your server's hostname) []:secure.itmanx.com\nEmail Address []:support@itmanx.com\n\n* You will get asked the following on the server and client certificates created. Leave these blank!\nA challenge password []:\nAn optional company name []:<\/pre>\n
You can test the certificate is ok by typing<\/p>\n
openssl verify -CAfile \/etc\/ssl\/certs\/ca-cert.pem \/etc\/ssl\/certs\/mysql\/server-cert.pem \/etc\/ssl\/certs\/mysql\/client-cert.pem<\/div>\n
\n
\/etc\/ssl\/certs\/mysql\/server-cert.pem: OK\n\/etc\/ssl\/certs\/mysql\/client-cert.pem: OK<\/pre>\n<\/blockquote>\n
Install<\/h3>\n
MySQL<\/h4>\n
At the time of writing, the version of MySQL in the CentOS yum repositories was version 5.1 which is near\u00a0EOL<\/abbr>\u00a0so don’t use it unless you have to.<\/p>\n
If you would prefer to have the latest version of MySQL, then see the note below instead<\/p>\n
\n
yum install -y mysql mysql-server<\/div>\n<\/blockquote>\n
Note:<\/strong>\u00a0To install the latest version of MySQL, you can get the latest version of MySQL from\u00a0http:\/\/dev.mysql.com\/downloads\/mysql\/#downloads<\/a>(select Red Hat Linux 6) and note you need Server, Client and Compatibility Libraries<\/p>\n
\n
rpm -ivf http:\/\/dev.mysql.com\/get\/Downloads\/MySQL-5.6\/MySQL-server-5.6.10-1.el6.x86_64.rpm\/from\/http:\/\/cdn.mysql.com\/ rpm -ivf http:\/\/dev.mysql.com\/get\/Downloads\/MySQL-5.6\/MySQL-client-5.6.10-1.el6.x86_64.rpm\/from\/http:\/\/cdn.mysql.com\/ rpm -ivf http:\/\/dev.mysql.com\/get\/Downloads\/MySQL-5.6\/MySQL-shared-compat-5.6.10-1.el6.x86_64.rpm\/from\/http:\/\/cdn.mysql.com\/<\/div>\n<\/blockquote>\n
The installation creates a random root password which you can see in\u00a0\/root\/.mysql_secret<\/strong><\/p>\n
mv \/usr\/my.cnf \/usr\/my.cnf.original nano \/usr\/my.cnf<\/div>\n
\n
[client]\nssl_ca=\/etc\/pki\/tls\/certs\/ca-cert.pem\nssl_cert=\/etc\/pki\/tls\/certs\/mysql\/client-cert.pem\nssl_key=\/etc\/pki\/tls\/certs\/mysql\/client-key.pem\n\n[mysqld]\n# Set to the amount of RAM for the most important data cache in MySQL.\n# Start at 70% of total RAM for dedicated server, else 10%.\ninnodb_buffer_pool_size = 128M\n\ndatadir=\/var\/lib\/mysql\nsocket=\/var\/lib\/mysql\/mysql.sock\n\nsql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES\n\ncharacter_set_server=utf8\n\nssl_ca=\/etc\/pki\/tls\/certs\/ca-cert.pem\nssl_cert=\/etc\/pki\/tls\/certs\/mysql\/server-cert.pem\nssl_key=\/etc\/pki\/tls\/certs\/mysql\/server-key.pem\n\n[mysqld_safe]\nlog-error=\/var\/log\/mysqld.log\npid-file=\/var\/run\/mysqld\/mysqld.pid<\/pre>\n<\/blockquote>\n
service mysql start<\/div>\n
Take a look at the log file to make sure no start-up errors<\/p>\n
cat \/var\/log\/mysqld.log<\/div>\n
Now grab the pre-set password and login<\/p>\n
\n
cat \/root\/.mysql_secret<\/div>\n
mysql -u root -p ** enter the password from \/root\/.mysql_secret<\/div>\n<\/blockquote>\n
Change\u00a0mypassword<\/strong>\u00a0to your own password. The password should be at least 10 characters. You can generate a password\u00a0[here]<\/a>.<\/p>\n
\n
SET PASSWORD FOR 'root'@'127.0.0.1' = PASSWORD('mypassword');\nSET PASSWORD FOR 'root'@'::1' = PASSWORD('mypassword');\nSET PASSWORD FOR 'root'@'localhost' = PASSWORD('mypassword');\nDROP DATABASE test;\nquit<\/pre>\n<\/blockquote>\n
phpMyAdmin<\/h4>\n
\n
yum install -y httpd mod_ssl php php-mysql php-mcrypt php-mbstring php-gd<\/div>\n<\/blockquote>\n
You can get the latest version from\u00a0http:\/\/www.phpmyadmin.net\/home_page\/downloads.php<\/a><\/p>\n
\n
cd \/var\/www\/html wget http:\/\/sourceforge.net\/projects\/phpmyadmin\/files\/phpMyAdmin\/3.5.7\/phpMyAdmin-3.5.7-all-languages.tar.bz2\/download tar -jxvf phpMyAdmin-* rm -f php*.bz2 mv phpMyAdmin-* phpmyadmin cp phpmyadmin\/config.sample.inc.php phpmyadmin\/config.inc.php<\/div>\n
nano \/etc\/httpd\/conf.d\/phpmyadmin.conf<\/div>\n<\/blockquote>\n
Alias \/phpmyadmin \/var\/www\/html\/phpmyadmin\n\n<Directory \/var\/www\/html\/phpmyadmin>\n Options -Indexes\n<\/Directory>\n\n<Directory \/var\/www\/html\/phpmyadmin\/setup>\n Order Deny,Allow\n Deny from All\n<\/Directory>\n\n<Directory \/var\/www\/html\/phpmyadmin\/libraries>\n Order Deny,Allow\n Deny from All\n<\/Directory><\/pre>\n
nano \/var\/www\/html\/phpmyadmin\/config.inc.php<\/div>\n
The password can be up to 46 characters. You can generate a password\u00a0[here]<\/a>.<\/p>\n
\n
$cfg['blowfish_secret'] = '5@#@7ecr39R@musU99GAkE+!ASt63$aB+es3zedu_ep$ey'\t \/* Change to your own password *\/<\/pre>\n<\/blockquote>\n
nano \/etc\/php.ini<\/div>\n
Search for\u00a0date.timezone<\/strong>\u00a0and set it to your timezone. See\u00a0[here]<\/a>\u00a0for a list of timezones.<\/p>\n
\n
date.timezone = UTC<\/div>\n
chkconfig httpd on service httpd start<\/div>\n<\/blockquote>\n
Test<\/h3>\n
Log in to\u00a0https:\/\/webserver\/phpmyadmin\/<\/strong>\u00a0with username\u00a0root<\/strong>\u00a0and the password you set when configuring MySQL earlier.<\/p>\n
Monitor<\/h3>\n
Resources<\/h4>\n
Type\u00a0top<\/strong>\u00a0to view resources or better yet, install htop\u00a0yum install -y htop<\/code>\u00a0and then type\u00a0htop<\/strong>\u00a0(see at the bottom for filter and enter\u00a0mysql<\/strong>)<\/p>\n
Live Queries<\/h4>\n
If you want to log live queries, you can enable logging in the MySQL configuration file.<\/p>\n
 <\/p>\n
BE AWARE THAT THIS WILL LOG EVERY QUERY PASSED TO THE MYSQL SERVER SO WILL QUICKLY CONSUME FREE DISK SPACE AND SLOW PERFORMANCE!<\/p>\n
touch \/var\/log\/mysql.log chown mysql:mysql \/var\/log\/mysql.log<\/div>\n
nano \/usr\/my.cnf<\/div>\n
[mysqld]\n.....\ngeneral_log=1\ngeneral_log_file=\/var\/log\/mysql.log<\/pre>\n
service mysqld reload<\/div>\n
You can then view live queries by typing\u00a0tail -f \/var\/log\/mysql.log<\/code><\/p>\n
System Resource Monitoring<\/h4>\n
Install\u00a0htop<\/strong>\u00a0to see system resource usage<\/p>\n
\n
yum install -y htop<\/div>\n<\/blockquote>\n
Run by typing\u00a0htop<\/code><\/p>\n
 <\/p>\n
Reference<\/h3>\n
http:\/\/dev.mysql.com\/doc\/refman\/5.6\/en\/linux-installation-rpm.html<\/a><\/p>\n
http:\/\/dev.mysql.com\/doc\/refman\/5.6\/en\/creating-ssl-certs.html<\/a><\/p>\n
http:\/\/www.openssl.org\/docs\/apps\/req.html<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
Install and Configure Notes If you already have MySQL installed from the yum repositories, then you won’t be able to follow this guide as your MySQL version is too old. Please see\u00a0[here]\u00a0which may be able to help you (untested). Environment Fresh install of\u00a0CentOS-6.3-x86_64-minimal\u00a0with the latest updates\u00a0yum update -y # uname -sro Linux 2.6.32-279.22.1.el6.x86_64 GNU\/Linux I […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[60],"tags":[79],"class_list":["post-3090","post","type-post","status-publish","format-standard","hentry","category-linux","tag-mysql-server-install-centos"],"acf":[],"aioseo_notices":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.shineservers.com\/wp-json\/wp\/v2\/posts\/3090","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.shineservers.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.shineservers.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.shineservers.com\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.shineservers.com\/wp-json\/wp\/v2\/comments?post=3090"}],"version-history":[{"count":0,"href":"https:\/\/www.shineservers.com\/wp-json\/wp\/v2\/posts\/3090\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.shineservers.com\/wp-json\/wp\/v2\/media?parent=3090"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.shineservers.com\/wp-json\/wp\/v2\/categories?post=3090"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.shineservers.com\/wp-json\/wp\/v2\/tags?post=3090"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}