4.4.2 mysql_install_db — Initialize MySQL Data Directory
mysql_install_db is deprecated as of MySQL 5.7.6 because its functionality has been integrated into mysqld, the MySQL server. To initialize a MySQL installation, invoke mysqld with the --initialize or --initialize-insecure option. For more information, see Section 2.10.1, “Initializing the Data Directory”. mysql_install_db will be removed in a future MySQL release.
mysql_install_db handles initialization tasks that must be performed before the MySQL server, mysqld, is ready to use:
It initializes the MySQL data directory and creates the system tables that it contains.
It initializes the system tablespace and related data structures needed to manage
InnoDBtables.It loads the server-side help tables.
It installs the
sysschema.It creates an administrative account. Older versions of mysql_install_db may create anonymous-user accounts.
Secure-by-Default Deployment
Current versions of mysql_install_db produce a MySQL deployment that is secure by default, with these characteristics:
A single administrative account named
'root'@'localhost'is created with a randomly generated password, which is marked expired.No anonymous-user accounts are created.
No
testdatabase accessible by all users is created.--admin-options are available to control characteristics of the administrative account.xxxThe
--random-password-fileoption is available to control where the random password is written.The
--insecureoption is available to suppress random password generation.
If mysql_install_db generates a random administative password, it writes the password to a file and displays the file name. The password entry includes a timestamp to indicate when it was written. By default, the file is .mysql_secret in the home directory of the effective user running the script. .mysql_secret is created with mode 600 to be accessible only to the operating system user for whom it is created.
When mysql_install_db generates a random password for the administrative account, it is necessary after mysql_install_db has been run to start the server, connect using the administrative account with the password written to the .mysql_secret file, and specify a new administrative password. Until this is done, the administrative account cannot be used for anything else. To change the password, you can use the SET PASSWORD statement (for example, with the mysql or mysqladmin client). After resetting the password, remove the .mysql_secret file; otherwise, if you run mysql_secure_installation, that command may see the file and expire the root password again as part of ensuring secure deployment.
Invocation Syntax
Change location to the MySQL installation directory and use this invocation syntax:
shell> bin/mysql_install_db --datadir=path/to/datadir [other_options] The --datadir option is mandatory. mysql_install_db creates the data directory, which must not already exist:
If the data directory does already exist, you are performing an upgrade operation (not an install operation) and should run mysql_upgrade, not mysql_install_db. See Section 4.4.7, “mysql_upgrade — Check and Upgrade MySQL Tables”.
If the data directory does not exist but mysql_install_db fails, you must remove any partially created data directory before running mysql_install_db again.
Because the MySQL server, mysqld, must access the data directory when it runs later, you should either run mysql_install_db from the same system account that will be used for running mysqld, or run it as root and specify the --user option to indicate the user name that mysqld will run as. It might be necessary to specify other options such as --basedir if mysql_install_db does not use the correct location for the installation directory. For example:
shell> bin/mysql_install_db --user=mysql \
--basedir=/opt/mysql/mysql \
--datadir=/opt/mysql/mysql/data After mysql_install_db sets up the InnoDB system tablespace, changes to some tablespace characteristics require setting up a whole new instance. This includes the file name of the first file in the system tablespace and the number of undo logs. If you do not want to use the default values, make sure that the settings for the innodb_data_file_path and innodb_log_file_size configuration parameters are in place in the MySQL configuration file before running mysql_install_db. Also make sure to specify as necessary other parameters that affect the creation and location of InnoDB files, such as innodb_data_home_dir and innodb_log_group_home_dir.
If those options are in your configuration file but that file is not in a location that MySQL reads by default, specify the file location using the --defaults-extra-file option when you run mysql_install_db.
If you have set a custom TMPDIR environment variable when performing the installation, and the specified directory is not accessible, mysql_install_db may fail. If so, unset TMPDIR or set TMPDIR to point to the system temporary directory (usually /tmp).
Administrative Account Creation
mysql_install_db creates an administrative account named 'root'@'localhost' by default.
mysql_install_db provides options that enable you to control several aspects of the administrative account:
To change the user or host parts of the account name, use
--login-path, or--admin-userand--admin-host.--insecuresuppresses generation of a random password.--admin-auth-pluginspecifies the authentication plugin.--admin-require-sslspecifies whether the account must use SSL connections.
For more information, see the descriptions of those options.
mysql_install_db assigns mysql.user system table rows a nonempty plugin column value to set the authentication plugin. The default value is mysql_native_password. The value can be changed using the --admin-auth-plugin option.
Default my.cnf File
mysql_install_db creates no default my.cnf file.
As of MySQL 5.7.18, my-default.cnf is no longer included in or installed by distribution packages.
With one exception, the settings in the default option file are commented and have no effect. The exception is that the file sets the sql_mode system variable to NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES. This setting produces a server configuration that results in errors rather than warnings for bad data in operations that modify transactional tables. See Section 5.1.10, “Server SQL Modes”.
Command Options
mysql_install_db supports the following options, which can be specified on the command line or in the [mysql_install_db] group of an option file. For information about option files used by MySQL programs, see Section 4.2.2.2, “Using Option Files”.
Table 4.7 mysql_install_db Options
| Option Name | Description |
|---|---|
| --admin-auth-plugin | Administrative account authentication plugin |
| --admin-host | Administrative account name host part |
| --admin-require-ssl | Require SSL for administrative account |
| --admin-user | Administrative account name user part |
| --basedir | Path to base directory |
| --builddir | Path to build directory (for out-of-source builds) |
| --datadir | Path to data directory |
| --defaults | Read default option files |
| --defaults-extra-file | Read named option file in addition to usual option files |
| --defaults-file | Read only named option file |
| --extra-sql-file | Optional SQL file to execute during bootstrap |
| --help | Display help message and exit |
| --insecure | Do not generate administrative account random password |
| --lc-messages | Locale for error messages |
| --lc-messages-dir | Directory where error messages are installed |
| --login-file | File to read for login path information |
| --login-path | Read login path options from .mylogin.cnf |
| --mysqld-file | Path to mysqld binary |
| --no-defaults | Read no option files |
| --random-password-file | File in which to write administrative account random password |
| --skip-sys-schema | Do not install or upgrade the sys schema |
| --srcdir | For internal use |
| --user | Operating system user under which to execute mysqld |
| --verbose | Verbose mode |
| --version | Display version information and exit |
--help,-?Display a help message and exit.
--admin-auth-plugin=plugin_nameThe authentication plugin to use for the administrative account. The default is
mysql_native_password.The host part to use for the adminstrative account name. The default is
localhost. This option is ignored if--login-pathis also specified.Whether to require SSL for the administrative account. The default is not to require it. With this option enabled, the statement that mysql_install_db uses to create the account includes a
REQUIRE SSLclause. As a result, the administrative account must use secure connections when connecting to the server.The user part to use for the adminstrative account name. The default is
root. This option is ignored if--login-pathis also specified.The path to the MySQL installation directory.
For use with
--srcdirand out-of-source builds. Set this to the location of the directory where the built files reside.The path to the MySQL data directory. Only the last component of the path name is created if it does not exist; the parent directory must already exist or an error occurs.
NoteThe
--datadiroption is mandatory and the data directory must not already exist.This option causes mysql_install_db to invoke mysqld in such a way that it reads option files from the default locations. If given as
--no-defaults, and--defaults-fileor--defaults-extra-fileis not also specified, mysql_install_db passes--no-defaultsto mysqld, to prevent option files from being read. This may help if program startup fails due to reading unknown options from an option file.--defaults-extra-file=file_nameRead this option file after the global option file but (on Unix) before the user option file. If the file does not exist or is otherwise inaccessible, an error occurs.
file_nameis interpreted relative to the current directory if given as a relative path name rather than a full path name.This option is passed by mysql_install_db to mysqld.
For additional information about this and other option-file options, see Section 4.2.2.3, “Command-Line Options that Affect Option-File Handling”.
Use only the given option file. If the file does not exist or is otherwise inaccessible, an error occurs.
file_nameis interpreted relative to the current directory if given as a relative path name rather than a full path name.This option is passed by mysql_install_db to mysqld.
For additional information about this and other option-file options, see Section 4.2.2.3, “Command-Line Options that Affect Option-File Handling”.
--extra-sql-file=,file_name-ffile_nameThis option names a file containing additional SQL statements to be executed after the standard bootstrapping statements. Accepted statement syntax in the file is like that of the mysql command-line client, including support for multiple-line C-style comments and delimiter handling to enable definition of stored programs.
Do not generate a random password for the adminstrative account.
If
--insecureis not given, it is necessary after mysql_install_db has been run to start the server, connect using the administrative account with the password written to the.mysql_secretfile, and specify a new administrative password. Until this is done, the administrative account cannot be used for anything else. To change the password, you can use theSET PASSWORDstatement (for example, with the mysql or mysqladmin client). After resetting the password, remove the.mysql_secretfile; otherwise, if you run mysql_secure_installation, that command may see the file and expire therootpassword again as part of ensuring secure deployment.The locale to use for error messages. The default is
en_US. The argument is converted to a language name and combined with the value of--lc-messages-dirto produce the location for the error message file. See Section 10.12, “Setting the Error Message Language”.The directory where error messages are located. The value is used together with the value of
--lc-messagesto produce the location for the error message file. See Section 10.12, “Setting the Error Message Language”.The file from which to read the login path if the
--login-path=option is specified. The default file isfile_name.mylogin.cnf.Read options from the named login path in the
.mylogin.cnflogin path file. The default login path isclient. (To read a different file, use the--login-file=option.) A “login path” is an option group containing options that specify which MySQL server to connect to and which account to authenticate as. To create or modify a login path file, use the mysql_config_editor utility. See Section 4.6.6, “mysql_config_editor — MySQL Configuration Utility”.nameIf the
--login-pathoption is specified, the user, host, and password values are taken from the login path and used to create the administrative account. The password must be defined in the login path or an error occurs, unless the--insecureoption is also specified. In addition, with--login-path, any--admin-hostand--admin-useroptions are ignored.For additional information about this and other option-file options, see Section 4.2.2.3, “Command-Line Options that Affect Option-File Handling”.
The path name of the mysqld binary to execute. The option value must be an absolute path name or an error occurs.
If this option is not given, mysql_install_db searches for mysqld in these locations:
In the
bindirectory under the--basediroption value, if that option was given.In the
bindirectory under the--srcdiroption value, if that option was given.In the
bindirectory under the--builddiroption value, if that option was given.In the local directory and in the
binandsbindirectories under the local directory.In
/usr/bin,/usr/sbin,/usr/local/bin,/usr/local/sbin,/opt/local/bin,/opt/local/sbin.
For behavior of this option, see the description of
--defaults.For additional information about this and other option-file options, see Section 4.2.2.3, “Command-Line Options that Affect Option-File Handling”.
--random-password-file=file_nameThe path name of the file in which to write the randomly generated password for the administrative account. The option value must be an absolute path name or an error occurs. The default is
$HOME/.mysql_secret.mysql_install_db installs the
sysschema. The--skip-sys-schemaoption suppresses this behavior.For internal use. This option specifies the directory under which mysql_install_db looks for support files such as the error message file and the file for populating the help tables.
--user=,user_name-uuser_nameThe system (login) user name to use for running mysqld. Files and directories created by mysqld will be owned by this user. You must be the system
rootuser to use this option. By default, mysqld runs using your current login name and files and directories that it creates will be owned by you.--verbose,-vVerbose mode. Print more information about what the program does. You can use this option to see the mysqld command that mysql_install_db invokes to start the server in bootstrap mode.
--version,-VDisplay version information and exit.