如何解決MySQL 開動不到的問題 MySQL start fail

昨天在服務器搬遷時遇到問題, 就是搬遷後, Mysql Start Fail – MySQL 資料庫不能開始. 找了很久都沒有答案, 檢查程序如下

以下的例子都是在 Ubuntu 下執行, 最後就是我的解決方法

檢查MySQL 的設定檔

Sudo vi /etc/mysql/my.cnf

[client]

port = 3306

socket = /var/run/mysqld/mysqld.sock

[client]

port = 3306

socket = /var/run/mysqld/mysqld.sock

# This was formally known as [safe_mysqld]. Both versions are currently parsed.

[mysqld_safe]

socket = /var/run/mysqld/mysqld.sock

nice = 0

[mysqld]

user = mysql

pid-file = /var/run/mysqld/mysqld.pid

socket = /var/run/mysqld/mysqld.sock

port = 3306

basedir = /usr

datadir = /var/lib/mysql # 確定 folder 是否存在

tmpdir = /tmp

language = /usr/share/mysql/english

skip-external-locking

bind-address = 127.0.0.1# 如果這裡是其他 ip 地址, 有可能造成 MySQL start fail

key_buffer = 16M

max_allowed_packet = 16M

thread_stack = 128K

thread_cache_size = 8

query_cache_limit = 1M

query_cache_size = 16M

log_bin = /var/log/mysql/mysql-bin.log

# WARNING: Using expire_logs_days without bin_log crashes the server! See README.Debian!

expire_logs_days = 10

max_binlog_size = 100M

skip-bdb

[mysqldump]

quick

quote-names

max_allowed_packet = 16M

[mysql]

#no-auto-rehash # faster start of mysql but no tab completition

[isamchk]

key_buffer = 16M

!includedir /etc/mysql/conf.d/

檢查MySQL 資料夾的權限

權限分別為

keithyau@Yubis-production:/var/lib$ sudo ls -l /var/lib/mysql

total 20612

-rw-r–r– 1 root root 0 2008-03-16 22:01 debian-5.0.flag

drwx—— 2 mysql mysql 12288 2008-08-16 02:29 drupal

-rw-rw—- 1 mysql mysql 10485760 2009-02-26 21:00 ibdata1

-rw-rw—- 1 mysql mysql 5242880 2009-02-26 21:08 ib_logfile0

-rw-rw—- 1 mysql mysql 5242880 2008-03-16 22:01 ib_logfile1

drwxr-xr-x 2 mysql root 4096 2002-01-13 17:16 mysql

-rw——- 1 root root 6 2008-03-16 22:01 mysql_upgrade_info

keithyau@Yubis-production:/var/lib$ sudo ls -l /var/lib

total 176

drwxr-xr-x 4 root root 4096 2008-03-14 20:39 apt

drwxr-xr-x 2 root root 4096 2008-03-14 20:41 aptitude

drwxr-xr-x 2 root root 4096 2002-01-26 19:48 dhcp3

drwxr-xr-x 4 root root 4096 2008-03-14 20:52 dictionaries-common

drwxr-xr-x 2 root root 4096 2006-10-24 03:27 discover

drwxr-xr-x 7 root root 4096 2009-02-26 20:45 dpkg

drwxr-xr-x 3 root root 4096 2008-03-14 20:53 gstreamer

drwxr-xr-x 2 root root 4096 2008-03-14 20:39 initramfs-tools

drwxr-xr-x 2 root root 4096 2007-01-31 06:27 initscripts

drwxr-xr-x 2 root root 4096 2009-02-26 19:17 lib_mysql

drwxr-xr-x 2 root root 4096 2008-03-14 22:32 logrotate

drwxr-xr-x 6 root root 4096 2009-01-03 14:12 menu-xdg

drwxr-xr-x 2 root root 4096 2006-10-28 22:06 misc

drwxr-xr-x 10 mysql mysql 4096 2009-02-26 21:08 mysql

drwxr-xr-x 2 root root 4096 2008-01-27 19:46 mysql-cluster

檢查後依然不能開始MySQL 服務器 ……

打開 /var/log/syslog 看看有沒有以下一行

Feb 26 20:45:59 Yubis-production /etc/init.d/mysql[6254]: ^G/usr/bin/mysqladmin: connect to server at ‘localhost’ failed

Feb 26 20:45:59 Yubis-production /etc/init.d/mysql[6254]: error: ‘Can’t connect to local MySQL server through socket ‘/var/run/mysqld/mysqld.sock’ (2)’

Feb 26 20:45:59 Yubis-production /etc/init.d/mysql[6254]: Check that mysqld is running and that the socket: ‘/var/run/mysqld/mysqld.sock’ exists!

Feb 26 20:45:59 Yubis-production /etc/init.d/mysql[6254]:

Feb 26 20:46:04 Yubis-production mysqld_safe[6319]: started

Feb 26 20:46:04 Yubis-production mysqld[6328]: 090226 20:46:04 InnoDB: Started; log sequence number 0 43665

Feb 26 20:46:04 Yubis-production mysqld[6328]: 090226 20:46:04 [ERROR] Binlog has bad magic number; It’s not a binary log file that can be used by this version of MySQL

如果存在的話, 應該是你的 MySQL 服務器沒有正常關上, 那就 …

打開 /var/log/mysql

keithyau@Yubis-production:/var/lib$ sudo ls -l /var/log/mysql/
total 295696
-rw-rw—- 1 mysql adm 104885450 2009-02-18 12:36 mysql-bin.000077
-rw-rw—- 1 mysql adm 105175310 2009-02-24 11:27 mysql-bin.000078
-rw-rw—- 1 mysql adm 83164522 2009-02-26 19:24 mysql-bin.000079
-rw-rw—- 1 mysql adm 98 2009-02-26 19:56 mysql-bin.000080
-rw-rw—- 1 mysql adm 9233377 2009-02-27 16:10 mysql-bin.000081
-rw-rw—- 1 mysql adm 160 2009-02-26 21:08 mysql-bin.index

把最後一個 bin 檔案刪除

sudo rm /var/log/mysql/mysql-bin.00081

再打開 mysql-bin.index 把最後一行刪除

sudo vi /var/log/mysql/mysql-bin.index

/var/log/mysql/mysql-bin.000077

/var/log/mysql/mysql-bin.000078

/var/log/mysql/mysql-bin.000079

/var/log/mysql/mysql-bin.000080

/var/log/mysql/mysql-bin.000081

重新打開 MySQL 資料庫就完成了

Sudo /etc/init.d/mysql restart

Linux OpenVpn Client 免費vpn linux 客戶端

教學: Linux 下的 OpenVPN client

上回說到如何在 Windows 下安裝 OpenVPN client, 這回會介紹如何在 Linux 下使用 OpenVpn Client.有些時侯, 中小企需要使用一些自動化程序 Script 作安全連線. 在windows 下生成這樣的連線會比較難設定和不穩定. 這個時侯就需要 linux 的幫助. 在 Linux 下安裝openvpn 軟件就可以輕易創作自動連線的 Script

安裝 OpenVPN 軟件

在linux 下, OpenVPN 沒有server 和client 的分別, 都是用同一軟件進行. 所以只需要安裝 OpenVPN 便可

sudo apt-get install openvpn

創建鑰匙

首先,要創建鑰匙, 以下是在服務器端上鑰匙的制法 (把keithyau 換成你的使用者名字, 詳情參考 http://keithyau.wordpress.com/2009/02/07/vpn-solution-2-openvpn/)

sudo su
cd /etc/openvpn/examples/easy-rsa/2.0/
source ./vars
./clean-all
./build-ca

./build-key-server server
./build-key keithyau

./build-dh
cd keys
openssl dhparam -out dh1024.pem 1024
cd ..
openvpn –genkey –secret ta.key #optional

拷貝鑰匙

鑰匙拷貝到客戶端內, 例如 </home/example/config/keys>

在服務器端輸入

scp -pr /etc/openvpn/examples/easy-rsa/2.0/keys/<all your keys> <client host>:/home/exampel/config/keys

創建 ovpn Client 設定檔案 (把123.123.123 換成服務器的地址)

1. .opvn示範檔案如下

   1. client

   2. dev tap

   3. proto udp

   5. # change this to your server’s address

   6. remote 123.123..123..123 1194

   7. resolv-retry infinite

   8. nobind

   9. persist-key

   10. persist-tun

   12. #tls-client

   13. ca keys/ca.crt

   14. cert keys/keithyau.crt

   15. key keys/keithyau.key

   17. #ensure that we are talking to a server

   18. ns-cert-type server

   20. #confirm we are talking to the correct server

   21. #tls-auth ta.key 1

   22. # Select a cryptographic cipher.

   23. # If the cipher option is used on the server

   24. # then you must also specify it her e.

   25. cipher AES-128-CBC

   27. # Enable compression on the VPN link.

   28. comp-lzo

   30. #fragment 1400

   31. # enable user/pass authentication

   32. # auth-user-pass

相應的服務器設定參考

# Which local IP address should OpenVPN
# listen on? (optional)
local 192.168.1.102 #服務器的本地地址 (LOCAL IP)
port 1194

proto udp

dev tap0
#direct these to your generated files
ca /etc/openvpn/examples/easy-rsa/2.0/keys/ca.crt
cert /etc/openvpn/examples/easy-rsa/2.0/keys/server.crt
key /etc/openvpn/examples/easy-rsa/2.0/keys/server.key
dh /etc/openvpn/examples/easy-rsa/2.0/keys/dh1024.pem
ifconfig-pool-persist ipp.txt
#需要 dhcp 服務器 的配合
server 10.3.0.0 255.255.255.0
# 服務器上沒有 dhcp 服務器的請選這行
# server-bridge 192.168.1.102 255.255.255.0 192.168.1.230 192.168.1.231

keepalive 10 120
#encryption
cipher AES-128-CBC
#Push routing configuration
#push “route 192.168.2.0 255.255.255.0″

#tls-auth ta.key 0

comp-lzo
#fragment 1400
#limit the number of connections
max-clients 5
#some secuurity settings
# do not use if running server on Windows
user nobody
group nogroup
persist-key
persist-tun
#log file settings
status openvpn-status.log
verb 3

詳程參考 如何設立虛擬網絡

打開 VPN 連線

sudo openvpn <你的設定檔案>.ovpn

完成後, Client 會有以下情況

輸入 ifconfig 會看到新的虛擬網卡

服務器那邊都會出現成功訊息

自動化程序示範

#! /bin/bash

check=`ls /var/log/remote`

if [ -z check ] ;# no log file

then

exit 0

else # 打開 openvpn 連線,開始 backup

sudo openvpn <你的設定檔案>.ovpn

sudo backup.sh

fi

exit 0

如有任何問題, 歡迎與我連絡/ 留言, 大家交流一下

vpn solution2 – windows openvpn client 免費的vpn 客戶端

<!– @page { size: 8.5in 11in; margin: 0.79in } P { margin-bottom: 0.08in } –>

上文提及過 openvpn server的制作方法, 這篇文章會介紹服務器端與客戶端配合的一個例子.

在客戶端方面, 用家大部份都會用 Windows + openvpn. 在 Windows 下安裝 openvpn 十分簡單, 只需要以下步驟

1. 到這裡下載 openvpn 圖形介面客戶端
   http://openvpn.se/files/install_packages/openvpn-2.0.9-gui-1.0.3-install.exe

2. 雙click install.exe 安裝

3. 到 C:\Program Files\OpenVPN\config 創建 / 編輯 ovpn 檔案 (yourservername.ovpn)

4. .opvn示範檔案如下

   1. client

   2. dev tap

   3. proto udp

   5. # change this to your server’s address

   6. remote 123.123..123..123 1194

   7. resolv-retry infinite

   8. nobind

   9. persist-key

   10. persist-tun

   12. #tls-client

   13. ca keys/ca.crt

   14. cert keys/keithyau.crt

   15. key keys/keithyau.key

   17. #ensure that we are talking to a server

   18. ns-cert-type server

   20. #confirm we are talking to the correct server

   21. #tls-auth ta.key 1

   22. # Select a cryptographic cipher.

   23. # If the cipher option is used on the server

   24. # then you must also specify it her e.

   25. cipher AES-128-CBC

   27. # Enable compression on the VPN link.

   28. comp-lzo

   30. #fragment 1400

   31. # enable user/pass authentication

   32. # auth-user-pass

5. 把鑰匙拷貝到 C:\Program Files\OpenVPN\config\keys , 以下是在服務器端上鑰匙的制法 (把keithyau 換成你的使用者名字, 詳情參考 http://keithyau.wordpress.com/2009/02/07/vpn-solution-2-openvpn/)

   1. sudo su
      cd /etc/openvpn/examples/easy-rsa/2.0/
      source ./vars
      ./clean-all
      ./build-ca

      ./build-key-server server
      ./build-key keithyau

      ./build-dh
      cd keys
      openssl dhparam -out dh1024.pem 1024
      cd ..
      openvpn –genkey –secret ta.key #optional

6. 在右下角 openvpn icon按連接

   

7. 測試連線

令服務器能接受以上設定的請求, 相應需要以下的設定

# Which local IP address should OpenVPN
# listen on? (optional)
local 192.168.1.102
port 1194

proto udp

dev tap0
#direct these to your generated files
ca /etc/openvpn/examples/easy-rsa/2.0/keys/ca.crt
cert /etc/openvpn/examples/easy-rsa/2.0/keys/server.crt
key /etc/openvpn/examples/easy-rsa/2.0/keys/server.key
dh /etc/openvpn/examples/easy-rsa/2.0/keys/dh1024.pem
ifconfig-pool-persist ipp.txt
#需要 dhcp 服務器 的配合
server 10.3.0.0 255.255.255.0
# 服務器上沒有 dhcp 服務器的請選這行
# server-bridge 192.168.1.102 255.255.255.0 192.168.1.230 192.168.1.231

keepalive 10 120
#encryption
cipher AES-128-CBC
#Push routing configuration
#push “route 192.168.2.0 255.255.255.0″

#tls-auth ta.key 0

comp-lzo
#fragment 1400
#limit the number of connections
max-clients 5
#some secuurity settings
# do not use if running server on Windows
user nobody
group nogroup
persist-key
persist-tun
#log file settings
status openvpn-status.log
verb 3
# authentication plugin
#forces client to have a linux acount in order to connect (Not for Windows user)
# plugin /usr/lib/openvpn/openvpn-auth-pam.so login

這裡有安裝 DHCP server 的方法

sudo apt-get install dhcp3-server

sudo vi /etc/default/dhcp3-server

更改 為 INTERFACES=”br0″ # br0 = 你的網卡名稱

sudo vi /etc/dhcp3/dhcpd.conf

把其中一個示範修改為 (10.3.0.0 是你打算指派的網絡)

subnet 10.3.0.0 netmask 255.255.255.0 {

range 10.3.0.100 10.3.0.200;

option routers 192.168.1.1;

}

/etc/init.d/dhcpd restart

/etc/init.d/openvpn restart

這樣你的 Openvpn 就能成功在 linux → windows 間建立起來了

VPN solution 2 – openvpn

之前提到中小企安裝 vpn 的問題, 這篇文章將會講解如何安裝一種 SSL VPN – OpenVPN

OpenVPN 是一種在 SSL 上建立的 OpenVPN, 在網絡工程學上說, 是最高層級的 ( OSI MODEL) 所以擁有極強的防火趥穿透力, 在大部份地方都可以建立 VPN 連線. 最重要的是它多平台支援 - Solaris, Linux, OpenBSD, FreeBSD, NetBSD, Mac OS X, and Windows 2000/XP/Vista , 而且是免費的.

以下介紹它的設置方法

網絡示意圖 (切記把 192.168.1.1 / 192.168.1.102 換成閣下的設置)

先安裝 UBUNTU LINUX

這裡有它的安裝方法 http://yubis.net/blog/yubis/ubuntu-ubuntu-install-method-367

在 Ubuntu 上輸入以安裝所需軟件

sudo apt-get install openvpn bridge-utils

把所需要的 OPENSSL 軟件拷貝

cp -R /usr/share/doc/openvpn/examples/ /etc/openvpn/

修改 SSL 加密設定

cd /etc/openvpn/examples/easy-rsa/2.0
vi vars

檔案vars 裹的都是一些制作 ssl 鑰匙時用作認證的資料, 特別留心的是

export KEY_SIZE=2048

單位愈大, 加密時間愈長, 而駭客需要的破解時間都會增加

現在轉作 root 身份

sudo su

輸入以下指令, 以制作鑰匙

./vars
./clean-all
./build-ca #系統會詢問之前在 vars 設下的問題並提供在 vars 中的答案, 按下 ENTER 便可
制作服務器端的鑰匙
./build-key-server server
制作使用者和密碼

#制作密碼 (username = 你自己的使用者名稱)
./build-key-pass username
#不使用密碼 (username = 你自己的使用者名稱)
./build-key username 
建立 Diffie Hellman key
./build-dh 
#建立服務器 id key
openvpn --genkey --secret ta.key

建立 /etc/openvpn/server.conf 用作 openvpn 服務器的設定

# OpenVPN 服務器地址
local 192.168.1.102
port 1194
# TCP or UDP 服務器
proto udp
#所使用的網橋名稱
dev tap0
#之前制作出來的鑰匙位置
ca /etc/openvpn/examples/easy-rsa/2.0/keys/ca.crt
cert /etc/openvpn/examples/easy-rsa/2.0/keys/server.crt
key /etc/openvpn/examples/easy-rsa/2.0/keys/server.key
dh /etc/openvpn/examples/easy-rsa/2.0/keys/dh1024.pem
ifconfig-pool-persist ipp.txt
#服務器網橋的設定 (切記最後那兩個地址是沒被任何機器 / dhcp使用)
server-bridge 192.168.1.102 255.255.255.0 192.168.1.200 192.168.1.201
#needed to allow communication to internal network
client-to-client
keepalive 10 120
#所選擇的認證方法
#更快的選擇有 blowfish: "BF-CB"
cipher AES-128-CBC
#在這裡提供其他內網的地址 (如果亦想使用 openvpn)
push "route 192.168.2.0 255.255.255.0"
#服務器 id 的鑰匙
tls-auth ta.key 0
#compression for network speed
comp-lzo
# if packets are too large fragment them (only really useful if you have an old router)
#fragment 1400
#最大連接數目
max-clients 5
# do not use if running server on Windows
user nobody
group nogroup
persist-key
persist-tun
#log file settings
status openvpn-status.log
verb 3
# authentication plugin
#forces client to have a linux account in order to connect
plugin /usr/lib/openvpn/openvpn-auth-pam.so login


制作 /etc/init.d/bridge 用作開機時自動打開網橋服務


#!/bin/bash
# Create global variables
# 網橋的名稱 (自訂)
br="br0"
# 虛擬網卡的名稱 (自訂, 但需跟 /etc/openvpn/server.conf 相應)
# for example tap="tap0 tap1 tap2".
tap="tap0"
# Define physical ethernet interface to be bridged
# with TAP interface(s) above.
eth="eth0"
eth_ip="192.168.1.102"
eth_netmask="255.255.255.0"
eth_broadcast="192.168.1.255"
gw="192.168.1.1"
start_bridge () {
#################################
# Set up Ethernet bridge on Linux
# Requires: bridge-utils
#################################
for t in $tap; do
openvpn --mktun --dev $t
done
for t in $tap; do
ifconfig $t 0.0.0.0 promisc up
done
ifconfig $eth 0.0.0.0 promisc up
brctl addbr $br
brctl addif $br $eth
for t in $tap; do
brctl addif $br $t
done
ifconfig $br $eth_ip netmask $eth_netmask broadcast $eth_broadcast up
route add default gw $gw $br
}
stop_bridge () {
####################################
# Tear Down Ethernet bridge on Linux
####################################
ifconfig $br down
brctl delbr $br
for t in $tap; do
openvpn --rmtun --dev $t
done
ifconfig $eth $eth_ip netmask $eth_netmask broadcast $eth_broadcast up
route add default gw $gw $eth
}
case "$1" in
start)
echo -n "Starting Bridge"
start_bridge
;;
stop)
echo -n "Stopping Bridge"
stop_bridge
;;
restart)
stop_bridge
sleep 2
start_bridge
;;
*)
echo "Usage: $0 {start|stop|restart}" >&2
exit 1
;;
esac

<!– @page { size: 8.5in 11in; margin: 0.79in } P { margin-bottom: 0.08in } –>

設定權限

chmod 755 /etc/init.d/bridge

設定開機時自動打開網橋

update-rc.d bridge defaults 15

打開 openvpn 服務

sudo /etc/init.d/bridge start
sudo openvpn /etc/openvpn/server.conf

這樣, openvpn 的服務器設定就完成了

如果覺得還是太煩的話, 可以參考 http://pfsense.org pfsense 是一種基於 freebsd 的系統, 有預載 openvpn

下一文章, 將會講解如何設定 openvpn 的客戶端