After MySQL is installed, the data directory must be initialized,
including the tables in the mysql
system
schema:
For some MySQL installation methods, data directory initialization is automatic, as described in Section 2.9, “Postinstallation Setup and Testing”.
For other installation methods, you must initialize the data directory manually. These include installation from generic binary and source distributions on Unix and Unix-like systems, and installation from a ZIP Archive package on Windows.
This section describes how to initialize the data directory manually for MySQL installation methods for which data directory initialization is not automatic. For some suggested commands that enable testing whether the server is accessible and working properly, see Section 2.9.3, “Testing the Server”.
In MySQL 8.0, the default authentication plugin has changed from
mysql_native_password
to
caching_sha2_password
, and the
'root'@'localhost'
administrative account
uses caching_sha2_password
by default. If you
prefer that the root
account use the previous
default authentication plugin
(mysql_native_password
), see
caching_sha2_password and the root Administrative Account.
The mysql_native_password
plugin is
deprecated as of MySQL 8.0.34, disabled by default as of MySQL
8.4.0, and removed as of MySQL 9.0.0.
In the examples shown here, the server is intended to run under
the user ID of the mysql
login account.
Either create the account if it does not exist (see
Create a mysql User and Group), or
substitute the name of a different existing login account that
you plan to use for running the server.
Change location to the top-level directory of your MySQL installation, which is typically
/usr/local/mysql
(adjust the path name for your system as necessary):cd /usr/local/mysql
Within this directory you can find several files and subdirectories, including the
bin
subdirectory that contains the server, as well as client and utility programs.The
secure_file_priv
system variable limits import and export operations to a specific directory. Create a directory whose location can be specified as the value of that variable:mkdir mysql-files
Grant directory user and group ownership to the
mysql
user andmysql
group, and set the directory permissions appropriately:chown mysql:mysql mysql-files chmod 750 mysql-files
Use the server to initialize the data directory, including the
mysql
schema containing the initial MySQL grant tables that determine how users are permitted to connect to the server. For example:bin/mysqld --initialize --user=mysql
For important information about the command, especially regarding command options you might use, see Data Directory Initialization Procedure. For details about how the server performs initialization, see Server Actions During Data Directory Initialization.
Typically, data directory initialization need be done only after you first install MySQL. (For upgrades to an existing installation, perform the upgrade procedure instead; see Chapter 3, Upgrading MySQL.) However, the command that initializes the data directory does not overwrite any existing
mysql
schema tables, so it is safe to run in any circumstances.If you want to deploy the server with automatic support for secure connections, use the mysql_ssl_rsa_setup utility to create default SSL and RSA files:
bin/mysql_ssl_rsa_setup
For more information, see Section 6.4.3, “mysql_ssl_rsa_setup — Create SSL/RSA Files”.
NoteThe mysql_ssl_rsa_setup utility is deprecated as of MySQL 8.0.34.
In the absence of any option files, the server starts with its default settings. (See Section 7.1.2, “Server Configuration Defaults”.) To explicitly specify options that the MySQL server should use at startup, put them in an option file such as
/etc/my.cnf
or/etc/mysql/my.cnf
. (See Section 6.2.2.2, “Using Option Files”.) For example, you can use an option file to set thesecure_file_priv
system variable.To arrange for MySQL to start without manual intervention at system boot time, see Section 2.9.5, “Starting and Stopping MySQL Automatically”.
Data directory initialization creates time zone tables in the
mysql
schema but does not populate them. To do so, use the instructions in Section 7.1.15, “MySQL Server Time Zone Support”.
Change location to the top-level directory of your MySQL
installation, which is typically
/usr/local/mysql
(adjust the path name for
your system as necessary):
cd /usr/local/mysql
To initialize the data directory, invoke
mysqld with the
--initialize
or
--initialize-insecure
option,
depending on whether you want the server to generate a random
initial password for the 'root'@'localhost'
account, or to create that account with no password:
Use
--initialize
for “secure by default” installation (that is, including generation of a random initialroot
password). In this case, the password is marked as expired and you must choose a new one.With
--initialize-insecure
, noroot
password is generated. This is insecure; it is assumed that you intend to assign a password to the account in a timely fashion before putting the server into production use.
For instructions on assigning a new
'root'@'localhost'
password, see
Post-Initialization root Password Assignment.
The server writes any messages (including any initial password) to its standard error output. This may be redirected to the error log, so look there if you do not see the messages on your screen. For information about the error log, including where it is located, see Section 7.4.2, “The Error Log”.
On Windows, use the --console
option to direct messages to the console.
On Unix and Unix-like systems, it is important for the database
directories and files to be owned by the
mysql
login account so that the server has
read and write access to them when you run it later. To ensure
this, start mysqld from the system
root
account and include the
--user
option as shown here:
bin/mysqld --initialize --user=mysql
bin/mysqld --initialize-insecure --user=mysql
Alternatively, execute mysqld while logged in
as mysql
, in which case you can omit the
--user
option from the command.
On Windows, use one of these commands:
bin\mysqld --initialize --console
bin\mysqld --initialize-insecure --console
Data directory initialization might fail if required system libraries are missing. For example, you might see an error like this:
bin/mysqld: error while loading shared libraries:
libnuma.so.1: cannot open shared object file:
No such file or directory
If this happens, you must install the missing libraries manually or with your system's package manager. Then retry the data directory initialization command.
It might be necessary to specify other options such as
--basedir
or
--datadir
if
mysqld cannot identify the correct locations
for the installation directory or data directory. For example
(enter the command on a single line):
bin/mysqld --initialize --user=mysql
--basedir=/opt/mysql/mysql
--datadir=/opt/mysql/mysql/data
Alternatively, put the relevant option settings in an option
file and pass the name of that file to
mysqld. For Unix and Unix-like systems,
suppose that the option file name is
/opt/mysql/mysql/etc/my.cnf
. Put these
lines in the file:
[mysqld]
basedir=/opt/mysql/mysql
datadir=/opt/mysql/mysql/data
Then invoke mysqld as follows (enter the
command on a single line, with the
--defaults-file
option first):
bin/mysqld --defaults-file=/opt/mysql/mysql/etc/my.cnf
--initialize --user=mysql
On Windows, suppose that C:\my.ini
contains
these lines:
[mysqld]
basedir=C:\\Program Files\\MySQL\\MySQL Server 8.0
datadir=D:\\MySQLdata
Then invoke mysqld as follows (again, you
should enter the command on a single line, with the
--defaults-file
option first):
bin\mysqld --defaults-file=C:\my.ini
--initialize --console
When initializing the data directory, you should not specify
any options other than those used for setting directory
locations such as --basedir
or
--datadir
, and the
--user
option if needed.
Options to be employed by the MySQL server during normal use
can be set when restarting it following initialization. See
the description of the
--initialize
option for further
information.
The data directory initialization sequence performed by the server does not substitute for the actions performed by mysql_secure_installation and mysql_ssl_rsa_setup. See Section 6.4.2, “mysql_secure_installation — Improve MySQL Installation Security”, and Section 6.4.3, “mysql_ssl_rsa_setup — Create SSL/RSA Files”.
When invoked with the
--initialize
or
--initialize-insecure
option,
mysqld performs the following actions during
the data directory initialization sequence:
The server checks for the existence of the data directory as follows:
If no data directory exists, the server creates it.
If the data directory exists but is not empty (that is, it contains files or subdirectories), the server exits after producing an error message:
[ERROR] --initialize specified but the data directory exists. Aborting.
In this case, remove or rename the data directory and try again.
An existing data directory is permitted to be nonempty if every entry has a name that begins with a period (
.
).
Within the data directory, the server creates the
mysql
system schema and its tables, including the data dictionary tables, grant tables, time zone tables, and server-side help tables. See Section 7.3, “The mysql System Schema”.The server initializes the system tablespace and related data structures needed to manage
InnoDB
tables.NoteAfter mysqld sets up the
InnoDB
system tablespace, certain changes to tablespace characteristics require setting up a whole new instance. Qualifying changes include the file name of the first file in the system tablespace and the number of undo logs. If you do not want to use the default values, make sure that the settings for theinnodb_data_file_path
andinnodb_log_file_size
configuration parameters are in place in the MySQL configuration file before running mysqld. Also make sure to specify as necessary other parameters that affect the creation and location ofInnoDB
files, such asinnodb_data_home_dir
andinnodb_log_group_home_dir
.If those options are in your configuration file but that file is not in a location that MySQL reads by default, specify the file location using the
--defaults-extra-file
option when you run mysqld.The server creates a
'root'@'localhost'
superuser account and other reserved accounts (see Section 8.2.9, “Reserved Accounts”). Some reserved accounts are locked and cannot be used by clients, but'root'@'localhost'
is intended for administrative use and you should assign it a password.Server actions with respect to a password for the
'root'@'localhost'
account depend on how you invoke it:With
--initialize
but not--initialize-insecure
, the server generates a random password, marks it as expired, and writes a message displaying the password:[Warning] A temporary password is generated for root@localhost: iTag*AfrH5ej
With
--initialize-insecure
, (either with or without--initialize
because--initialize-insecure
implies--initialize
), the server does not generate a password or mark it expired, and writes a warning message:[Warning] root@localhost is created with an empty password ! Please consider switching off the --initialize-insecure option.
For instructions on assigning a new
'root'@'localhost'
password, see Post-Initialization root Password Assignment.The server populates the server-side help tables used for the
HELP
statement (see Section 15.8.3, “HELP Statement”). The server does not populate the time zone tables. To do so manually, see Section 7.1.15, “MySQL Server Time Zone Support”.If the
init_file
system variable was given to name a file of SQL statements, the server executes the statements in the file. This option enables you to perform custom bootstrapping sequences.When the server operates in bootstrap mode, some functionality is unavailable that limits the statements permitted in the file. These include statements that relate to account management (such as
CREATE USER
orGRANT
), replication, and global transaction identifiers.The server exits.
After you initialize the data directory by starting the server
with --initialize
or
--initialize-insecure
, start the
server normally (that is, without either of those options) and
assign the 'root'@'localhost'
account a new
password:
Start the server. For instructions, see Section 2.9.2, “Starting the Server”.
Connect to the server:
If you used
--initialize
but not--initialize-insecure
to initialize the data directory, connect to the server asroot
:mysql -u root -p
Then, at the password prompt, enter the random password that the server generated during the initialization sequence:
Enter password: (enter the random root password here)
Look in the server error log if you do not know this password.
If you used
--initialize-insecure
to initialize the data directory, connect to the server asroot
without a password:mysql -u root --skip-password
After connecting, use an
ALTER USER
statement to assign a newroot
password:ALTER USER 'root'@'localhost' IDENTIFIED BY 'root-password';
See also Section 2.9.4, “Securing the Initial MySQL Account”.
Attempts to connect to the host 127.0.0.1
normally resolve to the localhost
account.
However, this fails if the server is run with
skip_name_resolve
enabled. If
you plan to do that, make sure that an account exists that can
accept a connection. For example, to be able to connect as
root
using
--host=127.0.0.1
or
--host=::1
, create these accounts:
CREATE USER 'root'@'127.0.0.1' IDENTIFIED BY 'root-password';
CREATE USER 'root'@'::1' IDENTIFIED BY 'root-password';
It is possible to put those statements in a file to be
executed using the init_file
system variable, as discussed in
Server Actions During Data Directory Initialization.