MariaDB Setup

Debian / Ubuntu

Overview

Install MariaDB and complete initial configuration. MariaDB is a drop-in replacement for Oracle’s MySQL.

Assumptions

• Initial system setup completed.

• Logged in as administrative user.

Update

Before getting started, update package repositories. Consider upgrading them as well for the latest patches.

# Debian
sudo apt update
sudo apt upgrade

Install MariaDB

The MariaDB version included in the default Debian and Ubuntu repositories tends to be out of date, so it is recommended to add a MariaDB repository to your apt sources. For example we will use OSUOSL’s mirror. Choose your own and select the latest version from MariaDB’s repository mirror list.

Start by verifying that the required packages software-properties-common, dirmngr, and apt-transport-https are installed.

sudo apt install software-properties-common dirmngr apt-transport-https

Add the repository signing key for MariaDB.

sudo apt-key adv --fetch-keys 'https://mariadb.org/mariadb_release_signing_key.asc'

Add the MariaDB repository for your applicable distribution to the sources list.

Debian

# Debian 11
sudo add-apt-repository 'deb [arch=amd64,i386,arm64,ppc64el] https://ftp.osuosl.org/pub/mariadb/repo/10.11/debian bullseye main'

# Debian 10
sudo add-apt-repository 'deb [arch=amd64,arm64,ppc64el] https://ftp.osuosl.org/pub/mariadb/repo/10.11/debian buster main'

# Debian 9
sudo add-apt-repository 'deb [arch=amd64,i386,ppc64el,arm64] https://ftp.osuosl.org/pub/mariadb/repo/10.11/debian stretch main'

Ubuntu

# Ubuntu 20.04
sudo add-apt-repository 'deb [arch=amd64,arm64,ppc64el] https://ftp.osuosl.org/pub/mariadb/repo/10.11/ubuntu focal main'

# Ubuntu 18.04
sudo add-apt-repository 'deb [arch=amd64,arm64,ppc64el] https://ftp.osuosl.org/pub/mariadb/repo/10.11/ubuntu bionic main'

Finally, update the sources and install MariaDB using apt.

sudo apt update && sudo apt install mariadb-server

MariaDB is enabled by default, Verify this and check that the mariadb service is running.

sudo systemctl status mariadb

Should the service not be active, make sure you start it before continuing to the next step.

sudo systemctl start mariadb

Secure Installation

MariaDB comes packaged with a configuration script to improve the security of your MariaDB server by implementing some basic security recommendations. Execute the script using the included command.

sudo mysql_secure_installation

The first step in the script will ask for the current MariaDB root password. By default there is no root password, so simply press enter to move on.

Enter current password for root (enter for none):

You will then have option to choose between setting a root password, or using unix_socket authentication. In this bit, password authentication will be used due to some of the limitations detailed in MariaDB’s Unix Socket documentation.

Enter N when asked about switching to unix_socket authentication, and Y when asked to change the root password.

Switch to unix_socket authentication [Y/n] N
...
Change the root password? [Y/n] Y

Generate a secure password using your password manager of choice, and enter it when prompted.

New password:
Re-enter new password:

Following password creation, a series of questions will be presented to complete the basic security setup. All of these should be answered with Y.

Remove anonymous users? [Y/n] Y
...
Disallow root login remotely? [Y/n] Y
...
Remove test database and access to it? [Y/n] Y
...
Reload privilege tables now? [Y/n] Y
...
All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.