MariaDB Setup
Debian / Ubuntu
Overview
Install MariaDB and complete initial configuration. MariaDB is a drop-in replacement for Oracle’s MySQL.
Assumptions
Initial system setup completed.
Logged in as administrative user.
Update
Before getting started, update package repositories. Consider upgrading them as well for the latest patches.
# Debian
sudo apt update
sudo apt upgrade
Install MariaDB
The MariaDB version included in the default Debian and Ubuntu repositories tends to be out of date, so it is recommended to add a MariaDB repository to your apt sources. For example we will use OSUOSL’s mirror. Choose your own and select the latest version from MariaDB’s repository mirror list.
Start by verifying that the required packages software-properties-common
, dirmngr
, and apt-transport-https
are installed.
sudo apt install software-properties-common dirmngr apt-transport-https
Add the repository signing key for MariaDB.
sudo apt-key adv --fetch-keys 'https://mariadb.org/mariadb_release_signing_key.asc'
Add the MariaDB repository for your applicable distribution to the sources list.
Debian
# Debian 11
sudo add-apt-repository 'deb [arch=amd64,i386,arm64,ppc64el] https://ftp.osuosl.org/pub/mariadb/repo/10.11/debian bullseye main'
# Debian 10
sudo add-apt-repository 'deb [arch=amd64,arm64,ppc64el] https://ftp.osuosl.org/pub/mariadb/repo/10.11/debian buster main'
# Debian 9
sudo add-apt-repository 'deb [arch=amd64,i386,ppc64el,arm64] https://ftp.osuosl.org/pub/mariadb/repo/10.11/debian stretch main'
Ubuntu
# Ubuntu 20.04
sudo add-apt-repository 'deb [arch=amd64,arm64,ppc64el] https://ftp.osuosl.org/pub/mariadb/repo/10.11/ubuntu focal main'
# Ubuntu 18.04
sudo add-apt-repository 'deb [arch=amd64,arm64,ppc64el] https://ftp.osuosl.org/pub/mariadb/repo/10.11/ubuntu bionic main'
Finally, update the sources and install MariaDB using apt
.
sudo apt update && sudo apt install mariadb-server
MariaDB is enabled by default, Verify this and check that the mariadb
service is running.
sudo systemctl status mariadb
Should the service not be active, make sure you start it before continuing to the next step.
sudo systemctl start mariadb
Secure Installation
MariaDB comes packaged with a configuration script to improve the security of your MariaDB server by implementing some basic security recommendations. Execute the script using the included command.
sudo mysql_secure_installation
The first step in the script will ask for the current MariaDB root
password. By default there is no root password, so simply press enter to move on.
Enter current password for root (enter for none):
You will then have option to choose between setting a root
password, or using unix_socket
authentication. In this bit, password authentication will be used due to some of the limitations detailed in MariaDB’s Unix Socket documentation.
Enter N
when asked about switching to unix_socket authentication, and Y
when asked to change the root password.
Switch to unix_socket authentication [Y/n] N
...
Change the root password? [Y/n] Y
Generate a secure password using your password manager of choice, and enter it when prompted.
New password:
Re-enter new password:
Following password creation, a series of questions will be presented to complete the basic security setup. All of these should be answered with Y
.
Remove anonymous users? [Y/n] Y
...
Disallow root login remotely? [Y/n] Y
...
Remove test database and access to it? [Y/n] Y
...
Reload privilege tables now? [Y/n] Y
...
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.