This page is part of a full tutorial on how to install a web werver on a virtual machine. This fifth part of the tutorial explains how to install MariaDB on our server. MariaDB is an open-source relational database management system. As MariaDB is a fork of MySQL, it is commonly used as an alternative to MySQL. It is thus MariaDB that we will install on our server rather than MySQL. But from the end user's point of view, it won't change anything since both systems are compatible.
The following assume a virtual machine has been created and Debian 11 is already installed with Apache and PHP. If not, please go to the home page and follow the guide.
Before installing MariaDB, update your system:
sudo apt update && sudo apt -y upgrade
Debian 11’s default software repositories include MariaDB. Let's install the MariaDB package:
sudo apt install mariadb-server
Check MariaDB is properly installed with the following command:
systemctl status mariadb
The MariaDB deamon should be active:
student@debianwebserver:~$ systemctl status mariadb ● mariadb.service - MariaDB 10.5.15 database server Loaded: loaded (/lib/systemd/system/mariadb.service; enabled; vendor preset: enabled) Active: active (running) since Sat 2022-12-10 07:46:44 CET; 4min 32s ago Docs: man:mariadbd(8) https://mariadb.com/kb/en/library/systemd/ Process: 1838 ExecStartPre=/usr/bin/install -m 755 -o mysql -g root -d /var/run/mysqld (code=exited, status=> Process: 1839 ExecStartPre=/bin/sh -c systemctl unset-environment _WSREP_START_POSITION (code=exited, status> Process: 1841 ExecStartPre=/bin/sh -c [ ! -e /usr/bin/galera_recovery ] && VAR= || VAR=`cd /usr/bin/..; /u> Process: 1901 ExecStartPost=/bin/sh -c systemctl unset-environment _WSREP_START_POSITION (code=exited, statu> Process: 1903 ExecStartPost=/etc/mysql/debian-start (code=exited, status=0/SUCCESS) Main PID: 1888 (mariadbd) Status: "Taking your SQL requests now..." Tasks: 9 (limit: 4563) Memory: 77.3M CPU: 413ms CGroup: /system.slice/mariadb.service └─1888 /usr/sbin/mariadbd
q to quit the
The default installation leaves your MariaDB installation insecure. After installing MariaDB you have to run the security script. This script will ask you to define some security information.
When running this command, after a short introduction message, you'll be asked for the root password. Since this is a fresh installation of MariaDB, no root password is define, just press Enter.
student@debianwebserver:~$ sudo mysql_secure_installation NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY! In order to log into MariaDB to secure it, we'll need the current password for the root user. If you've just installed MariaDB, and haven't set the root password yet, you should just press enter here. Enter current password for root (enter for none): OK, successfully used password, moving on...
In the next prompt, you'll be asked if you want to switch to the
By answering Yes, the MariaDB account will be connected to the system root user, in another words, the Debian root user.
unix_socket authentication plugin is not suited to multiple Unix users accessing a single MariaDB user account.
To keep the web server generic, answer no (
Setting the root password or using the unix_socket ensures that nobody can log into the MariaDB root user without the proper authorisation. You already have your root account protected, so you can safely answer 'n'. Switch to unix_socket authentication [Y/n] n ... skipping.
The next prompt ask you whether you’d like to change the root password.
Later, we'll disallow remote root access on MariaDB client. So, we don't need to change the root password (currently empty).
Only the Debian root user can log into MariaDB as root. Answer no
You already have your root account protected, so you can safely answer 'n'. Change the root password? [Y/n] n ... skipping.
To secure the installation, remove anonymous users. Answer yes (
y) to the next question:
By default, a MariaDB installation has an anonymous user, allowing anyone to log into MariaDB without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment. Remove anonymous users? [Y/n] Y ... Success!
Disallow remote root access for securty reasons. Answer yes (
y) to the next question:
Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network. Disallow root login remotely? [Y/n] Y ... Success!
Remove the test database since anyone can access. Answer yes (
y) to the next question:
By default, MariaDB comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment. Remove test database and access to it? [Y/n] y - Dropping test database... ... Success! - Removing privileges on test database... ... Success!
Reload the table privilege for the changes to be effective immediately. Answer yes (
y) to the next question:
Reloading the privilege tables will ensure that all changes made so far will take effect immediately. Reload privilege tables now? [Y/n] Y ... Success! Cleaning up...
It was the last step, your installation is secured:
All done! If you've completed all of the above steps, your MariaDB installation should now be secure. Thanks for using MariaDB!
Now that the installation is secure, it is possible to connect to the database:
Since MariaDB is compatible with MySQL, you can also login with :
Both commands have the same effect:
student@debianwebserver:~$ sudo mariadb Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 37 Server version: 10.5.15-MariaDB-0+deb11u1 Debian 11 Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]>
student@debianwebserver:~$ sudo mysql Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 38 Server version: 10.5.15-MariaDB-0+deb11u1 Debian 11 Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]>
You are now logged in MariaDB as root. Let's create a new user.
MySQL is currently installed with a root user. It is not safe to work with this user. Let's create a new MySQL user. In the MariaDB command line interface, create a new user with the command below
Don't forget to change the username and password before running the following command:
MariaDB [(none)]> CREATE USER 'username'@'localhost' IDENTIFIED BY 'password';
Then, grant your new user the appropriate privileges (if needed):
MariaDB [(none)]> GRANT ALL PRIVILEGES ON *.* TO 'username'@'localhost' WITH GRANT OPTION;
Exit MariaDB command line:
MariaDB [(none)]> exit
Check the new user is created by log-in in MariaDB with the user you just created:
-uspecify the username
-pspecify we are using a password
maridb -u username -p
After entering the password, you should be loged in the MariaDB command line interface:
student@debianwebserver:~$ mariadb -u username -p Enter password: Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 40 Server version: 10.5.15-MariaDB-0+deb11u1 Debian 11 Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]>
MariaDB is installed. The command line interface is not always the most user friendly. In the next step we will install a graphical database management interface: phpMyAdmin.