We will learn how to install the latest MariaDB stable version on Debian 10, using apt. Be aware that currently, Debian sources don’t contain the latest version of the package mariadb-server.
For this tutorial, we are using sudo privileges account. If sudo command is not found you have to run as root:
apt -y install sudo
Installation
Step 1: Update system apt index and install needed packages
sudo apt -y update
sudo apt -y install software-properties-common dirmngr
Step 2: Add Maria GPG key and repository
sudo apt-key adv --fetch-keys 'https://mariadb.org/mariadb_release_signing_key.asc'
sudo add-apt-repository 'deb [arch=amd64] http://mariadb.mirror.nucleus.be/repo/10.4/debian buster main'
Step 3: Install MariaDB server
sudo apt -y update
sudo apt -y install mariadb-server
Step 4: Secure MariaDB server
We recommend doing this step every time you install a new MariaDB server.
sudo mysql_secure_installation
catalin@devops:/$ sudo mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
haven't set the root password yet, you should just press enter here.
Enter current password for root (enter for none):
OK, successfully used password, moving on...
Setting the root password or using the unix_socket ensures that nobody
can log into the MariaDB root user without the proper authorisation.
You already have your root account protected, so you can safely answer 'n'.
Switch to unix_socket authentication [Y/n] n
... skipping.
You already have your root account protected, so you can safely answer 'n'.
Change the root password? [Y/n] n
... skipping.
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] Y
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] Y
... Success!
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] Y
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] Y
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!
Check if MariaDB service is running:
catalin@devops:~$ sudo systemctl status mariadb
● mariadb.service - MariaDB 10.4.12 database server
Loaded: loaded (/lib/systemd/system/mariadb.service; enabled; vendor preset: enabled)
Drop-In: /etc/systemd/system/mariadb.service.d
└─migrated-from-my.cnf-settings.conf
Active: active (running) since Sat 2020-04-25 15:53:24 UTC; 8min ago
Docs: man:mysqld(8)
https://mariadb.com/kb/en/library/systemd/
Main PID: 10068 (mysqld)
Status: "Taking your SQL requests now..."
Tasks: 32 (limit: 9510)
Memory: 89.5M
CGroup: /system.slice/mariadb.service
└─10068 /usr/sbin/mysqld
Apr 25 15:53:37 devops /etc/mysql/debian-start[10108]: Phase 6/7: Checking and upgrading tables
Apr 25 15:53:37 devops /etc/mysql/debian-start[10108]: Processing databases
Apr 25 15:53:37 devops /etc/mysql/debian-start[10108]: information_schema
Apr 25 15:53:37 devops /etc/mysql/debian-start[10108]: performance_schema
Apr 25 15:53:37 devops /etc/mysql/debian-start[10108]: Phase 7/7: Running 'FLUSH PRIVILEGES'
Apr 25 15:53:37 devops /etc/mysql/debian-start[10108]: OK
Apr 25 15:53:37 devops /etc/mysql/debian-start[11048]: Checking for insecure root accounts.
By default, MariaDB is installing Unix plugin for authentication, which means that mysql root account will use OS root credentials. Type sudo mysql
to open a session.
catalin@devops:~$ sudo mysql
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 57
Server version: 10.4.12-MariaDB-1:10.4.12+maria~buster-log mariadb.org binary distribution
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]>
For example, I’m using a user called catalin with sudo privileges , but i want to connect to mariadb server from my user, not with root. You need to create the user you want and grant privileges:
catalin@devops:~$ sudo mysql
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 57
Server version: 10.4.12-MariaDB-1:10.4.12+maria~buster-log mariadb.org binary distribution
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> CREATE USER catalin@localhost IDENTIFIED VIA unix_socket;
Query OK, 0 rows affected (0.006 sec)
MariaDB [(none)]> grant all privileges on *.* to catalin@localhost;
Query OK, 0 rows affected (0.006 sec)
Now, I can type mysql and the session will open:
catalin@devops:~$ mysql
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 58
Server version: 10.4.12-MariaDB-1:10.4.12+maria~buster-log mariadb.org binary distribution
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]>
Have fun exploring MariaDB server.