MariaDB is one of the most popular open-source databases next to its originator MySQL. The original creators of MySQL developed MariaDB in response to fears that MySQL would suddenly become a paid service due to Oracle acquiring it in 2010. With its history of doing similar tactics, the developers behind MariaDB have promised to keep it open source and free from such fears as what has happened to MySQL.
MariaDB has become just as popular as MySQL with developers, with advanced clustering with Galera Cluster 4, faster cache/indexes, storage engines, and features/extensions that you won’t find in MySQL.
In the following tutorial, you will learn how to install MariaDB on AlmaLinux 9 and secure your database by running the MariaDB security script using the command line terminal.
Table of Contents
Before proceeding, ensure your system is up-to-date to avoid conflicts during the installation.
sudo dnf upgrade --refresh
MariaDB is available on the standard AlmaLinux 9 appstream. This is the ideal version you want to install with the following command in most cases.
sudo dnf install mariadb-server mariadb -y
Confirm the installation of MariaDB by checking the version and build:
Once you have confirmed the version in your output, you have successfully installed MariaDB.
Enable MariaDB Service
MariaDB is not enabled or activated; use the following command to fix this.
sudo systemctl enable mariadb --now
Now you have installed MariaDB, and you can verify the status of the database software by using the following systemctl command:
systemctl status mariadb
If no errors have occurred and you get a green status ok, your MariaDB service is successfully running.
By default, you will find MariaDB status to be activated. If not, start MariaDB, and use the following command.
sudo systemctl start mariadb
sudo systemctl stop mariadb
Enable MariaDB on system startup:
sudo systemctl enable mariadb
Disable MariaDB on system startup:
sudo systemctl disable mariadb
Restart the MariaDB service:
sudo systemctl restart mariadb
Run MariaDB Security Script
When installing MariaDB fresh, default settings are considered weak by most standards and cause concern for potentially allowing intrusion or exploiting hackers. A solution is to run the installation security script with the MariaDB installation.
First, use the following command to launch the (mysql_secure_installation).
Next, follow below:
- Setting the password for root accounts.
- Removing root accounts that are accessible from outside the localhost.
- Removing anonymous-user accounts.
- Removing the test database, which anonymous users can access by default.
Note that you use (Y) to remove everything.
[joshua@almalinux-9 ~]$ sudo mariadb-secure-installation NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY! In order to log into MariaDB to secure it, we'll need the current password for the root user. If you've just installed MariaDB, and haven't set the root password yet, you should just press enter here. Enter current password for root (enter for none): OK, successfully used password, moving on... Setting the root password or using the unix_socket ensures that nobody can log into the MariaDB root user without the proper authorisation. You already have your root account protected, so you can safely answer 'n'. Switch to unix_socket authentication [Y/n] Y <---- Type Y then press the ENTER KEY. Enabled successfully! Reloading privilege tables.. ... Success! You already have your root account protected, so you can safely answer 'n'. Change the root password? [Y/n] Y <---- Type Y then press the ENTER KEY. New password: Re-enter new password: Password updated successfully! Reloading privilege tables.. ... Success! By default, a MariaDB installation has an anonymous user, allowing anyone to log into MariaDB without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment. Remove anonymous users? [Y/n] Y <---- Type Y then press the ENTER KEY. ... Success! Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network. Disallow root login remotely? [Y/n] Y <---- Type Y then press the ENTER KEY. ... Success! By default, MariaDB comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment. Remove test database and access to it? [Y/n] Y <---- Type Y then press the ENTER KEY. - Dropping test database... ... Success! - Removing privileges on test database... ... Success! Reloading the privilege tables will ensure that all changes made so far will take effect immediately. Reload privilege tables now? [Y/n] Y <---- Type Y then press the ENTER KEY. ... Success! Cleaning up... All done! If you've completed all of the above steps, your MariaDB installation should now be secure. Thanks for using MariaDB!
Run MariaDB Database Tables Upgrade Tool
For users who have upgraded from a previous version of MariaDB, you should use the following steps and run the tool designed to check your tables and fix any issues with the version upgrade.
Run the following command to begin the upgrade, or check that your database tables are ok.
Alternatively, if you want to re-run the command to ensure everything is correct, use the following command with –force.
sudo mariadb-upgrade --force
Remove (Uninstall) MariaDB
If you no longer wish to use MariaDB and want to remove it in full, execute the following command:
sudo dnf autoremove mariadb-server mariadb
Comments and Conclusion
MariaDB intends to maintain high compatibility with MySQL, allowing it, in many cases, to function as a drop-in replacement for MySQL. With library binary parity and exact matching with MySQL APIs and commands, businesses can upgrade without worrying about their applications or data implications. If you are looking for a reliable database solution that will not require costly rewrites or disruptions to your business-critical processes, MariaDB may be the right choice.