Tutorial

How To Install MariaDB on Debian 11

Published on September 1, 2022

Senior DevOps Technical Writer

How To Install MariaDB on Debian 11
Not using Debian 11?Choose a different version or distribution.
Debian 11

Introduction

MariaDB is an open-source relational database management system, commonly used as an alternative for MySQL as the database portion of the popular LAMP (Linux, Apache, MySQL, PHP/Python/Perl) stack. It is intended to be a drop-in replacement for MySQL.

The short version of this installation guide consists of these three steps:

  • Update your package index using apt
  • Install the mariadb-server package using apt. The package also pulls in related tools to interact with MariaDB
  • Run the included mysql_secure_installation security script to restrict access to the server
  1. sudo apt update
  2. sudo apt install mariadb-server
  3. sudo mysql_secure_installation

This tutorial will explain how to install MariaDB on a Debian 11 server and verify that it is running and has a safe initial configuration.

Prerequisites

  • To follow this tutorial, you will need a server running Debian 11. This server should have a non-root administrative user and a firewall configured with UFW. Set this up by following our initial server setup guide for Debian 11.

Step 1 — Installing MariaDB

As of this writing, Debian 11’s default software repositories include MariaDB version 10.5.15. It is marked as the default MySQL variant by the Debian MySQL/MariaDB packaging team.

To install it, update the package index on your server with apt:

  1. sudo apt update

Then install the package:

  1. sudo apt install mariadb-server

These commands will install MariaDB, but will not prompt you to set a password or make any other configuration changes. Because the default configuration leaves your installation of MariaDB insecure, you will use a script that the mariadb-server package provides to restrict access to the server and remove unused accounts.

Step 2 — Configuring MariaDB

For new MariaDB installations, the next step is to run the included security script. This script changes some of the less secure default options for things like remote root logins and sample users.

Run the security script:

  1. sudo mysql_secure_installation

This will take you through a series of prompts where you can make some changes to your MariaDB installation’s security options. The first prompt will ask you to enter the current database root password. Since you have not set one up yet, press ENTER to indicate “none”.

Output
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY! In order to log into MariaDB to secure it, you'll need the current password for the root user. If you've just installed MariaDB, and you haven't set the root password yet, the password will be blank, so you should just press enter here. Enter current password for root (enter for none):

You’ll be asked if you want to switch to unix socket authentication. Since you already have a protected root account, you can skip this step. Type n and then press ENTER.

Output
. . . Setting the root password or using the unix_socket ensures that nobody can log into the MariaDB root user without the proper authorisation. You already have your root account protected, so you can safely answer 'n'. Switch to unix_socket authentication [Y/n] n

The next prompt asks you whether you’d like to change the root password. On Debian 11, the root account for MariaDB is tied closely to automated system maintenance, so you should not change the configured authentication methods for that account.

Doing so would make it possible for a package update to break the database system by removing access to the administrative account. Type n and then press ENTER.

Output
Change the root password? [Y/n]

Later, you’ll go over how to set up an additional administrative account for password access if socket authentication is not appropriate for your use case.

From there, you can press Y and then ENTER to accept the defaults for all the subsequent questions. This will remove some anonymous users and the test database, disable remote root logins, and load these new rules so that MariaDB immediately implements the changes you have made.

With that, you’ve finished MariaDB’s initial security configuration. The next step is an optional one, though you should follow it if you prefer to authenticate to your MariaDB server with a password.

Step 3 — (Optional) Creating an Administrative User that Employs Password Authentication

On Debian systems running MariaDB 10.5, the root MariaDB user is set to authenticate using the unix_socket plugin by default rather than with a password. This allows for some greater security and usability in many cases, but it can also complicate things when you need to allow an external program (e.g., phpMyAdmin) administrative rights.

Because the server uses the root account for tasks like log rotation and starting and stopping the server, it is best not to change the root account’s authentication details. Changing credentials in the /etc/mysql/debian.cnf configuration file may work initially, but package updates could potentially overwrite those changes. Instead of modifying the root account, the package maintainers recommend creating a separate administrative account for password-based access.

To this end, we will create a new account called admin with the same capabilities as the root account, but configured for password authentication. Open up the MariaDB prompt from your terminal:

  1. sudo mariadb

Then create a new user with root privileges and password-based access. Be sure to change the username and password to match your preferences:

  1. GRANT ALL ON *.* TO 'admin'@'localhost' IDENTIFIED BY 'password' WITH GRANT OPTION;

Flush the privileges to ensure that they are saved and available in the current session:

  1. FLUSH PRIVILEGES;

Following this, exit the MariaDB shell:

  1. exit

Finally, let’s test the MariaDB installation.

Step 4 — Testing MariaDB

When installed from the default repositories, MariaDB will start running automatically. To test this, check its status.

  1. sudo systemctl status mariadb

You’ll receive output that is similar to the following:

Output
● mariadb.service - MariaDB 10.5.15 database server Loaded: loaded (/lib/systemd/system/mariadb.service; enabled; vendor preset: enabled) Active: active (running) since Fri 2022-03-11 22:01:33 UTC; 14min ago Docs: man:mariadbd(8) https://mariadb.com/kb/en/library/systemd/ . . .

If MariaDB isn’t running, you can start it with the command sudo systemctl start mariadb.

For an additional check, you can try connecting to the database using the mysqladmin tool, which is a client that allows you to run administrative commands. For example, this command says to connect to MariaDB as root using the Unix socket and return the version:

  1. sudo mysqladmin version

You will receive output similar to this:

Output
mysqladmin Ver 9.1 Distrib 10.5.15-MariaDB, for debian-linux-gnu on x86_64 Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Server version 10.5.15-MariaDB-0+deb11u1 Protocol version 10 Connection Localhost via UNIX socket UNIX socket /run/mysqld/mysqld.sock Uptime: 4 min 20 sec Threads: 1 Questions: 72 Slow queries: 0 Opens: 32 Open tables: 25 Queries per second avg: 0.276

Conclusion

In this guide you installed the MariaDB relational database management system, and secured it using the mysql_secure_installation script that it came installed with. You also had the option to create a new administrative user that uses password authentication before testing the MariaDB server’s functionality.

Now that you have a running and secure MariaDB server, here some examples of next steps that you can take to work with the server:

Thanks for learning with the DigitalOcean Community. Check out our offerings for compute, storage, networking, and managed databases.

Learn more about our products

About the authors
Default avatar

Senior DevOps Technical Writer

Still looking for an answer?

Ask a questionSearch for more help

Was this helpful?
 
2 Comments


This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

KFSys
Site Moderator
Site Moderator badge
October 8, 2024

Deciding whether or not to upgrade MariaDB depends on several factors related to your current setup and specific needs. Here are some things to consider when deciding if an upgrade is necessary or beneficial for you:

Reasons to Consider Upgrading MariaDB:

  1. Security Updates:

    • Patching Vulnerabilities: Newer versions of MariaDB often include security patches that fix vulnerabilities. If your current version is no longer receiving updates, or known vulnerabilities exist, upgrading is crucial to maintaining security.
  2. New Features:

    • Performance Improvements: New releases often come with optimizations that can improve query performance, better indexing algorithms, or reduce memory consumption.
    • New SQL Features: Features like window functions, JSON support, or new optimizations might not be available in older versions.
    • Improved Replication: Newer versions might offer better replication features (e.g., Galera cluster enhancements or more efficient master-slave setups).
  3. Compatibility with Other Software:

    • Application Requirements: If you’re using modern frameworks, libraries, or CMS platforms that require a newer version of MariaDB for compatibility, you may need to upgrade to avoid incompatibility issues.
    • Database Connector Updates: Sometimes the connectors or drivers used by applications (e.g., Python’s mysqlclient, PHP’s mysqli) are optimized or require newer versions of MariaDB to take advantage of new capabilities or optimizations.
  4. End of Life (EOL) Concerns:

    • Each major version of MariaDB has a lifecycle. Once your current version reaches the end of its support lifecycle, you will no longer receive security patches or bug fixes. It’s recommended to upgrade before your version reaches EOL.
  5. Bug Fixes:

    • Known Issues: If you’re encountering bugs or issues that are fixed in newer releases, upgrading can help resolve these issues. Check MariaDB’s release notes to see if any fixes apply to problems you’re experiencing.
  6. Performance Enhancements:

    • Optimizations for Queries: Newer versions might have better query optimizers, new indexing methods, or other enhancements that could significantly improve performance, especially for large datasets or complex queries.

Reasons You Might Hold Off on Upgrading:

  1. Stability and Compatibility:

    • Existing Workflows: If your current version is working well and you’re not experiencing performance or security issues, upgrading may not be necessary. Sometimes newer versions introduce changes that could break existing applications, especially if your app relies on specific behaviors or features from an older MariaDB version.
    • Dependency Conflicts: If your environment is very tightly controlled and relies on specific dependencies or configurations, upgrading could cause conflicts with other software or frameworks.
  2. Upgrade Complexity:

    • Database Schema Changes: Some MariaDB upgrades may require changes to your database schema, especially if features are deprecated or changed. You’ll need to test carefully to ensure your database structure and queries work after the upgrade.
    • Testing & Downtime: Upgrades require careful planning and thorough testing in a staging environment before upgrading production. This can be time-consuming, especially if you have a large or complex database.
  3. New Features Not Needed:

    • Stable Environment: If you’re not in need of any new features or performance improvements, and you’re running a stable and secure version of MariaDB that still receives support, it might not be worth the effort of upgrading.

When You Should Definitely Upgrade:

  • Your current version is no longer supported and you won’t receive security patches.
  • There are known security vulnerabilities that could impact your system.
  • You need specific features or performance improvements offered by a newer version.
  • You’re facing bugs or stability issues that are fixed in a newer release.

How to Upgrade Safely:

  1. Backup Your Data: Before any upgrade, ensure you have full backups of your databases.

  2. Test in a Staging Environment: Set up a clone of your production environment in a staging area and test the upgrade thoroughly before applying it to production.

  3. Read the Release Notes: Review the MariaDB release notes for the version you’re upgrading to. These will inform you about any breaking changes, deprecated features, and enhancements.

  4. Plan for Downtime: Schedule the upgrade during off-peak hours and inform users in advance, in case you need to take the database offline during the process.

I’ve inherited a MatterMost stack with a MariaDB back-end, and I’ve been working to familiarize myself with the upgrade process. This article was super helpful. Thanks Alex!

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up

Join the Tech Talk
Success! Thank you! Please check your email for further details.

Please complete your information!

Featured on Community

Get our biweekly newsletter

Sign up for Infrastructure as a Newsletter.

Hollie's Hub for Good

Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.

Become a contributor

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Welcome to the developer cloud

DigitalOcean makes it simple to launch in the cloud and scale up as you grow — whether you're running one virtual machine or ten thousand.

Learn more