MariaDB is one of the popular relational database management systems (RDBMS), forked from MySQL by some of the original developers. It is open source licensed under GNU GPL 2, and ready for both community and enterprise use with long history and large knowledge to manage and maintain.
This post shows how to do it.
Just a few !!
# pkg_add mariadb-server # rcctl enable mysqld # mysql_install_db # rcctl start mysqld # mysql_secure_installation # # several questions will be given
All of the description is below.
$ doas pkg_add mariadb-server
The result was:
quirks-6.122 signed on 2023-09-01T21:25:11Z mariadb-server-10.9.4v1:(...): ok mariadb-server-10.9.4v1: ok The following new rcscripts were installed: /etc/rc.d/mysqld See rcctl(8) for details. New and changed readme(s): /usr/local/share/doc/pkg-readmes/mariadb-server
As above, the pkg-readme is brought as
$ doas rcctl enable mysqld
Create the default database:
$ doas mysql_install_db
The result was:
WARNING: The host '(...)' could not be looked up with /usr/local/bin/resolveip. This probably means that your libc libraries are not 100 % compatible with this binary MariaDB version. The MariaDB daemon, mysqld, should work normally with the exception that host name resolving will not work. This means that you should use IP addresses instead of hostnames when specifying MariaDB privileges ! Installing MariaDB/MySQL system tables in '/var/mysql' ... OK Two all-privilege accounts were created. One is root@localhost, it has no password, but you need to be system 'root' user to connect. Use, for example, sudo mysql The second is _mysql@localhost, it has no password either, but you need to be the system '_mysql' user to connect. After connecting you can set the password, if you would need to be able to connect as any of these users with a password and without sudo See the MariaDB Knowledgebase at https://mariadb.com/kb You can start the MariaDB daemon with: /etc/rc.d/mysqld start Please report any problems at https://mariadb.org/jira The latest information about MariaDB is available at https://mariadb.org/. Consider joining MariaDB's strong and vibrant community: https://mariadb.org/get-involved/
$ doas rcctl start mysqld mysqld(ok)
$ doas mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
It must be none for the first time. Just push Enter.
In order to log into MariaDB to secure it, we'll need the current password for the root user. If you've just installed MariaDB, and haven't set the root password yet, you should just press enter here. Enter current password for root (enter for none): OK, successfully used password, moving on...
At all the questions below, my choice is written down. Actually, they are up to your environment.
Setting the root password or using the unix_socket ensures that nobody can log into the MariaDB root user without the proper authorisation. You already have your root account protected, so you can safely answer 'n'. Switch to unix_socket authentication [Y/n] n ... skipping.
You already have your root account protected, so you can safely answer 'n'. Change the root password? [Y/n] y New password: Re-enter new password: Password updated successfully!
By default, a MariaDB installation has an anonymous user, allowing anyone to log into MariaDB without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment. Remove anonymous users? [Y/n] y ... Success!
Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network. Disallow root login remotely? [Y/n] y ... Success!
By default, MariaDB comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment. Remove test database and access to it? [Y/n] y - Dropping test database... ... Success! - Removing privileges on test database... ... Success!
Reloading the privilege tables will ensure that all changes made so far will take effect immediately. Reload privilege tables now? [Y/n] y ... Success!
Cleaning up... All done! If you've completed all of the above steps, your MariaDB installation should now be secure. Thanks for using MariaDB!
You may confirm your daemon is fine with:
$ doas rcctl check mysqld mysqld(ok)
Well, let’s login to the server as client with
root, the superuser:
$ mysql -u root -p
After entering the password, you must be welcomed:
Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 11 Server version: 10.9.4-MariaDB OpenBSD port: mariadb-server-10.9.4v1 Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]>
The command line examples:
-- create database CREATE DATABASE <database> \ CHARACTER SET utf8mb4 \ COLLATE utf8mb4_unicode_ci; -- create user for it GRANT ALL PRIVILEGES \ ON <database>.* \ TO <dbuser>@'localhost' \ IDENTIFIED BY '<dbpass>'; -- reload privileges FLUSH PRIVILEGES;
🎵 🐬 Happy storing digitally 🐬 🎵