Home » Blog » Install MariaDB 10 on Debian 12

Information

Install MariaDB 10 on Debian 12

Benhcmark Administrator

30/08/2025

0 Views 0

SaveSavedRemoved 0

How to Install and Secure MariaDB on Debian 12 Bookworm

Setting up a robust and reliable database is a foundational step for nearly any web application, server, or development environment. MariaDB, a powerful open-source relational database system, stands out as a leading choice for its performance, security, and strong community support. As a fork of MySQL, it offers a seamless “drop-in” replacement, making it a familiar and easy-to-adopt solution for developers and system administrators.

This guide provides a comprehensive, step-by-step walkthrough for installing and securing MariaDB on a fresh Debian 12 (Bookworm) server. By following these instructions, you will establish a production-ready database environment.

Prerequisites

Before you begin, ensure you have the following:

• A system running Debian 12 Bookworm.
• Access to a user account with sudo or root privileges.

Step 1: Update Your System’s Package Index

First and foremost, it’s crucial to ensure your system’s package list is up-to-date. This prevents potential dependency conflicts and ensures you are installing the latest stable versions of software available in the Debian repositories.

Open your terminal and execute the following commands:

sudo apt update
sudo apt upgrade -y

This will synchronize your package index and upgrade any outdated packages on your system.

Step 2: Install the MariaDB Server

With your system updated, you can now install the MariaDB server package. Debian 12’s default repositories include a well-maintained version of MariaDB, making the installation process straightforward.

To install MariaDB server and its common client utilities, run this command:

sudo apt install mariadb-server

The apt package manager will automatically handle all necessary dependencies and install the database server on your system.

Step 3: Verify the MariaDB Service Status

Once the installation completes, the MariaDB service should start automatically. You can verify that the database server is active and running without errors using systemctl.

sudo systemctl status mariadb

You should see an output indicating the service is active (running). It will look similar to this:

● mariadb.service - MariaDB 10.11.6 database server
     Loaded: loaded (/lib/systemd/system/mariadb.service; enabled; preset: enabled)
     Active: active (running) since Wed 2023-10-25 14:30:00 UTC; 5min ago
...

If the service is not running, you can start it manually with sudo systemctl start mariadb.

Step 4: Secure Your MariaDB Installation

A default MariaDB installation is not secure for a production environment. Fortunately, it includes a guided security script that makes hardening your database server simple. This is a critical security step and should not be skipped.

Run the interactive script by executing:

sudo mysql_secure_installation

The script will guide you through several essential security configurations. Here are the recommended answers for each prompt:

• Enter current password for root (enter for none): Since this is a new installation, there is no root password. Just press Enter.
• Switch to unix_socket authentication? [Y/n]: Press Y or Enter. This is a more secure authentication method for local access, allowing you to log in as the root database user using your system’s sudo privileges without a separate password.
• Change the root password? [Y/n]: Press n. Since you enabled unix_socket authentication, a separate root password is not necessary for command-line access and can complicate management. Your system’s user password is now the gatekeeper.
• Remove anonymous users? [Y/n]: Press Y or Enter. Anonymous users pose a significant security risk and should always be removed.
• Disallow root login remotely? [Y/n]: Press Y or Enter. Disabling remote root login is a fundamental security best practice. You should always connect to your database using dedicated, non-root user accounts.
• Remove test database and access to it? [Y/n]: Press Y or Enter. The test database is for development purposes only and should be removed from a production server.
• Reload privilege tables now? [Y/n]: Press Y or Enter. This ensures all the security changes you just made are applied immediately.

Your MariaDB server is now hardened with a strong baseline of security.

Step 5: Test the Database Connection

To confirm that everything is working as expected, log in to the MariaDB prompt using your root account. Because you enabled unix_socket authentication, you need to use sudo to connect.

sudo mariadb

You will be logged directly into the MariaDB monitor without needing a password. You should see a welcome message and the MariaDB [(none)]> prompt.

You can run a simple command to verify functionality, such as checking the available databases:

SHOW DATABASES;

To exit the MariaDB monitor, type:

EXIT;

Next Steps: Create a Dedicated Database User

For security reasons, you should never use the root account for your applications. The best practice is to create a dedicated user and database for each application.

Here is an example of how to create a new database and a new user, and then grant that user full privileges over the new database.

1. Log in to MariaDB as root:

   sudo mariadb
   

2. Run the following SQL commands, replacing my_app_db, my_app_user, and 'your_strong_password' with your own values:

   -- Create a new database
   CREATE DATABASE my_app_db;
   
   -- Create a new user and set their password
   CREATE USER 'my_app_user'@'localhost' IDENTIFIED BY 'your_strong_password';
   
   -- Grant all privileges on the new database to the new user
   GRANT ALL PRIVILEGES ON my_app_db.* TO 'my_app_user'@'localhost';
   
   -- Apply the changes
   FLUSH PRIVILEGES;
   
   -- Exit the monitor
   EXIT;
   

You now have a secure and fully functional MariaDB server running on your Debian 12 system, ready to power your applications.

Source: https://kifarunix.com/install-mariadb-10-on-debian-12/