How to Install MariaDB on Rocky Linux 8: A Comprehensive Guide
Setting up a robust and reliable database is a cornerstone of modern server administration. For users of Rocky Linux 8, MariaDB stands out as a powerful, open-source relational database management system. As a community-developed fork of MySQL, it offers a high-performance, drop-in replacement that is both familiar to MySQL users and packed with enhanced features.
This guide provides a clear, step-by-step process for installing and securing MariaDB 10.x on a Rocky Linux 8 server, ensuring you have a stable and secure foundation for your applications.
Prerequisites
Before you begin, ensure you have the following:
- A server running Rocky Linux 8.
- Access to a user account with
sudoor root privileges.
Step 1: Update Your System
First, it’s always a best practice to ensure your system’s packages are up to date. This prevents potential conflicts and ensures you have the latest security patches.
Open your terminal and run the following command:
sudo dnf update -y
Step 2: Add the Official MariaDB Repository
While Rocky Linux 8 includes a version of MariaDB in its default AppStream repository, it may not be the latest version. To install a more recent and officially supported release, it is highly recommended to add the official MariaDB repository.
Create a new repository configuration file using a text editor like
nano:sudo nano /etc/yum.repos.d/mariadb.repoPaste the following configuration into the file. This configuration points your system to the official MariaDB 10.6 repository, which is a stable and long-term support (LTS) release.
[mariadb] name = MariaDB baseurl = http://yum.mariadb.org/10.6/rhel8-amd64 module_hotfixes=1 gpgkey = https://yum.mariadb.org/RPM-GPG-KEY-MariaDB gpgcheck = 1Save the file and exit the editor (in
nano, pressCTRL+X, thenY, thenEnter).baseurl: Specifies the location of the MariaDB packages.gpgkey: Provides the GPG key to verify the authenticity of the packages you download.gpgcheck = 1: Enables the GPG signature check, which is a crucial security measure.
Step 3: Install MariaDB Server and Client
With the repository configured, you can now install the MariaDB server and client packages. The server package contains the core database daemon, while the client package provides the tools needed to connect to and manage the database.
Execute the following command to install MariaDB:
sudo dnf install MariaDB-server MariaDB-client -y
The dnf package manager will automatically resolve dependencies and install the necessary packages from the repository you just added.
Step 4: Start and Enable the MariaDB Service
Once the installation is complete, the MariaDB service will not be running by default. You need to start it and enable it to launch automatically on system boot.
Start the MariaDB service:
sudo systemctl start mariadbEnable the service to start on boot:
sudo systemctl enable mariadbVerify the status of the service to ensure it is active and running without errors:
sudo systemctl status mariadbYou should see an output indicating the service is
active (running).
Step 5: Secure Your MariaDB Installation
A default MariaDB installation is not secure. This next step is critical for hardening your database server against unauthorized access. MariaDB includes a helpful security script that walks you through several essential security configurations.
Run the script with sudo:
sudo mysql_secure_installation
The script will prompt you with a series of questions. Here are the recommended answers for a secure setup:
- Enter current password for root (enter for none): Press Enter since no root password has been set yet.
- Switch to unix_socket authentication? [Y/n]: Press Y. This is a more secure authentication method for the root user when connecting locally.
- Set root password? [Y/n]: Press Y and enter a new, strong password for the MariaDB root user. This password is for database access, not your system’s root user.
- Remove anonymous users? [Y/n]: Press Y. Anonymous users are a security risk and should be removed.
- Disallow root login remotely? [Y/n]: Press Y. This is a major security enhancement, preventing attackers from trying to brute-force the root password from the network.
- Remove test database and access to it? [Y/n]: Press Y. The test database is for development purposes only and should be removed from a production environment.
- Reload privilege tables now? [Y/n]: Press Y. This ensures all the changes you just made take effect immediately.
After completing these steps, your MariaDB installation will be significantly more secure.
Step 6: Test Your Connection
Finally, let’s verify that you can connect to the database server using the new root password you created.
Attempt to log in to the MariaDB command-line client:
sudo mysql -u root -p
You will be prompted to enter the password you set during the mysql_secure_installation process. Upon successful login, you will be greeted with the MariaDB monitor prompt:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is ...
Server version: 10.6.x-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]>
You can run a simple query to confirm functionality, for example, checking the database version:
SELECT version();
To exit the monitor, type exit and press Enter.
Conclusion
You have now successfully installed and secured MariaDB on your Rocky Linux 8 server. By using the official repository, you ensure access to timely updates and stable releases. Following the mysql_secure_installation script is a non-negotiable step for any production server to protect your data. Your database server is now ready for you to create databases, users, and connect your applications.
Source: https://kifarunix.com/install-mariadb-10-x-on-rocky-linux-8/
