Install MariaDB 11 on Ubuntu 22.04/Ubuntu 20.04

|
Last Updated:
|
|

Follow through this guide to learn how to install MariaDB 11 on Ubuntu 22.04/Ubuntu 20.04. “MariaDB 11 is the new major release series of MariaDB. It ships with several entirely new features and improvements. However, it is good to note that as of this writing, MariaDB 11 is in active development, and preview releases are available for testing purposes. Therefore, “Do not use non-stable (non-GA) releases in production!”

Install MariaDB 11 on Ubuntu 22.04/Ubuntu 20.04

Install MariaDB 11 on Ubuntu 22.04/Ubuntu 20.04

Run System Update

Assuming that you are installing MariaDB 11 on a newly installed Ubuntu system, update and upgrade your system packages.

apt update
apt upgrade

Install MariaDB 11 on Ubuntu 22.04/Ubuntu 20.04

Install MariaDB 11 from APT Repository

One of the easiest ways to install MariaDB is via the use of their MariaDB package repositories.

As of this writing, the default repos for Ubuntu 20.04/Ubuntu 22.04 does not provide MariaDB 11 packages.

apt show mariadb-server

Package: mariadb-server
Version: 1:10.6.12-0ubuntu0.22.04.1
Priority: optional
Section: universe/database
Source: mariadb-10.6
Origin: Ubuntu
Maintainer: Ubuntu Developers 
Original-Maintainer: Debian MySQL Maintainers 
Bugs: https://bugs.launchpad.net/ubuntu/+filebug
Installed-Size: 69.6 kB
Depends: mariadb-server-10.6 (>= 1:10.6.12-0ubuntu0.22.04.1)
Homepage: https://mariadb.org/
Download-Size: 11.8 kB
APT-Sources: http://ke.archive.ubuntu.com/ubuntu jammy-updates/universe amd64 Packages

Default version of MariaDB on Ubuntu 20.04 is MariaDB 10.3.

Therefore, to install MariaDB 11 on Ubuntu 22.04/Ubuntu 20.04;

  • Install MariaDB APT repository on Ubuntu 22.04/Ubuntu 20.04

Execute the commands below to install MariaDB 11 APT repos;

apt install software-properties-common dirmngr curl ca-certificates apt-transport-https

To Install MariaDB 11 APT repository, we will use the MariaDB package repository setup script.

The script allows you to choose the version of MariaDB you want to set the APT repositories for.

For example, to install APT repository for MariaDB 11, then execute the command below;

curl -LsS https://r.mariadb.com/downloads/mariadb_repo_setup | \
sudo bash -s -- --mariadb-server-version="mariadb-11.0"

Sample script output;


# [info] Checking for script prerequisites.
# [info] MariaDB Server version 11.0 is valid
# [info] Repository file successfully written to /etc/apt/sources.list.d/mariadb.list
# [info] Adding trusted package signing keys...
# [info] Running apt-get update...
# [info] Done adding trusted package signing keys

Install MariaDB 11 on Ubuntu 22.04/Ubuntu 20.04;

You should now be able to install MariaDB 11 on Ubuntu 22.04/Ubuntu 20.04 by running the command below;

apt install mariadb-server

Verify the MariaDB installed version

MariaDB 11 deprecates the use of mysql command line tool and replaces it with mariadb.

As much as you can still be able to use mysql command, you will get some deprecation warnings.

To check the version of installed MariaDB, run the command below;

mariadb -V
mariadb from 11.0.1-MariaDB, client 15.2 for debian-linux-gnu (x86_64) using  EditLine wrapper

Running MariaDB 11 on Ubuntu 22.04/Ubuntu 20.04

Upon installation, MariaDB is started and enabled to run on system boot;

systemctl status mariadb

● mariadb.service - MariaDB 11.0.1 database server
     Loaded: loaded (/lib/systemd/system/mariadb.service; enabled; vendor preset: enabled)
    Drop-In: /etc/systemd/system/mariadb.service.d
             └─migrated-from-my.cnf-settings.conf
     Active: active (running) since Thu 2023-05-04 05:31:30 UTC; 1s ago
       Docs: man:mariadbd(8)
             https://mariadb.com/kb/en/library/systemd/
    Process: 12654 ExecStartPre=/usr/bin/install -m 755 -o mysql -g root -d /var/run/mysqld (code=exited, status=0/SUCCESS)
    Process: 12664 ExecStartPre=/bin/sh -c systemctl unset-environment _WSREP_START_POSITION (code=exited, status=0/SUCCESS)
    Process: 12666 ExecStartPre=/bin/sh -c [ ! -e /usr/bin/galera_recovery ] && VAR= ||   VAR=`cd /usr/bin/..; /usr/bin/galera_recovery`; [ $? -eq 0 ]   && systemctl set-e>
    Process: 12715 ExecStartPost=/bin/sh -c systemctl unset-environment _WSREP_START_POSITION (code=exited, status=0/SUCCESS)
    Process: 12717 ExecStartPost=/etc/mysql/debian-start (code=exited, status=0/SUCCESS)
   Main PID: 12701 (mariadbd)
     Status: "Taking your SQL requests now..."
      Tasks: 15 (limit: 2281)
     Memory: 79.1M
     CGroup: /system.slice/mariadb.service
             └─12701 /usr/sbin/mariadbd

May 04 05:31:29 ubuntu20 mariadbd[12701]: 2023-05-04  5:31:29 0 [Note] Plugin 'wsrep-provider' is disabled.
May 04 05:31:29 ubuntu20 mariadbd[12701]: 2023-05-04  5:31:29 0 [Note] InnoDB: Loading buffer pool(s) from /var/lib/mysql/ib_buffer_pool
May 04 05:31:29 ubuntu20 mariadbd[12701]: 2023-05-04  5:31:29 0 [Note] Server socket created on IP: '127.0.0.1'.
May 04 05:31:30 ubuntu20 mariadbd[12701]: 2023-05-04  5:31:30 0 [Note] InnoDB: Buffer pool(s) load completed at 230504  5:31:30
May 04 05:31:30 ubuntu20 mariadbd[12701]: 2023-05-04  5:31:30 0 [Note] /usr/sbin/mariadbd: ready for connections.
May 04 05:31:30 ubuntu20 mariadbd[12701]: Version: '11.0.1-MariaDB-1:11.0.1+maria~ubu2004'  socket: '/run/mysqld/mysqld.sock'  port: 3306  mariadb.org binary distribution
May 04 05:31:30 ubuntu20 systemd[1]: Started MariaDB 11.0.1 database server.
May 04 05:31:30 ubuntu20 /etc/mysql/debian-start[12719]: Upgrading MySQL tables if necessary.
May 04 05:31:30 ubuntu20 /etc/mysql/debian-start[12730]: Checking for insecure root accounts.
May 04 05:31:30 ubuntu20 /etc/mysql/debian-start[12734]: Triggering myisam-recover for all MyISAM tables and aria-recover for all Aria tables

You can manage the service via systemctl command.

For example, to start MariaDB service;

systemctl start mariadb

To restart;

systemctl restart mariadb

To stop the service;

systemctl stop mariadb

Enable the service from running on system boot;

systemctl enable mariadb

Disable the service from running on system boot;

systemctl disable mariadb

Securing MariaDB 11

MariaDB comes with a default security script, mariadb-secure-installation that is used to improve the security of MariaDB installation by:

  • Setting the password for root accounts (if need be).
  • Disabling remote root login to the databases.
  • Removing anonymous-user accounts.
  • Removing the test database, which by default can be accessed by anonymous users.

Simply run the command below to launch the script.

mariadb-secure-installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
haven't set the root password yet, you should just press enter here.

Enter current password for root (enter for none): 
OK, successfully used password, moving on...

Setting the root password or using the unix_socket ensures that nobody
can log into the MariaDB root user without the proper authorisation.

You already have your root account protected, so you can safely answer 'n'.

Switch to unix_socket authentication [Y/n]  
Enabled successfully!
Reloading privilege tables..
 ... Success!


You already have your root account protected, so you can safely answer 'n'.

Change the root password? [Y/n] y
New password: 
Re-enter new password: 
Password updated successfully!
Reloading privilege tables..
 ... Success!


By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] y
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] y
 ... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] y
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

MariaDB Authentication

The new installations of MariaDB have two secure accounts are created during the installation.

The accounts are root@localhost and mysql@localhost.

Both accounts uses either of the unix_socket and the mysql_native_password authentication plugins.

unix_socket authentication plugin allows a system root user or a user with sudo rights to login as root@locahost to MariaDB database without a password.

With unix_socket authentication plugin, while being a root user, you can simply login by running either of the commands below;

mariadb

or

mariadb -u root

Even if you run, mariadb -u root -p, and press ENTER for blank password, you will still login.

As a user with sudo rights, prefix the commands above with sudo.

For example, you can login as mysql user;

sudo -u mysql mariadb

Enable MariaDB password Authentication

With the two privileged accounts, root@localhost and mysql@localhost, anyone with access to it can login to MariaDB.

It is not recommended to leave such user accounts with no password and all privileges, as this can pose a significant security risk to your database.

The two accounts above uses mysql_native_password plugin by default;

mariadb
select User,Host,plugin from mysql.user;

+-------------+-----------+-----------------------+
| User        | Host      | plugin                |
+-------------+-----------+-----------------------+
| mariadb.sys | localhost | mysql_native_password |
| root        | localhost | mysql_native_password |
| mysql       | localhost | mysql_native_password |
+-------------+-----------+-----------------------+
3 rows in set (0.002 sec)

MariaDB [(none)]>

The mysql_native_password plugin is used as a failover for the unix_socket plugin. Even if you have setup a password using MariaDB secure installation script, you can still login as those accounts without a password.

show grants for root@localhost;

+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Grants for root@localhost                                                                                                                                                 |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO `root`@`localhost` IDENTIFIED VIA mysql_native_password USING '*9C6C35530EE4427B07D2FA4F9E119C3915D18940' OR unix_socket WITH GRANT OPTION |
| GRANT PROXY ON ''@'%' TO 'root'@'localhost' WITH GRANT OPTION                                                                                                             |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
2 rows in set (0.000 sec)

MariaDB [(none)]>
show grants for mysql@localhost;

+------------------------------------------------------------------------------------------------------------------------------------------+
| Grants for mysql@localhost                                                                                                               |
+------------------------------------------------------------------------------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO `mysql`@`localhost` IDENTIFIED VIA mysql_native_password USING 'invalid' OR unix_socket WITH GRANT OPTION |
+------------------------------------------------------------------------------------------------------------------------------------------+
1 row in set (0.000 sec)

MariaDB [(none)]>

As you can see above, we had already set the password for root user using the mysql_secure_installation command. But mysql user account has invalid password.

Thus, enable password authentication.

ALTER USER root@localhost identified by 'myStr0nP@ssW0rd';
ALTER USER mysql@localhost identified by 'myStr0nP@ssW0rd2';
flush privileges;
quit

This re-enables the MariaDB password authentication and hence, you can now login as non root or non sudo user.

mariadb

Or;

sudo -u mysql mariadb

Sample output;

ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)

Provide a password to be able to login;

mariadb -u root -p

Enter password: 
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 35
Server version: 11.0.1-MariaDB-1:11.0.1+maria~deb10 mariadb.org binary distribution

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]>

Set Native Password Authentication Method as Default

When you set the password above, it completely disables unix_socket authentication plugin and instead use the msqyl_native_password authentication method;

show grants for root@localhost;

+----------------------------------------------------------------------------------------------------------------------------------------+
| Grants for root@localhost                                                                                                              |
+----------------------------------------------------------------------------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO `root`@`localhost` IDENTIFIED BY PASSWORD '*73E1DDB4DA8B34D3080B082A8DFC863A56285DD4' WITH GRANT OPTION |
| GRANT PROXY ON ''@'%' TO 'root'@'localhost' WITH GRANT OPTION                                                                          |
+----------------------------------------------------------------------------------------------------------------------------------------+
2 rows in set (0.000 sec)

MariaDB [(none)]>
show grants for mysql@localhost;

+-----------------------------------------------------------------------------------------------------------------------------------------+
| Grants for mysql@localhost                                                                                                              |
+-----------------------------------------------------------------------------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO `mysql`@`localhost` IDENTIFIED BY PASSWORD '*4C8C1832BBF14A360C2F70EA14CBD912AE0AF280' WITH GRANT OPTION |
+-----------------------------------------------------------------------------------------------------------------------------------------+
1 row in set (0.000 sec)

MariaDB [(none)]>

That marks the end of our guide on how to install MariaDB 11 on Ubuntu 22.04/Ubuntu 20.04.

Other Tutorials

You can check our other MySQL/MariaDB related tutorials.

SUPPORT US VIA A VIRTUAL CUP OF COFFEE

We're passionate about sharing our knowledge and experiences with you through our blog. If you appreciate our efforts, consider buying us a virtual coffee. Your support keeps us motivated and enables us to continually improve, ensuring that we can provide you with the best content possible. Thank you for being a coffee-fueled champion of our work!

Photo of author
Kifarunix
Linux Certified Engineer, with a passion for open-source technology and a strong understanding of Linux systems. With experience in system administration, troubleshooting, and automation, I am skilled in maintaining and optimizing Linux infrastructure.

Leave a Comment