Differences
This shows you the differences between two versions of the page.
linux_wiki:install_and_configure_mariadb [2018/05/12 15:23] billdozor [MariaDB Server: User Management] |
linux_wiki:install_and_configure_mariadb [2019/05/25 23:50] |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== Install And Configure MariaDB ====== | ||
- | |||
- | **General Information** | ||
- | |||
- | Installing and configuring the MySQL drop in replacement, | ||
- | |||
- | ---- | ||
- | |||
- | ====== Lab Setup ====== | ||
- | |||
- | The following virtual machines will be used: | ||
- | * server1.example.com (192.168.1.150) -> Perform any client testing here | ||
- | * server2.example.com (192.168.1.151) -> Install the database here | ||
- | |||
- | ---- | ||
- | |||
- | ====== MariaDB Server: Install and Initial Config ====== | ||
- | |||
- | Install the server and client utilities | ||
- | <code bash> | ||
- | yum install mariadb mariadb-server | ||
- | </ | ||
- | |||
- | \\ | ||
- | Enable and start the service | ||
- | <code bash> | ||
- | systemctl enable mariadb | ||
- | systemctl start mariadb | ||
- | </ | ||
- | |||
- | \\ | ||
- | Open up the firewall for MariaDB | ||
- | <code bash> | ||
- | firewall-cmd --permanent --add-service=mysql | ||
- | firewall-cmd --reload | ||
- | </ | ||
- | |||
- | \\ | ||
- | Run the secure configuration script | ||
- | <code bash> | ||
- | mysql_secure_installation | ||
- | </ | ||
- | * Prompted for current root password (should be blank because of fresh install, just press ENTER) | ||
- | * Prompted to set a root password | ||
- | * Other options | ||
- | * Remove anonymous users | ||
- | * Disallow root login remotely | ||
- | * Remove test database | ||
- | * Reload privileges | ||
- | |||
- | \\ | ||
- | Configure MariaDB to listen on an IP address | ||
- | <code bash> | ||
- | vim /etc/my.cnf | ||
- | |||
- | [mysqld] | ||
- | # Listen on this IP address | ||
- | bind-address=192.168.1.200 | ||
- | </ | ||
- | * For all IPv4 and IPv6 address: bind-address=:: | ||
- | * All IPv4 only (leave blank): bind-address= | ||
- | |||
- | \\ | ||
- | Restart the service | ||
- | <code bash> | ||
- | systemctl restart mariadb | ||
- | </ | ||
- | |||
- | \\ | ||
- | Connect to the database | ||
- | <code bash> | ||
- | mysql -u root -p | ||
- | </ | ||
- | * -u -> username | ||
- | * -p -> prompt for password | ||
- | |||
- | \\ | ||
- | Show the databases | ||
- | <code bash> | ||
- | MariaDB [(none)]> | ||
- | </ | ||
- | |||
- | \\ | ||
- | Use a specific database | ||
- | <code bash> | ||
- | MariaDB [(none)]> | ||
- | </ | ||
- | |||
- | \\ | ||
- | Show the tables in the current database | ||
- | <code bash> | ||
- | MariaDB [mysql]> SHOW TABLES; | ||
- | </ | ||
- | |||
- | ---- | ||
- | |||
- | ====== MariaDB Server: User Management ====== | ||
- | |||
- | Create a new user | ||
- | <code bash> | ||
- | MariaDB [(none)]> | ||
- | </ | ||
- | * User login from any host: " | ||
- | * User login from specific host: " | ||
- | * **HELP**< | ||
- | |||
- | \\ | ||
- | Pre-Req: Create a quick database for the user to have permissions for<code bash> | ||
- | |||
- | \\ | ||
- | Permissions for the new user | ||
- | <code bash> | ||
- | MariaDB [(none)]> | ||
- | </ | ||
- | * Grants the commands on the database " | ||
- | * **HELP**< | ||
- | |||
- | \\ | ||
- | Flush privileges | ||
- | <code bash> | ||
- | MariaDB [(none)]> | ||
- | </ | ||
- | |||
- | \\ | ||
- | Show privileges | ||
- | <code bash> | ||
- | MariaDB [(none)]> | ||
- | </ | ||
- | |||
- | \\ | ||
- | Show all users | ||
- | <code bash> | ||
- | MariaDB [(none)]> | ||
- | </ | ||
- | |||
- | ---- | ||
- | |||
- | ====== MariaDB: Remote Client ====== | ||
- | |||
- | Installing/ | ||
- | |||
- | \\ | ||
- | MariaDB Server: Verify Server is listening | ||
- | <code bash> | ||
- | ss -tulpn | grep mysql | ||
- | </ | ||
- | |||
- | \\ | ||
- | MariaDB Server: Connect to mariadb | ||
- | <code bash> | ||
- | mysql -u root -p | ||
- | </ | ||
- | |||
- | \\ | ||
- | MariaDB Server: Grant privileges to root from the client IP address and flush privileges | ||
- | <code bash> | ||
- | MariaDB [(none)]> | ||
- | MariaDB [(none)]> | ||
- | MariaDB [(none)]> | ||
- | </ | ||
- | * If you don't flush privileges, you could get inconsistent behaviour. | ||
- | * The password for root and be different for this remote grant. This allows you to have different root password' | ||
- | |||
- | \\ | ||
- | MariaDB Server: Open up the firewall to allow mysql connections (if you have not already) | ||
- | <code bash> | ||
- | firewall-cmd --permanent --add-service=mysql | ||
- | firewall-cmd --reload | ||
- | </ | ||
- | |||
- | \\ | ||
- | **MariaDB Remote Client**: Install components to remotely manage | ||
- | <code bash> | ||
- | yum install mariadb | ||
- | </ | ||
- | |||
- | \\ | ||
- | **MariaDB Remote Client**: Connect remotely | ||
- | <code bash> | ||
- | mysql -h 192.168.1.151 -u root -p | ||
- | </ | ||
- | |||
- | ---- | ||
- | |||
- | ====== MariaDB Server: Local Client Only ====== | ||
- | |||
- | To make it so the MariaDB server will only allow local client (socket) connections (and NOT from IP addresses): | ||
- | |||
- | Edit the MariaDB config file | ||
- | <code bash> | ||
- | vim /etc/my.cnf | ||
- | |||
- | # Don't allow network connections to the database | ||
- | skip-networking=1 | ||
- | </ | ||
- | * Cannot even connect to ' | ||
- | |||
- | \\ | ||
- | Restart the mariadb service | ||
- | <code bash> | ||
- | systemctl restart mariadb | ||
- | </ | ||
- | |||
- | ---- | ||