MariaDB LogoMariaDB is a binary drop in replacement for MySQL database server. This means that for most cases, you can just uninstall MySQL and install MariaDB and you are good to go.

Why MariaDB?

  • MariaDB is totally open source version of MySQL
  • It works just like MySQL and is compatible with MySQL setups
  • Fedora and Red Hat/CentOS/Rocky Linux use MariaDB instead of MySQL
This is guide, **howto install or upgrade MariaDB 10.7.1 \[RC\], 10.6.3 \[stable\] or 10.5.13 \[stable\] on Fedora 35/34/33, CentOS Stream 8, Red Hat (RHEL) 8.5 and Rocky Linux 8.5**. Installing MariaDB is almost same process than [install MySQL](/2010/install-mysql-on-fedora-centos-red-hat-rhel/ "MySQL Install guide").

Note: If you are moving from MySQL, then make sure that you backup (dump and copy) your database and configs. And if upgrading from earlier versions, then remember run mysql_upgrade command. And if you uninstall MySQL, then remember restore /etc/my.cnf after installation, like:

mv -vi /etc/my.cnf.rpmsave /etc/my.cnf

Install MariaDB/MariaDB-server 10.7.1/10.6.3/10.5.13 on Fedora 35/34/33, CentOS Stream 8, Red Hat (RHEL) 8.5 and Rocky Linux 8.5

1. Change root user

su -
## OR ##
sudo -i

2. Install MariaDB repository

You can grab your dnf/yum repo file using MariaDB repository configuration tool. Currently Fedora 35 is not yet available and Fedora 34 repo is not working, so now only option is mariadb 10.5 for Fedora 35 users.

Fedora 35/34/33

Note: currently Fedora 35/34/33 users can install mariadb 10.5 and not additional repos needed. Alternatively F34/F33 user can use MariaDB repos to install MariaDB 10.7/10.6/10.5 or Galera Cluster.

3. Update or Install MariaDB 10.7 RC/10.6/10.5

Fedora 35/34/33 (Fedora own packages mariadb 10.5)

dnf install mariadb mariadb-server

Fedora 34/33 (MariaDB repos mariadb 10.7 RC/10.6/10.5)

dnf install MariaDB MariaDB-server

CentOS Stream/Red Hat (RHEL) 8.5/Rocky Linux 8.5

dnf install MariaDB MariaDB-server
### 4. Start MariaDB server and autostart MariaDB on boot

Fedora 35/34/33 and CentOS Stream 8/Red Hat (RHEL) 8.5/Rocky Linux 8.5

systemctl start mariadb.service ## use restart after update

systemctl enable mariadb.service

5. MariaDB (MySQL) Secure Installation

  • Set (Change) root password
  • Remove anonymous users
  • Disallow root login remotely
  • Remove test database and access to it
  • Reload privilege tables

Start MariaDB (MySQL) Secure Installation with following command

/usr/bin/mysql_secure_installation

Output:

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
haven't set the root password yet, you should just press enter here.

Enter current password for root (enter for none): 
OK, successfully used password, moving on...

Setting the root password or using the unix_socket ensures that nobody
can log into the MariaDB root user without the proper authorisation.

You already have your root account protected, so you can safely answer 'n'.

Switch to unix_socket authentication [Y/n] n
 ... skipping.

You already have your root account protected, so you can safely answer 'n'.

Change the root password? [Y/n] y
New password: 
Re-enter new password: 
Password updated successfully!
Reloading privilege tables..
 ... Success!


By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] y
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] y
 ... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] y
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

Note: If you don’t want some reason, do a “MySQL Secure Installation” then at least it’s very important to change the root user’s password

mysqladmin -u root password [your_password_here]

## Example ##
mysqladmin -u root password myownsecrectpass

6. Connect to MariaDB database (localhost) with password

mysql -u root -p

## OR ##
mysql -h localhost -u root -p

7. Create Database, Create MySQL User and Enable Remote Connections to MySQL Database

This example uses following parameters:

  • DB_NAME = webdb
  • USER_NAME = webdb_user
  • REMOTE_IP = 10.0.15.25
  • PASSWORD = password123
  • PERMISSIONS = ALL
## CREATE DATABASE ##
MariaDB [(none)]> CREATE DATABASE webdb;

## CREATE USER ##
MariaDB [(none)]> CREATE USER 'webdb_user'@'10.0.15.25' IDENTIFIED BY 'password123';

## GRANT PERMISSIONS ##
MariaDB [(none)]> GRANT ALL ON webdb.* TO 'webdb_user'@'10.0.15.25';

##  FLUSH PRIVILEGES, Tell the server to reload the grant tables  ##
MariaDB [(none)]> FLUSH PRIVILEGES;

Enable Remote Connection to MariaDB Server –> Open MySQL Port (3306) on Iptables Firewall (as root user again)

1. Fedora 35/34/33 and CentOS Stream 8/Red Hat (RHEL) 8.5/Rocky Linux 8.5

1.1 List Your Active Firewalld Zones

firewall-cmd --get-active-zones

Example output:

public
  interfaces: wlp1s0

1.2 Add New Rule to Firewalld

You might have active zone like public, FedoraWorkstation, FedoraServer.

firewall-cmd --permanent --zone=public --add-service=mysql

## OR ##

firewall-cmd --permanent --zone=public --add-port=3306/tcp

1.3 Restart firewalld.service

systemctl restart firewalld.service

2. Test remote connection

mysql -h 10.0.15.25 -u myusername -p