Skip to content

Added tested with 8.6 and 9.0 and a special section for 9.0 #726

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Jun 20, 2022
Merged

Added tested with 8.6 and 9.0 and a special section for 9.0 #726

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
29 changes: 28 additions & 1 deletion docs/guides/database/database_mariadb-server.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
title: MariaDB Database Server
author: Steven Spencer
contributors: Ezequiel Bruni, William Perron
tested with: 8.5
tested with: 8.5, 8.6, 9.0
tags:
- database
- mariadb
Expand Down Expand Up @@ -167,6 +167,33 @@ Thanks for using MariaDB!

MariaDB should now be ready to use.

### Rocky Linux 9.0 Changes

Rocky Linux 9.0 uses `mariadb-server-10.5.13-2` as the default mariadb-server version. As of version 10.4.3, a new plugin is automatically enabled in the server which changes the `mariadb-secure-installation` dialog. That plugin is `unix-socket` authentication. [This article](https://mariadb.com/kb/en/authentication-plugin-unix-socket/) explains the new feature well. Essentially, using `unix-socket` authentication uses the credentials of the logged in user to access the database. It makes it so that if the root user, for example, logs in and then uses `mysqladmin` to create or delete a database (or any other function) that no password is needed for access. Same works with `mysql`. It also means there is no password to compromise remotely. This depends on the security of the users setup on the server for all of the protection of the database.

The second dialog during the `mariadb-secure-installation` after the password is set for the administrative user is:

```
Switch to unix_socket authentication Y/n
```

Obviously, the default here is "Y", but even if you answer "n", with the plugin enabled, no password is requested for the user, at least not from the command line interface. You can specify either password or no password and they both work:

```
mysql

MariaDB [(none)]>
```

```
mysql -p
Enter password:

MariaDB [(none)]>
```

For more information on this feature, refer to the link above. There is a way to switch off this plugin and go back to having the password as a required field, which is also detailed within that link.

## Conclusion

A database server, such as _mariadb-server_, can be used for many purposes. Because of the popularity of the Wordpress CMS, it is often found on web servers. Before we run the database in production, however, it is a good idea to strengthen its security.