MySQL MariaDB Server
Instalar o servidor de base de dados MySQL MariaDB, com uma configuração mínima.
Nota As versões anteriores do Debian incluiam o pacote servidor de base de dados MySQL. A versão actual disponibiliza também o > MariaDB. Muito provavelmente, as futuras versões do Debian apenas oferecerão o MariaDB.
root@server:~# apt-get install mariadb-server mariadb-client
Durante o processo de instalação é pedida a password de root do servidor MariaDB. Este utilizador root é específico do MariaDB, pelo que deve ter uma password diferente do root do sistema.
E a sua confirmação:
Por segurança e melhor compatibilidade, a configuração predefinida do MariaDB aceita apenas ligações locais (endereço 127.0.0.1). Substituir o bind-address pelo endereço do nosso servidor (192.168.0.100), no ficheiro e configuração /etc/mysql/my.cnf, para o servidor MariaDB ser acessível a partir da rede interna.
root@server:~# cp /etc/mysql/my.cnf /etc/mysql/my.cnf.original
root@server:~# nano /etc/mysql/my.cnf
# [...]
# Instead of skip-networking the default is now to listen only on
# localhost which is more compatible and is not less secure.
bind-address = 192.168.0.100
# [...]
A partir deste momento será possível aceder ao monitor do MariaDB:
root@server:~# mysql -u root -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 40
Server version: 10.0.16-MariaDB-1 (Debian)
Copyright (c) 2000, 2014, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
+--------------------+
3 rows in set (0.01 sec)
MariaDB [(none)]> quit;
Bye
root@server:~#
Após a instalação é conveniente garantir a segurança da instalação MariaDB com o comando mysql_secure_installation. Este programa permite, entre outras coisas, alterar password da conta root do MariaDB, desligar alguns acessos externos e apagar as bases de dados de testes.
root@server:~# mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we`ll need the current
password for the root user. If you`ve just installed MariaDB, and
you haven`t set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none):
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
You already have a root password set, so you can safely answer 'n'.
Change the root password? [Y/n] n
... skipping.
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] Y
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] Y
... Success!
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] Y
- Dropping test database...
ERROR 1008 (HY000) at line 1: Can`t drop database 'test'; database doesn`t exist
... Failed! Not critical, keep moving...
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n]
... Success!
Cleaning up...
All done! If you`ve completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!
root@server:~#