安装
#更新软件包
apt update
#查找可安装的MariaDB
apt search mariadb-server
Sorting... Done
Full Text Search... Done
mariadb-server/stable 1:10.11.6-0+deb12u1 amd64
MariaDB database server binaries
mariadb-server-10.5/stable 1:10.11.6-0+deb12u1 amd64
MariaDB database server binaries
mariadb-server-core/stable 1:10.11.6-0+deb12u1 amd64
MariaDB database core server files
#安装MariaDB,遇到选项选Y即可
apt install mariadb-server
#安装后会自动运行,查看MariaDB状态
systemctl status mariadb授权
#执行提高安全性的脚本
root@iZuf67owyzd0wopzvdfgsyZ:/# mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
haven't set the root password yet, you should just press enter here.
#此处需记住密码
Enter current password for root (enter for none):
OK, successfully used password, moving on...
Setting the root password or using the unix_socket ensures that nobody
can log into the MariaDB root user without the proper authorisation.
You already have your root account protected, so you can safely answer 'n'.
#socket认证
Switch to unix_socket authentication [Y/n] Y
Enabled successfully!
Reloading privilege tables..
... Success!
You already have your root account protected, so you can safely answer 'n'.
#是否改变密码
Change the root password? [Y/n] n
... skipping.
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
#是否移除匿名用户
Remove anonymous users? [Y/n] y
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
#是否不允许远程登录
Disallow root login remotely? [Y/n] y
... Success!
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
#移除测试数据库
Remove test database and access to it? [Y/n] y
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
#重新加载权限表
Reload privilege tables now? [Y/n] y
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!我设置了root用户不允许远程登录,需要新建一个用户用来远程登录
root@iZuf67owyzd0wopzvdfgsyZ:/# mysql -uroot -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 40
Server version: 10.11.6-MariaDB-0+deb12u1 Debian 12
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
#创建用户,cus是用户名,%是可访问ip,如果用%表示所有ip,可自行指定,password是密码
MariaDB [(none)]> CREATE USER 'cus'@'%' IDENTIFIED BY 'password';
Query OK, 0 rows affected (0.001 sec)
#查看权限
MariaDB [(none)]> SHOW GRANTS FOR 'cus'@'%';
+----------------------------------------------------------------------------------------------------+
| Grants for cus@% |
+----------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO `cus`@`%` IDENTIFIED BY PASSWORD '*F29DBAD471E0FF1EFA1BE48B07005CC9DC18B301' |
+----------------------------------------------------------------------------------------------------+
1 row in set (0.000 sec)
#授权
MariaDB [(none)]> GRANT ALL PRIVILEGES ON *.* TO 'cus'@'%' IDENTIFIED BY 'cus';
Query OK, 0 rows affected (0.001 sec)
#刷新权限
MariaDB [(none)]> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.001 sec)配置
MariaDB默认是运行在3306端口的,但是此时如果我们用数据库连接工具测试连接或者服务器上指定ip连接,是连接不上的,需要做一些配置
#编辑配置文件
vim /etc/mysql/mariadb.conf.d/50-server.cnf配置文件修改项
- 修改port(非必须,默认3306,不太推荐用默认的)
- 修改bind-address为0.0.0.0,所有ip可访问
- 保存后重启MariaDB
systemctl start mariadb - navicat测试连接
卸载
如需卸载,可执行以下命令
sudo apt-get purge --auto-remove mariadb-server