MariaDB

From ArchWiki
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

MariaDB is a reliable, high performance and full-featured database server which aims to be an 'always Free, backward compatible, drop-in' replacement of MySQL. Since 2013 MariaDB is Arch Linux's default implementation of MySQL.[1]

Installation

MariaDB is the default implementation of MySQL in Arch Linux, provided with the mariadb package.

Tip:
  • If the database (in /var/lib/mysql) resides on a Btrfs file system, you should consider disabling Copy-on-Write for the directory before creating any database.
  • If the database resides on a ZFS file system, you should consult ZFS#Databases before creating any database.

Install mariadb, and run the following command before starting the mariadb.service:

# mariadb-install-db --user=mysql --basedir=/usr --datadir=/var/lib/mysql
Tip: If you use something different from /var/lib/mysql for your data dir, you need to set datadir=YOUR_DATADIR under section [mysqld] of your /etc/my.cnf.d/server.cnf.

Now mariadb.service can be started and/or enabled.

Note: Before continuing, it is recommended to improve the initial security of the MySQL installation.

To simplify administration, you might want to install a front-end.

Configuration

Tango-view-refresh-red.pngThis article or section is out of date.Tango-view-refresh-red.png

Reason: The main /etc/my.cnf configuration file is now split into various files in /etc/my.cnf.d/ dir. (Discuss in Talk:MariaDB)

Once you have started the MySQL server and added a root account, you may want to change the default configuration.

To log in as root on the MySQL server, use the following command:

# mysql -u root -p
Note: The default password is empty. Press Enter to log in.

Add user

Creating a new user takes two steps: create the user; grant privileges. In the below example, the user monty with some_pass as password is being created, then granted full permissions to the database mydb:

# mysql -u root -p
MariaDB> CREATE USER 'monty'@'localhost' IDENTIFIED BY 'some_pass';
MariaDB> GRANT ALL PRIVILEGES ON mydb.* TO 'monty'@'localhost';
MariaDB> FLUSH PRIVILEGES;
MariaDB> quit

Configuration files

MariaDB configuration options are read from the following files in the given order (according to mysqld --help --verbose output):

/etc/my.cnf /etc/my.cnf.d/ ~/.my.cnf

Depending on the scope of the changes you want to make (system-wide, user-only...), use the corresponding file. See this entry of the Knowledge Base for more information.

Enable auto-completion

Note: Enabling this feature can make the client initialization longer.

The MySQL client completion feature is disabled by default. To enable it system-wide edit /etc/my.cnf.d/mysql-clients.cnf, and add auto-rehash under mysql. Note that this must not be placed under mysqld. Completion will be enabled next time you run the MySQL client.

Using UTF8MB4

Warning: Before changing the character set be sure to create a backup first.
Note:
  • The mariadb package already uses utf8mb4 as charset and utf8mb4_unicode_ci as collation. Users using the default (character) settings may want to skip this section.
  • UTF8MB4 is recommended over UTF-8 since it allows full Unicode support [2] [3].

Append the following values to the main configuration file located at /etc/mysql/my.cnf:

[client]
default-character-set = utf8mb4

[mysqld]
collation_server = utf8mb4_unicode_ci
character_set_server = utf8mb4

[mysql]
default-character-set = utf8mb4

Restart mariadb.service to apply the changes.

See #Maintenance to optimize and check the database health.

Increase character limit

Tango-view-refresh-red.pngThis article or section is out of date.Tango-view-refresh-red.png

Reason: As of 10.3.1 this section is no longer applicable. All 3 options are now enabled by default. innodb_file_format and innodb_large_prefix are deprecated and can no longer be used. The mariadb service will fail to start if either are included in my.cnf (source) (Discuss in Talk:MariaDB)
Note: The character-limit depends on the character-set in use [4] [5] [6].

For InnoDB execute the following commands to support a higher character-limit:

mysql> set global innodb_file_format = BARRACUDA;
Query OK, 0 rows affected (0.00 sec)
mysql> set global innodb_file_per_table = ON;
Query OK, 0 rows affected (0.00 sec)
mysql> set global innodb_large_prefix = ON;
Query OK, 0 rows affected (0.00 sec)

Append the following lines in /etc/mysql/my.cnf to always use a higher character-limit:

[mysqld]
innodb_file_format = barracuda
innodb_file_per_table = 1
innodb_large_prefix = 1

Restart mariadb.service to apply the changes.

On table creating append the ROW_FORMAT as seen in the example:

mysql> create table if not exists products (
   ->   day date not null,
   ->   product_id int not null,
   ->   dimension1 varchar(500) not null,
   ->   dimension2 varchar(500) not null,
   ->   unique index unique_index (day, product_id, dimension1, dimension2)
   -> ) ENGINE=InnoDB ROW_FORMAT=DYNAMIC;
Query OK, 0 rows affected (0.02 sec)

Using a tmpfs for tmpdir

The directory used by MySQL for storing temporary files is named tmpdir. For example, it is used to perform disk based large sorts, as well as for internal and explicit temporary tables.

Create the directory with appropriate permissions:

# mkdir -pv /var/lib/mysqltmp
# chown mysql:mysql /var/lib/mysqltmp

Add the following tmpfs mount to your /etc/fstab file:

tmpfs   /var/lib/mysqltmp   tmpfs   rw,gid=mysql,uid=mysql,size=100M,mode=0750,noatime   0 0

Add to your /etc/my.cnf.d/server.cnf file under the mysqld group:

tmpdir      = /var/lib/mysqltmp

Stop mariadb.service, mount /var/lib/mysqltmp/ and start mariadb.service.

Time zone tables

Although time zone tables are created during the installation, they are not automatically populated. They need to be populated if you are planning on using CONVERT_TZ() in SQL queries.

To populate the time zone tables with all the time zones:

$ mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -u root -p mysql

Optionally, you may populate the table with specific time zone files:

$ mysql_tzinfo_to_sql timezone_file timezone_name | mysql -u root -p mysql

Security

Improve initial security

The mysql_secure_installation command will interactively guide you through a number of recommended security measures, such as removing anonymous accounts and removing the test database:

# mysql_secure_installation
Warning: After running this, please note that TCP port 3306 will still be open, but refusing connections with an error message. To prevent MySQL from listening on an external interface, see the #Listen only on the loopback address and #Enable access locally only via Unix sockets sections.

Listen only on the loopback address

By default, MySQL will listen on the 0.0.0.0 address, which includes all network interfaces. In order to restrict MySQL to listen only to the loopback address, add the following line in /etc/my.cnf.d/server.cnf:

[mysqld]
bind-address = 127.0.0.1

Enable access locally only via Unix sockets

By default, MySQL is accessible via both Unix sockets and the network. If MySQL is only needed for the localhost, you can improve security by not listening on TCP port 3306, and only listening on Unix sockets instead. To do this, add the following line in /etc/my.cnf.d/server.cnf:

[mysqld]
skip-networking

You will still be able to log in locally as before, but only using Unix sockets.

Grant remote access

Warning: This is not considered as best practice and may cause security issues. Consider using Secure Shell, VNC or VPN, if you want to maintain the MySQL server from another host inside/outside your network.

To allow remote access to the MySQL server, ensure that MySQL has networking enabled and is listening on the appropriate interface.

Grant any MySQL user remote access (example for root):

# mysql -u root -p

Check current users with remote access privileged:

SELECT User, Host FROM mysql.user WHERE Host <> 'localhost';

Now grant remote access for your user (here root):

GRANT ALL PRIVILEGES ON *.* TO 'root'@'192.168.1.%' IDENTIFIED BY 'my_optional_remote_password' WITH GRANT OPTION;

You can change the '%' wildcard to a specific host if you like. The password can be different from user's main password.

Configure access to home directories

For security reasons, the systemd service file contains ProtectHome=true, which prevents MariaDB from accessing files under the /home, /root and /run/user hierarchies. The datadir has to be in an accessible location and owned by the mysql user and group.

You can modify this behavior by creating a supplementary service file as described here.

Maintenance

Upgrade databases on major releases

Upon a major version release of mariadb (for example mariadb-10.1.10-1 to mariadb-10.1.18-1), it is wise to upgrade databases:

# mysql_upgrade -u root -p

To upgrade from 10.1.x to 10.3.x:

  • keep the 10.1.x database daemon running
  • upgrade the package
  • run mysql_upgrade (from the new package version) against the old still-running daemon. This will produce some error messages; however, the upgrade will succeed.
  • restart the daemon, so the 10.3.x daemon runs.

Alternatively, stop the (old) daemon, run the (new) daemon in safe mode, run mysql_upgrade against that, and then start the (new) daemon as described in #Unable to run mysql_upgrade because MySQL cannot start.

Checking, optimizing and repairing databases

mariadb ships with mysqlcheck which can be used to check, repair, and optimize tables within databases from the shell. See the mysqlcheck man page for more. Several command tasks are shown:

To check all tables in all databases:

$ mysqlcheck --all-databases -u root -p -c

To analyze all tables in all databases:

$ mysqlcheck --all-databases -u root -p -a

To repair all tables in all databases:

$ mysqlcheck --all-databases -u root -p -r

To optimize all tables in all databases:

$ mysqlcheck --all-databases -u root -p -o

Backup

There are various tools and strategies to back up your databases.

If you are using the default InnoDB storage engine, a suggested way of backing up all your bases online while provisioning for point-in-time recovery (also known as “roll-forward,” when you need to restore an old backup and replay the changes that happened since that backup) is to execute the following command:

$ mysqldump --single-transaction --flush-logs --master-data=2 --all-databases -u root -p > all_databases.sql

This will prompt for MariaDB's root user's password, which was defined during database #Configuration.

Specifying the password on the command line is strongly discouraged, as it exposes it to discovery by other users through the use of ps aux or other techniques. Instead, the aforementioned command will prompt for the specified user's password, concealing it away.

Compression

As SQL tables can get pretty large, it is recommended to pipe the output of the aforementioned command in a compression utility like gzip:

$ mysqldump --single-transaction --flush-logs --master-data=2 --all-databases -u root -p | gzip > all_databases.sql.gz

Decompressing the backup thus created and reloading it in the server is achieved by doing:

$ zcat all_databases.sql.gz | mysql -u root -p

This will recreate and repopulate all the databases previously backed up (see this or this).

Non-interactive

If you want to setup non-interactive backup script for use in cron jobs or systemd timers, see option files and this illustration for mysqldump.

Basically you should add the following section to the relevant configuration file:

[mysqldump]
user=mysqluser
password=secret

Mentioning a user here is optional, but doing so will free you from having to mention it on the command line. If you want to set this for all tools, including mysql, use the [client] group.

Example script

The database can be dumped to a file for easy backup. The following shell script will do this for you, creating a db_backup.gz file in the same directory as the script, containing your database dump:

#!/bin/bash

THISDIR=$(dirname $(readlink -f "$0"))

mysqldump --single-transaction --flush-logs --master-data=2 --all-databases \
 | gzip > $THISDIR/db_backup.gz
echo 'purge master logs before date_sub(now(), interval 7 day);' | mysql

See also the official mysqldump page in the MySQL and MariaDB manuals.

Holland Backup

A python-based software package named Holland Backup is available in AUR to automate all of the backup work. It supports direct mysqldump, LVM snapshots to tar files (mysqllvm), LVM snapshots with mysqldump (mysqldump-lvm), and xtrabackup methods to extract the data. The Holland framework supports a multitude of options and is highly configurable to address almost any backup situation.

The main hollandAUR and holland-commonAUR packages provide the core framework; one of the sub-packages (holland-mysqldumpAUR, holland-mysqllvmAUR and/or holland-xtrabackupAUR must be installed for full operation. Example configurations for each method are in the /usr/share/doc/holland/examples/ directory and can be copied to /etc/holland/backupsets/, as well as using the holland mk-config command to generate a base config for a named provider.

Troubleshooting

Unable to run mysql_upgrade because MySQL cannot start

Try run MySQL in safemode:

# mysqld_safe --datadir=/var/lib/mysql/

And then run:

# mysql_upgrade -u root -p

Reset the root password

  1. Stop mariadb.service.
  2. Start the mysqld server with safety features:
    # mysqld_safe --skip-grant-tables --skip-networking &
  3. Connect to it:
    # mysql -u root
  4. Change root password:
    MariaDB [(none)]> use mysql
    MariaDB [mysql]> flush privileges;
    MariaDB [mysql]> ALTER USER 'root'@'localhost' IDENTIFIED BY 'new_password';
    MariaDB [mysql]> exit
    
  5. Kill running mysqld* processes:
    # kill $(cat /var/lib/mysql/$HOSTNAME.pid)
  6. Start mariadb.service.

Check and repair all tables

Check and auto repair all tables in all databases, see more:

# mysqlcheck -A --auto-repair -u root -p

Optimize all tables

Forcefully optimize all tables, automatically fixing table errors that may come up.

# mysqlcheck -A --auto-repair -f -o -u root -p

OS error 22 when running on ZFS

If using MySQL databases on ZFS, the error InnoDB: Operating system error number 22 in a file operation may occur.

A workaround is to disable aio_writes in /etc/mysql/my.cnf:

/etc/mysql/my.cnf
[mysqld]
innodb_use_native_aio = 0

Cannot login through CLI, but phpmyadmin works well

This may happen if you are using a long (>70-75) password. As for 5.5.36, for some reason, mysql CLI cannot handle that many characters in readline mode. So, if you are planning to use the recommended password input mode:

$ mysql -u user -p
Password:

Consider changing the password to smaller one.

Note: You still can log in by specifying the password as an argument to mysql command.
Warning: This behavior is considered dangerous, because your password might leak, for example, to the logs. Use it only in case of emergency and do not forget to change password right afterwards.
$ mysql -u user -p"some-very-strong-password"

MySQL binary logs are taking up huge disk space

Tango-view-refresh-red.pngThis article or section is out of date.Tango-view-refresh-red.png

Reason: please use the first argument of the template to provide a brief explanation. (Discuss in Talk:MariaDB#Mistakes in "MySQL binary logs are taking up huge disk space")

By default, mysqld creates binary log files in /var/lib/mysql. This is useful for replication master server or data recovery. But these binary logs can eat up your disk space. If you do not plan to use replication or data recovery features, you may disable binary logging by commenting out these lines in /etc/mysql/my.cnf:

#log-bin=mysql-bin
#binlog_format=mixed

Or you could limit the size of the logfile like this:

expire_logs_days = 10
max_binlog_size  = 100M

Alternatively, you can purge some binary logs in /var/lib/mysql to free up disk space with this command:

# mysql -u root -p"PASSWORD" -e "PURGE BINARY LOGS TO 'mysql-bin.0000xx';"
Warning: This may decrease the chances of successful data recovery when trying to repair database tables (i.e. on database corruption).

OpenRC fails to start MySQL

To use MySQL with OpenRC you need to add the following lines to the [mysqld] section in the MySQL config file, located at /etc/mysql/my.cnf.

user = mysql
basedir = /usr
datadir = /var/lib/mysql
pid-file = /run/mysqld/mysql.pid

You should now be able to start MySQL using:

# rc-service mysql start

Specified key was too long

See #Increase character limit.

Changed limits warning on max_open_files/table_open_cache

Increase the number of file descriptors by creating a systemd drop-in, e.g.:

/etc/systemd/system/mysqld.service.d/limit_nofile.conf
[Service]
LimitNOFILE=8192

10.4 to 10.5 upgrade crash: "InnoDB: Upgrade after a crash is not supported. The redo log was created with MariaDB 10.4.x"

Before MariaDB 10.5, redo log was unnecessarily split into multiple files.[7]

Move the old binary logs /var/lib/mysql/ib_logfile* out of the way, thus letting MariaDB 10.5 create new ones. Then restart mariadb.service and upgrade your tables with mysql_upgrade.

Unable to connect from IPv6 only clients

MariaDB in its default configuration binds to 0.0.0.0 and is only accessible using IPv4. If you want to connect from hosts using IPv6 exclusively you have to change the servers bind accordingly. :: will listen on IPv6 and IPv4.

/etc/mysql/my.cnf
[mysqld]
bind-address=::

See also