MariaDB
MariaDB is a reliable, high performance and full-featured database server which aims to be an 'always Free, backward compatible, drop-in' replacement of MySQL. Since 2013 MariaDB is Arch Linux's default implementation of MySQL.[1]
Installation
MariaDB is the default implementation of MySQL in Arch Linux, provided with the mariadb package.
- If the database (in
/var/lib/mysql
) resides on a Btrfs file system, you should consider disabling Copy-on-Write for the directory before creating any database. - If the database resides on a ZFS file system, you should consult ZFS#Databases before creating any database.
Install mariadb, and run the following command before starting the mariadb.service
:
# mariadb-install-db --user=mysql --basedir=/usr --datadir=/var/lib/mysql
/var/lib/mysql
for your data dir, you need to set datadir=YOUR_DATADIR
under section [mysqld]
of your /etc/my.cnf.d/server.cnf
.Now mariadb.service
can be started and/or enabled.
To simplify administration, you might want to install a front-end.
Configuration
Once you have started the MySQL server and added a root account, you may want to change the default configuration.
To log in as root
on the MySQL server, use the following command:
# mysql -u root -p
Enter
to log in.Add user
Creating a new user takes two steps: create the user; grant privileges. In the below example, the user monty with some_pass as password is being created, then granted full permissions to the database mydb:
# mysql -u root -p
MariaDB> CREATE USER 'monty'@'localhost' IDENTIFIED BY 'some_pass'; MariaDB> GRANT ALL PRIVILEGES ON mydb.* TO 'monty'@'localhost'; MariaDB> FLUSH PRIVILEGES; MariaDB> quit
Configuration files
MariaDB configuration options are read from the following files in the given order (according to mysqld --help --verbose
output):
/etc/my.cnf /etc/my.cnf.d/ ~/.my.cnf
Depending on the scope of the changes you want to make (system-wide, user-only...), use the corresponding file. See this entry of the Knowledge Base for more information.
Enable auto-completion
The MySQL client completion feature is disabled by default. To enable it system-wide edit /etc/my.cnf.d/mysql-clients.cnf
, and add auto-rehash
under mysql
. Note that this must not be placed under mysqld
. Completion will be enabled next time you run the MySQL client.
Using UTF8MB4
Append the following values to the main configuration file located at /etc/mysql/my.cnf
:
[client] default-character-set = utf8mb4 [mysqld] collation_server = utf8mb4_unicode_ci character_set_server = utf8mb4 [mysql] default-character-set = utf8mb4
Restart mariadb.service
to apply the changes.
See #Maintenance to optimize and check the database health.
Increase character limit
For InnoDB execute the following commands to support a higher character-limit:
mysql> set global innodb_file_format = BARRACUDA; Query OK, 0 rows affected (0.00 sec)
mysql> set global innodb_file_per_table = ON; Query OK, 0 rows affected (0.00 sec)
mysql> set global innodb_large_prefix = ON; Query OK, 0 rows affected (0.00 sec)
Append the following lines in /etc/mysql/my.cnf
to always use a higher character-limit:
[mysqld] innodb_file_format = barracuda innodb_file_per_table = 1 innodb_large_prefix = 1
Restart mariadb.service
to apply the changes.
On table creating append the ROW_FORMAT
as seen in the example:
mysql> create table if not exists products ( -> day date not null, -> product_id int not null, -> dimension1 varchar(500) not null, -> dimension2 varchar(500) not null, -> unique index unique_index (day, product_id, dimension1, dimension2) -> ) ENGINE=InnoDB ROW_FORMAT=DYNAMIC; Query OK, 0 rows affected (0.02 sec)
Using a tmpfs for tmpdir
The directory used by MySQL for storing temporary files is named tmpdir. For example, it is used to perform disk based large sorts, as well as for internal and explicit temporary tables.
Create the directory with appropriate permissions:
# mkdir -pv /var/lib/mysqltmp # chown mysql:mysql /var/lib/mysqltmp
Add the following tmpfs mount to your /etc/fstab
file:
tmpfs /var/lib/mysqltmp tmpfs rw,gid=mysql,uid=mysql,size=100M,mode=0750,noatime 0 0
Add to your /etc/my.cnf.d/server.cnf
file under the mysqld
group:
tmpdir = /var/lib/mysqltmp
Stop mariadb.service
, mount /var/lib/mysqltmp/
and start mariadb.service
.
Time zone tables
Although time zone tables are created during the installation, they are not automatically populated. They need to be populated if you are planning on using CONVERT_TZ() in SQL queries.
To populate the time zone tables with all the time zones:
$ mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -u root -p mysql
Optionally, you may populate the table with specific time zone files:
$ mysql_tzinfo_to_sql timezone_file timezone_name | mysql -u root -p mysql
Security
Improve initial security
The mysql_secure_installation
command will interactively guide you through a number of recommended security measures, such as removing anonymous accounts and removing the test database:
# mysql_secure_installation
Listen only on the loopback address
By default, MySQL will listen on the 0.0.0.0 address, which includes all network interfaces. In order to restrict MySQL to listen only to the loopback address, add the following line in /etc/my.cnf.d/server.cnf
:
[mysqld] bind-address = 127.0.0.1
Enable access locally only via Unix sockets
By default, MySQL is accessible via both Unix sockets and the network. If MySQL is only needed for the localhost, you can improve security by not listening on TCP port 3306, and only listening on Unix sockets instead. To do this, add the following line in /etc/my.cnf.d/server.cnf
:
[mysqld] skip-networking
You will still be able to log in locally as before, but only using Unix sockets.
Grant remote access
To allow remote access to the MySQL server, ensure that MySQL has networking enabled and is listening on the appropriate interface.
Grant any MySQL user remote access (example for root):
# mysql -u root -p
Check current users with remote access privileged:
SELECT User, Host FROM mysql.user WHERE Host <> 'localhost';
Now grant remote access for your user (here root):
GRANT ALL PRIVILEGES ON *.* TO 'root'@'192.168.1.%' IDENTIFIED BY 'my_optional_remote_password' WITH GRANT OPTION;
You can change the '%' wildcard to a specific host if you like. The password can be different from user's main password.
Configure access to home directories
For security reasons, the systemd service file contains ProtectHome=true
, which prevents MariaDB from accessing files under the /home
, /root
and /run/user
hierarchies. The datadir
has to be in an accessible location and owned by the mysql
user and group.
You can modify this behavior by creating a supplementary service file as described here.
Maintenance
Upgrade databases on major releases
Upon a major version release of mariadb (for example mariadb-10.1.10-1 to mariadb-10.1.18-1), it is wise to upgrade databases:
# mysql_upgrade -u root -p
To upgrade from 10.1.x to 10.3.x:
- keep the 10.1.x database daemon running
- upgrade the package
- run
mysql_upgrade
(from the new package version) against the old still-running daemon. This will produce some error messages; however, the upgrade will succeed. - restart the daemon, so the 10.3.x daemon runs.
Alternatively, stop the (old) daemon, run the (new) daemon in safe mode, run mysql_upgrade
against that, and then start the (new) daemon as described in #Unable to run mysql_upgrade because MySQL cannot start.
Checking, optimizing and repairing databases
mariadb ships with mysqlcheck
which can be used to check, repair, and optimize tables within databases from the shell. See the mysqlcheck man page for more. Several command tasks are shown:
To check all tables in all databases:
$ mysqlcheck --all-databases -u root -p -c
To analyze all tables in all databases:
$ mysqlcheck --all-databases -u root -p -a
To repair all tables in all databases:
$ mysqlcheck --all-databases -u root -p -r
To optimize all tables in all databases:
$ mysqlcheck --all-databases -u root -p -o
Backup
There are various tools and strategies to back up your databases.
If you are using the default InnoDB storage engine, a suggested way of backing up all your bases online while provisioning for point-in-time recovery (also known as “roll-forward,” when you need to restore an old backup and replay the changes that happened since that backup) is to execute the following command:
$ mysqldump --single-transaction --flush-logs --master-data=2 --all-databases -u root -p > all_databases.sql
This will prompt for MariaDB's root user's password, which was defined during database #Configuration.
Specifying the password on the command line is strongly discouraged, as it exposes it to discovery by other users through the use of ps aux
or other techniques. Instead, the aforementioned command will prompt for the specified user's password, concealing it away.
Compression
As SQL tables can get pretty large, it is recommended to pipe the output of the aforementioned command in a compression utility like gzip:
$ mysqldump --single-transaction --flush-logs --master-data=2 --all-databases -u root -p | gzip > all_databases.sql.gz
Decompressing the backup thus created and reloading it in the server is achieved by doing:
$ zcat all_databases.sql.gz | mysql -u root -p
This will recreate and repopulate all the databases previously backed up (see this or this).
Non-interactive
If you want to setup non-interactive backup script for use in cron jobs or systemd timers, see option files and this illustration for mysqldump.
Basically you should add the following section to the relevant configuration file:
[mysqldump] user=mysqluser password=secret
Mentioning a user here is optional, but doing so will free you from having to mention it on the command line. If you want to set this for all tools, including mysql
, use the [client]
group.
Example script
The database can be dumped to a file for easy backup. The following shell script will do this for you, creating a db_backup.gz
file in the same directory as the script, containing your database dump:
#!/bin/bash THISDIR=$(dirname $(readlink -f "$0")) mysqldump --single-transaction --flush-logs --master-data=2 --all-databases \ | gzip > $THISDIR/db_backup.gz echo 'purge master logs before date_sub(now(), interval 7 day);' | mysql
See also the official mysqldump
page in the MySQL and MariaDB manuals.
Holland Backup
A python-based software package named Holland Backup is available in AUR to automate all of the backup work. It supports direct mysqldump, LVM snapshots to tar files (mysqllvm), LVM snapshots with mysqldump (mysqldump-lvm), and xtrabackup methods to extract the data. The Holland framework supports a multitude of options and is highly configurable to address almost any backup situation.
The main hollandAUR and holland-commonAUR packages provide the core framework; one of the sub-packages (holland-mysqldumpAUR, holland-mysqllvmAUR and/or holland-xtrabackupAUR must be installed for full operation. Example configurations for each method are in the /usr/share/doc/holland/examples/
directory and can be copied to /etc/holland/backupsets/
, as well as using the holland mk-config
command to generate a base config for a named provider.
Troubleshooting
Unable to run mysql_upgrade because MySQL cannot start
Try run MySQL in safemode:
# mysqld_safe --datadir=/var/lib/mysql/
And then run:
# mysql_upgrade -u root -p
Reset the root password
- Stop
mariadb.service
. - Start the mysqld server with safety features:
# mysqld_safe --skip-grant-tables --skip-networking &
- Connect to it:
# mysql -u root
- Change root password:
MariaDB [(none)]> use mysql MariaDB [mysql]> flush privileges; MariaDB [mysql]> ALTER USER 'root'@'localhost' IDENTIFIED BY 'new_password'; MariaDB [mysql]> exit
- Kill running mysqld* processes:
# kill $(cat /var/lib/mysql/$HOSTNAME.pid)
- Start
mariadb.service
.
Check and repair all tables
Check and auto repair all tables in all databases, see more:
# mysqlcheck -A --auto-repair -u root -p
Optimize all tables
Forcefully optimize all tables, automatically fixing table errors that may come up.
# mysqlcheck -A --auto-repair -f -o -u root -p
OS error 22 when running on ZFS
If using MySQL databases on ZFS, the error InnoDB: Operating system error number 22 in a file operation
may occur.
A workaround is to disable aio_writes
in /etc/mysql/my.cnf
:
/etc/mysql/my.cnf
[mysqld] innodb_use_native_aio = 0
Cannot login through CLI, but phpmyadmin works well
This may happen if you are using a long (>70-75) password. As for 5.5.36, for some reason, mysql CLI cannot handle that many characters in readline mode. So, if you are planning to use the recommended password input mode:
$ mysql -u user -p
Password:
Consider changing the password to smaller one.
$ mysql -u user -p"some-very-strong-password"
MySQL binary logs are taking up huge disk space
By default, mysqld creates binary log files in /var/lib/mysql
. This is useful for replication master server or data recovery. But these binary logs can eat up your disk space. If you do not plan to use replication or data recovery features, you may disable binary logging by commenting out these lines in /etc/mysql/my.cnf
:
#log-bin=mysql-bin #binlog_format=mixed
Or you could limit the size of the logfile like this:
expire_logs_days = 10 max_binlog_size = 100M
Alternatively, you can purge some binary logs in /var/lib/mysql
to free up disk space with this command:
# mysql -u root -p"PASSWORD" -e "PURGE BINARY LOGS TO 'mysql-bin.0000xx';"
OpenRC fails to start MySQL
To use MySQL with OpenRC you need to add the following lines to the [mysqld]
section in the MySQL config file, located at /etc/mysql/my.cnf
.
user = mysql basedir = /usr datadir = /var/lib/mysql pid-file = /run/mysqld/mysql.pid
You should now be able to start MySQL using:
# rc-service mysql start
Specified key was too long
See #Increase character limit.
Changed limits warning on max_open_files/table_open_cache
Increase the number of file descriptors by creating a systemd drop-in, e.g.:
/etc/systemd/system/mysqld.service.d/limit_nofile.conf
[Service] LimitNOFILE=8192
10.4 to 10.5 upgrade crash: "InnoDB: Upgrade after a crash is not supported. The redo log was created with MariaDB 10.4.x"
Before MariaDB 10.5, redo log was unnecessarily split into multiple files.[7]
Move the old binary logs /var/lib/mysql/ib_logfile*
out of the way, thus letting MariaDB 10.5 create new ones. Then restart mariadb.service
and upgrade your tables with mysql_upgrade
.
Unable to connect from IPv6 only clients
MariaDB in its default configuration binds to 0.0.0.0
and is only accessible using IPv4. If you want to connect from hosts using IPv6 exclusively you have to change the servers bind accordingly. ::
will listen on IPv6 and IPv4.
/etc/mysql/my.cnf
[mysqld] bind-address=::