database-server/mariadb-ubuntu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

minor changes

Browse Source
This commit is contained in:
allan
2025-10-14 08:59:57 +02:00
parent 029e936ba1
commit f88b9854f7
2 changed files with 32 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
README.md
View File

@@ -1,4 +1,9 @@
# MariaDB for Ubuntu 24.04 Server
[![Shell](https://img.shields.io/badge/shell-bash-121011)](#)
[![OS](https://img.shields.io/badge/ubuntu-24.04-E95420)](#)
[![DB](https://img.shields.io/badge/MariaDB-Server-003545)](#)
[![Auth](https://img.shields.io/badge/auth-socket-blue)](#)
[![License](https://img.shields.io/badge/license-MIT-green)](#)
Automated Bash installer script for deploying MariaDB on Ubuntu 24.04 Server using **socket authentication** for the root account and creating a dedicated **local-only admin user** supplied at runtime.
@@ -29,7 +34,7 @@ sudo ./mariadbinstall -u <adminuser> -p <password>
sudo ./mariadbinstall -u mydbuser -p "StrongPassword123"
```
> **IMPORTANT**
> **IMPORTANT**
> Always enclose the password in quotes if it contains special characters such as `$`, `!`, or `&`.
## Notes
@@ -43,3 +48,8 @@ sudo ./mariadbinstall -u mydbuser -p "StrongPassword123"
### More Information
More guides and documentation can be found on [wiki.x-files.dk](https://wiki.x-files.dk)
---
## License
This project is licensed under the **MIT License**. See the [LICENSE](LICENSE) file for details.

22
mariadbinstall
View File

@@ -123,12 +123,32 @@ apt install -y mariadb-server mariadb-client
#
sed -i '/#log_error = \/var\/log\/mysql\/error.log/ s/^.//' "$mariaconfig"
#
# Apply MariaDB hardening (non-interactive, safe for socket auth)
#
mysql --force 2>/dev/null <<'EOF'
-- Remove anonymous users
DELETE FROM mysql.global_priv WHERE User='';
-- Remove remote root access
DELETE FROM mysql.global_priv WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');
-- Drop test database
DROP DATABASE IF EXISTS test;
-- Remove test DB privileges
DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%';
-- Apply changes
FLUSH PRIVILEGES;
EOF
#
# Create admin user root remains socket-authenticated by default
#
mysql --force 2>/dev/null <<EOF
CREATE USER IF NOT EXISTS '${adminuser}'@'localhost' IDENTIFIED BY '${adminpwd}';
GRANT ALL PRIVILEGES ON *.* TO '${adminuser}'@'%' WITH GRANT OPTION;
GRANT ALL PRIVILEGES ON *.* TO '${adminuser}'@'localhost' WITH GRANT OPTION;
FLUSH PRIVILEGES;
EOF