4.6 KiB
MySQL for Ubuntu 24.04 Server
Automated Bash installer for MySQL on Ubuntu 24.04, configured for password-only authentication
(no auth_socket, no silent root login, no surprises).
This is a production-focused installer, not a lab toy.
Run it once → MySQL is installed, hardened, and ready for real workloads.
What this installer does
✔ Installs MySQL Server + Client
✔ Forces password authentication for root (mysql_native_password)
✔ Removes anonymous users and the test database
✔ Disables remote root access
✔ Creates /root/.my.cnf for passwordless root CLI access
✔ Runs non-interactively (no mysql_secure_installation wizard)
✔ Safe to re-run — existing data is not dropped
Requirements
You need:
✔ Ubuntu 24.04 Server (or equivalent)
✔ Root access (direct or via sudo)
✔ No existing MySQL service already running
If MySQL is already running, the script will exit to avoid damaging an existing installation.
1. Prepare the system
sudo apt update -y
2. Download the installer
git clone https://git.x-files.dk/database/mysql-ubuntu.git
cd mysql-ubuntu
3. Install MySQL
sudo ./mysqlinstall -p <rootpassword>
Example:
sudo ./mysqlinstall -p StrongRootPass1986
The -p flag is required. If omitted, the script exits with an error.
Authentication Mode (Default)
This installer configures MySQL to use password-based authentication only for the root user.
| Mode | Status | Notes |
|---|---|---|
mysql_native_password |
✔ Enabled | Root must use a password |
auth_socket |
✘ Disabled | No implicit root login via socket |
This makes MySQL easier to use with:
- GUI tools (DBeaver, HeidiSQL, etc.)
- Remote automation (Ansible, backup scripts)
- Other services that expect TCP + password auth
Security Hardening (Automatic)
The script applies hardening equivalent to mysql_secure_installation:
| Task | Status |
|---|---|
| Remove anonymous users | ✔ |
| Disallow remote root login | ✔ |
Drop test database |
✔ |
Remove test_% databases |
✔ |
| Flush privileges | ✔ |
Post‑Install Login
Because /root/.my.cnf is created, you can log in as root with:
mysql
Or explicitly:
mysql -u root -p
Credentials file:
/root/.my.cnf
File mode is set to 400 (root read‑only).
Switching Authentication Modes
1. Switch back to socket authentication (optional)
If you prefer the default Ubuntu‑style socket auth for root (no password when local), run:
sudo mysql
ALTER USER 'root'@'localhost' IDENTIFIED WITH auth_socket;
FLUSH PRIVILEGES;
After this:
mysql # works without password (as root on the server)
mysql -p # will fail unless you set a password again
Because this installer created /root/.my.cnf, you should remove it when switching back to socket auth to avoid confusing clients and tools:
rm -f /root/.my.cnf
Otherwise, tools that rely on /root/.my.cnf may try password auth while MySQL expects socket auth, leading to login errors.
2. Switch from socket auth back to password auth
If you later decide to restore password‑based login again:
sudo mysql
ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'YourNewPasswordHere';
FLUSH PRIVILEGES;
Then recreate /root/.my.cnf if desired:
cat > /root/.my.cnf <<EOF
[client]
user=root
password=YourNewPasswordHere
EOF
chmod 400 /root/.my.cnf
Troubleshooting
| Issue | Cause | Fix |
|---|---|---|
| Script exits: “MySQL is already running” | Existing MySQL install detected | Stop/remove old instance or migrate manually |
Access denied for user 'root'@'localhost' |
Wrong root password used | Restart MySQL in safe mode and reset password |
| Tools fail after switching to socket auth | /root/.my.cnf still present |
Remove /root/.my.cnf or switch back to password auth |
| Cannot connect from remote host as root | Remote root login disabled | Create a dedicated admin user for remote access |
More Information
More guides and documentation can be found on wiki.x-files.dk
License
Licensed under the MIT License.