How To Install MariaDB on Fedora 43

MariaDB stands as one of the most popular open-source relational database management systems, serving as a powerful drop-in replacement for MySQL. For Fedora 43 users seeking a robust, scalable, and reliable database solution, MariaDB offers enterprise-grade features without the proprietary licensing costs. This comprehensive guide walks through every step of installing, configuring, and securing MariaDB on Fedora 43, ensuring your database server is production-ready and optimized for performance.

Whether you’re a system administrator managing enterprise servers, a developer building web applications, or a student learning database management, this tutorial provides detailed instructions with practical examples. By the end of this guide, you’ll have a fully functional MariaDB installation with proper security configurations and optimization settings.

Prerequisites and System Requirements

Before beginning the installation process, ensure your system meets the necessary requirements. Fedora 43 must be installed and running, whether you’re using the minimal installation or the full workstation environment.

Root or sudo privileges are essential for installing packages and configuring system services. The minimum hardware requirements include 512MB of RAM, though 2GB is recommended for optimal performance in production environments. Allocate at least 1GB of disk space for the MariaDB installation and associated data files.

An active internet connection enables downloading packages from the Fedora repositories. Basic familiarity with terminal commands and Linux system administration will help you follow along more easily. If you plan to configure remote access, understanding firewall rules proves beneficial.

Creating a system backup before making significant changes is always recommended as a safety precaution.

Update Your Fedora System

Updating your system packages before installing new software prevents dependency conflicts and ensures compatibility. Open a terminal and execute the system update command:

sudo dnf -y update

This command refreshes the package repositories and upgrades all installed packages to their latest versions. The process typically takes several minutes depending on your internet connection speed and the number of packages requiring updates. The -y flag automatically confirms the installation without prompting for user input.

If the kernel receives an update during this process, reboot your system to ensure the new kernel loads properly. While not strictly mandatory for MariaDB installation, running the latest kernel enhances security and stability.

Search for Available MariaDB Packages

Fedora 43 includes MariaDB packages in its default repositories, making installation straightforward. Search the available MariaDB packages to verify repository access:

sudo dnf search mariadb

This command displays all MariaDB-related packages, including the server, client utilities, and development libraries. To view specific version information for the MariaDB server package:

sudo dnf --showduplicates list mariadb-server

For systems using DNF5, the newer package manager in recent Fedora releases, use this alternative syntax:

dnf5 list --showduplicates mariadb-server

The output typically shows MariaDB version 10.11.x available for Fedora 43, representing the latest stable release series.

Install MariaDB Server

Execute the installation command to download and install MariaDB server along with its dependencies:

sudo dnf install mariadb-server

The system displays a transaction summary showing approximately 52 packages to install, totaling around 66MB of downloads and 300MB of installed size. Type y and press Enter to confirm the installation.

The package manager automatically resolves dependencies and installs essential components including mariadb-server, mariadb-common, mariadb-client, and supporting libraries. This process usually completes within a few minutes.

After installation completes, verify the installed version:

mariadb --version

The command should return output similar to “mariadb Ver 10.11.13-MariaDB” confirming successful installation.

Configure Character Set (Recommended)

Setting the appropriate character set before starting MariaDB for the first time ensures proper handling of international characters and special symbols. Create a custom configuration file for character set settings:

sudo vi /etc/my.cnf.d/charset.cnf

Add the following configuration to support full UTF-8 encoding with 4-byte character support, including emojis and rare Unicode characters:

[mysqld]
character-set-server = utf8mb4

[client]
default-character-set = utf8mb4

The utf8mb4 character set provides complete Unicode support, unlike the older utf8mb3 (often aliased simply as utf8) which only handles 3-byte UTF-8 sequences. Using utf8mb4 prevents data corruption issues with modern applications that use expanded Unicode ranges.

If this configuration isn’t set, MariaDB defaults to the latin1 character set, which doesn’t support international characters properly. Changing the character set after creating databases requires additional migration steps, so configuring it now saves future complications.

Start and Enable MariaDB Service

MariaDB operates as a systemd service on Fedora 43, allowing easy management through systemctl commands. Start the MariaDB service immediately:

sudo systemctl start mariadb

Enable the service to start automatically at system boot:

sudo systemctl enable mariadb

Alternatively, combine both actions into a single command:

sudo systemctl enable --now mariadb

Verify the service is running correctly:

systemctl status mariadb

The output should display “active (running)” in green text, indicating the MariaDB daemon is operational. The status output also shows the process ID, memory usage, and recent log entries.

If the service fails to start, examine the system journal for error messages:

sudo journalctl -xeu mariadb

Confirm MariaDB is listening on the default port 3306:

sudo ss -tlnp | grep 3306

This command displays network socket information showing MariaDB bound to the MySQL port.

Secure Your MariaDB Installation

Fresh MariaDB installations lack basic security configurations, making them vulnerable to unauthorized access. Running the security script is critical before using the database in any production capacity.

Execute the MariaDB security installation script:

sudo mariadb-secure-installation

The interactive script presents several security prompts that require careful consideration.

Current root password: Press Enter since no password exists on a fresh installation.

Switch to unix_socket authentication: Fedora 43 enables unix_socket authentication by default for the root user, allowing secure local access without passwords. This method authenticates based on the Linux user account, so root users can connect using sudo mariadb without specifying credentials.

Set root password: Even with unix_socket enabled, setting a root password provides an alternative authentication method. Create a strong password using a combination of uppercase letters, lowercase letters, numbers, and special characters. Minimum password length should be 12-16 characters.

Remove anonymous users: Anonymous users represent a significant security vulnerability. Answer “Yes” to remove these accounts that allow database access without authentication.

Disallow root login remotely: Remote root access poses security risks. Answer “Yes” for most scenarios unless you specifically need remote database administration capabilities.

Remove test database: The test database serves no production purpose and grants access to all users. Remove it by answering “Yes”.

Reload privilege tables: Answer “Yes” to immediately apply all security changes.

After completing the security script, test access to ensure authentication works properly:

mysql -u root -p

Enter the password you set during the security process. The MariaDB monitor prompt confirms successful authentication.

Configure Firewall for Remote Access

If you need to access MariaDB from remote machines on your network, configure the firewall to allow incoming connections. Check if firewalld is running:

sudo systemctl status firewalld

MariaDB uses port 3306/TCP by default. Add the MySQL service to the firewall configuration:

sudo firewall-cmd --add-service=mysql

The command returns “success” if the rule is added correctly. Make the firewall rule permanent so it persists across reboots:

sudo firewall-cmd --runtime-to-permanent

Verify the firewall rules are active:

sudo firewall-cmd --list-services

The output should include “mysql” among the allowed services.

For enhanced security, consider limiting access to specific IP addresses or subnets rather than opening the port to all network traffic. If MariaDB only serves local applications on the same server, skip this firewall configuration entirely.

Test MariaDB Installation

Testing the installation verifies that all components function correctly. Connect to the MariaDB console as the root user:

sudo mariadb

The MariaDB monitor interface displays connection information including the server version and connection ID. Check the authentication method for the root user:

show grants for root@localhost;

This query reveals that unix_socket authentication is enabled, allowing secure local access. List all database users:

select user,host,password from mysql.user;

The output shows system users including mariadb.sys, root, and mysql, each with their associated host and authentication method.

View the default databases:

show databases;

A fresh installation includes information_schema, mysql, performance_schema, and sys databases that store system metadata and configuration.

Create a test database to verify full functionality:

create database test_database;

Create a test table with a simple schema:

create table test_database.test_table (id int, name varchar(50), address varchar(50), primary key (id));

Insert sample data into the test table:

insert into test_database.test_table(id, name, address) values("001", "Fedora", "Hiroshima");

Query the data to confirm successful insertion:

select * from test_database.test_table;

The output displays the inserted row with id, name, and address fields. Clean up by deleting the test database:

drop database test_database;

Exit the MariaDB console:

exit

These tests confirm that MariaDB is fully operational and ready for production use.

Create Database and User for Applications

Never use the root account for application database connections. Creating dedicated users with limited privileges follows security best practices and prevents accidental damage to system databases.

Connect to the MariaDB console:

sudo mariadb

Create a new database with a meaningful name that reflects its purpose:

CREATE DATABASE production_db;

Create a dedicated user account with a strong password:

CREATE USER 'appuser'@'localhost' IDENTIFIED BY 'secure_password_here';

The host specification determines where the user can connect from. Using ‘localhost’ restricts connections to the local server. Use ‘%’ to allow connections from any host, or specify an IP address for connections from a specific remote machine.

Grant appropriate privileges following the principle of least privilege. For most applications, grant full permissions on a specific database:

GRANT ALL PRIVILEGES ON production_db.* TO 'appuser'@'localhost';

For read-only applications, grant only SELECT privilege:

GRANT SELECT ON production_db.* TO 'appuser'@'localhost';

For applications requiring read and write access without administrative capabilities:

GRANT SELECT, INSERT, UPDATE, DELETE ON production_db.* TO 'appuser'@'localhost';

Apply the privilege changes immediately:

FLUSH PRIVILEGES;

Verify user creation and privileges:

SHOW GRANTS FOR 'appuser'@'localhost';

Test the new user account by logging in with their credentials:

mysql -u appuser -p production_db

Document the database credentials securely using a password manager or encrypted vault. Never commit database passwords to version control systems.

Post-Installation Configuration

Fine-tuning MariaDB configuration optimizes performance and resource utilization. The main configuration file resides at /etc/my.cnf, while additional configuration files are stored in /etc/my.cnf.d/ directory.

Common configuration adjustments include:

Bind Address: By default, MariaDB only listens on localhost (127.0.0.1). To accept remote connections, modify the bind-address setting in a custom configuration file:

[mysqld]
bind-address = 0.0.0.0

Use specific IP addresses instead of 0.0.0.0 for better security in production environments.

Max Connections: Adjust the maximum number of simultaneous client connections based on expected load:

max_connections = 200

InnoDB Buffer Pool Size: The InnoDB buffer pool caches data and indexes in memory. Set this to 70-80% of available RAM on dedicated database servers:

innodb_buffer_pool_size = 2G

After modifying configuration files, restart MariaDB to apply changes:

sudo systemctl restart mariadb

Verify configuration changes took effect by checking system variables within the MariaDB console:

SHOW VARIABLES LIKE 'max_connections';
SHOW VARIABLES LIKE 'innodb_buffer_pool_size';

Common Troubleshooting Issues

Service fails to start: Check the system journal for detailed error messages:

sudo journalctl -xeu mariadb

Common causes include port conflicts, incorrect permissions on data directories, or corrupted data files. Verify port 3306 isn’t already in use by another service.

Cannot connect as root user: Remember that Fedora 43 enables unix_socket authentication by default. Use sudo mariadb instead of mysql -u root -p for local root access.

Access denied errors: Verify the user account exists and has appropriate privileges. Check that the host specification matches where the connection originates.

Forgotten root password: Stop the MariaDB service, start it with skip-grant-tables option, reset the password, and restart normally.

Performance issues: Default configurations may not suit your workload. Review slow query logs and adjust buffer pool sizes, connection limits, and query cache settings.

Socket file not found: Ensure the MariaDB service is running and the socket file exists at /var/lib/mysql/mysql.sock.

Performance Optimization Tips

Optimizing MariaDB performance requires understanding your workload characteristics and resource constraints.

Enable the slow query log to identify performance bottlenecks:

slow_query_log = 1
long_query_time = 2
slow_query_log_file = /var/log/mysql/slow-query.log

Queries taking longer than 2 seconds are logged for analysis. Review these logs regularly to optimize problematic queries.

Monitor system resources and MariaDB status variables:

SHOW STATUS;
SHOW PROCESSLIST;

Use tools like mysqltuner to analyze your configuration and receive optimization recommendations:

wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/mysqltuner.pl
sudo perl mysqltuner.pl

Implement proper indexing strategies on frequently queried columns. Composite indexes improve query performance when filtering or sorting on multiple columns.

Regular maintenance tasks keep databases running efficiently:

OPTIMIZE TABLE tablename;
ANALYZE TABLE tablename;

These commands defragment tables and update statistics used by the query optimizer.

Security Best Practices

Maintaining database security requires ongoing attention and regular updates.

Apply security patches promptly:

sudo dnf update mariadb-server

Subscribe to MariaDB security announcements to stay informed about vulnerabilities.

Implement SSL/TLS encryption for connections, especially when accessing databases remotely. Generate SSL certificates and configure MariaDB to require encrypted connections.

Disable LOCAL INFILE to prevent unauthorized file access:

[mysqld]
local-infile=0

Consider changing the default port from 3306 to reduce automated scanning attacks:

[mysqld]
port=3307

Enable audit logging to track database access and modifications for security analysis and compliance requirements.

Implement password complexity requirements and rotation policies. Regularly review user accounts and remove those no longer needed.

Limit remote access to specific IP addresses using firewall rules or MariaDB host specifications. Never expose databases directly to the internet without VPN or SSH tunneling.

Backing Up Your MariaDB Database

Regular backups protect against data loss from hardware failures, software bugs, or human errors.

Use mysqldump for logical backups of individual databases:

mysqldump -u root -p database_name > backup.sql

Backup all databases simultaneously:

mysqldump -u root -p --all-databases > all_backup.sql

Restore from a backup file:

mysql -u root -p database_name < backup.sql

Automate backups using cron jobs. Create a backup script that runs daily:

#!/bin/bash
DATE=$(date +%Y%m%d)
mysqldump -u root -p'your_password' --all-databases > /backup/mysql_backup_$DATE.sql

Store backups on separate storage devices or remote servers. Encrypt backup files containing sensitive data. Test backup restoration regularly to ensure recoverability.

For large databases, physical backups copying the data directory while the service is stopped offer faster restoration:

sudo systemctl stop mariadb
sudo cp -r /var/lib/mysql /backup/mysql_physical_backup
sudo systemctl start mariadb

Congratulations! You have successfully installed MariaDB. Thanks for using this tutorial for installing the MariaDB database on your Fedora 43 Linux system. For additional or useful information, we recommend you check the official MariaDB website.