Installing MariaDB or MySQL on Ubuntu provides a packaged SQL backend for web applications, background jobs, local development, and automation. A distro-managed server is easier to patch, restart, and monitor than a manually unpacked database build.
Ubuntu ships native apt packages for both server families. mysql-server in the Ubuntu repositories is a metapackage that installs the current packaged MySQL server build, while mariadb-server installs MariaDB from the universe component; both store configuration under /etc/mysql/, keep data under /var/lib/mysql/, and register systemd units for service management.
Only one server family should remain installed on the same host, because their client and server core packages replace one another. Current Ubuntu packages usually start the service during installation, and local administrative access can use either socket-based authentication or a root password depending on the chosen package and secure-installation answers, so application access should use a separate database user rather than root.
Steps to install MariaDB or MySQL on Ubuntu:
- Open a terminal with an account that can use sudo.
- Refresh the apt package index before installing the server package.
$ sudo apt update Hit:1 http://archive.ubuntu.com/ubuntu noble InRelease Hit:2 http://archive.ubuntu.com/ubuntu noble-updates InRelease Hit:3 http://security.ubuntu.com/ubuntu noble-security InRelease Reading package lists... Done
- Decide which server family should stay installed on the host.
On Ubuntu 24.04 LTS, mysql-server is a metapackage for the native MySQL 8.0 package set in main, while mariadb-server is published from universe. The server families replace each other's core packages, so keep only one on the system.
- Install MariaDB from the Ubuntu repositories.
$ sudo apt install --assume-yes mariadb-server Reading package lists... Building dependency tree... Reading state information... The following additional packages will be installed: galera-4 mariadb-client mariadb-client-core mariadb-common mariadb-server-core ##### snipped ##### Setting up mariadb-server (1:10.11.14-0ubuntu0.24.04.1) ...
Install MySQL instead with
$ sudo apt install --assume-yes mysql-server Reading package lists... Building dependency tree... Reading state information... The following additional packages will be installed: mysql-client mysql-client-8.0 mysql-client-core-8.0 mysql-common mysql-server-8.0 mysql-server-core-8.0 ##### snipped ##### Setting up mysql-server-8.0 (8.0.45-0ubuntu0.24.04.1) ...
Minimal Ubuntu images that do not have universe enabled cannot install mariadb-server until that repository component is enabled.
- Confirm the database service is enabled and currently running.
$ sudo systemctl is-enabled mariadb enabled $ sudo systemctl is-active mariadb active
Use mysql instead of mariadb when mysql-server was installed. If the service is not active, start it with
$ sudo systemctl enable --now mariadb
or
$ sudo systemctl enable --now mysql
.
- Run the secure-installation utility for the installed server family.
$ sudo mariadb-secure-installation NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY! Enter current password for root (enter for none): ##### snipped ##### Remove anonymous users? [Y/n] Y Disallow root login remotely? [Y/n] Y Remove test database and access to it? [Y/n] Y Reload privilege tables now? [Y/n] Y
MariaDB uses mariadb-secure-installation as the preferred command name, while MySQL uses
$ sudo mysql_secure_installation
. Current Ubuntu MariaDB packages still provide mysql_secure_installation as a compatibility command.
MariaDB 10.4 and later on Debian and Ubuntu normally use unix_socket authentication for root by default, so pressing Enter at the current-password prompt is expected on a fresh install. MySQL can instead prompt to install the validate_password component and to set or change the root password.
- Apply the common safe answers during the secure-installation prompts.
Keep anonymous users removed, disallow remote root login, remove the test database, and reload privileges. If local console administration should remain passwordless on MariaDB, leave root on unix_socket authentication and use sudo mariadb for local maintenance.
- Open a local administrative SQL session.
$ sudo mariadb MariaDB [(none)]> SELECT VERSION(); +----------------------------+ | VERSION() | +----------------------------+ | 10.11.14-MariaDB-0ubuntu0 | +----------------------------+ 1 row in set (0.000 sec)
For MySQL, use
$ sudo mysql
when the root account uses socket-based authentication, or
$ mysql -u root -p
when a root password was set during installation or by mysql_secure_installation. Related: How to reset MySQL or MariaDB root password
- Create an application database and a dedicated database user.
MariaDB [(none)]> CREATE DATABASE appdb; Query OK, 1 row affected (0.001 sec) MariaDB [(none)]> CREATE USER 'appuser'@'localhost' IDENTIFIED BY 'StrongPasswordHere!'; Query OK, 0 rows affected (0.001 sec) MariaDB [(none)]> GRANT ALL PRIVILEGES ON appdb.* TO 'appuser'@'localhost'; Query OK, 0 rows affected (0.001 sec)
Application credentials should stay separate from root. If the application connects from another host, replace localhost with that specific client host or subnet instead of using a broad wildcard when possible.
- Exit the SQL prompt and verify that the new account can connect.
MariaDB [(none)]> exit Bye $ mysql -u appuser -p appdb Enter password: mysql> SELECT CURRENT_USER(); +-------------------+ | CURRENT_USER() | +-------------------+ | appuser@localhost | +-------------------+ 1 row in set (0.00 sec)
The same connection test works against MariaDB or MySQL because both server families speak the MySQL client protocol.
Mohd Shakir Zakaria is a cloud architect with deep roots in software development and open-source advocacy. Certified in AWS, Red Hat, VMware, ITIL, and Linux, he specializes in designing and managing robust cloud and on-premises infrastructures.
