How to install MariaDB or MySQL on Ubuntu

Running a SQL database on Ubuntu enables applications to persist structured data, enforce transactions, and query efficiently. MariaDB and MySQL are widely used relational database servers with compatible clients and a near-identical protocol.

On Ubuntu, both servers install from apt, run under systemd, and read configuration under /etc/mysql, with entry points such as /etc/mysql/mariadb.conf.d/50-server.cnf and /etc/mysql/mysql.conf.d/mysqld.cnf. The daemon provides a local Unix socket and typically listens on TCP port 3306 for client connections.

The server packages conflict, so only one of mariadb-server or mysql-server should be installed at a time. Keeping the default local bind reduces exposure, and application access should use a dedicated user with least privileges instead of the root database account.

Steps to install MariaDB or MySQL on Ubuntu:

Launch the terminal.

Update the apt package list.

$ sudo apt update
Hit:1 http://archive.ubuntu.com/ubuntu noble InRelease
Get:2 http://security.ubuntu.com/ubuntu noble-security InRelease [110 kB]
Get:3 http://archive.ubuntu.com/ubuntu noble-updates InRelease [126 kB]
##### snipped #####
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
All packages are up to date.

Install the mariadb-server package using apt.

$ sudo apt install --assume-yes mariadb-server
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following additional packages will be installed:
  mariadb-client mariadb-common mariadb-server-core
##### snipped #####
Setting up mariadb-server ...
Processing triggers for man-db ...

Replace the package name with mysql-server to install MySQL instead.

mariadb-server and mysql-server conflict, so installing one can remove the other server packages.

Enable the database service using systemd.
```
$ sudo systemctl enable --now mariadb
```
The service is typically enabled automatically after installation.
Related: How to manage MySQL or MariaDB service in Linux

Verify the database service is running.

$ sudo systemctl status mariadb --no-pager
● mariadb.service - MariaDB database server
     Loaded: loaded (/lib/systemd/system/mariadb.service; enabled; preset: enabled)
     Active: active (running) since Fri 2025-12-12 09:14:02 UTC; 8s ago
##### snipped #####

Replace mariadb with mysql when installing mysql-server.

Run mysql_secure_installation.
```
$ sudo mysql_secure_installation
Securing the MariaDB server deployment.
##### snipped #####
```
Prompt wording and order can differ between MariaDB and MySQL packages.
Press Enter at the current root password prompt when no password is set.
```
Enter current password for root (enter for none):
```
Switch root to unix_socket authentication if prompted.
```
Switch to unix_socket authentication [Y/n]: Y
```
unix_socket authentication restricts root logins to local OS accounts like root via sudo.

Enable the VALIDATE PASSWORD component if prompted.

VALIDATE PASSWORD COMPONENT can be used to test passwords and improve security.
Would you like to setup VALIDATE PASSWORD component? Press Y for Yes, any other key for No: Y

Select a VALIDATE PASSWORD policy level if prompted.

There are three levels of password validation policy:

LOW    Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters, and dictionary file

Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 1

Set or change the root password if prompted.
```
Set root password? [Y/n]: Y
New password:
Re-enter new password:
```
Related: How to set or reset MySQL or MariaDB root password

On Ubuntu, the root database user can be configured for unix_socket or auth_socket authentication, so mysql -u root -p can fail with ERROR 1698. Prefer sudo mysql for local administration or create a separate user with a password.
Remove anonymous users when prompted.
```
Remove anonymous users? (Press Y for Yes, any other key for No): Y
```
Removing anonymous users blocks unauthenticated local logins.

Disallow remote root login when prompted.

Disallow root login remotely? (Press Y for Yes, any other key for No): Y

Remove the test database when prompted.
```
Remove test database and access to it? (Press Y for Yes, any other key for No): Y
```
The test database is intended for learning and should not exist on production systems.

Reload privilege tables when prompted.

Reload privilege tables now? (Press Y for Yes, any other key for No): Y

Open the SQL prompt with local administrative access.
```
$ sudo mysql
mysql> SELECT 1;
+---+
| 1 |
+---+
| 1 |
+---+
1 row in set (0.00 sec)
```
Use mysql -u root -p when root is configured for password authentication.
Create an application database.
```
mysql> CREATE DATABASE appdb;
Query OK, 1 row affected (0.00 sec)
```
Application credentials belong to a dedicated user, not root.

Create a restricted database user.

mysql> CREATE USER 'appuser'@'localhost' IDENTIFIED BY 'StrongPasswordHere!';
Query OK, 0 rows affected (0.00 sec)

Grant privileges on the application database.

mysql> GRANT ALL PRIVILEGES ON appdb.* TO 'appuser'@'localhost';
Query OK, 0 rows affected (0.00 sec)

mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)

Exit the SQL prompt.
```
mysql> exit
Bye
```

Verify authentication using the new user.

$ mysql -u appuser -p appdb
Enter password:
mysql> SELECT CURRENT_USER();
+-------------------+
| CURRENT_USER()    |
+-------------------+
| appuser@localhost |
+-------------------+
1 row in set (0.00 sec)

Author: Mohd Shakir Zakaria
Mohd Shakir Zakaria is a cloud architect with deep roots in software development and open-source advocacy. Certified in AWS, Red Hat, VMware, ITIL, and Linux, he specializes in designing and managing robust cloud and on-premises infrastructures.

Discuss the article:

Comment anonymously. Login not required.