How to Install MySQL on CentOS Stream 9: Complete Guide
In this guide we will see how to Install MySQL on CentOS Stream 9 with dnf, the default package manager for RPM
MySQL is a service that every Linux systems analyst uses very often, being the basis for LAMP (Linux, Apache, MySQL, PHP), LEMP (Linux, NginX, MySQL, PHP) web stacks and many others, which are needed for CMS, web applications and e-Commerce
Installing MySQL on CentOS Stream 9
As a first step we update CentOS Stream 9 packages with the dnf handler:
sudo dnf upgradeWe accept the package upgrade and import the new key if required
CentOS Stream 9 - BaseOS
Importing GPG key 0x8483C65D:
Userid : "CentOS (CentOS Official Signing Key) "
Fingerprint : 99DB 70FA E1D7 CE22 7FB6 4882 05B5 55B3 8483 C65D
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
Is this ok [y/N]: Y We proceed to install MySQL with dnf install:
sudo dnf install mysql-serverWe accept the installation of the necessary packages
Total download size: 48 M
Installed size: 273 M
Is this ok [y/N]: YCheck if the mysql process is active
sudo systemctl status mysqld○ mysqld.service - MySQL 8.0 database server
Loaded: loaded (/usr/lib/systemd/system/mysqld.service; disabled; preset: disabled)
Active: inactive (dead)In case it is not active we can restart MySQL and repeat the previous check
sudo systemctl restart mysqld.servicesudo systemctl status mysqld● mysqld.service - MySQL 8.0 database server
Loaded: loaded (/usr/lib/systemd/system/mysqld.service; enabled; preset: disabled)
Active: active (running) since Sat 2024-08-10 09:44:42 UTC; 32s agoWe auto-start on MySQL boot
sudo systemctl enable mysqldCreated symlink /etc/systemd/system/multi-user.target.wants/mysqld.service → /usr/lib/systemd/system/mysqld.service.We check the default MySQL port, TCP 3306, which should be listening at this point
sudo dnf install net-toolssudo netstat -tnplu |grep 3306The command should return the following output, showing port 3306 listening locally
tcp6 0 0 :::3306 :::* LISTEN 86216/mysqld
tcp6 0 0 :::33060 :::* LISTEN 86216/mysqld Configure MySQL
The next step to Install MySQL on CentOS Stream 9, is to configure MySQL. At first startup, the configurations used by default have poor security. To improve security, it is recommended to run the DBMS configuration script, set MySQL authentication, and remove anonymous logins
sudo mysql_secure_installationThe script will guide us in configuring the server security options.
First we enable password control for users, and select strong passwords, with dictionary search of common passwords
Securing the MySQL server deployment.
Connecting to MySQL using a blank password.
VALIDATE PASSWORD COMPONENT can be used to test passwords
and improve security. It checks the strength of passwords
and allows the users to set only those passwords which are
secure enough. Would you like to setup VALIDATE PASSWORD component?
Press y|Y for Yes, any other key for No: YThere are three levels of password validation policy:
LOW Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters and dictionary file
Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 2Enter password for user root
New password:
Re-enter new password:
Estimated strength of the password: 90
Do you wish to continue with the password provided?
(Press y|Y for Yes, any other key for No) : YRemove anonymous users, to increase security
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.
Remove anonymous users? (Press y|Y for Yes, any other key for No) : YConfigure local user authentication root, which will be via socket, only on the local machine
Normally, root should only be allowed to connect from
'localhost'. This ensures that someone cannot guess at
the root password from the network.
Disallow root login remotely? (Press y|Y for Yes, any other key for No) : YDisallow test databases
By default, MySQL comes with a database named 'test' that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.
Remove test database and access to it?
(Press y|Y for Yes, any other key for No) : YLet's reload the privilege tables, so that our changes will take effect immediately.
Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.
Reload privilege tables now? (Press y|Y for Yes, any other key for No) : YAll done!Login to MySQL from console
The installation is finished and we can log in with user root and previous password from our server console
sudo mysql -u root -p
Enter password:As a test we can list the databases present
show databases;+--------------------+
| Databases |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| sys |
+--------------------+
4 rows in set (0.00 sec)The output shows us the databases present, we were able to Install MySQL on CentOS Stream 9, we can use with the usual syntax our MySQL, connect our web apps and CMS
Optimize your CentOS Server
Want to improve your system performance? Rely on a Professional CentOS system builder, 30 minutes of free analysis!
Change password of root of MySQL
In case we want to reset password of root of MySQL. We can use this command, we recommend using a "strong" password, with numbers, upper and lower case and special characters.
ALTER USER 'root'@'localhost' IDENTIFIED BY 'LA_MIA_PASSWORD';Accessing remote MySQL
To access a remote MySQL it is recommended to use an SSH tunnel by redirecting the remote 3306 port of our server, which only listens in localhost, to our local 33006 port
ssh root@IP-o-DNS -L 33006:localhost:3306Thanks to the tunnel we could connect directly to our port 33006 in localhost or 127.0.0.1 with the root credentials created before
For that we can use one of these commands:
mysql -h localhost -P 33006 -u root -pmysql -h 127.0.0.1 -P 33006 -u root -p
