In this article, I'll show you how to install MariaDB on OpenBSD 6 and configure it to be accessible to a chrooted web server (Apache or Nginx). You will also learn how to make make MariaDB available to non-chrooted applications.
Note: All commands in this tutorial need to be executed with root privilege in a command line window.
Steps were tested on OpenBSD 6.1 AMD64 installation.
Make sure the environment variable PKG_PATH
is configured.
echo $PKG_PATH
If it's empty, configure it with the following command:
export PKG_PATH=http://ftp3.usa.OpenBSD.org/pub/OpenBSD/$(uname -r)/packages/$(uname -m)/
pkg_add -v mariadb-server
rcctl enable mysqld
/usr/local/bin/mysql_install_db
If your MariaDB is expected to serve a large amount of traffic, append the following lines to the file /etc/login.conf
:
mysqld:\
:openfiles-cur=1024:\
:openfiles-max=2048:\
:tc=daemon:
Run the following command to generate the binary format of the login.conf
file.
cap_mkdb /etc/login.conf
Run the secure installation command to make MariaDB even harder to compromise.
/usr/local/bin/mysql_secure_installation
Answer questions as prompted to set the root password, remove the test database and disable the remote root login. The initial password for root is blank.
Change the MariaDB socket location so that it's accessible from a chrooted environment.
The default httpd
in base or nginx
in port are chrooted to /var/www
, so let's put the socket in /var/www/var/run/mysql/mysql.sock
, so that it appears to be /var/run/mysql/mysql.sock
for the chrooted web server.
Create the directory:
install -d -m 0711 -o _mysql -g _mysql /var/www/var/run/mysql
Edit /etc/my.cnf
. In both the [client]
section, and the [mysqld]
section, change the line that reads:
socket = /var/run/mysql/mysql.sock
To:
socket = /var/www/var/run/mysql/mysql.sock
rcctl start mysqld
Now test MariaDB by running the following command.
mysql -uroot -p
Check if you can login with the password you set in the previous step.
We need to create soft links for the mysql
folder to make MariaDB accessible for non-chrooted applications. After having changed mysql.sock
to the /var/www/var/run/mysql
directory, some non-chrooted applications may not able to find it. If that's the case, we can resolve it by creating a soft link to /var/www/var/run/mysql
directory in /var/run/
(the default mysql.sock
location).
ln -s /var/www/var/run/mysql /var/run/
Now to make this change permanent. When OpenBSD starts, it clears everything under the /var/run
directory, so we need to re-create the soft link at every reboot. We can do this by putting the command from step 9 in a file called /etc/rc.local
. This file will be executed by the startup script at the end of the startup process. The /etc/rc.local
file does not exist by default. You can create one by copying from the example file shipped with the OpenBSD, and appending the soft link to it.
cp /etc/examples/rc.local /etc/
echo "ln -s /var/www/var/run/mysql /var/run/" >> /etc/rc.local
That's it. Your MariaDB server is now good to go.
Another note regarding MariaDB is the max_allowed_packet
setting in /etc/my.cnf
. The default value is 1M
for [mysqld]
section. If you encounter problems when importing a dump file from another server, try increasing it to 16M
or 64M
, and then restarting MariaDB.
You could earn up to $300 by adding new articles