This article is outdated and may not work correctly for current operating systems or software.
In this article, I'll show you how to install MariaDB on OpenBSD 6 and configure it to be accessible to a chrooted web server (Apache or Nginx). You will also learn how to make make MariaDB available to non-chrooted applications.
Note: All commands in this tutorial need to be executed with root privilege in a command line window.
Steps were tested on OpenBSD 6.1 AMD64 installation.
Make sure the environment variable PKG_PATH is configured.
echo $PKG_PATH
If it's empty, configure it with the following command:
export PKG_PATH=http://ftp3.usa.OpenBSD.org/pub/OpenBSD/$(uname -r)/packages/$(uname -m)/
pkg_add -v mariadb-server
rcctl enable mysqld
/usr/local/bin/mysql_install_db
If your MariaDB is expected to serve a large amount of traffic, append the following lines to the file /etc/login.conf:
mysqld:\
:openfiles-cur=1024:\
:openfiles-max=2048:\
:tc=daemon:
Run the following command to generate the binary format of the login.conf file.
cap_mkdb /etc/login.conf
Run the secure installation command to make MariaDB even harder to compromise.
/usr/local/bin/mysql_secure_installation
Answer questions as prompted to set the root password, remove the test database and disable the remote root login. The initial password for root is blank.
Change the MariaDB socket location so that it's accessible from a chrooted environment.
The default httpd in base or nginx in port are chrooted to /var/www, so let's put the socket in /var/www/var/run/mysql/mysql.sock, so that it appears to be /var/run/mysql/mysql.sock for the chrooted web server.
Create the directory:
install -d -m 0711 -o _mysql -g _mysql /var/www/var/run/mysql
Edit /etc/my.cnf. In both the [client] section, and the [mysqld] section, change the line that reads:
socket = /var/run/mysql/mysql.sock
To:
socket = /var/www/var/run/mysql/mysql.sock
rcctl start mysqld
Now test MariaDB by running the following command.
mysql -uroot -p
Check if you can login with the password you set in the previous step.
We need to create soft links for the mysql folder to make MariaDB accessible for non-chrooted applications. After having changed mysql.sock to the /var/www/var/run/mysql directory, some non-chrooted applications may not able to find it. If that's the case, we can resolve it by creating a soft link to /var/www/var/run/mysql directory in /var/run/ (the default mysql.sock location).
ln -s /var/www/var/run/mysql /var/run/
Now to make this change permanent. When OpenBSD starts, it clears everything under the /var/run directory, so we need to re-create the soft link at every reboot. We can do this by putting the command from step 9 in a file called /etc/rc.local. This file will be executed by the startup script at the end of the startup process. The /etc/rc.local file does not exist by default. You can create one by copying from the example file shipped with the OpenBSD, and appending the soft link to it.
cp /etc/examples/rc.local /etc/
echo "ln -s /var/www/var/run/mysql /var/run/" >> /etc/rc.local
That's it. Your MariaDB server is now good to go.
Another note regarding MariaDB is the max_allowed_packet setting in /etc/my.cnf. The default value is 1M for [mysqld] section. If you encounter problems when importing a dump file from another server, try increasing it to 16M or 64M, and then restarting MariaDB.