Many HOWTO’s and blog posts about installing MySQL/MariaDB, a LAMP stack, etc. suggest to run the script mysql_secure_installation
to tighten the security holes in the default installation of the database engine. This includes setting a root password (empty by default), removing anonymous users, and deleting a test database. For a database server that you’re going to run in production, it is really important to do this. However, I have a problem with the fact that mysql_secure_installation
is interactive, i.e. it asks for user input. This makes it very hard to include it in an automated setup. In this post, we’ll discuss how the script works and how we can automate what it does.