In this guide we’ll learn how to change the default port that MySQL/MariaDB database binds in CentOS 7 and Debian-based Linux distributions. The default port that MySQL database server is running under Linux and Unix is 3306/TCP.
In order to change the default MySQL/MariaDB database port in Linux, open MySQL server configuration file for editing by issuing the below command.
# vi /etc/my.cnf.d/server.cnf [On CentOS/RHEL] # vi /etc/mysql/mariadb.conf.d/50-server.cnf [On Debian/Ubuntu]
Search for the line stat starts with [mysqld] and place the following port directive under [mysqld] statement, as shown in the below file excerpts. Replace the port variable accordingly.
[mysqld] port = 12345
After you’ve added the new MySQL/MariaDB port, save and close the configuration file and install the following package under CentOS 7 in order to apply the required SELinux rules to allow the database to bind on the new port.
# yum install policycoreutils-python
Next, add the below SELinux rule to bind MySQL socket on the new port and restart the database daemon to apply changes, by issuing the following commands. Again, replace MySQL port variable to match your own port number.
--------------- On CentOS/RHEL --------------- # semanage port -a -t mysqld_port_t -p tcp 12345 # systemctl restart mariadb --------------- On Debian/Ubuntu --------------- # systemctl restart mysql [On Debian/Ubuntu]
In order to verify if the port configuration for MySQL/MariaDB database server has been successfully applied, issue netstat or ss command and filter the results via grep command in order to easily identify the new MySQL port.
# ss -tlpn | grep mysql # netstat -tlpn | grep mysql
You can also display the new MySQL port by logging in to MySQL database with root account and issue the below command. However, be aware that all connections to MySQL on localhost are made via MySQL unix domain socket, not via the TCP socket. But the TCP port number must be explicitly specified in case of command line remote connections to MySQL database using the -P flag.
# mysql -h localhost -u root -p -P 12345 MariaDB [(none)]> show variables like 'port';
In case of remote connection to MySQL database, the root user must be explicitly configured to allow incoming connections form all networks or just an IP address, by issuing the below command in MySQL console:
# mysql -u root -p MariaDB [(none)]> grant all privileges on *.* to 'root'@'192.168.1.159' identified by 'strongpass'; MariaDB [(none)]> flush privileges; MariaDB [(none)]> exit
Remotely log in to MySQL server via a command line client on the new port by issuing the below command.
# mysql -h 192.168.1.159 -P 12345 -u root -p
Finally, once you’ve changed MySQL/MariaDB database server port, you need to update your distribution Firewall rules to allow incoming connections to the new TCP port so that remote clients can successfully connect to the database.
