| Subject | RE: [Firebird-Architect] Firebird init script |
|---|---|
| Author | Rick Debay |
| Post date | 2006-03-29T17:05:49Z |
I couldn't find a firebird-linux developers list, but you can cross-post
replies to that group and I'll continue in that thread.
I found documentation covering some scripts at
http://www.firebirdsql.org/manual/fbutils-scripts.html.
Every script requires root permissions :-(
sudo and now PAM authentication modules, root access is practically
archaic. I know AIX and others have their own group security
mechanisms.
Firebird. Also, if you have logging enabled you have no idea who
actually performed the actions done as the firebird user. If Alice and
Bob log in as themselves but are part of the firebird group, I can see
from logs that Alice edited the firebird.conf file.
After FB2 is final (or earlier), I'll post an
/etc/permissions.d/firebird.secure file that shows what I think the
permissions should be for FB2. I'll also post a portion of an
/etc/sudoers file. If anyone has any suggestions as to what Linux
commands a Firebird operator or DBA or both needs to run or files they
need to edit, let me know so I can grant them in the sudoers file. For
example, isql access can be granted to those who belong to the DBA
sudoer alias, and gbak to those belonging to the OPERATOR alias.
Thanks, Rick DeBay
-----Original Message-----
From: Firebird-Architect@yahoogroups.com
[mailto:Firebird-Architect@yahoogroups.com] On Behalf Of Alex Peshkov
Sent: Wednesday, March 29, 2006 1:35 AM
To: Firebird-Architect@yahoogroups.com
Subject: Re: [Firebird-Architect] Firebird init script
Rick Debay wrote:
another place - somewhere like linux developers list. Yes, need for root
access to perform any admin task is not good - but that's how linux (and
other known to me unixes) work now. Making revolution for one database
server - suspicious thing.
server start-stop operations. Just give him real shell and real
password. What about database backup, etc. - this is sysdba's task, and
the fact of presence of one and only one sysdba is internal firebird
problem, which should be solved in future releases.
Yahoo! Groups Links
replies to that group and I'll continue in that thread.
I found documentation covering some scripts at
http://www.firebirdsql.org/manual/fbutils-scripts.html.
Every script requires root permissions :-(
> but that's how linux (and other known to me unixes) work now.Ahh, that's just how many admins run them. Since the widespread use of
sudo and now PAM authentication modules, root access is practically
archaic. I know AIX and others have their own group security
mechanisms.
> There is one way to do it. There is user firebird, which can performserver start-stop operations.
> Just give him real shell and real password.IMHO firebird user should not be used, I equate it to the root user of
Firebird. Also, if you have logging enabled you have no idea who
actually performed the actions done as the firebird user. If Alice and
Bob log in as themselves but are part of the firebird group, I can see
from logs that Alice edited the firebird.conf file.
After FB2 is final (or earlier), I'll post an
/etc/permissions.d/firebird.secure file that shows what I think the
permissions should be for FB2. I'll also post a portion of an
/etc/sudoers file. If anyone has any suggestions as to what Linux
commands a Firebird operator or DBA or both needs to run or files they
need to edit, let me know so I can grant them in the sudoers file. For
example, isql access can be granted to those who belong to the DBA
sudoer alias, and gbak to those belonging to the OPERATOR alias.
Thanks, Rick DeBay
-----Original Message-----
From: Firebird-Architect@yahoogroups.com
[mailto:Firebird-Architect@yahoogroups.com] On Behalf Of Alex Peshkov
Sent: Wednesday, March 29, 2006 1:35 AM
To: Firebird-Architect@yahoogroups.com
Subject: Re: [Firebird-Architect] Firebird init script
Rick Debay wrote:
> The problem is that by making root the only account that can maintainThis is really reasonable. But it seems it should be discussed in
> the system, everyone is required to have root access and that security
> hole is by far the worst.
another place - somewhere like linux developers list. Yes, need for root
access to perform any admin task is not good - but that's how linux (and
other known to me unixes) work now. Making revolution for one database
server - suspicious thing.
> This problem is greatly reduced by blocking remote root access,There is one way to do it. There is user firebird, which can perform
> requiring wheel membership to su to root, and seperating root
> permissions out to those who need it in the sudoers file. However,
> sudoer files can become very complex very quickly, and it's easy to
> accidentally lock someone out or grant unwanted permissions. I'd be
> prone to give Joe Database Operator and Jane Database Operator
> permissions (by group membership) to run all scripts and programs
> belonging to the firebird group. That way they can backup, sweep,
> bounce the server, etc. But root (or a System Operator alias in
> sudoers) would be required to upgrade the server code or change the
> server's runlevel.
>
server start-stop operations. Just give him real shell and real
password. What about database backup, etc. - this is sysdba's task, and
the fact of presence of one and only one sysdba is internal firebird
problem, which should be solved in future releases.
Yahoo! Groups Links