| Subject | Re: [firebird-support] permission denied |
|---|---|
| Author | Helen Borrie |
| Post date | 2005-04-17T09:00:44Z |
At 05:17 PM 17/04/2005 +1000, you wrote:
filesystem on *x versions that use it, generally for storing program
variable data. I suppose you could think of a database files as program
variable data. :-) I'm more for considering permissions. A database file
is "private space" - it should be accessible only to those who need to
access it as a file.
btw, it makes a lot of sense to create a firebird group, of which the
firebird user and (where required) the database users. Then you can give
the firebird user owner privs in the spaces where it needs them, and give
group privs to the spaces where owner privs are not required.
installation. It's likely the notes + the sub-release notes are a bit more
up-to-date on those areas. Lots of changes happened to Linux last year...
fwiw, I'm decidedly a seat-of-the-pants sailor when it comes to Linux; and
I've also upgraded my Linux machines since last year. It would be true to
say that I am an expert at stuffing it up. I really like Mandrake 10,
though. Really really really. It's very good with hardware and with
configuration in general.
./heLen
> >It doesn't matter what it's called. But /var is a special-purpose
> > 3) it is not a Good Thing (TM) to grant other users privileges in root's
> > home directory. I suggest you create a filesystem tree called /data (or
> > similar) and make that the firebird user's "patch".
>
>Will do. Or at least I'll ask Jason why it would be better to use /var.
filesystem on *x versions that use it, generally for storing program
variable data. I suppose you could think of a database files as program
variable data. :-) I'm more for considering permissions. A database file
is "private space" - it should be accessible only to those who need to
access it as a file.
btw, it makes a lot of sense to create a firebird group, of which the
firebird user and (where required) the database users. Then you can give
the firebird user owner privs in the spaces where it needs them, and give
group privs to the spaces where owner privs are not required.
> >Don't overlook the Firebird 1.5 release notes, esp. the section on Linux
> > 4) if you installed Classic
>No
>
>(rather than Superserver
>Yes
>
>) then you may find
> > that you also need to grant rwx perms on the database file to any local
> > unix user who wants to access it with a local connect, i.e. using the
> > libfbemb.so client.
>
>At this stage I'm not too focused on local users. I really want Windows
>users accessing a Linux db server.
> >
> > 5) Don't do Firebird stuff as root!!!!!!!!!!!
>
>OK. I promise. I'll start again from scratch.
>
>Thanks Helen - I'm reading your fabulous The Firebird Book a bit at a
>time. The next bit will be starting from scratch :)
installation. It's likely the notes + the sub-release notes are a bit more
up-to-date on those areas. Lots of changes happened to Linux last year...
fwiw, I'm decidedly a seat-of-the-pants sailor when it comes to Linux; and
I've also upgraded my Linux machines since last year. It would be true to
say that I am an expert at stuffing it up. I really like Mandrake 10,
though. Really really really. It's very good with hardware and with
configuration in general.
./heLen