Subject Re: [IBPP-DISCUSS] [firebird-support] FB Embedded on Linux without need for root account
Author Helen Borrie
At 09:29 AM 15/07/2006, micht wrote:
>Quoting Milan Babuskov <milanb@...>:
> > Hi,
> >
> > Since I see that topic comes out from time to time, I wrote a simple
> > Firebird Embedded Linux HOWTO. It shows how you can use embedded
> > Firebird on Linux without having the full server installed, and without
> > having access to root account:
> >
> >
> >

Nice paper Milan....are you aware of the Firebird documentation project?

[also requoting Milan]

> > P.S. Perhaps someone would be interested to add this to knowledge base
> > at Firebird and/or IBPP website? I hate when documentation is scattered
> > around.

Don't we all hate the way good stuff is dispersed all over the web !

I have taken the html from your site and plonked it provisionally
into the "papers" section of my local copy of the "manual" section of
the CVS tree. It needs a little work to get it into Docbook format,
which I'm willing to do if you can't do it yourself...but the html is
good and clean, so it won't be a huge task. It's highly desirable to
do it this way as it ensures consistency and makes updating and
translation a breeze.

>I worked with it a bit to get it to work, and a few straces later and several
>file not found errors I found out that at least on my machine you need to also
>create an empty run directory.

That might have to do with the logged-in Linux user's file
permissions. Unlike "full server", Embedded on Linux access the
database file directly, so the logged-in user needs the proper
permissions at both folder (rwx) and file (rw) levels. So, if the
logged-in user belongs to a group that has these permissions at group
level, everything should be like chocolate mousse.

>On the other hand, why is all the fuss with the password file if you
>can simply
>import you own password file whenever you work with the embeded server.
>Wouldn't it be simpler and lighter all around to just allow for an
>empty/default username/password? (it would also save the 600K extra
>file in the directory). would save 600K on disk but it would break the current
authentication model. Fb 3.0 will have more authentication options.

I wonder whether you (and Milan) know that you can set up the Linux
user in the Firebird security database so that, if the Linux user is
already logged in, it won't have to endure separate authentication
when connecting to Firebird? Milan, this would be worth adding to
your paper, with perhaps some reference to SQL privileges and Roles...