| Subject | Re: [IBPP-DISCUSS] [firebird-support] FB Embedded on Linux without need for root account |
|---|---|
| Author | Micha Feigin |
| Post date | 2006-07-16T13:36:50Z |
On Sat, 15 Jul 2006 11:52:20 +1000
Helen Borrie <helebor@...> wrote:
[...]
stat run/isc_lock1.litshi and then open it, but since the directory run doesn't
exist the file can't be created. If you use the global firebird settings (by
adding the user to the firebird group instead of using the supplied
instructions), then it uses the global run directory (/usr/lib/firebird2/run on
debian) so there is no problem.
umask(0) = 022
stat64("/home/micha/dev/firebird/run/isc_lock1.litshi", 0xbfecb674) = -1 ENOENT (No such file or directory)
open("/home/micha/dev/firebird/run/isc_lock1.litshi", O_RDWR|O_CREAT|O_TRUNC|O_LARGEFILE, 0660) = -1 ENOENT (No such file or directory)
umask(022) = 0
to the current directory and put your own password file there.
programmers guild it firebird. On the other hand, ibpp won't let you create a
new database object without at least a username so I don't think it's useful
from the programmers side. I'll be happy to learn differently.
Helen Borrie <helebor@...> wrote:
[...]
>It doesn't. If you look at the following dump from strace, the program tries to
> >I worked with it a bit to get it to work, and a few straces later and several
> >file not found errors I found out that at least on my machine you need to
> >also create an empty run directory.
>
> That might have to do with the logged-in Linux user's file
> permissions. Unlike "full server", Embedded on Linux access the
> database file directly, so the logged-in user needs the proper
> permissions at both folder (rwx) and file (rw) levels. So, if the
> logged-in user belongs to a group that has these permissions at group
> level, everything should be like chocolate mousse.
>
stat run/isc_lock1.litshi and then open it, but since the directory run doesn't
exist the file can't be created. If you use the global firebird settings (by
adding the user to the firebird group instead of using the supplied
instructions), then it uses the global run directory (/usr/lib/firebird2/run on
debian) so there is no problem.
umask(0) = 022
stat64("/home/micha/dev/firebird/run/isc_lock1.litshi", 0xbfecb674) = -1 ENOENT (No such file or directory)
open("/home/micha/dev/firebird/run/isc_lock1.litshi", O_RDWR|O_CREAT|O_TRUNC|O_LARGEFILE, 0660) = -1 ENOENT (No such file or directory)
umask(022) = 0
> >On the other hand, why is all the fuss with the password file if youWith the embeded version authentication is useless since you can point firebird
> >can simply
> >import you own password file whenever you work with the embeded server.
> >Wouldn't it be simpler and lighter all around to just allow for an
> >empty/default username/password? (it would also save the 600K extra
> >file in the directory).
>
> Well....it would save 600K on disk but it would break the current
> authentication model. Fb 3.0 will have more authentication options.
>
to the current directory and put your own password file there.
> I wonder whether you (and Milan) know that you can set up the LinuxI didn't know, I will try and look at it, although I am still tying to find a
> user in the Firebird security database so that, if the Linux user is
> already logged in, it won't have to endure separate authentication
> when connecting to Firebird? Milan, this would be worth adding to
> your paper, with perhaps some reference to SQL privileges and Roles...
>
programmers guild it firebird. On the other hand, ibpp won't let you create a
new database object without at least a username so I don't think it's useful
from the programmers side. I'll be happy to learn differently.
> ../heLen
>
>
>
> +++++++++++++++++++++++++++++++++++++++++++
> This Mail Was Scanned By Mail-seCure System
> at the Tel-Aviv University CC.