8
0
mirror of https://github.com/FirebirdSQL/firebird.git synced 2025-01-25 04:43:03 +01:00
firebird-mirror/builds/install/misc/classicLibrary.sh.in

181 lines
4.0 KiB
Bash
Raw Normal View History

2005-04-29 20:16:46 +02:00
#!/bin/sh
#------------------------------------------------------------------------
# init defaults
DefaultLibrary=libfbembed
#------------------------------------------------------------------------
# fixFilePermissions
# Change the permissions to restrict access to server programs to
# firebird group only. This is MUCH better from a saftey point of
# view than installing as root user, even if it requires a little
# more work.
fixFilePermissions() {
chown -R $RunUser:$RunGroup $FBRootDir
# Turn other access off.
chmod -R o= $FBRootDir
# Now fix up the mess.
# fix up directories
for i in `find $FBRootDir -print`
do
FileName=$i
if [ -d $FileName ]
then
chmod o=rx $FileName
fi
done
# set up the defaults for bin
cd $FBBin
for i in `ls`
do
chmod ug=rx,o= $i
done
# User can run these programs, they need to talk to server though.
# and they cannot actually create a database.
chmod a=rx isql
chmod a=rx qli
2005-08-16 12:04:13 +02:00
# Root SUID is still needed for group direct access.
# General users cannot run though.
for i in fb_lock_mgr
2005-04-29 20:16:46 +02:00
do
if [ -f $i ]
then
2005-08-16 12:04:13 +02:00
chown root $i
2005-04-29 20:16:46 +02:00
chmod ug=rx,o= $i
chmod ug+s $i
fi
done
2005-12-18 16:23:32 +01:00
# set up libraries
2005-12-18 16:23:32 +01:00
cd $FBRootDir
cd lib
chmod a=rx lib*
2005-04-29 20:16:46 +02:00
# set up include files
cd $FBRootDir
cd include
chmod a=r *
2005-04-29 20:16:46 +02:00
# Fix lock files
2005-08-16 12:04:13 +02:00
cd $FBRootDir
2005-04-29 20:16:46 +02:00
for i in isc_init1 isc_lock1 isc_event1
do
FileName=$i.`hostname`
touch $FileName
chmod ug=rw,o= $FileName
done
# Fix the rest
touch firebird.log
chmod ug=rw,o= firebird.log
chmod a=r aliases.conf
chmod a=r firebird.conf
chmod a=r firebird.msg
2005-10-26 16:03:19 +02:00
chmod a=r help/help.fdb
2005-04-29 20:16:46 +02:00
chmod ug=rw,o= $SecurityDatabase
2005-08-16 12:04:13 +02:00
if [ "$RunUser" = "root" ]
# In that case we must open databases to the world...
# That's a pity, but required if root RunUser choosen.
then
chmod a=rw $SecurityDatabase
fi
2005-04-29 20:16:46 +02:00
# fix up examples' permissions
cd examples
# set a default of read all files in examples
for i in `find . -name '*' -type f -print`
do
chmod a=r $i
done
# set a default of read&search all dirs in examples
for i in `find . -name '*' -type d -print`
do
chmod a=rx $i
done
# make examples db's writable by group
for i in `find . -name '*.fdb' -print`
do
2006-04-16 14:58:29 +02:00
chown $RunUser:$RunUser $i
2005-04-29 20:16:46 +02:00
chmod ug=rw,o= $i
done
cd ..
}
#------------------------------------------------------------------------
# changeXinetdServiceUser
# Change the run user of the xinetd service
changeXinetdServiceUser() {
InitFile=/etc/xinetd.d/firebird
if [ -f $InitFile ]
then
editFile $InitFile user "\tuser\t\t\t= $RunUser"
fi
}
#------------------------------------------------------------------------
# Update inetd service entry
# This just adds/replaces the service entry line
updateInetdEntry() {
newLine="gds_db stream tcp nowait.30000 $RunUser $FBBin/fb_inet_server fb_inet_server # Firebird Database Remote Server"
replaceLineInFile /etc/inetd.conf "$newLine" "^gds_db"
}
#------------------------------------------------------------------------
# Update xinetd service entry
updateXinetdEntry() {
cp $FBRootDir/misc/firebird.xinetd /etc/xinetd.d/firebird
changeXinetdServiceUser
}
#------------------------------------------------------------------------
# Update inetd service entry
# Check to see if we have xinetd installed or plain inetd.
# Install differs for each of them.
updateInetdServiceEntry() {
if [ -d /etc/xinetd.d ]
then
updateXinetdEntry
else
updateInetdEntry
fi
}
2005-08-16 12:04:13 +02:00
#------------------------------------------------------------------------
# change init.d RunUser
changeInitRunUser() {
2005-04-29 20:16:46 +02:00
# do nothing for CS
return 0
}
#------------------------------------------------------------------------
2005-08-16 12:04:13 +02:00
# start init.d service
2005-04-29 20:16:46 +02:00
2005-08-16 12:04:13 +02:00
startService() {
2005-04-29 20:16:46 +02:00
# do nothing for CS
return 0
}