8
0
mirror of https://github.com/FirebirdSQL/firebird.git synced 2025-01-25 01:23:03 +01:00
firebird-mirror/builds/install/misc/superLibrary.sh.in

84 lines
2.0 KiB
Bash
Raw Normal View History

2005-04-29 20:16:46 +02:00
#!/bin/sh
#------------------------------------------------------------------------
# init defaults
DefaultLibrary=libfbclient
#------------------------------------------------------------------------
# fixFilePermissions
# Change the permissions to restrict access to server programs to
# firebird group only. This is MUCH better from a saftey point of
# view than installing as root user, even if it requires a little
# more work.
fixFilePermissions() {
# For security reasons initially force all root:root non-writable
chown -R root:root $FBRootDir
chmod -R uga-w $FBRootDir
# Prepare bin
cd $FBBin
# Everyone may execute clients
chmod 0555 *
# Shell scripts changing security attributes are for root only
chmod 0500 *.sh
# Lock files
cd $FBRootDir
for i in isc_init1 isc_lock1 isc_event1 isc_guard1 isc_monitor1
2005-04-29 20:16:46 +02:00
do
FileName=$i.`hostname`
touch $FileName
MakeFileFirebirdWritable $FileName
done
touch firebird.log
MakeFileFirebirdWritable firebird.log
# Security database
# Nobody besides firebird permitted to even read this file
2006-04-16 14:58:29 +02:00
chown $RunUser:$RunUser $SecurityDatabase
2005-04-29 20:16:46 +02:00
chmod 0600 $SecurityDatabase
# fix up examples' permissions
cd examples
# set a default of read all files in examples
for i in `find . -name '*' -type f -print`
do
chmod a=r $i
done
# set a default of read&search all dirs in examples
for i in `find . -name '*' -type d -print`
do
chmod a=rx $i
done
# make examples db's writable by group
for i in `find . -name '*.fdb' -print`
do
2006-04-16 14:58:29 +02:00
chown $RunUser:$RunUser $i
2005-04-29 20:16:46 +02:00
chmod ug=rw,o= $i
done
# fix up doc permissions
fixDocPermissions
cd $FBRootDir
2005-04-29 20:16:46 +02:00
}
#------------------------------------------------------------------------
# Update inetd service entry
# Check to see if we have xinetd installed or plain inetd.
# Install differs for each of them.
updateInetdServiceEntry() {
# do nothing for SS
return 0
}