diff --git a/builds/install/misc/firebird.conf b/builds/install/misc/firebird.conf index eb80895a9a..e55ecc7439 100644 --- a/builds/install/misc/firebird.conf +++ b/builds/install/misc/firebird.conf @@ -2,10 +2,12 @@ # # Firebird version 5.0 configuration file # +######################################### + # Comments # -------- # The # character is used for comments and can be placed anywhere on a -# line. Anything following the # character on a line is considered a +# line. Anything following the # character on a line is considered a # comment. # # Examples: @@ -19,7 +21,7 @@ # To activate an entry, remove the leading "#"s and supply the desired # value. # -# Please note, by default a number of the values are specified in **Bytes** (Not KB). +# By default, a number of the values are specified in **Bytes** (Not KB). # You may add obvious abbreviations k, m and g in the end of a number to specify # kilobytes, megabytes and gigabytes. # @@ -50,8 +52,8 @@ # Per-database configuration is done in file databases.conf (former aliases.conf). # Per-connection configuration is primarily client tool and done using # isc_dpb_config parameter in DPB (isc_spb_config for services). -# Configuration data, added to parameters block, has same format as this file. -# Pay attention that since firebird3 there is no hard limit of 255 bytes per entry +# Configuration data, added to parameters block, has the same format as this file. +# Pay attention that since Firebird 3.0 there is no hard limit of 255 bytes per entry # provided you are using isc_dpb_version2 format of DPB. The simplest way to create # DPB/SPB is to use IXpbBuilder - when needed you will have >255 bytes entries in # parameters block. Notice that per-database entries also may be tuned using DPB @@ -62,10 +64,10 @@ # There is a number of predefined macro commands, that can be used in config # files where directory name is needed. They are available using $(name) syntax. # The complete list of them as follows: -# root - root directory of firebird instance -# install - directory where firebird is installed +# root - root directory of Firebird instance +# install - directory where Firebird is installed # this - directory where current configuration file is located -# dir_conf - directory where firebird.conf and databases.conf are located +# dir_conf - directory where Firebird.conf and databases.conf are located # dir_secDb - directory where default security database is located # dir_plugins - directory where plugins are located # dir_udf - directory where UDFs are located by default @@ -73,10 +75,9 @@ # dir_sampleDb - directory where sample DB (employee.fdb) is located # dir_intl - directory where international modules are located # dir_msg - directory where messages file (firebird.msg) is located -# Like the rest of config internals macros are case-insensitive. +# Like the rest of config internals, macros are case-insensitive. # Capital letters here are used only for better human readability. # -# # Includes # -------- # One can include one config file into another one. @@ -90,8 +91,6 @@ # # Portions of this file have been reproduced/made available with the # permission of Ann Harrison @ IBPhoenix. -# -######################################### # ---------------------------- @@ -99,9 +98,9 @@ # # DatabaseAccess may be None, Full or Restrict. If you choose Restrict, # provide ';'-separated trees list, where database files are stored. -# Relative paths are treated relative to the root directory of firebird. -# Default value 'Full' gives full access to all files on your site. -# To specify access to specific trees, enum all required paths +# Relative paths are treated relative to the root directory of Firebird. +# Default value 'Full' gives full access to all files on your system. +# To specify access to specific trees, enumerate all required paths # (for Windows this may be something like 'C:\DataBase;D:\Mirror', # for unix - '/db;/mnt/mirrordb'). If you choose 'None', then only # databases listed in databases.conf can be attached using alias. @@ -128,12 +127,12 @@ # ---------------------------- # Ability to access databases remotely # -# RemoteAccess may be true or false (1/0, Yes/No) - it's boolean value. +# RemoteAccess may be true or false (1/0, Yes/No) - it's a boolean value. # By default RemoteAccess to all databases except security DB is enabled. -# If you plan to use more than one dedicated security database it's +# If you plan to use more than one dedicated security database, it's # recommended to disable remote access to them in databases.conf. -# However (as an additional method to have secure enhanced firebird -# installation) one can disable remote access globally and re-enable +# However, as an additional method to have secure enhanced Firebird +# installation, one can disable remote access globally and re-enable # in databases.conf only for specific databases. # # Per-database configurable. @@ -149,7 +148,7 @@ # ExternalFileAccess may be None, Full or Restrict. If you choose # Restrict, provide ';'-separated trees list, where external files # are stored. Relative paths are treated relative to the root directory -# of firebird. Default value 'None' disables any use of external files +# of Firebird. Default value 'None' disables any use of external files # on your site. To specify access to specific trees, enum all required # paths (for Windows this may be something like 'C:\ExternalTables', # for unix - '/db/extern;/mnt/extern'). @@ -157,7 +156,7 @@ # Per-database configurable. # # NOTE: THE EXTERNAL TABLE ENGINE FEATURE COULD BE USED TO COMPROMISE -# THE SERVER/HOST AS WELL AS DATABASE SECURITY!! +# THE SERVER/HOST AS WELL AS DATABASE SECURITY! # # IT IS STRONGLY RECOMMENDED THAT THIS SETTING BE USED TO LIMIT # EXTERNAL TABLE LOCATIONS! @@ -173,15 +172,15 @@ # UdfAccess may be None, Full or Restrict. If you choose # Restrict, provide ';'-separated trees list, where UDF libraries # are stored. Relative paths are treated relative to the root directory -# of firebird. +# of Firebird. # -# Since FB4.0 default value is None. Set it to 'Restrict UDF' to have -# the same restrictions as in previous FB versions. To specify access -# to specific trees, enum all required paths (for Windows this may be -# something like 'C:\ExternalFunctions', for unix - '/db/udf;/mnt/udf'). +# The default value is None. Set it to 'Restrict UDF' to have the same +# restriction as in Firebird 3 and earlier. To specify access to specific +# trees, enumerate all required paths (for Windows this may be something +# like 'C:\ExternalFunctions', for unix - '/db/udf;/mnt/udf'). # # NOTE: THE EXTERNAL FUNCTION ENGINE FEATURE COULD BE USED TO COMPROMISE -# THE SERVER/HOST AS WELL AS DATABASE SECURITY!! +# THE SERVER/HOST AS WELL AS DATABASE SECURITY! # # IT IS STRONGLY RECOMMENDED THAT THIS SETTING REMAINS NONE! # @@ -194,7 +193,7 @@ # Temporary directories # # Provide ';'-separated trees list, where temporary files are stored. -# Relative paths are treated relative to the root directory of firebird. +# Relative paths are treated relative to the root directory of Firebird. # Default value is determined using FIREBIRD_TMP, TEMP or TMP # environment options. Once the first specified directory has no # available space, the engine will switch to the next one, and so on. @@ -212,7 +211,7 @@ # ---------------------------- # Directory to put data of temporary tables and blobs # -# When empty, not exists or not accessible, default directory will be used +# When empty, not exists or not accessible, the default directory will be used # as determined by FIREBIRD_TMP, TEMP or TMP environment variables. # # Per-database configurable. @@ -231,10 +230,11 @@ # #AuditTraceConfigFile = + # ---------------------------- # Maximum summary size of each user trace session's log files in MB. # When log files size reach this limit, trace session automatically -# suspends until interactive user service read and delete some log files. +# suspends until an interactive user service reads and deletes log files. # # Type: integer # @@ -244,11 +244,11 @@ # ---------------------------- # Number of cached database pages # -# This sets the number of pages from any one database that can be held -# in cache at once. If you increase this value, the engine will -# allocate more pages to the cache for every database. By default, the -# SuperServer allocates 2048 pages for each database and the classic -# allocates 256 pages per client connection per database. +# The number of pages from any one database that can be held in cache +# at once. If you increase this value, the engine will allocate more +# pages to the cache for every database. By default, SuperServer +# allocates 2048 pages for each database and Classic and SuperClassic +# allocate 256 pages per client connection per database. # # Per-database configurable. # @@ -256,15 +256,16 @@ # #DefaultDbCachePages = 2048 + # ---------------------------- # Disk space preallocation # # Sets the amount of preallocated disk space in bytes. Disk space -# preallocation allows to reduce physical file fragmentation and to make -# database work in out of disk space condition. With preallocation enabled, -# engine allocates 1/16nth of already allocated disk space at a time but +# preallocation reduces physical file fragmentation and can allow databases +# to work in out of disk space conditions. With preallocation enabled, +# the engine allocates 1/16nth of already allocated disk space at a time, but # not less than 128KB and no more than DatabaseGrowthIncrement (128MB by -# default). To disable preallocation set DatabaseGrowthIncrement to zero. +# default). To disable preallocation, set DatabaseGrowthIncrement to zero. # Shadow database files are not preallocated. # # Per-database configurable. @@ -273,11 +274,11 @@ # #DatabaseGrowthIncrement = 128M + # ---------------------------- # File system cache usage # -# Determines whether Firebird will use file system cache for database files or -# not. +# Determines if Firebird will use the file system cache for database files. # # Type: boolean # @@ -285,26 +286,25 @@ # #UseFileSystemCache = true + # ---------------------------- # File system cache threshold # -# The threshold value that determines whether Firebird will use file system -# cache or not. File system caching is used if database cache size in pages -# (configured explicitly in database header or via DefaultDbCachePages setting) -# is less than FileSystemCacheThreshold value. +# The threshold value that determines if Firebird will use the file system +# cache. File system caching is used if database cache size in pages +# (configured explicitly in the database header or via DefaultDbCachePages setting) +# is less than the value of FileSystemCacheThreshold. # -# To use file system cache always set FileSystemCacheThreshold to a large value. -# To bypass file system cache for all databases set FileSystemCacheThreshold to +# To always use the file system cache, set FileSystemCacheThreshold to a large value. +# To bypass the file system cache for all databases, set FileSystemCacheThreshold to # zero. # # CAUTION! # This setting is deprecated and will be removed in future Firebird versions. -# Consider using "UseFileSystemCache" setting instead. -# If "UseFileSystemCache" is set, then value of "FileSystemCacheThreshold" is -# ignored. -# If "UseFileSystemCache" is not set, and "FileSystemCacheThreshold" is set -# then value of "FileSystemCacheThreshold" is in use and accounted by the -# engine. +# Consider using UseFileSystemCache setting instead. +# If UseFileSystemCache is set, the value of FileSystemCacheThreshold is ignored. +# If UseFileSystemCache is not set, and FileSystemCacheThreshold is set, the value +# of FileSystemCacheThreshold is in use and accounted by the engine. # # Type: integer, measured in database pages # @@ -312,33 +312,35 @@ # #FileSystemCacheThreshold = 64K + # ---------------------------- # File system cache size # # This setting controls the maximum amount of RAM used by Windows file system -# cache on 64-bit Windows XP, Windows Server 2003 SP1 or later host. It has no -# effect for Unix hosts in this release yet. +# cache on a 64-bit Windows host. It has no effect for Unix hosts in this release yet. # # Note that the lowest number presently supported is 10%, and the highest number -# is 95%; numbers outside these limits will be set to the default of 30%. +# is 95%; numbers outside these limits will apply a default value of 30%. # -# If the cache size has already been selected when the engine starts the host +# If the cache size has already been selected when the engine starts, the host # setting will not be changed. Thus you may need to reboot the host for the # change of this setting to have effect. # -# To leave host caching settings unchanged set this parameter to 0. This is +# To leave host caching settings unchanged, set this parameter to 0. This is # the default parameter value. # # Security note -# To adjust the setting engine needs SeIncreaseQuotaPrivilege right. Built-in -# service accounts and administrators have it by default. Installer grants this -# right to Firebird service account. If the engine fails to adjust the cache -# size setting it will log warning message to the firebird.log and continue. +# To adjust the setting, the engine needs the SeIncreaseQuotaPrivilege right. +# Built-in service accounts and administrators have it by default. The installer +# grants this right to the Firebird service account. If the engine fails to adjust +# the cache size setting, it will log a warning message to the firebird.log and +# continue. # # Type: integer, measured in % of total physical RAM # #FileSystemCacheSize = 0 + # ---------------------------- # Remove protection against opening databases on NFS mounted volumes on # Linux/Unix and SMB/CIFS volumes on Windows. @@ -374,10 +376,10 @@ # # The situation for SMB/CIFS is quite similar to NFS with not all configurations # providing file locking mechanisms needed for safe operation. Using SuperServer -# engine with the database on NT file server may be considered relatively safe -# as file locking protects the database from being used by the several engines. -# Network stack can still change order of writes so you may get a corrupted -# database in case of network errors or power outage. +# engine with the database on a Windows Server file server may be considered +# relatively safe as file locking protects the database from being used by +# several engines. The network stack can still change order of writes, so you +# may get a corrupted database in case of network errors or power outage. # # The useful and safe case is working with a shared database marked read-only. # @@ -387,9 +389,12 @@ # #RemoteFileOpenAbility = 0 -# ---------------------------- + +# ============================ # Temporary space management -# +# ============================ + +# ---------------------------- # Temporary storage is used by the sorting module, it's also # intended to store temporary datasets etc. # @@ -404,7 +409,7 @@ # #TempBlockSize = 1M -# +# ---------------------------- # The maximum amount of the temporary space that can be cached # in memory. # @@ -418,13 +423,15 @@ # #TempCacheLimit = 64M + # ---------------------------- # Maximum allowed identifier name length in bytes # # Sets a limit for the number of bytes in an identifier. # -# Set to 31 to limit as Firebird 3 and previous versions. -# Setting this value for all databases (including the security database) may cause problems. +# Set to 31 to limit as Firebird 3.0 and previous versions. Setting +# this value for all databases (including the security database) may +# cause problems. # # Per-database configurable. # @@ -432,12 +439,14 @@ # #MaxIdentifierByteLength = 252 + # ---------------------------- # Maximum allowed identifier name length in characters # # Sets a limit for the number of characters in an identifier. # -# Setting this value for all databases (including the security database) may cause problems. +# Setting this value for all databases (including the security database) +# may cause problems. # # Per-database configurable. # @@ -445,12 +454,13 @@ # #MaxIdentifierCharLength = 63 + # ---------------------------- -# Threshold that controls whether to store non-key fields inside the sort block -# or refetch them from data pages after the sorting. +# Threshold that controls whether to store non-key fields in the sort block or +# refetch them from data pages after sorting. # # Defines the maximum sort record size (in bytes) that can be stored inline, -# i.e. inside the sort block. Zero means that records are always refetched. +# i.e. in the sort block. Zero means that records are always refetched. # # Per-database configurable. # @@ -458,27 +468,31 @@ # #InlineSortThreshold = 1000 -# ---------------------------- + +# ============================ +# Plugin settings +# ============================ # -# This group of parameters determines what plugins will be used by firebird. +# This group of parameters determines what plugins will be used by Firebird. # Format of string is the list of plugins, separated by space, ',' or ';'. # Plugins will be tried in an order, specified here. # In many cases correct order is important! # # Type: string +# ---------------------------- # AuthServer and AuthClient determine which authentication methods will be used -# by network server and client redirector. The Secure remote password plugin -# using SHA-256 for the client proof is the default for both client and Server. +# by network server and client redirector. The Secure Remote Password plugin +# using SHA-256 for the client proof is the default for both client and server. # Additionally, the default client configuration (AuthClient) also supports old Srp # plugin using SHA-1 for the client proof. This enables backwards compatibility -# with old Firebird 3 servers but does not comply with NIST security requirements. +# with old Firebird 3.0 servers, but does not comply with NIST security requirements. # Srp plugins using other SHA algorithms (SHA-224, SHA-384 & SHA-512) are also # implemented and may be used (names are Srp224, Srp384 & Srp512 respectively). # -# The default client configuration (AuthClient) also supports the pre-Firebird 3 legacy -# authentication protocol (Legacy_Auth). This is again for backwards -# compatibility but has many known weaknesses and is deprecated for current use. +# The default client configuration (AuthClient) also supports the pre-Firebird 3.0 +# legacy authentication protocol (Legacy_Auth). This is again for backwards +# compatibility, but has many known weaknesses and is deprecated. # # The default Windows client configuration (AuthClient) also includes support for # the Win_Sspi plugin. This implements windows trusted authentication and is backward @@ -487,19 +501,20 @@ # Per-database configurable. # #AuthServer = Srp256 -# + # Per-connection and per-database configurable. # #AuthClient = Srp256, Srp, Legacy_Auth #Non Windows clients #AuthClient = Srp256, Srp, Win_Sspi, Legacy_Auth #Windows clients -# -# If you need to use server plugins that do not provide encryption key (Legacy_Auth is the -# only such std plugin) you should also turn off required encryption on the wire with WireCrypt -# configuration parameter except when working with the XNET protocol which is never encrypted. -# -# UserManager sets plugin used to work with security database. If more than -# one plugin is given, first plugin from the list is used by default. If you +# If you need to use server plugins that do not provide encryption key (Legacy_Auth is the +# only such standard plugin) you should also turn off required encryption on the wire with WireCrypt +# configuration parameter except when working with the XNET protocol which is never encrypted. + + +# ---------------------------- +# UserManager sets the plugins used to work with the security database. If more than +# one plugin is given, the first plugin from the list is used by default. If you # need to manage legacy logins using legacy tools set it to Legacy_UserManager. # Other managers may be chosen in create/alter/drop user commands. # @@ -507,51 +522,61 @@ # #UserManager = Srp + +# ---------------------------- # Default profiler plugin used to profile connections using the RDB$PROFILER package. # # Per-database configurable. # #DefaultProfilerPlugin = Default_Profiler -# TracePlugin is used by firebird trace facility to send trace data to the user + +# ---------------------------- +# TracePlugin is used by Firebird trace facility to send trace data to the user # or log file in audit case. # #TracePlugin = fbtrace -# Wire crypt plugins are used to crypt data transferred over the wire. -# In default case wire is encrypted using ChaCha#20 (32/64 bit counter variants) + +# ---------------------------- +# Wire crypt plugins are used to encrypt data transferred over the wire. +# By default, data is encrypted using ChaCha#20 (32/64 bit counter variants) # or Alleged RC4. Key must be generated by auth plugin. # For chacha we are using 16 or 32 bytes key (depends upon what is provided -# by auth plugin), 12 (8) bytes nonce and 4 (8) bytes counter, 20 (10 + 10) rounds are made. +# by auth plugin), 12 (8) bytes nonce and 4 (8) bytes counter, 20 (10 + 10) +# rounds are made. # # Per-connection configurable. # #WireCryptPlugin = ChaCha64, ChaCha, Arc4 + +# ---------------------------- # Key holder is a kind of temp storage for DB crypt keys. # There is no default for this kind of plugins. # #KeyHolderPlugin = + # ---------------------------- -# # Ability to use encrypted security database # -# If one relies on network encryption feature with crypt key generated -# by authentication plugin (like SRP does) to transfer database crypt -# keys over the wire then use of encrypted security databases is a kind of -# vicious circle. In order to send DB crypt key over the wire in secure way -# wire transfers should be already encrypted but this requires wire crypt key -# from authentication plugin which needs to open security database for hash -# validation which in turn requires DB crypt key. Luckily in most cases there -# is no big need to encrypt security database - it protects itself quite well -# if you use high quality passwords. But in some cases it's desired to have -# security database encrypted, for example if one wants to use self security -# database feature for encrypted database. In that case special care should be -# taken to encrypt that key before passing it to server using callback. Make -# sure your keys are well encrypted before enabling this parameter. Take into -# account that with AllowEncryptedSecurityDatabase=TRUE unencrypted by firebird -# protocol key transfer may take place even with not encrypted security database. +# If one relies on network encryption with the encryption key generated by +# the authentication plugin (like SRP does) to transfer database encryption +# keys over the wire, use of encrypted security databases is a kind of vicious +# circle. In order to send the DB encryption key over the wire in a secure way, +# wire transfers should be already encrypted, but this requires a wire encryption +# key from the authentication plugin, which needs to open the security database +# for hash validation which in turn requires the DB encryption key. Luckily, in +# most cases there is no big need to encrypt security database - it protects +# itself quite well if you use high quality passwords. But in some cases, it is +# necessary to have the security database encrypted, for example if one wants to +# use the self security database feature for an encrypted database. In that case, +# special care should be taken to encrypt that key before passing it to server +# using a callback. +# Make sure your keys are well encrypted before enabling this parameter. Take into +# account that with AllowEncryptedSecurityDatabase=TRUE, unencrypted key transfer +# may take place even when the security database is not encrypted. # This feature is not supported by legacy authentication plugin - if you care # about security please never use legacy authentication. # @@ -565,11 +590,11 @@ # #AllowEncryptedSecurityDatabase = false + # ---------------------------- -# -# This parameter determines what providers will be used by firebird. -# Format is the same as for the list of plugins (see a few lines before). -# This is not strange because internally provider is just a kind of plugin. +# This parameter determines what providers will be used by Firebird. +# Format is the same as for the list of plugins (see above). Internally, +# a provider is just a kind of plugin. # # Type: string # @@ -579,10 +604,9 @@ # ---------------------------- -# # Determines the number of seconds that the lock manager will wait after a # conflict has been encountered before purging locks from dead processes -# and doing extra deadlock scan cycle. Engine detects deadlocks instantly +# and doing an extra deadlock scan cycle. The engine detects deadlocks instantly # in all normal cases, so this value affects things only if something goes # wrong. Setting it too low may degrade system performance. # @@ -594,7 +618,6 @@ # ---------------------------- -# # Set number of seconds after which statement execution will be automatically # cancelled by the engine. Zero means no timeout is set. # @@ -606,7 +629,6 @@ # ---------------------------- -# # Set number of minutes after which idle attachment will be disconnected by the # engine. Zero means no timeout is set. # @@ -618,7 +640,6 @@ # ---------------------------- -# # Set number of seconds after which ON DISCONNECT trigger execution will be # automatically cancelled by the engine. Zero means no timeout is set. # @@ -630,12 +651,11 @@ # ---------------------------- -# # How often the pages are flushed on disk # (for databases with ForcedWrites=Off only) # # Number of unflushed writes which will accumulate before they are -# flushed, at the next transaction commit. For non-Windows ports, +# flushed, at the next transaction commit. For non-Windows ports, # the default value is -1 (Disabled) # # Per-database configurable. @@ -644,7 +664,6 @@ # #MaxUnflushedWrites = 100 -# # Number of seconds during which unflushed writes will accumulate # before they are flushed, at the next transaction commit. For non-Windows # ports, the default value is -1 (Disabled) @@ -657,15 +676,14 @@ # ---------------------------- +# This option controls whether to call abort() when an internal error or BUGCHECK +# is encountered, thus invoking the post-mortem debugger which can dump core +# suitable for off-line analysis. When disabled, the engine tries to minimize damage +# and continue execution. # -# This option controls whether to call abort() when internal error or BUGCHECK -# is encountered thus invoke post-mortem debugger which can dump core suitable -# for off-line analysis. When disabled engine tries to minimize damage and -# continue execution. -# -# Note that setting this option to 1 makes engine produce traceable coredumps -# when something nasty like SIGSEGV happens inside UDF. On Windows enabling -# this option makes engine invoke JIT debugger facilities when errors happen. +# Setting this option to 1 makes the engine produce traceable coredumps when +# something nasty like SIGSEGV happens inside UDF. On Windows, enabling this option +# makes the engine invoke the JIT debugger facilities when errors happen. # # For debugging builds (DEV_BUILD), default value is 1 (Enabled) # @@ -675,17 +693,17 @@ # ---------------------------- -# How COMMIT\ROLLBACK RETAINING handle GLOBAL TEMPORARY TABLE ON COMMIT DELETE ROWS +# How COMMIT/ROLLBACK RETAINING handle GLOBAL TEMPORARY TABLE ON COMMIT DELETE ROWS # # GLOBAL TEMPORARY TABLE ON COMMIT DELETE ROWS (GTT) data is cleared on "hard" -# commit (rollback) but should be preserved on commit(rollback) retaining. -# Due to bug in initial implementation in Firebird 2.1 that data is not visible +# commit (rollback) but should be preserved on commit (or rollback) retaining. +# Due to a bug in the initial implementation in Firebird 2.1, that data is not visible # for the application. This setting allows to preserve backward compatibility # (i.e. clear GTT data on commit\rollback retaining). -# Value of 0 makes engine to not clear GTT data on commit\rollback retaining and -# let application to see it. +# Value of 0 makes the engine not clear GTT data on commit/rollback retaining and +# let application see it. # Default value is 0 (preserve GTT data on commit\rollback retaining). -# Note: this setting is expected to be removed at Firebird 5. +# Note: this setting is expected to be removed in Firebird 5. # # Per-database configurable. # @@ -708,7 +726,7 @@ # SELECT TABLE.X FROM TABLE A # # It is not recommended to enable this setting. It should be regarded as an -# interim workaround for porting untidy legacy code, until it is practicable to +# interim workaround for porting untidy legacy code, until it is possible to # revise such code. # # CAUTION! @@ -719,20 +737,22 @@ # #RelaxedAliasChecking = 0 + # ---------------------------- -# Engine currently provides statement-level read consistency in READ COMMITTED -# mode by default. In this mode rec_version/no_rec_version transaction flags have -# no effect. Setting this parameter to 0 effectively reverts engine to legacy +# The engine currently provides statement-level read consistency in READ COMMITTED +# mode by default. In this mode, rec_version/no_rec_version transaction flags have +# no effect. Setting this parameter to 0 effectively reverts the engine to legacy # behavior. # # Type: boolean # #ReadConsistency = 1 + # ---------------------------- -# Engine currently provides a number of new datatypes unknown to legacy clients. -# In order to simplify use of old applications set this parameter to minor FB -# version datatype compatibility with which you need. Currently two values are +# The engine provides a number of new datatypes unknown to legacy clients. +# To simplify use of old applications set this parameter to the Firebird version +# matching the datatype compatibility you need. Currently two values are # supported: 3.0 & 2.5. # More precise (including per-session) tuning is possible via SQL and DPB. # @@ -743,9 +763,11 @@ #DataTypeCompatibility = -# ---------------------------- +# =========================== # Client Connection Settings (Basic) -# +# =========================== + +# ---------------------------- # Seconds to wait before concluding an attempt to connect has failed. # # Per-connection configurable. @@ -754,7 +776,8 @@ # #ConnectionTimeout = 180 -# + +# ---------------------------- # Should connection over the wire be encrypted? # Has 3 different values: Required, Enabled or Disabled. Enabled behavior # depends on the other side's requirements. If both sides are set to Enabled, @@ -770,9 +793,10 @@ # #WireCrypt = Enabled (for client) / Required (for server) -# + +# ---------------------------- # Should connection over the wire be compressed? -# Client only value - server should follow client setting if connect using +# Client only value - server should follow client setting if connecting using # correct protocol (>=13). # # Per-connection configurable. @@ -781,21 +805,19 @@ # #WireCompression = false -# + +# ---------------------------- # Seconds to wait on a silent client connection before the server sends # dummy packets to request acknowledgment. # -# NOTE. This option may hang or crash Windows NT4 or Windows 2000 pre SP3 -# on the client side as explained here: -# http://support.microsoft.com/default.aspx?kbid=296265. -# or may not prevent eventual inactive client disconnection for other OS. +# NOTE: This option may not prevent eventual inactive client disconnection. # # Normally, Firebird uses SO_KEEPALIVE socket option to keep track of -# active connections. If you do not like default 2-hour keepalive timeout +# active connections. If you do not like its default 2-hour keepalive timeout, # then adjust your server OS settings appropriately. On UNIX-like OS's, # modify contents of /proc/sys/net/ipv4/tcp_keepalive_*. On Windows, # follow instrutions of this article: -# http://support.microsoft.com/default.aspx?kbid=140325 +# https://learn.microsoft.com/en-us/troubleshoot/windows-client/networking/tcpip-and-nbt-configuration-parameters # # Per-connection configurable. # @@ -803,9 +825,10 @@ # #DummyPacketInterval = 0 -# + +# ---------------------------- # Buffer size (in bytes) used by the client connection to accumulate output -# messages before sending them to the server using Batch API. +# messages before sending them to the server using the Batch API. # # Per-connection configurable. # @@ -813,7 +836,8 @@ # #ClientBatchBuffer = 131072 -# + +# ---------------------------- # Default session or client time zone. # # If empty, the default is the OS time zone. @@ -826,15 +850,17 @@ #DefaultTimeZone = -# ---------------------------- +# =========================== # TCP Protocol Settings -# +# =========================== + +# ---------------------------- # The TCP Service name/Port number to be used for client database # connections. # -# It is only necessary to change one of the entries, not both. The +# It is only necessary to change one of the entries, not both. The # order of precendence is the 'RemoteServiceName' (if an entry is -# found in the 'services.' file) then the 'RemoteServicePort'. +# found in the 'services.' file), then the 'RemoteServicePort'. # # Per-connection configurable. # @@ -843,9 +869,10 @@ #RemoteServiceName = gds_db #RemoteServicePort = 3050 -# -# The TCP Port Number to be used for server Event Notification -# messages. The value of 0 (Zero) means that the server will choose + +# ---------------------------- +# The TCP port number to be used for server Event Notification +# messages. The value of 0 (Zero) means that the server will choose # a port number randomly. # # Per-connection configurable. @@ -854,7 +881,8 @@ # #RemoteAuxPort = 0 -# + +# ---------------------------- # TCP/IP buffer size for send and receive buffers of both the client # and server. The engine reads ahead of the client and can send # several rows of data in a single packet. The larger the packet size, @@ -864,37 +892,35 @@ # #TcpRemoteBufferSize = 8192 -# + +# ---------------------------- # Either enables or disables Nagle algorithm (TCP_NODELAY option of # socket) of the socket connection. # -# Note: Currently is a default for classic and super servers. -# # Per-connection configurable. # # Type: boolean # #TcpNoNagle = 1 -# + +# ---------------------------- # Allows setting of IPV6_V6ONLY socket option. If enabled, IPv6 sockets # allow only IPv6 communication and separate sockets must be used for # IPv4 and IPv6. Default is false. # -# Note: on Windows, the socket option can only be set since Windows Vista, -# older versions have it always enabled. -# # Type: boolean # #IPv6V6Only = 0 -# + +# ---------------------------- # Allows incoming connections to be bound to the IP address of a # specific network card. It enables rejection of incoming connections -# through any other network interface except this one. By default, -# connections from any available network interface are allowed. +# through any other network interface. By default, connections from any +# available network interface are allowed. # If you are using Classic Server, this setting is for Windows only. -# Under Linux, BSD or Mac OS X, with Classic server use xinetd or launchd +# Under Linux, BSD or macOS, with Classic server, use xinetd or launchd # configuration file (bind parameter). # # Type: string @@ -902,9 +928,11 @@ #RemoteBindAddress = -# ---------------------------- +# =========================== # Locking and shared memory parameters -# +# =========================== + +# ---------------------------- # Bytes of shared memory allocated for lock manager. # In Classic mode, the size given is used for the initial allocation. The # table expands dynamically up to the limit of memory. @@ -915,14 +943,14 @@ # #LockMemSize = 1M -# + +# ---------------------------- # In Classic, only one client process may access the lock table at any # time. Access to the lock table is governed by a mutex. The mutex can # be requested conditionally - a wait is a failure and the request must # be retried - or unconditionally - the request will wait until it is # satisfied. This parameter establishes the number of attempts that # will be made conditionally. Zero value means unconditional mode. -# Relevant only on SMP machines. # # Per-database configurable. # @@ -930,7 +958,8 @@ # #LockAcquireSpins = 0 -# + +# ---------------------------- # Tune lock hash list; more hash slots mean shorter hash chains. Only # necessary under very high load. Prime number values are recommended. # @@ -940,8 +969,8 @@ # #LockHashSlots = 8191 + # ---------------------------- -# # Bytes of shared memory allocated for event manager. # # Per-database configurable. @@ -950,8 +979,8 @@ # #EventMemSize = 64K + # ---------------------------- -# # Bytes of shared memory allocated for snapshots management. # This will grow automatically unless you use an exotic platform # that is neither Windows nor supports mmap system call. @@ -965,11 +994,10 @@ # ---------------------------- -# -# Bytes of shared memory allocated for each block of TIP cache. -# The reason to reduce this value is if you have small TIP and +# Bytes of shared memory allocated for each block of the TIP cache. +# The reason to reduce this value is if you have a small TIP and # want to conserve some memory. The reason to increase this -# value is if you need very large cache and approach limits +# value is if you need a very large cache and approach limits # on kernel objects allocated for each block (files, mutexes, etc). # Each cached transaction uses 8 bytes of memory. # @@ -981,7 +1009,6 @@ # ---------------------------- -# # File to redirect stdout and stderr output of server # # Default '/dev/null' for *nix and 'nul' for Windows @@ -995,20 +1022,20 @@ # =========================== # Engine Settings # =========================== -# + # ---------------------------- # Which CPUs should be used (Windows Only) # -# In an SMP system, sets which processors can be used by the server. -# The value is taken from a bit map in which each bit represents a CPU. -# Thus, to use only the first processor, the value is 1. To use both -# CPU 1 and CPU 2, the value is 3. To use CPU 2 and CPU 3, the value -# is 6. The default value is 0 - no affinity will be set. +# Sets which processors can be used by the server. The value is taken +# from a bit map in which each bit represents a CPU. Thus, to use only +# the first processor, the value is 1. To use both CPU 1 and CPU 2, +# the value is 3. To use CPU 2 and CPU 3, the value is 6. +# The default value is 0 - no affinity will be set. # -# About systems with heterogeneous (Efficient\Performance) set of cores: -# on Windows 10 and later, if affinity is not set nor by CpuAffinityMask, -# nor by the caller process, then server tries to exclude efficient cores -# from own affinity mask. I.e. default affinity mask includes performance +# About systems with heterogeneous (Efficient/Performance) set of cores: +# on Windows 10 and later, if affinity is not set nor by CpuAffinityMask, +# nor by the caller process, then the server tries to exclude efficient cores +# from its own affinity mask, i.e. default affinity mask includes performance # cores only. # # Type: integer @@ -1019,14 +1046,14 @@ # ---------------------------- # Garbage collection policy # -# Defines how engine does garbage collection. Valid values are : +# Defines how engine does garbage collection. Valid values are: # cooperative # background # combined # # Superserver has by default "combined" policy # Classic has by default "cooperative" policy. -# Other values are ignored by classic server build +# Other values are ignored by Classic server # # Per-database configurable. # @@ -1051,8 +1078,8 @@ # ---------------------------- # Security database # -# Defines locations of security database (one that stores logins and passwords), -# used by server to validate remote connections. +# Defines the location of the security database (one that stores logins +# and passwords), used by server to validate remote connections. # # Per-database configurable. # @@ -1065,26 +1092,26 @@ # Settings for parallel work # ============================ +# ---------------------------- +# Limits the total number of parallel workers that can be created within a +# single Firebird process for each attached database. +# Workers are accounted for each attached database independently. # -# Limits the total number of parallel workers that could be created within a -# single Firebird process for each attached database. -# Note, workers are accounted for each attached database independently. -# -# Valid values are from 1 (no parallelism) to 64. All other values -# silently ignored and default value of 1 is used. -# Per-process. +# Valid values are from 1 (no parallelism) to 64. All other values +# silently ignored and default value of 1 is used. +# Per-process. # # Type: integer # #MaxParallelWorkers = 1 +# ---------------------------- +# Default number of parallel workers for a single connection. For more details +# see doc/README.parallel_features. # -# Default number of parallel workers for the single task. For more details -# see doc/README.parallel_features. -# -# Valid values are from 1 (no parallelism) to MaxParallelWorkers (above). -# Values less than 1 is silently ignored and default value of 1 is used. -# Per-process. +# Valid values are from 1 (no parallelism) to MaxParallelWorkers (above). +# Values less than 1 are silently ignored and default value of 1 is used. +# Per-process. # # Type: integer # @@ -1094,7 +1121,7 @@ # ============================== # Settings for Windows platforms # ============================== -# + # ---------------------------- # Does the guardian restart the server every time it crashes? # 0 - only start the engine/service once @@ -1105,7 +1132,6 @@ #GuardianOption = 1 -# # ---------------------------- # Priority level/class for the server process. # @@ -1126,14 +1152,11 @@ # Local Connection Settings # # The name of the shared memory area used as a transport channel in local protocol. -# Note that the local protocol in v2.0 is not compatible with any previous version -# if Firebird or InterBase. # -# Please note that the server can register objects in Global\ kernel namespace -# only if it runs under the account with SE_CREATE_GLOBAL_NAME privilege. -# This means that if you run the server under a restricted account under -# Windows Vista/XP SP2/2000 SP4 it will not be accessible using the -# local protocol from other sessions. +# Please note that the server can only register objects in Global\ kernel namespace +# if it runs under the account with SE_CREATE_GLOBAL_NAME privilege. +# This means that if you run the server under a restricted account, it will not be +# accessible using the local protocol from other sessions. # # Per-connection configurable. # @@ -1141,6 +1164,7 @@ # #IpcName = FIREBIRD + # ============================ # Settings for Unix/Linux platforms # ============================ @@ -1150,24 +1174,25 @@ # # ***DEPRECATED*** ***DEPRECATED*** ***DEPRECATED*** # -# This feature was partially broken in FB3 with early (in remote listener) -# user authentication. Far not all plugins can be used with Redirection. +# This feature was partially broken in Firebird 3 with early (in remote listener) +# user authentication. Not all plugins can be used with Redirection. # No matter of that we did not receive related bug reports, i.e. it's unused. -# Therefore Redirection is declared DEPRECATED in FB5 and will be removed in FB6. +# Therefore Redirection is declared DEPRECATED in Firebird 5 and will be removed +# in Firebird 6. # # ***WARNING*** ***WARNING*** ***WARNING*** ***WARNING*** # # Ability to redirect requests to other servers was initially present # in Interbase, but was broken by Borland in Interbase 6.0, when -# they added SQL dialects. Request redirection was fixed in firebird 2.0, +# they added SQL dialects. Request redirection was fixed in Firebird 2.0, # but today such behaviour (proxy) seems to be dangerous from security -# point of view. Imagine, you have one carefully protected firebird server, +# point of view. Imagine, you have one carefully protected Firebird server, # access to which is possible from global net. But in case when this server # has access to your internal LAN (may and should be restricted, # but often possible), it will work as a gateway for incoming requests like: # firebird.your.domain.com:internal_server:/private/database.fdb # It's enough to know name/IP of some internal server on your LAN, and for -# this connection one even need not know login/password on external server. +# this connection, one even need not know login/password on external server. # Such gateway easily overrides firewall, installed to protect your LAN # from outside attack. # @@ -1178,41 +1203,42 @@ #Redirection = 0 -# ============================ +# ---------------------------- # Settings for Architecture Configuration -# ============================ - # # Controls the method Firebird engine uses to work with databases and # related Firebird server startup parameters. # # The values are: -# Super / ThreadedDedicated - databases are opened exclusive by single server process, +# Super / ThreadedDedicated - databases are opened exclusive by a single server process, # attachments share single DB pages cache inside process -# SuperClassic / ThreadedShared - databases are opened by single server process, +# SuperClassic / ThreadedShared - databases are opened by a single server process, # but it does not prevent opening them in other processes (embedded access), # each attachment has its own DB pages cache -# Classic / MultiProcess - for each attachment to server a separate process is started, -# each database may be opened by multiple processes (including local ones for +# Classic / MultiProcess - for each attachment to the server, a separate process is +# started, each database may be opened by multiple processes (including local ones for # embedded access), each attachment (process) has its own DB pages cache # # Type: string # #ServerMode = Super + # ============================ # Settings of External Connections Pool # ============================ -# Set the maximum number of inactive (idle) external connections to retain at -# the pool. Valid values are between 0 and 1000. If set to zero, pool is disabled, +# ---------------------------- +# Sets the maximum number of inactive (idle) external connections to retain at +# the pool. Valid values are between 0 and 1000. If set to zero, the pool is disabled, # i.e. external connection is destroyed immediately after the use. # # Type: integer # #ExtConnPoolSize = 0 -# Set the time before destroyng inactive external connection, seconds. +# ---------------------------- +# Sets the time before destroying inactive external connection, seconds. # Valid values are between 1 and 86400. # # Type: integer