mirror of
https://github.com/FirebirdSQL/firebird.git
synced 2025-01-23 06:43:04 +01:00
1185 lines
38 KiB
Plaintext
1185 lines
38 KiB
Plaintext
#########################################
|
|
#
|
|
# Firebird version 5.0 configuration file
|
|
#
|
|
#########################################
|
|
|
|
# Comments
|
|
# --------
|
|
# The # character is used for comments and can be placed anywhere on a
|
|
# line. Anything following the # character on a line is considered a
|
|
# comment.
|
|
#
|
|
# Examples:
|
|
#
|
|
# # This is a comment
|
|
# DefaultDbCachePages = 2048 # This is an end-of-line comment
|
|
#
|
|
# Entries
|
|
# -------
|
|
# The default value for each entry is listed to the right of the "=".
|
|
# To activate an entry, remove the leading "#"s and supply the desired
|
|
# value.
|
|
#
|
|
# By default, a number of the values are specified in **Bytes** (Not KB).
|
|
# You may add obvious abbreviations k, m and g in the end of a number to specify
|
|
# kilobytes, megabytes and gigabytes.
|
|
#
|
|
# There are three types of configuration values: integer, boolean and string.
|
|
#
|
|
# Integer
|
|
# -------
|
|
# Integers is what they sound like, an integral value. Examples:
|
|
# 1
|
|
# 42
|
|
# 4711
|
|
# 24M # 24 * 1024 * 1024
|
|
#
|
|
# Boolean
|
|
# -------
|
|
# Boolean is expressed as integer values with 0 (zero) being "false" and
|
|
# non-zero is taken to mean "true". For consistency we recommend you
|
|
# only use 0/1. Also strings 'y', 'yes' and 'true' stand for "true".
|
|
#
|
|
# String
|
|
# ------
|
|
# Strings are also what they sound like, strings. Example:
|
|
# RemoteServiceName = gds_db
|
|
#
|
|
# Scopes
|
|
# ------
|
|
# Some parameters are marked as per-database / per-connection configurable.
|
|
# Per-database configuration is done in file databases.conf (former aliases.conf).
|
|
# Per-connection configuration is primarily client tool and done using
|
|
# isc_dpb_config parameter in DPB (isc_spb_config for services).
|
|
# Configuration data, added to parameters block, has the same format as this file.
|
|
# Pay attention that since Firebird 3.0 there is no hard limit of 255 bytes per entry
|
|
# provided you are using isc_dpb_version2 format of DPB. The simplest way to create
|
|
# DPB/SPB is to use IXpbBuilder - when needed you will have >255 bytes entries in
|
|
# parameters block. Notice that per-database entries also may be tuned using DPB
|
|
# in case of embedded engine when attaching to database first time.
|
|
#
|
|
# Macro substitution
|
|
# ------------------
|
|
# There is a number of predefined macro commands, that can be used in config
|
|
# files where directory name is needed. They are available using $(name) syntax.
|
|
# The complete list of them as follows:
|
|
# root - root directory of Firebird instance
|
|
# install - directory where Firebird is installed
|
|
# this - directory where current configuration file is located
|
|
# dir_conf - directory where firebird.conf and databases.conf are located
|
|
# dir_secDb - directory where default security database is located
|
|
# dir_plugins - directory where plugins are located
|
|
# dir_udf - directory where UDFs are located by default
|
|
# dir_sample - directory where samples are located
|
|
# dir_sampleDb - directory where sample DB (employee.fdb) is located
|
|
# dir_intl - directory where international modules are located
|
|
# dir_msg - directory where messages file (firebird.msg) is located
|
|
# Like the rest of config internals, macros are case-insensitive.
|
|
# Capital letters here are used only for better human readability.
|
|
#
|
|
# Includes
|
|
# --------
|
|
# One can include one config file into another one.
|
|
# When relative path is used, it's treated relative to current config file.
|
|
# I.e. when
|
|
# include some_file.conf
|
|
# is used in /opt/config/master.conf, we include /opt/config/some_file.conf.
|
|
# Traditional wildcards * and ? may be used in include operator. In this case
|
|
# all matching files will be included in undefined order. Example:
|
|
# include $(dir_plugins)/config/*.conf
|
|
#
|
|
# Portions of this file have been reproduced/made available with the
|
|
# permission of Ann Harrison @ IBPhoenix.
|
|
|
|
|
|
# ----------------------------
|
|
# Database Paths/Directories
|
|
#
|
|
# DatabaseAccess may be None, Full or Restrict. If you choose Restrict,
|
|
# provide ';'-separated trees list, where database files are stored.
|
|
# Relative paths are treated relative to the root directory of Firebird.
|
|
# Default value 'Full' gives full access to all files on your system.
|
|
# To specify access to specific trees, enumerate all required paths
|
|
# (for Windows this may be something like 'C:\DataBase;D:\Mirror',
|
|
# for unix - '/db;/mnt/mirrordb'). If you choose 'None', then only
|
|
# databases listed in databases.conf can be attached using alias.
|
|
#
|
|
# Note: simple quotation marks shown above should *NOT* be used when
|
|
# specifying values and directory path names. Examples:
|
|
#
|
|
# DatabaseAccess = None
|
|
# DatabaseAccess = Restrict C:\DataBase
|
|
# DatabaseAccess = Restrict C:\DataBase;D:\Mirror
|
|
# DatabaseAccess = Restrict /db
|
|
# DatabaseAccess = Restrict /db;/mnt/mirrordb
|
|
# DatabaseAccess = Full
|
|
#
|
|
# UNCONTROLLED DATABASE ACCESS MAY COMPROMISE YOUR SYSTEM!
|
|
# IT IS STRONGLY RECOMMENDED THAT THIS SETTING BE USED TO LIMIT
|
|
# DATABASE LOCATIONS!
|
|
#
|
|
# Type: string (special format)
|
|
#
|
|
#DatabaseAccess = Full
|
|
|
|
|
|
# ----------------------------
|
|
# Ability to access databases remotely
|
|
#
|
|
# RemoteAccess may be true or false (1/0, Yes/No) - it's a boolean value.
|
|
# By default RemoteAccess to all databases except security DB is enabled.
|
|
# If you plan to use more than one dedicated security database, it's
|
|
# recommended to disable remote access to them in databases.conf.
|
|
# However, as an additional method to have secure enhanced Firebird
|
|
# installation, one can disable remote access globally and re-enable
|
|
# in databases.conf only for specific databases.
|
|
#
|
|
# Per-database configurable.
|
|
#
|
|
# Type: boolean
|
|
#
|
|
#RemoteAccess = true
|
|
|
|
|
|
# ----------------------------
|
|
# External File Paths/Directories
|
|
#
|
|
# ExternalFileAccess may be None, Full or Restrict. If you choose
|
|
# Restrict, provide ';'-separated trees list, where external files
|
|
# are stored. Relative paths are treated relative to the root directory
|
|
# of Firebird. Default value 'None' disables any use of external files
|
|
# on your site. To specify access to specific trees, enum all required
|
|
# paths (for Windows this may be something like 'C:\ExternalTables',
|
|
# for unix - '/db/extern;/mnt/extern').
|
|
#
|
|
# Per-database configurable.
|
|
#
|
|
# NOTE: THE EXTERNAL TABLE ENGINE FEATURE COULD BE USED TO COMPROMISE
|
|
# THE SERVER/HOST AS WELL AS DATABASE SECURITY!
|
|
#
|
|
# IT IS STRONGLY RECOMMENDED THAT THIS SETTING BE USED TO LIMIT
|
|
# EXTERNAL TABLE LOCATIONS!
|
|
#
|
|
# Type: string (special format)
|
|
#
|
|
#ExternalFileAccess = None
|
|
|
|
|
|
# ----------------------------
|
|
# External Function (UDF) Paths/Directories
|
|
#
|
|
# UdfAccess may be None, Full or Restrict. If you choose
|
|
# Restrict, provide ';'-separated trees list, where UDF libraries
|
|
# are stored. Relative paths are treated relative to the root directory
|
|
# of Firebird.
|
|
#
|
|
# The default value is None. Set it to 'Restrict UDF' to have the same
|
|
# restriction as in Firebird 3 and earlier. To specify access to specific
|
|
# trees, enumerate all required paths (for Windows this may be something
|
|
# like 'C:\ExternalFunctions', for unix - '/db/udf;/mnt/udf').
|
|
#
|
|
# NOTE: THE EXTERNAL FUNCTION ENGINE FEATURE COULD BE USED TO COMPROMISE
|
|
# THE SERVER/HOST AS WELL AS DATABASE SECURITY!
|
|
#
|
|
# IT IS STRONGLY RECOMMENDED THAT THIS SETTING REMAINS NONE!
|
|
#
|
|
# Type: string (special format)
|
|
#
|
|
#UdfAccess = None
|
|
|
|
|
|
# ----------------------------
|
|
# Temporary directories
|
|
#
|
|
# Provide ';'-separated trees list, where temporary files are stored.
|
|
# Relative paths are treated relative to the root directory of Firebird.
|
|
# Default value is determined using FIREBIRD_TMP, TEMP or TMP
|
|
# environment options. Once the first specified directory has no
|
|
# available space, the engine will switch to the next one, and so on.
|
|
#
|
|
# E.g.:
|
|
# TempDirectories = c:\temp
|
|
# or
|
|
# TempDirectories = c:\temp;d:\temp
|
|
#
|
|
# Type: string (special format)
|
|
#
|
|
#TempDirectories =
|
|
|
|
|
|
# ----------------------------
|
|
# Directory to put data of temporary tables and blobs
|
|
#
|
|
# When empty, not exists or not accessible, the default directory will be used
|
|
# as determined by FIREBIRD_TMP, TEMP or TMP environment variables.
|
|
#
|
|
# Per-database configurable.
|
|
#
|
|
# Type: string
|
|
#
|
|
#TempTableDirectory =
|
|
|
|
|
|
# ----------------------------
|
|
# Trace configuration file for system audit
|
|
#
|
|
# Empty value means that system audit is turned off.
|
|
#
|
|
# Type: string
|
|
#
|
|
#AuditTraceConfigFile =
|
|
|
|
|
|
# ----------------------------
|
|
# Maximum summary size of each user trace session's log files in MB.
|
|
# When log files size reach this limit, trace session automatically
|
|
# suspends until an interactive user service reads and deletes log files.
|
|
#
|
|
# Type: integer
|
|
#
|
|
#MaxUserTraceLogSize = 10
|
|
|
|
|
|
# ----------------------------
|
|
# Number of cached database pages
|
|
#
|
|
# The number of pages from any one database that can be held in cache
|
|
# at once. If you increase this value, the engine will allocate more
|
|
# pages to the cache for every database. By default, SuperServer
|
|
# allocates 2048 pages for each database and Classic and SuperClassic
|
|
# allocate 256 pages per client connection per database.
|
|
#
|
|
# Per-database configurable.
|
|
#
|
|
# Type: integer
|
|
#
|
|
#DefaultDbCachePages = 2048
|
|
|
|
|
|
# ----------------------------
|
|
# Disk space preallocation
|
|
#
|
|
# Sets the amount of preallocated disk space in bytes. Disk space
|
|
# preallocation reduces physical file fragmentation and can allow databases
|
|
# to work in out of disk space conditions. With preallocation enabled,
|
|
# the engine allocates 1/16nth of already allocated disk space at a time, but
|
|
# not less than 128KB and no more than DatabaseGrowthIncrement (128MB by
|
|
# default). To disable preallocation, set DatabaseGrowthIncrement to zero.
|
|
# Shadow database files are not preallocated.
|
|
#
|
|
# Per-database configurable.
|
|
#
|
|
# Type: integer
|
|
#
|
|
#DatabaseGrowthIncrement = 128M
|
|
|
|
|
|
# ----------------------------
|
|
# File system cache usage
|
|
#
|
|
# Determines if Firebird will use the file system cache for database files.
|
|
#
|
|
# Type: boolean
|
|
#
|
|
# Per-database configurable.
|
|
#
|
|
#UseFileSystemCache = true
|
|
|
|
|
|
# ----------------------------
|
|
# File system cache threshold
|
|
#
|
|
# The threshold value that determines if Firebird will use the file system
|
|
# cache. File system caching is used if database cache size in pages
|
|
# (configured explicitly in the database header or via DefaultDbCachePages setting)
|
|
# is less than the value of FileSystemCacheThreshold.
|
|
#
|
|
# To always use the file system cache, set FileSystemCacheThreshold to a large value.
|
|
# To bypass the file system cache for all databases, set FileSystemCacheThreshold to
|
|
# zero.
|
|
#
|
|
# CAUTION!
|
|
# This setting is deprecated and will be removed in future Firebird versions.
|
|
# Consider using UseFileSystemCache setting instead.
|
|
# If UseFileSystemCache is set, the value of FileSystemCacheThreshold is ignored.
|
|
# If UseFileSystemCache is not set, and FileSystemCacheThreshold is set, the value
|
|
# of FileSystemCacheThreshold is in use and accounted by the engine.
|
|
#
|
|
# Type: integer, measured in database pages
|
|
#
|
|
# Per-database configurable.
|
|
#
|
|
#FileSystemCacheThreshold = 64K
|
|
|
|
|
|
# ----------------------------
|
|
# File system cache size
|
|
#
|
|
# This setting controls the maximum amount of RAM used by Windows file system
|
|
# cache on a 64-bit Windows host. It has no effect for Unix hosts in this release yet.
|
|
#
|
|
# Note that the lowest number presently supported is 10%, and the highest number
|
|
# is 95%; numbers outside these limits will apply a default value of 30%.
|
|
#
|
|
# If the cache size has already been selected when the engine starts, the host
|
|
# setting will not be changed. Thus you may need to reboot the host for the
|
|
# change of this setting to have effect.
|
|
#
|
|
# To leave host caching settings unchanged, set this parameter to 0. This is
|
|
# the default parameter value.
|
|
#
|
|
# Security note
|
|
# To adjust the setting, the engine needs the SeIncreaseQuotaPrivilege right.
|
|
# Built-in service accounts and administrators have it by default. The installer
|
|
# grants this right to the Firebird service account. If the engine fails to adjust
|
|
# the cache size setting, it will log a warning message to the firebird.log and
|
|
# continue.
|
|
#
|
|
# Type: integer, measured in % of total physical RAM
|
|
#
|
|
#FileSystemCacheSize = 0
|
|
|
|
|
|
# ----------------------------
|
|
# Remove protection against opening databases on NFS mounted volumes on
|
|
# Linux/Unix and SMB/CIFS volumes on Windows.
|
|
#
|
|
# This also permits creating database shadows on mounted network volumes.
|
|
#
|
|
# ***WARNING*** ***WARNING*** ***WARNING*** ***WARNING***
|
|
#
|
|
# This option removes an important safety feature of Firebird and can
|
|
# cause irrecoverable database corruption. Do not use this option unless
|
|
# you understand the risks and are prepared to accept the loss of the
|
|
# contents of your database.
|
|
# Unless this configuration option is changed from 0 to 1, Firebird can
|
|
# open a database only if the database is stored on a drive physically
|
|
# attached to the local computer - the computer running that copy of
|
|
# Firebird. Requests for connections to databases stored on NFS mounted
|
|
# drives are redirected to a Firebird server running on the computer that
|
|
# "owns" the disk.
|
|
# This restriction prevents two different copies of Firebird from opening
|
|
# the same database without coordinating their activities. Uncoordinated
|
|
# access by multiple copies of Firebird will corrupt a database. On a local
|
|
# system, the system-level file locking prevents uncoordinated access to
|
|
# the database file.
|
|
#
|
|
# NFS does not provide a reliable way to detect multiple users of a file on
|
|
# an NFS mounted disk. If a second copy of Firebird connects to a database on
|
|
# an NFS mounted disk, it will corrupt the database.
|
|
# Under some circumstances, running a Firebird server on the computer that
|
|
# owns NFS mounted volumes is inconvenient or impossible. Applications that
|
|
# use the "embedded" variant of Firebird and never share access to a database
|
|
# can use this option to permit direct access to databases on NFS mounted
|
|
# volumes.
|
|
#
|
|
# The situation for SMB/CIFS is quite similar to NFS with not all configurations
|
|
# providing file locking mechanisms needed for safe operation. Using SuperServer
|
|
# engine with the database on a Windows Server file server may be considered
|
|
# relatively safe as file locking protects the database from being used by
|
|
# several engines. The network stack can still change order of writes, so you
|
|
# may get a corrupted database in case of network errors or power outage.
|
|
#
|
|
# The useful and safe case is working with a shared database marked read-only.
|
|
#
|
|
# DO NOT ENABLE THIS OPTION UNLESS YOU REALLY KNOW WHAT YOU ARE DOING.
|
|
#
|
|
# Type: boolean
|
|
#
|
|
#RemoteFileOpenAbility = 0
|
|
|
|
|
|
# ============================
|
|
# Temporary space management
|
|
# ============================
|
|
|
|
# ----------------------------
|
|
# Temporary storage is used by the sorting module, it's also
|
|
# intended to store temporary datasets etc.
|
|
#
|
|
# The parameters below handle the allocation and caching policy
|
|
# for the temporary space manager. In previous Firebird versions,
|
|
# they were prefixed with "SortMem" instead of current "Temp".
|
|
#
|
|
# The smallest block size being allocated in the temporary storage.
|
|
# This value reflects the allocation granularity.
|
|
#
|
|
# Type: integer
|
|
#
|
|
#TempBlockSize = 1M
|
|
|
|
# ----------------------------
|
|
# The maximum amount of the temporary space that can be cached
|
|
# in memory.
|
|
#
|
|
# For Classic servers, this setting is defaulted to 8 MB.
|
|
# Although it can be increased, the value applies to each client
|
|
# connection/server instance and thus consumes a lot of memory.
|
|
#
|
|
# Per-database configurable.
|
|
#
|
|
# Type: integer
|
|
#
|
|
#TempCacheLimit = 64M
|
|
|
|
|
|
# ----------------------------
|
|
# Threshold that controls whether to store non-key fields in the sort block or
|
|
# refetch them from data pages after sorting.
|
|
#
|
|
# Defines the maximum sort record size (in bytes) that can be stored inline,
|
|
# i.e. in the sort block. Zero means that records are always refetched.
|
|
#
|
|
# Per-database configurable.
|
|
#
|
|
# Type: integer
|
|
#
|
|
#InlineSortThreshold = 1000
|
|
|
|
|
|
# ----------------------------
|
|
# Defines whether queries should be optimized to retrieve the first records
|
|
# as soon as possible rather than returning the whole dataset as soon as possible.
|
|
# By default retrieval of all rows is implied by the optimizer.
|
|
#
|
|
# Can be overridden at the session level using the SET OPTIMIZE statement
|
|
# or at the SQL statement level by using the OPTIMIZE FOR clause.
|
|
#
|
|
# Per-database configurable.
|
|
#
|
|
# Type: boolean
|
|
#
|
|
#OptimizeForFirstRows = false
|
|
|
|
|
|
# ============================
|
|
# Plugin settings
|
|
# ============================
|
|
#
|
|
# This group of parameters determines what plugins will be used by Firebird.
|
|
# Format of string is the list of plugins, separated by space, ',' or ';'.
|
|
# Plugins will be tried in an order, specified here.
|
|
# In many cases correct order is important!
|
|
#
|
|
# Type: string
|
|
|
|
# ----------------------------
|
|
# AuthServer and AuthClient determine which authentication methods will be used
|
|
# by network server and client redirector. The Secure Remote Password plugin
|
|
# using SHA-256 for the client proof is the default for both client and server.
|
|
# Additionally, the default client configuration (AuthClient) also supports old Srp
|
|
# plugin using SHA-1 for the client proof. This enables backwards compatibility
|
|
# with old Firebird 3.0 servers, but does not comply with NIST security requirements.
|
|
# Srp plugins using other SHA algorithms (SHA-224, SHA-384 & SHA-512) are also
|
|
# implemented and may be used (names are Srp224, Srp384 & Srp512 respectively).
|
|
#
|
|
# The default client configuration (AuthClient) also supports the pre-Firebird 3.0
|
|
# legacy authentication protocol (Legacy_Auth). This is again for backwards
|
|
# compatibility, but has many known weaknesses and is deprecated.
|
|
#
|
|
# The default Windows client configuration (AuthClient) also includes support for
|
|
# the Win_Sspi plugin. This implements windows trusted authentication and is backward
|
|
# compatible with 2.1 and 2.5 clients and servers running on Windows.
|
|
#
|
|
# Per-database configurable.
|
|
#
|
|
#AuthServer = Srp256
|
|
|
|
# Per-connection and per-database configurable.
|
|
#
|
|
#AuthClient = Srp256, Srp, Legacy_Auth #Non Windows clients
|
|
#AuthClient = Srp256, Srp, Win_Sspi, Legacy_Auth #Windows clients
|
|
|
|
# If you need to use server plugins that do not provide encryption key (Legacy_Auth is the
|
|
# only such standard plugin) you should also turn off required encryption on the wire with WireCrypt
|
|
# configuration parameter except when working with the XNET protocol which is never encrypted.
|
|
|
|
|
|
# ----------------------------
|
|
# UserManager sets the plugins used to work with the security database. If more than
|
|
# one plugin is given, the first plugin from the list is used by default. If you
|
|
# need to manage legacy logins using legacy tools set it to Legacy_UserManager.
|
|
# Other managers may be chosen in create/alter/drop user commands.
|
|
#
|
|
# Per-database configurable.
|
|
#
|
|
#UserManager = Srp
|
|
|
|
|
|
# ----------------------------
|
|
# Default profiler plugin used to profile connections using the RDB$PROFILER package.
|
|
#
|
|
# Per-database configurable.
|
|
#
|
|
#DefaultProfilerPlugin = Default_Profiler
|
|
|
|
|
|
# ----------------------------
|
|
# TracePlugin is used by Firebird trace facility to send trace data to the user
|
|
# or log file in audit case.
|
|
#
|
|
#TracePlugin = fbtrace
|
|
|
|
|
|
# ----------------------------
|
|
# Wire crypt plugins are used to encrypt data transferred over the wire.
|
|
# By default, data is encrypted using ChaCha#20 (32/64 bit counter variants)
|
|
# or Alleged RC4. Key must be generated by auth plugin.
|
|
# For chacha we are using 16 or 32 bytes key (depends upon what is provided
|
|
# by auth plugin), 12 (8) bytes nonce and 4 (8) bytes counter, 20 (10 + 10)
|
|
# rounds are made.
|
|
#
|
|
# Per-connection configurable.
|
|
#
|
|
#WireCryptPlugin = ChaCha64, ChaCha, Arc4
|
|
|
|
|
|
# ----------------------------
|
|
# Key holder is a kind of temp storage for DB crypt keys.
|
|
# There is no default for this kind of plugins.
|
|
#
|
|
#KeyHolderPlugin =
|
|
|
|
|
|
# ----------------------------
|
|
# Ability to use encrypted security database
|
|
#
|
|
# If one relies on network encryption with the encryption key generated by
|
|
# the authentication plugin (like SRP does) to transfer database encryption
|
|
# keys over the wire, use of encrypted security databases is a kind of vicious
|
|
# circle. In order to send the DB encryption key over the wire in a secure way,
|
|
# wire transfers should be already encrypted, but this requires a wire encryption
|
|
# key from the authentication plugin, which needs to open the security database
|
|
# for hash validation which in turn requires the DB encryption key. Luckily, in
|
|
# most cases there is no big need to encrypt security database - it protects
|
|
# itself quite well if you use high quality passwords. But in some cases, it is
|
|
# necessary to have the security database encrypted, for example if one wants to
|
|
# use the self security database feature for an encrypted database. In that case,
|
|
# special care should be taken to encrypt that key before passing it to server
|
|
# using a callback.
|
|
# Make sure your keys are well encrypted before enabling this parameter. Take into
|
|
# account that with AllowEncryptedSecurityDatabase=TRUE, unencrypted key transfer
|
|
# may take place even when the security database is not encrypted.
|
|
# This feature is not supported by legacy authentication plugin - if you care
|
|
# about security please never use legacy authentication.
|
|
#
|
|
# Type: boolean
|
|
#
|
|
# Per-database configurable.
|
|
#
|
|
#########################################################################
|
|
# Please understand what are you doing before enabling this feature !!! #
|
|
#########################################################################
|
|
#
|
|
#AllowEncryptedSecurityDatabase = false
|
|
|
|
|
|
# ----------------------------
|
|
# This parameter determines what providers will be used by Firebird.
|
|
# Format is the same as for the list of plugins (see above). Internally,
|
|
# a provider is just a kind of plugin.
|
|
#
|
|
# Type: string
|
|
#
|
|
# Per-database & per-connection configurable.
|
|
#
|
|
#Providers = Remote,Engine13,Loopback
|
|
|
|
|
|
# ----------------------------
|
|
# Determines the number of seconds that the lock manager will wait after a
|
|
# conflict has been encountered before purging locks from dead processes
|
|
# and doing an extra deadlock scan cycle. The engine detects deadlocks instantly
|
|
# in all normal cases, so this value affects things only if something goes
|
|
# wrong. Setting it too low may degrade system performance.
|
|
#
|
|
# Per-database configurable.
|
|
#
|
|
# Type: integer
|
|
#
|
|
#DeadlockTimeout = 10
|
|
|
|
|
|
# ----------------------------
|
|
# Set number of seconds after which statement execution will be automatically
|
|
# cancelled by the engine. Zero means no timeout is set.
|
|
#
|
|
# Per-database configurable.
|
|
#
|
|
# Type: integer
|
|
#
|
|
#StatementTimeout = 0
|
|
|
|
|
|
# ----------------------------
|
|
# Set number of minutes after which idle attachment will be disconnected by the
|
|
# engine. Zero means no timeout is set.
|
|
#
|
|
# Per-database configurable.
|
|
#
|
|
# Type: integer
|
|
#
|
|
#ConnectionIdleTimeout = 0
|
|
|
|
|
|
# ----------------------------
|
|
# Set number of seconds after which ON DISCONNECT trigger execution will be
|
|
# automatically cancelled by the engine. Zero means no timeout is set.
|
|
#
|
|
# Per-database configurable.
|
|
#
|
|
# Type: integer
|
|
#
|
|
#OnDisconnectTriggerTimeout = 180
|
|
|
|
|
|
# ----------------------------
|
|
# How often the pages are flushed on disk
|
|
# (for databases with ForcedWrites=Off only)
|
|
#
|
|
# Number of unflushed writes which will accumulate before they are
|
|
# flushed, at the next transaction commit. For non-Windows ports,
|
|
# the default value is -1 (Disabled)
|
|
#
|
|
# Per-database configurable.
|
|
#
|
|
# Type: integer
|
|
#
|
|
#MaxUnflushedWrites = 100
|
|
|
|
# Number of seconds during which unflushed writes will accumulate
|
|
# before they are flushed, at the next transaction commit. For non-Windows
|
|
# ports, the default value is -1 (Disabled)
|
|
#
|
|
# Per-database configurable.
|
|
#
|
|
# Type: integer
|
|
#
|
|
#MaxUnflushedWriteTime = 5
|
|
|
|
|
|
# ----------------------------
|
|
# This option controls whether to call abort() when an internal error or BUGCHECK
|
|
# is encountered, thus invoking the post-mortem debugger which can dump core
|
|
# suitable for off-line analysis. When disabled, the engine tries to minimize damage
|
|
# and continue execution.
|
|
#
|
|
# Setting this option to 1 makes the engine produce traceable coredumps when
|
|
# something nasty like SIGSEGV happens inside UDF. On Windows, enabling this option
|
|
# makes the engine invoke the JIT debugger facilities when errors happen.
|
|
#
|
|
# For debugging builds (DEV_BUILD), default value is 1 (Enabled)
|
|
#
|
|
# Type: boolean
|
|
#
|
|
#BugcheckAbort = 0
|
|
|
|
|
|
# ----------------------------
|
|
# The engine currently provides statement-level read consistency in READ COMMITTED
|
|
# mode by default. In this mode, rec_version/no_rec_version transaction flags have
|
|
# no effect. Setting this parameter to 0 effectively reverts the engine to legacy
|
|
# behavior.
|
|
#
|
|
# Type: boolean
|
|
#
|
|
#ReadConsistency = 1
|
|
|
|
|
|
# ----------------------------
|
|
# The engine provides a number of new datatypes unknown to legacy clients.
|
|
# To simplify use of old applications set this parameter to the Firebird version
|
|
# matching the datatype compatibility you need. Currently two values are
|
|
# supported: 3.0 & 2.5.
|
|
# More precise (including per-session) tuning is possible via SQL and DPB.
|
|
#
|
|
# Per-database configurable.
|
|
#
|
|
# Type: string
|
|
#
|
|
#DataTypeCompatibility =
|
|
|
|
|
|
# ===========================
|
|
# Client Connection Settings (Basic)
|
|
# ===========================
|
|
|
|
# ----------------------------
|
|
# Seconds to wait before concluding an attempt to connect has failed.
|
|
#
|
|
# Per-connection configurable.
|
|
#
|
|
# Type: integer
|
|
#
|
|
#ConnectionTimeout = 180
|
|
|
|
|
|
# ----------------------------
|
|
# Should connection over the wire be encrypted?
|
|
# Has 3 different values: Required, Enabled or Disabled. Enabled behavior
|
|
# depends on the other side's requirements. If both sides are set to Enabled,
|
|
# the connection is encrypted when possible. Note that Wirecrypt should be set
|
|
# to Enabled when running a Firebird server with legacy authentication.
|
|
#
|
|
# Attention: default depends upon connection type: incoming (server)
|
|
# or outgoing (client).
|
|
#
|
|
# Per-connection configurable.
|
|
#
|
|
# Type: string (predefined values)
|
|
#
|
|
#WireCrypt = Enabled (for client) / Required (for server)
|
|
|
|
|
|
# ----------------------------
|
|
# Should connection over the wire be compressed?
|
|
# Client only value - server should follow client setting if connecting using
|
|
# correct protocol (>=13).
|
|
#
|
|
# Per-connection configurable.
|
|
#
|
|
# Type: boolean
|
|
#
|
|
#WireCompression = false
|
|
|
|
|
|
# ----------------------------
|
|
# Seconds to wait on a silent client connection before the server sends
|
|
# dummy packets to request acknowledgment.
|
|
#
|
|
# NOTE: This option may not prevent eventual inactive client disconnection.
|
|
#
|
|
# Normally, Firebird uses SO_KEEPALIVE socket option to keep track of
|
|
# active connections. If you do not like its default 2-hour keepalive timeout,
|
|
# then adjust your server OS settings appropriately. On UNIX-like OS's,
|
|
# modify contents of /proc/sys/net/ipv4/tcp_keepalive_*. On Windows,
|
|
# follow instrutions of this article:
|
|
# https://learn.microsoft.com/en-us/troubleshoot/windows-client/networking/tcpip-and-nbt-configuration-parameters
|
|
#
|
|
# Per-connection configurable.
|
|
#
|
|
# Type: integer
|
|
#
|
|
#DummyPacketInterval = 0
|
|
|
|
|
|
# ----------------------------
|
|
# Buffer size (in bytes) used by the client connection to accumulate output
|
|
# messages before sending them to the server using the Batch API.
|
|
#
|
|
# Per-connection configurable.
|
|
#
|
|
# Type: integer
|
|
#
|
|
#ClientBatchBuffer = 131072
|
|
|
|
|
|
# ----------------------------
|
|
# Default session or client time zone.
|
|
#
|
|
# If empty, the default is the OS time zone.
|
|
# When set in the server, it defines the default session time zone for attachments.
|
|
# When set in the client, it defines the default time zone used with client-side API functions and
|
|
# the default value of isc_dpb_session_time_zone.
|
|
#
|
|
# Type: string
|
|
#
|
|
#DefaultTimeZone =
|
|
|
|
|
|
# ===========================
|
|
# TCP Protocol Settings
|
|
# ===========================
|
|
|
|
# ----------------------------
|
|
# The TCP Service name/Port number to be used for client database
|
|
# connections.
|
|
#
|
|
# It is only necessary to change one of the entries, not both. The
|
|
# order of precendence is the 'RemoteServiceName' (if an entry is
|
|
# found in the 'services.' file), then the 'RemoteServicePort'.
|
|
#
|
|
# Per-connection configurable.
|
|
#
|
|
# Type: string, integer
|
|
#
|
|
#RemoteServiceName = gds_db
|
|
#RemoteServicePort = 3050
|
|
|
|
|
|
# ----------------------------
|
|
# The TCP port number to be used for server Event Notification
|
|
# messages. The value of 0 (Zero) means that the server will choose
|
|
# a port number randomly.
|
|
#
|
|
# Per-connection configurable.
|
|
#
|
|
# Type: integer
|
|
#
|
|
#RemoteAuxPort = 0
|
|
|
|
|
|
# ----------------------------
|
|
# TCP/IP buffer size for send and receive buffers of both the client
|
|
# and server. The engine reads ahead of the client and can send
|
|
# several rows of data in a single packet. The larger the packet size,
|
|
# the more data is sent per transfer. Range is 1448 to 32767 (MAX_SSHORT).
|
|
#
|
|
# Type: integer
|
|
#
|
|
#TcpRemoteBufferSize = 8192
|
|
|
|
|
|
# ----------------------------
|
|
# Either enables or disables Nagle algorithm (TCP_NODELAY option of
|
|
# socket) of the socket connection.
|
|
#
|
|
# Per-connection configurable.
|
|
#
|
|
# Type: boolean
|
|
#
|
|
#TcpNoNagle = 1
|
|
|
|
|
|
# ----------------------------
|
|
# Allows setting of IPV6_V6ONLY socket option. If enabled, IPv6 sockets
|
|
# allow only IPv6 communication and separate sockets must be used for
|
|
# IPv4 and IPv6. Default is false.
|
|
#
|
|
# Type: boolean
|
|
#
|
|
#IPv6V6Only = 0
|
|
|
|
|
|
# ----------------------------
|
|
# Allows incoming connections to be bound to the IP address of a
|
|
# specific network card. It enables rejection of incoming connections
|
|
# through any other network interface. By default, connections from any
|
|
# available network interface are allowed.
|
|
# If you are using Classic Server, this setting is for Windows only.
|
|
# Under Linux, BSD or macOS, with Classic server, use xinetd or launchd
|
|
# configuration file (bind parameter).
|
|
#
|
|
# Type: string
|
|
#
|
|
#RemoteBindAddress =
|
|
|
|
|
|
# ===========================
|
|
# Locking and shared memory parameters
|
|
# ===========================
|
|
|
|
# ----------------------------
|
|
# Bytes of shared memory allocated for lock manager.
|
|
# In Classic mode, the size given is used for the initial allocation. The
|
|
# table expands dynamically up to the limit of memory.
|
|
#
|
|
# Per-database configurable.
|
|
#
|
|
# Type: integer
|
|
#
|
|
#LockMemSize = 1M
|
|
|
|
|
|
# ----------------------------
|
|
# In Classic, only one client process may access the lock table at any
|
|
# time. Access to the lock table is governed by a mutex. The mutex can
|
|
# be requested conditionally - a wait is a failure and the request must
|
|
# be retried - or unconditionally - the request will wait until it is
|
|
# satisfied. This parameter establishes the number of attempts that
|
|
# will be made conditionally. Zero value means unconditional mode.
|
|
#
|
|
# Per-database configurable.
|
|
#
|
|
# Type: integer
|
|
#
|
|
#LockAcquireSpins = 0
|
|
|
|
|
|
# ----------------------------
|
|
# Tune lock hash list; more hash slots mean shorter hash chains. Only
|
|
# necessary under very high load. Prime number values are recommended.
|
|
#
|
|
# Per-database configurable.
|
|
#
|
|
# Type: integer
|
|
#
|
|
#LockHashSlots = 8191
|
|
|
|
|
|
# ----------------------------
|
|
# Bytes of shared memory allocated for event manager.
|
|
#
|
|
# Per-database configurable.
|
|
#
|
|
# Type: integer
|
|
#
|
|
#EventMemSize = 64K
|
|
|
|
|
|
# ----------------------------
|
|
# Bytes of shared memory allocated for snapshots management.
|
|
# This will grow automatically unless you use an exotic platform
|
|
# that is neither Windows nor supports mmap system call.
|
|
# Each active shapshot uses 16 bytes of memory.
|
|
#
|
|
# Per-database configurable.
|
|
#
|
|
# Type: integer
|
|
#
|
|
#SnapshotsMemSize = 64K
|
|
|
|
|
|
# ----------------------------
|
|
# Bytes of shared memory allocated for each block of the TIP cache.
|
|
# The reason to reduce this value is if you have a small TIP and
|
|
# want to conserve some memory. The reason to increase this
|
|
# value is if you need a very large cache and approach limits
|
|
# on kernel objects allocated for each block (files, mutexes, etc).
|
|
# Each cached transaction uses 8 bytes of memory.
|
|
#
|
|
# Per-database configurable.
|
|
#
|
|
# Type: integer
|
|
#
|
|
#TipCacheBlockSize = 4M
|
|
|
|
|
|
# ----------------------------
|
|
# File to redirect stdout and stderr output of server
|
|
#
|
|
# Default '/dev/null' for *nix and 'nul' for Windows
|
|
# Empty value or '-' keeps stdout and stderr as is.
|
|
#
|
|
# Type: string
|
|
#
|
|
#OutputRedirectionFile = /dev/null
|
|
|
|
|
|
# ===========================
|
|
# Engine Settings
|
|
# ===========================
|
|
|
|
# ----------------------------
|
|
# Which CPUs should be used (Windows Only)
|
|
#
|
|
# Sets which processors can be used by the server. The value is taken
|
|
# from a bit map in which each bit represents a CPU. Thus, to use only
|
|
# the first processor, the value is 1. To use both CPU 1 and CPU 2,
|
|
# the value is 3. To use CPU 2 and CPU 3, the value is 6.
|
|
# The default value is 0 - no affinity will be set.
|
|
#
|
|
# About systems with heterogeneous (Efficient/Performance) set of cores:
|
|
# on Windows 10 and later, if affinity is not set nor by CpuAffinityMask,
|
|
# nor by the caller process, then the server tries to exclude efficient cores
|
|
# from its own affinity mask, i.e. default affinity mask includes performance
|
|
# cores only.
|
|
#
|
|
# Type: integer
|
|
#
|
|
#CpuAffinityMask = 0
|
|
|
|
|
|
# ----------------------------
|
|
# Garbage collection policy
|
|
#
|
|
# Defines how engine does garbage collection. Valid values are:
|
|
# cooperative
|
|
# background
|
|
# combined
|
|
#
|
|
# Superserver has by default "combined" policy
|
|
# Classic has by default "cooperative" policy.
|
|
# Other values are ignored by Classic server
|
|
#
|
|
# Per-database configurable.
|
|
#
|
|
# Type: string (special format)
|
|
#
|
|
#GCPolicy = combined
|
|
|
|
|
|
# ----------------------------
|
|
# Maximum statement cache size
|
|
#
|
|
# The maximum amount of RAM used to cache unused DSQL compiled statements.
|
|
# If set to 0 (zero), statement cache is disabled.
|
|
#
|
|
# Per-database configurable.
|
|
#
|
|
# Type: integer
|
|
#
|
|
#MaxStatementCacheSize = 2M
|
|
|
|
|
|
# ----------------------------
|
|
# Security database
|
|
#
|
|
# Defines the location of the security database (one that stores logins
|
|
# and passwords), used by server to validate remote connections.
|
|
#
|
|
# Per-database configurable.
|
|
#
|
|
# Type: string (pathname)
|
|
#
|
|
#SecurityDatabase = $(dir_secDb)/security6.fdb
|
|
|
|
|
|
# ============================
|
|
# Settings for parallel work
|
|
# ============================
|
|
|
|
# ----------------------------
|
|
# Limits the total number of parallel workers that can be created within a
|
|
# single Firebird process for each attached database.
|
|
# Workers are accounted for each attached database independently.
|
|
#
|
|
# Valid values are from 1 (no parallelism) to 64. All other values
|
|
# silently ignored and default value of 1 is used.
|
|
# Per-process.
|
|
#
|
|
# Type: integer
|
|
#
|
|
#MaxParallelWorkers = 1
|
|
|
|
# ----------------------------
|
|
# Default number of parallel workers for a single connection. For more details
|
|
# see doc/README.parallel_features.
|
|
#
|
|
# Valid values are from 1 (no parallelism) to MaxParallelWorkers (above).
|
|
# Values less than 1 are silently ignored and default value of 1 is used.
|
|
# Per-process.
|
|
#
|
|
# Type: integer
|
|
#
|
|
#ParallelWorkers = 1
|
|
|
|
|
|
# ==============================
|
|
# Settings for Windows platforms
|
|
# ==============================
|
|
|
|
# ----------------------------
|
|
# Does the guardian restart the server every time it crashes?
|
|
# 0 - only start the engine/service once
|
|
# 1 - always restart the engine/service if it terminates
|
|
#
|
|
# Type: integer/boolean
|
|
#
|
|
#GuardianOption = 1
|
|
|
|
|
|
# ----------------------------
|
|
# Priority level/class for the server process.
|
|
#
|
|
# The values are:
|
|
# 0 (Zero) - normal priority,
|
|
# positive value - high priority (same as -B command line option)
|
|
# negative value - low priority.
|
|
#
|
|
# Note: All changes to this value should be carefully tested to ensure
|
|
# that engine is more responsive to requests.
|
|
#
|
|
# Type: integer
|
|
#
|
|
#ProcessPriorityLevel = 0
|
|
|
|
|
|
# ----------------------------
|
|
# Local Connection Settings
|
|
#
|
|
# The name of the shared memory area used as a transport channel in local protocol.
|
|
#
|
|
# Please note that the server can only register objects in Global\ kernel namespace
|
|
# if it runs under the account with SE_CREATE_GLOBAL_NAME privilege.
|
|
# This means that if you run the server under a restricted account, it will not be
|
|
# accessible using the local protocol from other sessions.
|
|
#
|
|
# Per-connection configurable.
|
|
#
|
|
# Type: string
|
|
#
|
|
#IpcName = FIREBIRD
|
|
|
|
|
|
# ============================
|
|
# Settings for Unix/Linux platforms
|
|
# ============================
|
|
|
|
# ----------------------------
|
|
# Remove protection against redirecting requests to other servers
|
|
#
|
|
# ***DEPRECATED*** ***DEPRECATED*** ***DEPRECATED***
|
|
#
|
|
# This feature was partially broken in Firebird 3 with early (in remote listener)
|
|
# user authentication. Not all plugins can be used with Redirection.
|
|
# No matter of that we did not receive related bug reports, i.e. it's unused.
|
|
# Therefore Redirection is declared DEPRECATED in Firebird 5 and will be removed
|
|
# in Firebird 6.
|
|
#
|
|
# ***WARNING*** ***WARNING*** ***WARNING*** ***WARNING***
|
|
#
|
|
# Ability to redirect requests to other servers was initially present
|
|
# in Interbase, but was broken by Borland in Interbase 6.0, when
|
|
# they added SQL dialects. Request redirection was fixed in Firebird 2.0,
|
|
# but today such behaviour (proxy) seems to be dangerous from security
|
|
# point of view. Imagine, you have one carefully protected Firebird server,
|
|
# access to which is possible from global net. But in case when this server
|
|
# has access to your internal LAN (may and should be restricted,
|
|
# but often possible), it will work as a gateway for incoming requests like:
|
|
# firebird.your.domain.com:internal_server:/private/database.fdb
|
|
# It's enough to know name/IP of some internal server on your LAN, and for
|
|
# this connection, one even need not know login/password on external server.
|
|
# Such gateway easily overrides firewall, installed to protect your LAN
|
|
# from outside attack.
|
|
#
|
|
# DO NOT ENABLE THIS OPTION UNLESS YOU REALLY KNOW WHAT YOU ARE DOING.
|
|
#
|
|
# Type: boolean
|
|
#
|
|
#Redirection = 0
|
|
|
|
|
|
# ----------------------------
|
|
# Settings for Architecture Configuration
|
|
#
|
|
# Controls the method Firebird engine uses to work with databases and
|
|
# related Firebird server startup parameters.
|
|
#
|
|
# The values are:
|
|
# Super / ThreadedDedicated - databases are opened exclusive by a single server process,
|
|
# attachments share single DB pages cache inside process
|
|
# SuperClassic / ThreadedShared - databases are opened by a single server process,
|
|
# but it does not prevent opening them in other processes (embedded access),
|
|
# each attachment has its own DB pages cache
|
|
# Classic / MultiProcess - for each attachment to the server, a separate process is
|
|
# started, each database may be opened by multiple processes (including local ones for
|
|
# embedded access), each attachment (process) has its own DB pages cache
|
|
#
|
|
# Type: string
|
|
#
|
|
#ServerMode = Super
|
|
|
|
|
|
# ============================
|
|
# Settings of External Connections Pool
|
|
# ============================
|
|
|
|
# ----------------------------
|
|
# Sets the maximum number of inactive (idle) external connections to retain at
|
|
# the pool. Valid values are between 0 and 1000. If set to zero, the pool is disabled,
|
|
# i.e. external connection is destroyed immediately after the use.
|
|
#
|
|
# Type: integer
|
|
#
|
|
#ExtConnPoolSize = 0
|
|
|
|
# ----------------------------
|
|
# Sets the time before destroying inactive external connection, seconds.
|
|
# Valid values are between 1 and 86400.
|
|
#
|
|
# Type: integer
|
|
#
|
|
#ExtConnPoolLifeTime = 7200
|