8
0
mirror of https://github.com/FirebirdSQL/firebird.git synced 2025-01-23 21:23:03 +01:00
firebird-mirror/builds/install/misc/superLibrary.sh.in
2005-04-29 18:16:46 +00:00

91 lines
2.1 KiB
Bash

#!/bin/sh
#------------------------------------------------------------------------
# init defaults
DefaultLibrary=libfbclient
#------------------------------------------------------------------------
# fixFilePermissions
# Change the permissions to restrict access to server programs to
# firebird group only. This is MUCH better from a saftey point of
# view than installing as root user, even if it requires a little
# more work.
fixFilePermissions() {
# For security reasons initially force all root:root non-writable
chown -R root:root $FBRootDir
chmod -R uga-w $FBRootDir
# Prepare bin
cd $FBBin
# Everyone may execute clients
chmod 0555 *
# Shell scripts changing security attributes are for root only
chmod 0500 *.sh
# Lock files
cd $FBRootDir
for i in isc_init1 isc_lock1 isc_event1 isc_guard1
do
FileName=$i.`hostname`
touch $FileName
MakeFileFirebirdWritable $FileName
done
touch firebird.log
MakeFileFirebirdWritable firebird.log
# Security database
# Nobody besides firebird permitted to even read this file
chown $RunUser.$RunUser $SecurityDatabase
chmod 0600 $SecurityDatabase
# fix up examples' permissions
cd examples
# set a default of read all files in examples
for i in `find . -name '*' -type f -print`
do
chmod a=r $i
done
# set a default of read&search all dirs in examples
for i in `find . -name '*' -type d -print`
do
chmod a=rx $i
done
# make examples db's writable by group
for i in `find . -name '*.fdb' -print`
do
chown $RunUser.$RunUser $i
chmod ug=rw,o= $i
done
cd ..
}
#------------------------------------------------------------------------
# Update inetd service entry
# Check to see if we have xinetd installed or plain inetd.
# Install differs for each of them.
updateInetdServiceEntry() {
# do nothing for SS
return 0
}
#------------------------------------------------------------------------
# resetXinetdServer
# Works for both inetd and xinetd
resetInetdServer() {
# do nothing for SS
return 0
}