Menu
▾
▴
firebird-checkins
|
From: Mark O. <sky...@us...> - 2001-04-14 02:15:35
|
Update of /cvsroot/firebird/interbase/firebird/skywalker/install/classic
In directory usw-pr-cvs1:/tmp/cvs-serv486/classic
Modified Files:
CSTarInstall.sh CSinstall.sh CSpostinstall.sh CSrpmfiles.txt
Log Message:
Changes to install process for classic firebird.
Index: CSTarInstall.sh
===================================================================
RCS file: /cvsroot/firebird/interbase/firebird/skywalker/install/classic/CSTarInstall.sh,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -r1.2 -r1.3
*** CSTarInstall.sh 2000/12/22 14:23:05 1.2
--- CSTarInstall.sh 2001/04/14 02:15:33 1.3
***************
*** 100,103 ****
--- 100,106 ----
done
+ mkdir -p interbase/misc
+ cp $ScriptsSrcDir/misc/firebird.xinetd interbase/misc
+
($ScriptsSrcDir/classic/CSinstall.sh)
Index: CSinstall.sh
===================================================================
RCS file: /cvsroot/firebird/interbase/firebird/skywalker/install/classic/CSinstall.sh,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -r1.2 -r1.3
*** CSinstall.sh 2000/12/22 14:23:05 1.2
--- CSinstall.sh 2001/04/14 02:15:33 1.3
***************
*** 33,38 ****
mkdir /opt/interbase/doc
mkdir /opt/interbase/UDF
-
cp -f interbase/bin/gds_inet_server /opt/interbase/bin/gds_inet_server
--- 33,38 ----
mkdir /opt/interbase/doc
mkdir /opt/interbase/UDF
+ mkdir /opt/interbase/misc
cp -f interbase/bin/gds_inet_server /opt/interbase/bin/gds_inet_server
***************
*** 93,96 ****
--- 93,98 ----
cp interbase/services.isc /opt/interbase/services.isc
cp interbase/README /opt/interbase/README
+
+ cp interbase/misc/firebird.xinetd /opt/interbase/misc/firebird.xinetd
# June 23 2000, 6:00AM
Index: CSpostinstall.sh
===================================================================
RCS file: /cvsroot/firebird/interbase/firebird/skywalker/install/classic/CSpostinstall.sh,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -r1.2 -r1.3
*** CSpostinstall.sh 2000/12/22 14:23:05 1.2
--- CSpostinstall.sh 2001/04/14 02:15:33 1.3
***************
*** 56,59 ****
--- 56,154 ----
#------------------------------------------------------------------------
+ # Add new user and group
+
+
+ addFirebirdUser() {
+
+ testStr=`grep firebird /etc/group`
+
+ if [ -z "$testStr" ]
+ then
+ groupadd -g 84 -o -r firebird
+ fi
+
+ testStr=`grep firebird /etc/passwd`
+ if [ -z "$testDir" ]
+ then
+ useradd -o -r -m -d $IBRootDir -s /bin/bash \
+ -c "Firebird Database Administrator" -g firebird -u 84 firebird
+
+ # >/dev/null 2>&1
+ fi
+ }
+
+
+ #------------------------------------------------------------------------
+ # Delete new user and group
+
+
+ deleteFirebirdUser() {
+
+ userdel firebird
+ # groupdel firebird
+
+ }
+
+
+ #------------------------------------------------------------------------
+ # changeXinetdServiceUser
+ # Change the run user of the xinetd service
+
+ changeXinetdServiceUser() {
+
+ InitFile=/etc/xinetd.d/firebird
+ if [ -f $InitFile ]
+ then
+ ed -s $InitFile <<EOF
+ / user /s/=.*$/= $RunUser/g
+ w
+ q
+ EOF
+ fi
+ }
+
+ #------------------------------------------------------------------------
+ # Update inetd service entry
+ # This just adds/replaces the service entry line
+
+ updateInetdEntry() {
+
+ FileName=/etc/inetd.conf
+ newLine="gds_db stream tcp nowait.30000 $RunUser $IBBin/gds_inet_server gds_inet_server # InterBase Database Remote Server"
+ oldLine=`grep "^gds_db" $FileName`
+
+ replaceLineInFile "$FileName" "$newLine" "$oldLine"
+ }
+
+ #------------------------------------------------------------------------
+ # Update xinetd service entry
+
+ updateXinetdEntry() {
+
+ cp $IBRootDir/misc/firebird.xinetd /etc/xinetd.d/firebird
+ changeXinetdServiceUser
+ }
+
+
+ #------------------------------------------------------------------------
+ # Update inetd service entry
+ # Check to see if we have xinetd installed or plain inetd. Install differs
+ # for each of them.
+
+ updateInetdServiceEntry() {
+
+ if [ -d /etc/xinetd.d ]
+ then
+ updateXinetdEntry
+ else
+ updateInetdEntry
+ fi
+
+ }
+
+
+
+
+ #------------------------------------------------------------------------
# Unable to generate the password for the rpm, so put out a message
# instead
***************
*** 73,85 ****
echo "(For superserver you will also want to check the password in the" >> $DBAPasswordFile
! echo "daemon init routine in the file /etc/rc.d/init.d/firebird)" >> $DBAPasswordFile
echo "" >> $DBAPasswordFile
echo "Your should password can be changed to a more suitable one using the" >> $DBAPasswordFile
! echo "/opt/interbase/bin/gsec program as show below:" >> $DBAPasswordFile
echo "" >> $DBAPasswordFile
- echo ">cd /opt/interbase" >> $DBAPasswordFile
- echo ">bin/gsec -user sysdba -password <password>" >> $DBAPasswordFile
- echo "GSEC>modify sysdba -pw <newpassword>" >> $DBAPasswordFile
- echo "GSEC>quit" >> $DBAPasswordFile
chmod u=r,go= $DBAPasswordFile
--- 168,176 ----
echo "(For superserver you will also want to check the password in the" >> $DBAPasswordFile
! echo "daemon init routine in the file /etc/init.d/firebird)" >> $DBAPasswordFile
echo "" >> $DBAPasswordFile
echo "Your should password can be changed to a more suitable one using the" >> $DBAPasswordFile
! echo "/opt/interbase/bin/changeDBAPassword.sh script" >> $DBAPasswordFile
echo "" >> $DBAPasswordFile
chmod u=r,go= $DBAPasswordFile
***************
*** 107,116 ****
echo "" >> $DBAPasswordFile
echo "Your password can be changed to a more suitable one using the" >> $DBAPasswordFile
! echo "/opt/interbase/bin/gsec program as show below:" >> $DBAPasswordFile
echo "" >> $DBAPasswordFile
- echo ">cd /opt/interbase" >> $DBAPasswordFile
- echo ">bin/gsec -user sysdba -password <password>" >> $DBAPasswordFile
- echo "GSEC>modify sysdba -pw <newpassword>" >> $DBAPasswordFile
- echo "GSEC>quit" >> $DBAPasswordFile
chmod u=r,go= $DBAPasswordFile
--- 198,203 ----
echo "" >> $DBAPasswordFile
echo "Your password can be changed to a more suitable one using the" >> $DBAPasswordFile
! echo "/opt/interbase/bin/changeDBAPassword.sh script" >> $DBAPasswordFile
echo "" >> $DBAPasswordFile
chmod u=r,go= $DBAPasswordFile
***************
*** 177,230 ****
! #= Main Post ===============================================================
- # Make sure the links are in place
- if [ ! -L /opt/interbase -a ! -d /opt/interbase ]
- then
- # Main link and...
- ln -s $RPM_INSTALL_PREFIX/interbase /opt/interbase
- fi
! IBRootDir=/opt/interbase
! IBBin=$IBRootDir/bin
! RunUser=root
! # Update /etc/services
- FileName=/etc/services
- newLine="gds_db 3050/tcp # InterBase Database Remote Protocol"
- oldLine=`grep "^gds_db" $FileName`
! replaceLineInFile "$FileName" "$newLine" "$oldLine"
! # Update the /etc/inetd.conf
- FileName=/etc/inetd.conf
- newLine="gds_db stream tcp nowait.30000 $RunUser $IBBin/gds_inet_server gds_inet_server # InterBase Database Remote Server"
- oldLine=`grep "^gds_db" $FileName`
! replaceLineInFile "$FileName" "$newLine" "$oldLine"
- # Update ownership and SUID bits for programs.
! chown -R $RunUser.$RunUser $IBRootDir
cd $IBBin
! for i in gds_lock_mgr gds_drop gds_inet_server
do
chmod ug+s $i
done
! # Get inetd to reread new init files.
if [ -f /var/run/inetd.pid ]
then
--- 264,433 ----
! #------------------------------------------------------------------------
! # fixFilePermissions
! # Change the permissions to restrict access to server programs to
! # firebird group only. This is MUCH better from a saftey point of
! # view than installing as root user, even if it requires a little
! # more work.
+ fixFilePermissions() {
! # Turn other access off.
! chmod -R o= $IBRootDir
! # Now fix up the mess.
+ # fix up directories
+ for i in `find $IBRootDir -print`
+ do
+ FileName=$i
+ if [ -d $FileName ]
+ then
+ chmod o=rx $FileName
+ fi
+ done
! cd $IBBin
+ # set up the defaults for bin
+ for i in `ls`
+ do
+ chmod ug=rx,o= $i
+ done
! # User can run these programs, they need to talk to server though.
! # and they cannot actually create a database.
!
+ chmod a=rx isql
+ chmod a=rx qli
+
+ # SUID is still needed for group direct access. General users
+ # cannot run though.
+ for i in gds_lock_mgr gds_drop gds_inet_server
+ do
+ chmod ug=rx,o= $i
+ chmod ug+s $i
+ done
! cd $IBRootDir
+ # Fix lock files
+ for i in isc_init1 isc_lock1 isc_event1
+ do
+ FileName=$i.`hostname`
+ chmod ug=rw,o= $FileName
+ done
! chmod ug=rw,o= interbase.log
!
! chmod a=r interbase.msg
! chmod ug=rw,o= help/help.gdb
! chmod ug=rw,o= isc4.gdb
!
!
! # Set a default of read all files in examples
!
! cd examples
!
! for i in `ls`
! do
! chmod a=r $i
! done
!
! # make examples db's writable by group
! chmod ug=rw,o= *.gdb
!
! }
!
!
! #------------------------------------------------------------------------
! # fixFilePermissionsForRoot
! # This sets the file permissions up to what you need if you are
! # running the server as root user. I hope to remove this mode
! # of running before the next version, since it's security level
! # is absolutely woeful.
!
!
! fixFilePermissionsRoot() {
!
! # Turn other access off.
! chmod -R o= $IBRootDir
!
! # Now fix up the mess.
!
! # fix up directories
! for i in `find $IBRootDir -print`
! do
! FileName=$i
! if [ -d $FileName ]
! then
! chmod o=rx $FileName
! fi
! done
!
cd $IBBin
!
! # set up the defaults for bin
! for i in `ls`
do
+ chmod o=rx $i
+ done
+
+
+ # SUID is still needed for group direct access. General users
+ # cannot run though.
+ for i in gds_lock_mgr gds_drop gds_inet_server
+ do
chmod ug+s $i
+ done
+
+
+ cd $IBRootDir
+
+ # Fix lock files
+ for i in isc_init1 isc_lock1 isc_event1
+ do
+ FileName=$i.`hostname`
+ chmod a=rw $FileName
done
! chmod a=rw interbase.log
!
! chmod a=r interbase.msg
! chmod a=rw help/help.gdb
! chmod a=rw isc4.gdb
!
!
! # Set a default of read all files in examples
+ cd examples
+
+ for i in `ls`
+ do
+ chmod a=r $i
+ done
+
+ # make examples db's writable by group
+ chmod a=rw *.gdb
+
+ }
+
+ #------------------------------------------------------------------------
+ # resetXinitdServer
+ # Check for both inetd and xinetd, only one will actually be running.
+ # depending upon your system.
+
+ resetInetdServer() {
+
if [ -f /var/run/inetd.pid ]
then
***************
*** 232,241 ****
fi
- # Lock files
- # remember isc_guard1 in addition for super
cd $IBRootDir
--- 435,477 ----
fi
+ if [ -f /var/run/xinetd.pid ]
+ then
+ kill -HUP `cat /var/run/xinetd.pid`
+ fi
+ }
+ #= Main Post ===============================================================
+ # Make sure the links are in place
+ if [ ! -L /opt/interbase -a ! -d /opt/interbase ]
+ then
+ # Main link and...
+ ln -s $RPM_INSTALL_PREFIX/interbase /opt/interbase
+ fi
+
+
+ IBRootDir=/opt/interbase
+ IBBin=$IBRootDir/bin
+ RunUser=root
+ # RunUser=firebird
+ # Update /etc/services
+
+ FileName=/etc/services
+ newLine="gds_db 3050/tcp # InterBase Database Remote Protocol"
+ oldLine=`grep "^gds_db" $FileName`
+
+ replaceLineInFile "$FileName" "$newLine" "$oldLine"
+
+
+ # add Firebird user
+ if [ $RunUser = "firebird" ]
+ then
+ addFirebirdUser
+ fi
+
+
+ # Create Lock files
cd $IBRootDir
***************
*** 244,261 ****
FileName=$i.`hostname`
touch $FileName
- chmod uga+rw $FileName
done
touch interbase.log
- chmod uga+rw interbase.log
- chmod uga+rw help/help.gdb
- chmod uga+rw isc4.gdb
! # make examples writable by anyone
! chmod uga+rw examples/*.gdb
! # Change sysdba password
changeDBAPassword
--- 480,504 ----
FileName=$i.`hostname`
touch $FileName
done
+ # Create log
touch interbase.log
! # Update ownership and SUID bits for programs.
! chown -R $RunUser.$RunUser $IBRootDir
! # fixFilePermissions
! fixFilePermissionsRoot
! # Update the /etc/inetd.conf or xinetd entry
! updateInetdServiceEntry
!
+ # Get inetd to reread new init files.
+ resetInetdServer
+
+
+ cd $IBRootDir
+ # Change sysdba password
changeDBAPassword
Index: CSrpmfiles.txt
===================================================================
RCS file: /cvsroot/firebird/interbase/firebird/skywalker/install/classic/CSrpmfiles.txt,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -r1.2 -r1.3
*** CSrpmfiles.txt 2000/12/22 14:23:05 1.2
--- CSrpmfiles.txt 2001/04/14 02:15:33 1.3
***************
*** 5,8 ****
--- 5,9 ----
%dir /opt/interbase/intl
%dir /opt/interbase/help
+ %dir /opt/interbase/misc
/opt/interbase/bin/gds_inet_server
***************
*** 53,57 ****
/opt/interbase/services.isc
!
--- 54,58 ----
/opt/interbase/services.isc
! /opt/interbase/misc/firebird.xinetd
|
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X