From: Alexander P. <ale...@us...> - 2004-01-31 15:51:59
|
Build Version : T2.0.0.6411 Firebird 2.0 UNSTABLE (writeBuildNum.sh,v 1.6413 2004/01/31 15:50:15 alexpeshkoff ) Update of /cvsroot/firebird/firebird2/src/install/misc In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv14420 Modified Files: Tag: B1_5_Release SSrestoreRootRunUser.sh.in SSchangeRunUser.sh.in changeDBAPassword.sh.in Log Message: Fixed scripts that modify SYSDBA password and RunUser Index: SSrestoreRootRunUser.sh.in =================================================================== RCS file: /cvsroot/firebird/firebird2/src/install/misc/Attic/SSrestoreRootRunUser.sh.in,v retrieving revision 1.1.2.1 retrieving revision 1.1.2.2 diff -b -U3 -r1.1.2.1 -r1.1.2.2 --- SSrestoreRootRunUser.sh.in 23 Sep 2003 19:07:57 -0000 1.1.2.1 +++ SSrestoreRootRunUser.sh.in 31 Jan 2004 15:50:13 -0000 1.1.2.2 @@ -1,257 +1,38 @@ #!/bin/sh - -# A routine to change the user that runs interbase Firebird - - -#------------------------------------------------------------------------ -# Prompt for response, store result in Answer - -Answer="" - -AskQuestion() { - Test=$1 - DefaultAns=$2 - echo -n "${1}" - Answer="$DefaultAns" - read Answer -} - - - -#------------------------------------------------------------------------ -# Check for a previous install - - -checkInstallUser() { - - if [ "`whoami`" != "root" ]; - then - ehco "" - echo "--- Warning ----------------------------------------------" - echo "" - echo " You need to be 'root' user to do this change" - echo "" - exit - fi -} - - -#------------------------------------------------------------------------ -# stop super server if it is running -# Also will only stop firebird, since that has the init script - - -stopServerIfRunning() { - - checkString=`ps -efww| egrep "(fbserver|fbguard)" |grep -v grep` - - if [ ! -z "$checkString" ] - then - if [ -f /etc/rc.d/init.d/firebird ] - then - /etc/rc.d/init.d/firebird stop - fi - fi -} - -#------------------------------------------------------------------------ -# check if it is running - - -checkIfServerRunning() { - - stopServerIfRunning - -# Check is server is being actively used. - - checkString=`ps -efww| egrep "(fserver|fbguard)" |grep -v grep` - - if [ ! -z "$checkString" ] - then - echo "An instance of the Firebird/InterBase Super server seems to be running." - echo "Please quit all interbase applications and then proceed" - exit 1 - fi - - checkString=`ps -efww| egrep "(fb_inet_server|gds_pipe)" |grep -v grep` - - if [ ! -z "$checkString" ] - then - echo "An instance of the Firebird/InterBase server seems to be running." - echo "Please quit all interbase applications and then proceed." - exit 1 - fi - - - -# Stop lock manager if it is the only thing running. - - for i in `ps -efww | grep "fb_lock_mgr" | grep -v "grep" | awk '{print $2}' ` - do - kill $i - done - -} - - -#------------------------------------------------------------------------ -# Add new user and group - - -addFirebirdUser() { - - groupadd -g 84 -o -r firebird - - useradd -o -r -m -d /home/firebird -s /bin/bash \ - -c "Firebird Database Administrator" -g firebird -u 84 firebird - -# >/dev/null 2>&1 -} - - -#------------------------------------------------------------------------ -# Delete new user and group - - -deleteFirebirdUser() { - - userdel firebird - # groupdel firebird - -} - - - -#------------------------------------------------------------------------ -# add a service line in the (usually) /etc/services or /etc/inetd.conf file -# Here there are three cases, not found => add service line, -# found & different => ask user to check -# found & same => do nothing # - -replaceLineInFile() { - FileName=$1 - newLine=$2 - oldLine=$3 - - if [ -z "$oldLine" ] - then - echo "$newLine" >> $FileName - - elif [ "$oldLine" != "$newLine" ] - then -# We really expect this to be the case. - - cat $FileName | grep -v "$oldLine" > ${FileName}.tmp - mv ${FileName}.tmp $FileName - echo "$newLine" >> $FileName - echo "Updated." - - fi -} - - -#------------------------------------------------------------------------ -# changeInitRunUser - - -changeInitRunUser() { - - NewUser=$1 - - InitFile=/etc/rc.d/init.d/firebird - if [ -f $InitFile ] - then - ed $InitFile <<EOF -/FBRunUser:=/s/FBRunUser:=.*\}/FBRunUser:=$NewUser\}/g -w -q -EOF - chmod u=rwx,g=rx,o= $InitFile - - fi -} - +# This library is part of the Firebird project +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# You may obtain a copy of the Licence at +# http://www.gnu.org/licences/lgpl.html +# +# As a special exception this file can also be included in modules +# with other source code as long as that source code has been +# released under an Open Source Initiative certificed licence. +# More information about OSI certification can be found at: +# http://www.opensource.org +# +# This module is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Lesser General Public Licence for more details. +# +# This module was created by members of the firebird development +# team. All individual contributions remain the Copyright (C) of +# those individuals and all rights are reserved. Contributors to +# this file are either listed below or can be obtained from a CVS +# history command. +# +# Created by: Alex Peshkov <pe...@in...> +# +# Contributor(s): +# +# IBRootDir=@prefix@ IBBin=$IBRootDir/bin - - - -#RunUser=firebird -#RunGroup=firebird - -# Well if you really insist, here it is ;-) - Mark. -#RunUser=interbase -#RunGroup=interbase - - -# If you want to root user (server run restructed to group root) -RunUser=root -RunGroup=root - - -checkInstallUser - - -echo "" -echo "Change Firebird install for $IBRootDir to uid=$RunUser gid=$RunGroup" -echo "(User or group options can be changed by editing this script)" -echo "" -AskQuestion "Press return to continue - or ^C to abort" - - -checkIfServerRunning - - -# Update ownership and SUID bits for programs. -echo "Updating $IBRootDir" - - -chown -R $RunUser.$RunGroup $IBRootDir - -# Turn everybody option off. -chmod -R o= $IBRootDir - -# Now fix up the mess. - -# fix up directories -for i in `find $IBRootDir -print` - do - FileName=$i - if [ -d $FileName ] - then - chmod o=rx $FileName - fi - done - - -cd $IBBin - - -# User can run these programs, they need to talk to server though. -# and they cannot actually create a database. - -chmod o=rx isql -chmod o=rx qli - - - -cd $IBRootDir - -touch firebird.log -chmod ug=rw,o= firebird.log - - -# make examples writable by group -chmod ug=rw,o= examples/*.fdb - - -changeInitRunUser $RunUser - -# start the db server - -(cd /etc/rc.d/init.d; ./firebird start) - -echo "Completed." +$IBBin/SSchangeRunUser.sh root root Index: SSchangeRunUser.sh.in =================================================================== RCS file: /cvsroot/firebird/firebird2/src/install/misc/Attic/SSchangeRunUser.sh.in,v retrieving revision 1.1.2.1 retrieving revision 1.1.2.2 diff -b -U3 -r1.1.2.1 -r1.1.2.2 --- SSchangeRunUser.sh.in 23 Sep 2003 19:07:57 -0000 1.1.2.1 +++ SSchangeRunUser.sh.in 31 Jan 2004 15:50:13 -0000 1.1.2.2 @@ -1,7 +1,18 @@ #!/bin/sh -# A routine to change the user that runs interbase Firebird - +# A routine to change the user that runs Firebird SS. +# Under all circumstances postinstall.sh script tries to create +# user and group named firebird. We don't need to repeat this attempts here. +# If one changes runUser to something specific for him (some like user293), +# he must take care to add correct user before it! + +RunUser=$1 +RunGroup=$2 +if [ "$3" ] +then + Usage: SSchangeRunUser.sh [RunUser] [RunGroup] + exit 100 +fi #------------------------------------------------------------------------ # Prompt for response, store result in Answer @@ -12,8 +23,12 @@ Test=$1 DefaultAns=$2 echo -n "${1}" - Answer="$DefaultAns" + Answer="" read Answer + if [ -z $Answer ] + then + Answer="$DefaultAns" + fi } @@ -47,10 +62,7 @@ if [ ! -z "$checkString" ] then - if [ -f /etc/rc.d/init.d/firebird ] - then - /etc/rc.d/init.d/firebird stop - fi + $StartupScript stop fi } @@ -77,7 +89,7 @@ if [ ! -z "$checkString" ] then - echo "An instance of the Firebird/InterBase server seems to be running." + echo "An instance of the Firebird/InterBase Classic server seems to be running." echo "Please quit all interbase applications and then proceed." exit 1 fi @@ -95,174 +107,104 @@ #------------------------------------------------------------------------ -# Add new user and group - - -addFirebirdUser() { - - groupadd -g 84 -o -r firebird - - useradd -o -r -m -d /home/firebird -s /bin/bash \ - -c "Firebird Database Administrator" -g firebird -u 84 firebird - -# >/dev/null 2>&1 -} - +# changeInitRunUser -#------------------------------------------------------------------------ -# Delete new user and group +changeInitRunUser() { -deleteFirebirdUser() { + NewUser=$1 - userdel firebird - # groupdel firebird + chmod u=rwx,g=rx,o= $StartupScript + ex $StartupScript <<EOF +/FBRunUser/s/FBRunUser=.*/FBRunUser=$NewUser/g +w +q +EOF + chmod u=rwx,g=rx,o= $StartupScript } - #------------------------------------------------------------------------ -# add a service line in the (usually) /etc/services or /etc/inetd.conf file -# Here there are three cases, not found => add service line, -# found & different => ask user to check -# found & same => do nothing -# - -replaceLineInFile() { - FileName=$1 - newLine=$2 - oldLine=$3 +# check for RunUsetr and RunGroup - if [ -z "$oldLine" ] +checkIfUserIsPresent() { + checkString=`grep $RunUser /etc/passwd` + if [ -z "$checkString" ] then - echo "$newLine" >> $FileName - - elif [ "$oldLine" != "$newLine" ] + echo User $RunUser missing - script failed. + exit 20 + fi + checkString=`grep $RunGroup /etc/group` + if [ -z "$checkString" ] then -# We really expect this to be the case. - - cat $FileName | grep -v "$oldLine" > ${FileName}.tmp - mv ${FileName}.tmp $FileName - echo "$newLine" >> $FileName - echo "Updated." - + echo Group $RunGroup missing - script failed. + exit 21 fi } #------------------------------------------------------------------------ -# changeInitRunUser - - -changeInitRunUser() { - - NewUser=$1 +# main code - InitFile=/etc/rc.d/init.d/firebird - if [ -f $InitFile ] - then - ed $InitFile <<EOF -/FBRunUser:=/s/FBRunUser:=.*\}/FBRunUser:=$NewUser\}/g -w -q -EOF - chmod u=rwx,g=rx,o= $InitFile - - fi -} +checkInstallUser -IBRootDir=@prefix@ +IBRootDir=/opt/firebird IBBin=$IBRootDir/bin +if [ -z "$RunUser" ] +then + AskQuestion "Enter new RunUser for firebird super server [firebird]: " firebird + RunUser="$Answer" +fi +if [ -z "$RunGroup" ] +then + AskQuestion "Enter new RunGroup for firebird super server [firebird]: " firebird + RunGroup="$Answer" +fi - - -RunUser=firebird -RunGroup=firebird - -# Well if you really insist, here it is ;-) - Mark. -#RunUser=interbase -#RunGroup=interbase - - -# If you want to root user (server run restructed to group root) -# RunUser=root -# RunGroup=root - - -checkInstallUser - - +checkIfUserIsPresent echo "" echo "Change Firebird install for $IBRootDir to uid=$RunUser gid=$RunGroup" -echo "(User or group options can be changed by editing this script)" echo "" AskQuestion "Press return to continue - or ^C to abort" - -checkIfServerRunning - -if [ $RunUser = "firebird" ] +# Locating startup script +StartupScript="" +if [ -f /etc/rc.d/init.d/firebird ] + then + StartupScript=/etc/rc.d/init.d/firebird +elif [ -f /etc/init.d/firebird ] then -# deleteFirebirdUser - addFirebirdUser + StartupScript=/etc/init.d/firebird +fi +if [ -z $StartupScript ] +then + echo "Failed to locate startup script for firebird." + exit 10 fi - - +# Stop server if running +checkIfServerRunning # Update ownership and SUID bits for programs. echo "Updating $IBRootDir" +chown $RunUser.$RunGroup $IBRootDir/isc_* $IBRootDir/firebird.log $IBRootDir/security.fdb - -chown -R $RunUser.$RunGroup $IBRootDir - -# Turn everybody option off. -chmod -R o= $IBRootDir - -# Now fix up the mess. - -# fix up directories -for i in `find $IBRootDir -print` - do - FileName=$i - if [ -d $FileName ] - then - chmod o=rx $FileName - fi - done - - - -cd $IBBin - - -# User can run these programs, they need to talk to server though. -# and they cannot actually create a database. - -chmod o=rx isql -chmod o=rx qli - - - -cd $IBRootDir - -touch firebird.log -chmod ug=rw,o= firebird.log -chmod ug=rw,o=r firebird.msg - - -# make examples writable by group -chmod ug=rw,o= examples/*.fdb - - +# Update startup script +echo "Updating startup script" changeInitRunUser $RunUser -# start the db server so we can change the password - -(cd /etc/rc.d/init.d; ./firebird start) - -echo "Completed." +# start the db server +if $StartupScript start +then + echo "" + echo "Completed." +else + echo "" + echo "Firebird startup failed." + exit 11 +fi +exit 0 Index: changeDBAPassword.sh.in =================================================================== RCS file: /cvsroot/firebird/firebird2/src/install/misc/Attic/changeDBAPassword.sh.in,v retrieving revision 1.1.2.3 retrieving revision 1.1.2.4 diff -b -U3 -r1.1.2.3 -r1.1.2.4 --- changeDBAPassword.sh.in 28 Dec 2003 04:53:18 -0000 1.1.2.3 +++ changeDBAPassword.sh.in 31 Jan 2004 15:50:13 -0000 1.1.2.4 @@ -2,6 +2,7 @@ # This shell script changes both the SYSDBA user +# and /etc/init.d/firebird script #------------------------------------------------------------------------ # Prompt for response, store result in Answer @@ -24,15 +25,20 @@ changeInitPassword() { NewPasswd=$1 + DBAPasswordFile=$FBRootDir/SYSDBA.password InitFile=/etc/rc.d/init.d/firebird + if [ ! -f $InitFile ] + then + InitFile=/etc/init.d/firebird + fi if [ -f $InitFile ] then echo "" - echo Running ed to modify /etc/init.d/firebird + echo Running ex to modify /etc/init.d/firebird ex $InitFile <<EOF -/ISC_PASSWORD/s/ISC_PASSWORD:=.*\}/ISC_PASSWORD:=$NewPasswd\}/g +/ISC_PASSWORD/s/ISC_PASSWORD=.*/ISC_PASSWORD=$NewPasswd/g w q EOF @@ -42,97 +48,9 @@ } -#------------------------------------------------------------------------ -# Write new password to the @prefix@/SYSDBA.password file - -writeNewPassword() { - - NewPasswd=$1 - - echo "# Firebird generated password for user SYSDBA is: " > $DBAPasswordFile - echo "" >> $DBAPasswordFile - - echo "ISC_USER=sysdba" >> $DBAPasswordFile - echo "ISC_PASSWD=$NewPasswd" >> $DBAPasswordFile - echo "" >> $DBAPasswordFile - - if [ $NewPasswd = "masterkey" ] - then - echo "# for install on `hostname` at time `date`" >> $DBAPasswordFile - echo "# You should change this password at the earliest oportunity" >> $DBAPasswordFile - else - echo "# generated on `hostname` at time `date`" >> $DBAPasswordFile - fi - echo "" >> $DBAPasswordFile - echo "# Your password can be changed to a more suitable one using the" >> $DBAPasswordFile - echo "# @prefix@/bin/changeDBAPassword.sh script" >> $DBAPasswordFile - - # Additional instructions for super server - echo "" >> $DBAPasswordFile - echo "# For superserver you will also want to check the password in the" >> $DBAPasswordFile - echo "# daemon init routine in the file /etc/rc.d/init.d/firebird" >> $DBAPasswordFile - - echo "" >> $DBAPasswordFile - chmod u=r,go= $DBAPasswordFile - - - # Only if we have changed the password from the default do we need - # to update the entry in the database - - if [ $NewPasswd != "masterkey" ] - then - $FBBin/gsec -user sysdba -password masterkey <<EOF -modify sysdba -pw $NewPasswd -EOF - fi -} - #------------------------------------------------------------------------ -# Generate new sysdba password - this routine is used only in the -# rpm file not in the install acript. - - -generateNewDBAPassword() { - - DBAPasswordFile=$FBRootDir/SYSDBA.password - - # openssl generates random data. - if [ -f /usr/bin/openssl ] - then - # We generate 20 random chars, strip any '/''s and get the first 8 - NewPasswd=`openssl rand -base64 20 | tr -d '/' | cut -c1-8` - fi - - # mkpasswd is a bit of a hassle, but check to see if it's there - if [ -z "$NewPasswd" ] - then - if [ -f /usr/bin/mkpasswd ] - then - NewPasswd=`/usr/bin/mkpasswd -l 8` - fi - fi - - - # So we failed to generate a new password, so keep the original - # installed one. - - if [ -z "$NewPasswd" ] - then - NewPasswd="masterkey" - fi - - writeNewPassword $NewPasswd - changeInitPassword "$NewPasswd" - -} - - - - - -#------------------------------------------------------------------------ -# Change sysdba password - this routine is interactive and is only +# this routine is interactive and is only # used in the install shell script not the rpm one. @@ -143,7 +61,6 @@ do AskQuestion "Please enter current password for SYSDBA user: " OrigPasswd=$Answer - done NewPasswd="" @@ -159,7 +76,6 @@ EOF echo "" - writeNewPassword $NewPasswd changeInitPassword "$NewPasswd" fi @@ -173,25 +89,12 @@ # used in the install shell script not the rpm one. -changeDBAPassword() { - - if [ -z "$InteractiveInstall" ] - then - generateNewDBAPassword - else - askUserForNewDBAPassword - fi -} #= Main Post =============================================================== - FBRootDir=@install@ + FBRootDir=@prefix@ FBBin=$FBRootDir/bin - RunUser=root - - InteractiveInstall=true - export InteractiveInstall - changeDBAPassword + askUserForNewDBAPassword |