Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 206578 - dev-db/firebird-2.0.3.12981.0-r4 start script works only for sysdba password 'masterke...'
Summary: dev-db/firebird-2.0.3.12981.0-r4 start script works only for sysdba password ...
Status: VERIFIED INVALID
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Linux bug wranglers
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2008-01-18 21:01 UTC by Sibylle Koczian
Modified: 2008-01-19 11:50 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Sibylle Koczian 2008-01-18 21:01:00 UTC 
Firebird can't be started or shut down with '/etc/init.d/firebird start/stop', if the SYSDBA password is changed away from the default 'masterkey'. So it's useless to add it to the default runlevel. Starting with 'fbmgr.bin -start -forever -user sysdba -password <newsysdbapassword>', while logged in as user firebird, is possible.
Probable reason: "ISC_PASSWORD=masterkey" in /etc/conf.d/firebird.

Reproducible: Always

Steps to Reproduce:
1.If the firebird server doesn't run, start it.
2.If the SYSDBA password is still 'masterkey', change it, using gsec.
3.Try to stop the server with '/etc/init.d/firebird stop' (as root).

Actual Results:  
Error message: Your user name and password are not defined. Ask your database administrator to set up a Firebird login. The server still runs (ps aux | grep fb shows this).
Similarly after reboot, '/etc/init.d/firebird start' doesn't start the server.


Expected Results:  
Server should start at '/etc/init.d/firebird start' and stop at '/etc/init.d/firebird stop'. 

At _every_ start of the firebird server this message appears:
 * Starting Firebird server ...
check /var/log/firebird/firebird.log file for errors
can not start server                                                      [ ok ]
So it's always necessary to check the real state of affairs with 'ps aux | grep fb' or by trying to connect to a database.

The file /etc/conf.d/firebird contains the line 'ISC_PASSWORD=masterkey'. If this is used by the start script I suppose that's the bug.
Comment 1 Jakub Moc (RETIRED) gentoo-dev 2008-01-18 21:14:50 UTC 
Well don't get me wrong, but have you actually ever tried to change the password in that *configuration* file once you've changed it in the database? Because that's the entire reason why the file is there in the first place.
Comment 2 Sibylle Koczian 2008-01-19 11:40:32 UTC 
(In reply to comment #1)
> Well don't get me wrong, but have you actually ever tried to change the
> password in that *configuration* file once you've changed it in the database?
> Because that's the entire reason why the file is there in the first place.
> 

It's quite right that this works, but I don't think the SYSDBA password should be visible on the server quite this easily! I don't really understand why the start script doesn't work without the line 'export ISC_PASSWORD' - with fbmgr.bin the server can be started by user firebird without using the sysdba password at all. Reopening the bug, because a valid SYSDBA password in a text file really doesn't sound very secure for a production environment. Will be back when I hear more about this from the firebird support list.
Comment 3 Jakub Moc (RETIRED) gentoo-dev 2008-01-19 11:50:51 UTC 
(In reply to comment #2)
> It's quite right that this works, but I don't think the SYSDBA password should
> be visible on the server quite this easily! 

Yeah, maybe you could check the file permissions before saying something is 'easily visible'.