Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

changeRunUser.sh and restoreRootRunUser.sh scripts does not change run user in init.d scripts [CORE1826] #2256

Closed
firebird-automations opened this issue Apr 8, 2008 · 11 comments

Comments

@firebird-automations
Copy link
Collaborator

Submitted by: @dmitry-starodubov

There is function "changeInitRunUser", which take new user name as an agrument:

changeInitRunUser() {
NewUser=$1

InitFile=\`getInitScriptLocation\`
if \[ \-f $InitFile \]
then
    editFile $InitFile FBRunUser "FBRunUser=$NewUser"
    chmod u=rwx,g=rx,o= $InitFile
fi

}

But it's always called without any agruments. So user name will be empty.

In the second place editFile uses awk to change user name. It works for classic and xinetd. init.d script in superserver declares run user as:
FBRunUser=firebird
Awk try to find field "FBRunUser", but "=" is not default field separator. Therefore awk couldn't find and change this variable.

Commits: 56c4bc1 58db61b

@firebird-automations
Copy link
Collaborator Author

Modified by: @AlexPeshkoff

assignee: Alexander Peshkov [ alexpeshkoff ]

@firebird-automations
Copy link
Collaborator Author

Commented by: @AlexPeshkoff

It seems to be good idea to always run firebird as not root, but let's fix for backward compatibility.

@firebird-automations
Copy link
Collaborator Author

Modified by: @AlexPeshkoff

status: Open [ 1 ] => Open [ 1 ]

Target: 2.5 Alpha 1, 2.1.1 [ 10224, 10223 ]

@firebird-automations
Copy link
Collaborator Author

Commented by: @dmitry-starodubov

I mean both these scripts already present in distribution (builds/install/misc/restoreRootRunUser.sh.in and builds/install/misc/changeRunUser.sh.in) and installed in bin/ directory. But they do not work correctly. If there is a problem with backward compatibility may be removing these scripts will be better?

@firebird-automations
Copy link
Collaborator Author

Commented by: @AlexPeshkoff

Under backward compatibility I mean here the fact that in dark ages firebird was running with root runuser. I suppose that someplaces people may still have root-owned databases (external files, UDFs. directories for backup files, etc.). And if one prefers to have security risk, but quickly uprgade, we must let him do it - therefore script to change runuser.

@firebird-automations
Copy link
Collaborator Author

Modified by: @AlexPeshkoff

Fix Version: 2.1.1 [ 10223 ]

Fix Version: 2.0.5 [ 10222 ]

@firebird-automations
Copy link
Collaborator Author

Commented by: @AlexPeshkoff

fixed in all branches

@firebird-automations
Copy link
Collaborator Author

Modified by: @AlexPeshkoff

status: Open [ 1 ] => Resolved [ 5 ]

resolution: Fixed [ 1 ]

Fix Version: 2.5 Alpha 1 [ 10224 ]

@firebird-automations
Copy link
Collaborator Author

Modified by: @pcisar

status: Resolved [ 5 ] => Closed [ 6 ]

@firebird-automations
Copy link
Collaborator Author

Modified by: @pavel-zotov

QA Status: No test

@firebird-automations
Copy link
Collaborator Author

Modified by: @pavel-zotov

status: Closed [ 6 ] => Closed [ 6 ]

QA Status: No test => Cannot be tested

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment