New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
changeRunUser.sh and restoreRootRunUser.sh scripts does not change run user in init.d scripts [CORE1826] #2256
Comments
Modified by: @AlexPeshkoffassignee: Alexander Peshkov [ alexpeshkoff ] |
Commented by: @AlexPeshkoff It seems to be good idea to always run firebird as not root, but let's fix for backward compatibility. |
Modified by: @AlexPeshkoffstatus: Open [ 1 ] => Open [ 1 ] Target: 2.5 Alpha 1, 2.1.1 [ 10224, 10223 ] |
Commented by: @dmitry-starodubov I mean both these scripts already present in distribution (builds/install/misc/restoreRootRunUser.sh.in and builds/install/misc/changeRunUser.sh.in) and installed in bin/ directory. But they do not work correctly. If there is a problem with backward compatibility may be removing these scripts will be better? |
Commented by: @AlexPeshkoff Under backward compatibility I mean here the fact that in dark ages firebird was running with root runuser. I suppose that someplaces people may still have root-owned databases (external files, UDFs. directories for backup files, etc.). And if one prefers to have security risk, but quickly uprgade, we must let him do it - therefore script to change runuser. |
Commented by: @AlexPeshkoff fixed in all branches |
Modified by: @AlexPeshkoffstatus: Open [ 1 ] => Resolved [ 5 ] resolution: Fixed [ 1 ] Fix Version: 2.5 Alpha 1 [ 10224 ] |
Modified by: @pcisarstatus: Resolved [ 5 ] => Closed [ 6 ] |
Modified by: @pavel-zotovQA Status: No test |
Modified by: @pavel-zotovstatus: Closed [ 6 ] => Closed [ 6 ] QA Status: No test => Cannot be tested |
Submitted by: @dmitry-starodubov
There is function "changeInitRunUser", which take new user name as an agrument:
changeInitRunUser() {
NewUser=$1
}
But it's always called without any agruments. So user name will be empty.
In the second place editFile uses awk to change user name. It works for classic and xinetd. init.d script in superserver declares run user as:
FBRunUser=firebird
Awk try to find field "FBRunUser", but "=" is not default field separator. Therefore awk couldn't find and change this variable.
Commits: 56c4bc1 58db61b
The text was updated successfully, but these errors were encountered: