I am trying to set up a test environment on my mac (os 10.12) and it requires Fishbowl/Firebird DB. No matter what I do i bounce back and forth between these two errors:
isql localhost:/Users/me/Fishbowl/database/data/EXAMPLE.FDB
which gives me:
Your user name and password are not defined. Ask your database
administrator to set up a Firebird login.
And anything to do using gsec to create user or change password:
And:
Statement failed, SQLSTATE = HY000 operating system directive stat
failed
-Bad file descriptor
This is supremely frustrating. Fishbowl Client itself seems to hit this DB just fine. I have chmod 770 the /tmp/firebird directory and even tried to chown the example.fdb file itself.
Can anyone tell me how I might hit this DB from my java app or commandline? Both ways produce these errors.
1) Your connection line starts with "localhost:". That means you user TCP/IP connection to reach the database server. And the database server is running in a separate process. That means chmod and chown should not matter as long as there is firebird daemon server running and listening at TCP port ( default is 3050 AFAIR, you can read the value of your installation in the text file firebird.conf ).
Indeed, there is so-called "embedded server" or "embedded mode" where the server is loaded as DLL/SO library into the application. But then the connection string can not have network protocol prefix, so that should NOT be your case.
2) You can check documentation at http://firebirdsql.org/manual/isql-switches.html to specify your user and password in the isql command line. The Firebird has one built-in superuser, namely "SYSDBA". Regarding the password it might be a bit complicated.... It differs by Firebird version and platform
2.0) whatever SYSDBA password might be set by the server installation, if server comes in a bundle with some application the said application can override it later. Then you would either have to contact application developers or try to remove the bundled FB and install your own vanilla one, risking rendering the application no more functioning.
2.1) Windows installation of FB 2.x sets the "default" SYSDBA password as "masterkey" (only 8 first symbols actually matter)
2.2) Linux installation of FB 2.x generates a random SYSDBA password and saves it into a text file in Firebird folder.
2.3) MacOS ? Don't know. Perhaps it is closer to Linux than to Windows. So try to find such a text file and try "masterkey"
2.4) With FB 3 the authentication methods and configuration was greatly overhauled, so... So it is quite hard to tell something specific. At least for me.
3) I don't know what Fishbowl ever is, but Google suggests this: https://www.fishbowlinventory.com/wiki/Fishbowl_for_Mac
If that is so, then check the bottomline examples at that page. They stress that you should sudo all those commands. That also makes sense because
3.1) Firebird daemon might have "trusted authentication" enabled, mapping FB users to Operating System users. On UNIX that would at least map SYSDBA to root. On Windows - to Administrator (however it is localized). This does not have to be enabled, but if it is then sudo UNIX command is exactly what makes applications run with OS superuser grants and might explain lack of user and password in the command line examples.
3.2) Firebird embedded server/mode work as part of an application process, and especially with CS (Classic Server) package on UNIX the command line utilities tend to fall into this mode. Then again it needs to be run as root to read highly sensitive data from Firebird Security Database, thus the need to sudo the command. Granted, I do not think your isql command might ever run in embedded mode - because you do specify "localhost:' prefix. But the example at the wiki link above - backup and restore - they use local connection strings, so they probably do run as embedded. So that might give you yet another hint - to try remove "localhost:" prefix from the connection string and to sudo isql rather than running it from regular user. It would hardly be a normal mode, but for test purposes why not.
Hope this helps.
PS. you might also try this Firebird IDE - it is simplistic, but again, for testing purposes... http://www.flamerobin.org/dokuwiki/wiki/manual
Related
I have a Linux server where I start a few Ruby programs during the day. The server is directly connected to the internet (no firewall) at a hoster and I wonder, if there is a way to start and close the mySQL server just before I update the db and close it afterwards. The target is, to have the mySQL server only open when it is needed. So I thought it might be a way to activate the port or the service directly out of Ruby.
thank you for answering,
Werner
You'd probably have to change the permissions to the database through ruby, then, doing whatever you want to do, and change the permissions back.
You could do that usig the mysql gem, connecting to the database and running the commands.
Then restart the process, and do the same thing but backwards
Honestly, I don't know why you would do that, and I wouldn't recommend someone to do that. But that would be my approach
So, I am attempting to create an install script for my application (targeting Ubuntu 16). It has to create a postgresql user, grant permission to that user to authenticate via password, and grant permission to that user to authenticate locally. I only want to grant permission to do that on one database, the application database. So I need to insert the line local databasename username md5 above the lines that reject unknown connections, e.g., in the "Put your actual configuration here" section of pg_hba.conf. (pg_hba.conf uses position in the file to determine priority: first rule encountered that matches the connection gives the final result.)
To add this line, my script runs:
sudo awk '
/# Put your actual configuration here/ {
print "local databasename username md5"
}
{ print }
' /etc/postgresql/9.5/main/pg_hba.conf
# other setup
service postgresql restart
But that's less than optimal. First, the version number will change in the future, so hardcoding the directory is poor. Second, that's making a comment in someone else's project an actual structural part of the config file, which is a horrible idea from all possible points of view in all possible universes.
So my question is twopart. First, is there a good, correct, and accepted method to edit pg_hba.conf that I can use in an installation script instead of kitbashing about with text editors?
Second, if there is no good answer to the first part: is there a programmatic way to ask postgresql where it's pulling pg_hba from?
Is there a programmatic way to ask postgresql where it's pulling pg_hba from?
show hba_file;
-- or
select current_setting('hba_file');
Debian tool chain
So my question is twopart. First, is there a good, correct, and accepted method to edit pg_hba.conf that I can use in an installation script instead of kitbashing about with text editors?
Yes, however, you'll probably find it unsatisfactory.
Upstream, PostgreSQL doesn't support multiple versions and installs with their build tools. Debian does. So Debian has invented a concept of a cluster which is essentially a name and a version number.
Building a tool on Ubuntu or Debian, you should also probably use a name and version number.
Second, if there is no good answer to the first part: is there a programmatic way to ask postgresql where it's pulling pg_hba from?
Yes, there is a tool called pg_conftool. The default cluster's name is main. If you want the 9.5/main cluster. You can do this..
pg_conftool -s 9.5 main show hba_file
/etc/postgresql/9.5/main/pg_hba.conf
You can see conftool can make use of a version and name, but strictly it may not require one.
/usr/bin/pg_conftool [options] [<version> <cluster name>] [<configfile>] <command>
If you want to know more about a cluster in this context, check out check out all the binaries starting with pg_* but first and foremost pg_ctl and pg_ctlcluster (the debian wrapper)
I'm trying to do this:
import groovy.sql.Sql
def sql = Sql.newInstance(
url:'jdbc:sqlserver://localhost\\myDB',
user:'server\user', //this I don't think I need because of SSPI
password:'password',
driver:'com.microsoft.sqlserver.jdbc.SQLServerDriver',
SSPI: 'true'
)
The problem I'm having is that this connection is just timing out. I can ping the machine. I can also connect to the database with Managment Studio logged into my SSPI user (or whatever you call it, I start the Management Studio with a different user)
So I've tried that with my SoapUI as well, started the program as a different user, but I still time out when I initiate the connection. So something is very wrong with my connection string and any help would be appreciated.
P.S. Yes, I don't know what's up with the \ backslashes after the URL to the server, I guess it indicates that it's at the root. If I don't use them I get a message that I'm on the incorrect version.
And then we found the answer..... First of all I had the wrong JDBC driver installed. You need to head over to microsoft to get the real deal:
https://www.microsoft.com/en-us/download/details.aspx?id=11774
Then you need to unpack this one, place the 4 or 4.1 version in your bin directory of SoapUI. (You are apparently supposed to use Lib/Ext, but that doesn't work for me)
Then, since we are trying to use SSPI or Windows Authentication, to connect to the SQL server, you need to place the sqljdbc_auth.dll from the driver/enu/auth folder. This is used in one of your path's or in SoapUI Lib folder. Remember to use the 32 bit dll for 32 bit SoapUI!!! I did not since my system is 64.....
After this, I used this string, but now you have the setup correct, so it should work fine as long as you remember to start SoapUI up using the correct windows user. (Shif-right click - start as different user - use the same user you have started the SQL server with)
Again, I wasn't completely aware of this from the start (yes, total newbie here) and it failed.
Finally, when you have done all this, this is the string that works - and probably a lot of derivatives since the failing part here were the driver and dll.
def sql =Sql.newInstance("jdbc:sqlserver://localhost;Database=myDB;integratedSecurity=true","com.microsoft.sqlserver.jdbc.SQLServerDriver")
I'm writing a Ruby script that uses the PG gem to set up a database connection and send files. I'm structuring it to take variables for the hostname, username, database name, and port. In a Shell script I've written to manage some companion tasks, I rely on the password stored in ~/.pgpass instead of having the user enter a password for psql because there are a lot of transactions and sometimes entering the password can fail for no apparent reason (and it sucks entering it in 20 times).
Will PG access the same source when a password isn't explicitly provided? By convention, I've included the password in the file, but since this is being pushed to an internally available repo, I'd prefer not to have that information in my file. I'm trying to test the functionality now, but was wondering if anyone in the SO community knows the answer to this question. If PG doesn't access the .pgpass file, is there a way to reference the variable and write it into the file without prompting the user to enter the password?
Thanks in advance for your help.
Yes, it will use ~/.pgpass just like any interface based on libpq, the C PostgreSQL client library.
However, a good alternative for not having the password in a file is to have it in the PGPASSWORD environment variable. If you set this in a script, it will be inherited by every program it calls.
PGPASSWORD when set will be used as the password for any libpq connection, which means the majority of programs that connect to PostgreSQL.
Is it possible to start postgres process with a user account that has "administrative" privileges? I am on windows XP.
--Error shown is --- (Not really error, it is a security feature)
The server must be started under an unprivileged user ID to prevent
possible system security compromises. See the documentation for
more information on how to properly start the server.
Current work around is to create normal user and run process under that. What I am looking at is quick way to start database, do some operations and shut it down as part of build process.
(years later)
Postgres ships with a control program. See details in official documentation
Short answer:
pg_ctl start "args"