On 2/25/19 5:51 PM, Lester Caine wrote:
On 25/02/2019 14:05, Alex Peshkoff via Firebird-devel wrote:
Then lets change this question to why the security database in the
distribution isn't initialized for SRP (ie having the PLG$SRP table,
maybe other things needed). Would it be possible to initialize it as
part of the distribution **without** having a user present? That at
least would avoid the "Look at the compatibility chapter" error.
It will be very useful for a user which started to change
configuration file not understanding it to read an instruction
instead of continuing in random order.
Once again - if one includes SRP in configuration security DB should
contain at least one SRP user, if there are no users why include it
at all?
If I am reading this correctly then I was correct last month when I
simply ended up stripping all but the Legacy options from the config
file? Rather than following the 'compatibility chapter' which I don't
think makes any mention about creating a srp user ...
page 125 in relnotes 3.0.3 (and I believe not far from it in other
versions):
Initializing the Security Database
By default, Firebird 3 is configured for the new authentication model
which uses SRP to work with user pass- words and generate unique session
identifiers for traffic encryption. The security database
(security3.fdb) has no predefined users. This is intentional. However,
when using the standard installers for Windows, Linux and MacOSX, the
SYSDBA user is created during the final step of the installation, with a
password that is either random or defined via a user input routine. In a
situation where the SYSDBA initialization step either fails, or is
missing from an OS-specific install process, such as a Windows .zip kit
install or a dedicated POSIX platform port, it may be necessary to
initialize the security database manually for use with the SRP plugins.
You will need to create the user SYSDBA and set up the password for it
using SQL CREATE USER command syntax in embedded mode as your first step
to getting access to databases and utilities.
and so on...
Firebird-Devel mailing list, web interface at
https://lists.sourceforge.net/lists/listinfo/firebird-devel
