.\" Copyright (c) 2003 Andrey Simonenko .\" All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" .\" @(#)$Id: ipa_db_sdb.8,v 1.2 2006/03/21 20:24:43 simon Exp $ .\" .TH IPA_DB_SDB 8 "January 12, 2004" .SH NAME ipa_db_sdb\ \-\ IPA simple database module (database part) .SH DESCRIPTION \fBipa_db_sdb\fP is an IPA database module with following features: .IP - The module completely supports autorules, rules, limits and thresholds; .IP - All database files and directories are stored in own database formats; .IP - Formats of database files are machine architecture independent; .IP - Sizes of database records are relatively small: the size of a rule's record is 15 bytes, the size of a limit's record is 73 bytes and the size of a threshold's record is 30 bytes; .IP - Access to database files can be granted accordingly to the user group; .IP - There is the ipa_sdb_dump(8) utility for dumping ipa_sdb(5) database files to text format and back. .PP Usually binary implementation of the \fBipa_db_sdb\fP module is saved in the \fIipa_db_sdb.so\fP file. The name of the database is \fBsdb\fP. .SH CONFIGURATION FILE FORMAT Configuration for the module is integrated to the ipa.conf(5). The configuration prefix of this module is \fBsdb\fP. .PP Following three parameters can be placed in \fBglobal\fP, \fBrule\fP or \fBautorule\fP sections. .PP The \fBdb_dir\fP parameter allows to change default database directory \fI/var/ipa_sdb\fP: .PP .nf sdb:db_dir = "/path/to/directory"; .fi .PP Since this parameter can be placed in \fBrule\fP or \fBautorule\fP section, then any rule can have own base directory for its database files and directories. .PP The \fBdb_group\fP parameter determines the group of directory for a rule, if some user belongs to the given users group then he or she will have access to statistics for a rule: .PP .nf sdb:db_group = ; .fi .PP A group can be given by a name or as numerical value. If a group is given by the name, then corresponding GID is determined during the configuration file parsing phase. .PP By default if the module opened some file, then it close it only when this file is not needed any more or when a rule becomes inactive. If there are many rules (limits or thresholds), then the module can use all available file descriptors. The \fBclose_fd\fP parameter tells the module to close or not to close any file as quickly as possible (usually after a file was updated): .PP .nf sdb:close_fd = ; .fi .PP The default value of this parameter is ``no''. .PP Next parameters can be placed only in the null module's section: .PP .nf sdb: { /* Parameters. */ } .fi .PP By default the module does not expect that some directory or a file in the database is a symlink, but it is possible to allow or disallow symlinks in the \fBallow_symlinks\fP parameter: .PP .nf allow_symlinks = ; .fi .PP The default value of this parameter is ``no''. .PP By default each base directory for the database has special file, which contains the version number of the database format and the module checks version saved in this file. To speedup a bit the module in case if there are many rules it is possible to turn off database format version checking by the \fBcheck_version\fP parameter: .PP .nf check_version = ; .fi .PP The default value of this parameter is ``yes''. It is recommended not to turn off database format version checking. .PP \fIExample:\fP .PP .nf db_mod "ipa_db_sdb.so"; sdb: { allow_symlinks = yes; } global { /* ... */ db_list sdb; sdb:db_dir = "/var/db/ipa_sdb"; sdb:db_group = staff; } rule 1 { /* ... */ sdb:close_fd = yes; } rule 2 { /* ... */ sdb:db_dir = "/home/my/ipa_sdb"; sdb:db_group = wheel; } autorule lan { /* ... */ sdb:db_group = users; } .fi .PP First rule inherits values of \fBdb_dir\fP and \fBdb_group\fP parameters from the \fBglobal\fP section. Second rule has own values for these parameters. All rules generated from the given autorule will inherit the value of the given \fBdb_group\fP parameter from the autorule. .SH SEE ALSO ipa_sdb(5), ipa_st_sdb(8), ipa_sdb_dump(8) .SH AUTHOR Andrey\ Simonenko\ .SH BUGS If you find any, please send email me.