Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
IPA_DB_SDB(8)		    System Manager's Manual		 IPA_DB_SDB(8)

       ipa_db_sdb -- IPA simple	database module	(database part)

       ipa_db_sdb is an	IPA database module with the following features:

       -      The module stores	information in the ipa_sdb(5) database format;

       -      The  module  completely  supports	 autorules,  rules, limits and

       -      Access to	database files can be granted accordingly to the  user

       The name	of the database	is sdb.

       Configuration  for  the module is integrated into the ipa.conf(5) file.
       The configuration prefix	of this	module is ``sdb''.

       Following three parameters can be placed	in global,  rule  or  autorule
       sections.   Static rules	inherit	settings from the global section.  Dy-
       namic rules inherit settings from their autorule	 sections,  then  from
       the global section.

       The  sdb:db_dir	parameter allows to define the main database directory
       (the default value is /var/ipa_sdb):

	   sdb:db_dir =	"/path/to/directory";

       Since this parameter can	be placed in rule or  autorule	section,  then
       any  rule can have own main directory for its database files and	direc-

       The sdb:db_group	parameter determines the group owner of	a  rule'e  di-

	   sdb:db_group	= <group>;

       A  group	can be given by	a name or as a numerical value.	 If a group is
       given by	the name, then the corresponding GID is	determined during  the
       configuration  file  parsing  phase.  If	some user belongs to the given
       users group, then he or she will	have access to statistics for a	rule.

       By default if the module	opened some file, then it closes it only  when
       this  file  is not needed any more or when a rule becomes inactive.  If
       there are many rules (limits or thresholds), then the  module  can  use
       all available file descriptors.	To close any opened file as quickly as
       possible	set the	sdb:close_fd parameter to ``yes'' (the	default	 value
       is ``no''):

	   sdb:close_fd	= <boolean>;

       Next parameters can be placed only in the sdb: module's section:

	   sdb:	{
	       /* Parameters. */

       By  default the module disallows	using of symlinks in the database.  To
       allow symlinks in the database  set  the	 allow_symlinks	 parameter  to
       ``yes'' (the default value is ``no''):

	   sdb:	{
	       allow_symlinks =	<boolean>;

       The  main  database directory has a special file	containing the version
       number of the database format and the module checks  version  saved  in
       this file.  To speedup the module startup in case if many main database
       directories are used it is possible to turn off database	format version
       checking	 in  the  check_version	parameter by setting it	to ``no'' (the
       default value is	``yes''):

	   sdb:	{
	       check_version = <boolean>;

       It is not recommended to	turn off database format version checking.


	   db_mod "";

	   sdb:	{
	       allow_symlinks =	yes;

	   global {
	       /* ... */
	       db_list = sdb;
	       sdb:db_dir = "/var/db/ipa_sdb";
	       sdb:db_group = staff;

	   rule	1 {
	       /* ... */
	       sdb:close_fd = yes;

	   rule	2 {
	       /* ... */
	       sdb:db_dir = "/home/my/ipa_sdb";
	       sdb:db_group = wheel;

	   autorule lan	{
	       /* ... */
	       sdb:db_group = users;

       First rule inherits values of sdb:db_dir	 and  sdb:db_group  parameters
       from  the global	section.  Second rule has own values for these parame-
       ters.  All rules	generated from the given  autorule  will  inherit  the
       value of	the sdb:db_group parameter from	the autorule.

       ipa_sdb(5), ipa_st_sdb(8), ipa_sdb_dump(8)

       Andrey Simonenko	<>

       If you find any,	please send email me.

				 July 19, 2007			 IPA_DB_SDB(8)


Want to link to this manual page? Use this URL:

home | help