FreeBSD Manual Pages
IPA_DB_SDB(8) System Manager's Manual IPA_DB_SDB(8) NAME ipa_db_sdb -- IPA simple database module (database part) DESCRIPTION ipa_db_sdb is an IPA database module with the following features: - The module stores information in the ipa_sdb(5) database format; - The module completely supports autorules, rules, limits and thresholds; - Access to database files can be granted accordingly to the user group. The name of the database is sdb. CONFIGURATION FILE FORMAT Configuration for the module is integrated into the ipa.conf(5) file. The configuration prefix of this module is ``sdb''. Following three parameters can be placed in global, rule or autorule sections. Static rules inherit settings from the global section. Dy- namic rules inherit settings from their autorule sections, then from the global section. The sdb:db_dir parameter allows to define the main database directory (the default value is /var/ipa_sdb): sdb:db_dir = "/path/to/directory"; Since this parameter can be placed in rule or autorule section, then any rule can have own main directory for its database files and direc- tories. The sdb:db_group parameter determines the group owner of a rule'e di- rectory: sdb:db_group = <group>; A group can be given by a name or as a numerical value. If a group is given by the name, then the corresponding GID is determined during the configuration file parsing phase. If some user belongs to the given users group, then he or she will have access to statistics for a rule. By default if the module opened some file, then it closes it only when this file is not needed any more or when a rule becomes inactive. If there are many rules (limits or thresholds), then the module can use all available file descriptors. To close any opened file as quickly as possible set the sdb:close_fd parameter to ``yes'' (the default value is ``no''): sdb:close_fd = <boolean>; Next parameters can be placed only in the sdb: module's section: sdb: { /* Parameters. */ } By default the module disallows using of symlinks in the database. To allow symlinks in the database set the allow_symlinks parameter to ``yes'' (the default value is ``no''): sdb: { allow_symlinks = <boolean>; } The main database directory has a special file containing the version number of the database format and the module checks version saved in this file. To speedup the module startup in case if many main database directories are used it is possible to turn off database format version checking in the check_version parameter by setting it to ``no'' (the default value is ``yes''): sdb: { check_version = <boolean>; } It is not recommended to turn off database format version checking. Example: db_mod "ipa_db_sdb.so"; sdb: { allow_symlinks = yes; } global { /* ... */ db_list = sdb; sdb:db_dir = "/var/db/ipa_sdb"; sdb:db_group = staff; } rule 1 { /* ... */ sdb:close_fd = yes; } rule 2 { /* ... */ sdb:db_dir = "/home/my/ipa_sdb"; sdb:db_group = wheel; } autorule lan { /* ... */ sdb:db_group = users; } First rule inherits values of sdb:db_dir and sdb:db_group parameters from the global section. Second rule has own values for these parame- ters. All rules generated from the given autorule will inherit the value of the sdb:db_group parameter from the autorule. SEE ALSO ipa_sdb(5), ipa_st_sdb(8), ipa_sdb_dump(8) AUTHOR Andrey Simonenko <simon@comsys.ntu-kpi.kiev.ua> BUGS If you find any, please send email me. July 19, 2007 IPA_DB_SDB(8)
NAME | DESCRIPTION | CONFIGURATION FILE FORMAT | SEE ALSO | AUTHOR | BUGS
Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=ipa_db_sdb&sektion=8&manpath=FreeBSD+Ports+15.0>