ChangeDBAPassword

<< Introduction | Firebird shell scripts | CreateAliasDB >>

ChangeDBAPassword

The changeDBAPassword.sh script allows the password for the SYSDBA user to be changed and various startup scripts etc to have their ownership changed accordingly. The script is run in non-interactive mode as part of the installation process to create an initial randomly generated password which is stored in the /opt/firebird/SYSDBA.password file.

Up until version 2.1 of Firebird, the password is subsequently used in the startup script /etc/rc.d/init.d/firebird, which also has a symlink set up to point to /etc/init.d/firebird.

The security database (/opt/firebird/security.fdb or /opt/firebird/security2.fdb - depending on your Firebird version) is also updated with the new password.

Caution: The script must be run as the root user, and when run, changeDBAPassword.sh will prompt you for the current SYSDBA password and then for a new password. Both of these will appear on the display so for enhanced security, don't allow anyone to look over your shoulder when you run the script.

After the script has been run, the file /opt/firebird/SYSDBA.password will contain the password in plain text, so make sure that this file is not readable by anyone except root.

The following is an example of running the script to change the SYSDBA password from 'masterkey' to 'biroguin' which being a made up word, should be less crackable or guessable. 

 # cd /opt/firebird/bin 
 # ./changeDBAPassword.sh
 Please enter current password for SYSDBA user : masterkey
 Please enter new password for SYSDBA user : biroguin
 GSEC> GSEC>

 Running ed to modify /etc/init.d/firebird

Caution: Whenever you change the SYSDBA password using the gsec utility, you should also change the startup script file as well. To ensure a complete update, always use this script when changing the SYSDBA user's password.

This doesn't apply when using Firebird 2.1 and above as the startup script no longer requires the SYSDBA password.

In the example above, the last line of output will not be displayed on systems running Firebird 2.1 and above as the startup scripts are no longer changed when the SYSDBA password is modified.

See also:
Firebird security
Security in Firebird 2
Utility scripts
Firebird service configuration

back to top of page
<< Introduction | Firebird shell scripts | CreateAliasDB >>