Using gsec Commands
Go Up to Using gsec to Manage Security
Contents
The following table summarizes gsec
commands. The initial part of each command is required. The part in brackets is optional.
Command | Description |
---|---|
|
Displays all rows of the InterBase security database ( |
|
Displays information only for user <name> |
|
Adds user <name> to the security database with password <string>. Each option and corresponding argument specify other data associated with the user, as shown in Adding Entries to the Security Database |
|
Like |
|
Deletes user <name> from the security database |
alias_add |
Adds a database alias. The path is the location of the database, and <name> is the name given for the alias |
alias_del |
Deletes database alias <name> from the security database |
alias_dis |
Displays all database alias |
alias_dis |
Displays information only for alias <name> |
|
Displays |
|
Quits the interactive session |
Displaying the Security
To see the contents of the InterBase security database, enter the DISPLAY
command at the GSEC>
prompt. All the rows in the security database are displayed:
GSEC> display user name uid gid full name ---------------------------------------------- JOHN 123 345 John Doe JANE 124 345 Jane Doe RICH 125 345 Richard Roe
Note that passwords are never displayed.
Adding Entries to the Security Database
To add users to the security database, use the add
command:
a[dd] name -pw password [options]
followed by a user name, the -pw
option followed by a password, and any other options, as shown in the following table. The password is case sensitive. None of the other parameters are case sensitive.
For each option, the initial letter or letters are required, and optional parts are enclosed in brackets. Each option must be followed by a corresponding argument, a string that specifies the data to be entered into the specified column in the InterBase security database (admin.ib
by default).
Option | Meaning |
---|---|
- |
Password of user who is performing the change |
- |
User who is performing the change |
- |
Target user password |
- |
Target user ID |
- |
Group ID for target user |
- |
First Name for target user |
- |
Middle Name for target user |
- |
Last Name for target user |
|
Name of user database |
|
Name of remote security database |
The
-pa
switch specifies the root or the SYSDBA
account password; -pw
specifies the password for the user being added or modified.For example, to add user “jones” and assign the password “welcome”, enter:
GSEC> add jones -pw welcome
Use display
to verify the entry. An unassigned UID or GID defaults to 0:
GSEC> display user name uid gid full name ---------------------------------------------- JONES 0 0
For example, to add authorization for a user named Cindi Brown with user name “cbrown” and password “coffee2go”, use the following gsec
command:
GSEC> add cbrown -pw coffee2go -fname cindi -lname brown
To verify the new entry, display the contents of the security database:
GSEC> display user name uid gid full name ---------------------------------------------- JONES 0 0 CBROWN 0 0 CINDI BROWN
gsec
stores the user name in uppercase regardless of how it is entered.
Modifying the Security Database
To change existing entries in the security database, use the modify
command. Supply the user name for the entry to change, followed by the option indicating the items to change and the corresponding values to which to change them.
For example, to set the user ID of user “cbrown” to 8 and change the first name to “Cindy”, enter the following commands:
GSEC> modify cbrown -uid 8 -fname cindy
To verify the changed line, use display
followed by the user name:
GSEC> display cbrown user name uid gid full name --------------------------------------------- CBROWN 8 0 CINDY BROWN
To modify a user name, first delete the entry in the security database, then enter the new user name and re-enter the other information.
Deleting Entries from the Security Database
To delete a user’s entry from the security database, use delete
and specify the user name:
GSEC> delete cbrown
You can confirm that the entry has been deleted with the display
command.