New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Firebird 3.0, 4.0 and 5.0 Windows installers do not set the SYSDBA password if it was previously installed (even if not currently installed) #7826
Comments
NB I did not check the Firebird 6.0 installer, so don't take its lack of mention as an indication that it works (or not) in that version. |
I still think that the problem is in SRP auth plugin which must either create necessary tables at first access or/and return normal "user not found" error. |
No it is not. I first couldn't reproduce it with In other words, it seems that once an installer has been run, it will no longer work, which to me suggests that the installer might look at registry keys or something and decide not to set SYSDBA then. |
I think this might be a duplicate of #7726 A fix has been committed for that, and I had planned to check whether other versions were affected. Unfortunately, in addition to my usual workload, I've had a few other problems to deal with this last month. I'll check 4.0.4 now and see if it is the same problem. If it is the fix should be easy enough. |
I reproduced this once with 4.0.3 but when I went back to test again I failed to reproduce the problem. So a problem exists but I have not been able to precisely isolate the circumstances when it will appear. Anyway I've improved the logic in the installer that tests for a pre-configured security database and committed it to v4.0-release. It should be testable in the next snapshot. |
It is indeed not consistently reproducible: I just retried with the 3.0.11 installer twice, and both times it did initialize the security database. |
Not sure it helps but I just upgraded from 3.0.8 to 3.0.11 on Windows 64 bit and had my sysdba password reset to masterkey. |
I just tested Note: I tested this on my main productivety Win 11 system (where Firebird 3.0.10 was installed before) AND on a clean sandbox Win 11 untouched by any firebird stuff before. |
Don't you think this is a critical problem? |
On Mon, 29 Apr 2024 01:36:52 -0700 Tomasz Dubiel ***@***.***> wrote:
Don't you think this is a critical problem?
It needs to be fixed before the next official releases.
But reproducing the problem and testing it has proved to be difficult.
Fb 4.0 has already been fixed, theoretically, but the fix was too late to
make it into 4.0.4.
I've already scheduled time this week to work on this for other versions.
Paul
--
Paul Reeves
https://www.ibphoenix.com
Supporting users of Firebird
|
If there is a pre-release version of 4.0.5, I would be happy to test it. |
Nothing at the moment. The nightly snapshot builds are just for the zip kits. |
Hi Paul, It connect to a database, without password ! (In case of Devart / IBDAC Components / Delphi) Just put : To reproduce scenario :
After this, i come back to my old program which works with Firebird-2.5,
And So on... I switched between 2.5 and 5.0 This is what i did to obtain this problem. Kind Regards Paul, yous said : |
Thanks for your detailed instructions. I shall see if I can reproduce this. |
@moyzer By design Embedded mode doesn't need password. |
That is an entirely different problem. The behaviour you describe means you're using Firebird Embedded to connect, and not Firebird server. Firebird Embedded does not use authentication. That likely means you have configured your application to point to the fbclient.dll in the Firebird server installation directory, instead of using the one in %WINDIR%\System32, or even specifically in your application directory. You need to either point to a different fbclient.dll or you need to ensure you use a connection url that includes the host name or XNET, that is, if you're currently connecting to This changed with Firebird 3.0, because in Firebird 2.5 and earlier, you needed a separate build to be able to use embedded, but that is no longer the case since Firebird 3.0. |
God Bless you :) Yes, my application is pointing to fbClient.dll wich is on Server on : C:\Program Files (x86)\Firebird\Firebird_5_0\fbClient.dll As you suggested, I changed the library fbClient path to : IBCConnection1.ClientLibrary:='C:\Windows\SysWOW64\fbclient.dll'; IMHO, this shoud be well discribed on : Thx again, and sorry for any inconvinent. |
@paul Reeves Good news : I re-installed many times Firebird-5.0.0.1306-0-windows-x86.exe without any problem : it define as expected the new SYSDBA password (at the end of installation). So sorry for disturbing ideas. Kindest Regards Also, Thx @aafemt to have guessed the riddle. |
The Firebird 3.0 - 5.0 installers do not configure the SYSDBA password if a Firebird install has been run previously. Attempting to authenticate after installation results in error "Install incomplete. To complete security database initialization please CREATE USER. For details read doc/README.security_database.txt.", which indicates that the installer never attempted to create a SYSDBA user, or it failed without the installer failing.
I have tried it with:
Firebird-3.0.9.33560_0_x64.exe
Firebird-3.0.10.33601_0_x64.exe
Firebird-3.0.11.33703_0_x64.exe
Firebird-4.0.2.2816-0-x64.exe
Firebird-4.0.3.2975-0-Win32.exe
Firebird-4.0.3.2975-0-x64.exe
Firebird-5.0.0.1227-ReleaseCandidate1-windows-x64.exe
(the official RC1 installer)Firebird-5.0.0.1261-0-RC2-windows-x64.exe
(latest snapshot for RC2)To be clear, I'm performing a fresh install, and the installation directory itself did not exist prior to running the installer. I'm using the default installer options, except I'm entering a custom SYSDBA password. With the 5.0.0.1261 installer, I also tried installing in a folder not under UAC control to see if it would work there (it didn't).
It seems that if any Firebird installer (or maybe an installer of the same major version) has been run, it will no longer set the SYSDBA password, even if that previous installation has been uninstalled, or was installed in a different directory.
The desired behaviour would be that if the security database did not exist yet in the target installation directory, that the SYSDBA password is set.
The text was updated successfully, but these errors were encountered: