path: root/doc/wydawca.texi
diff options
authorSergey Poznyakoff <gray@gnu.org.ua>2010-01-06 13:25:39 +0200
committerSergey Poznyakoff <gray@gnu.org.ua>2010-01-06 13:25:39 +0200
commit1a0f319a747220e48bde4fae8b80c0b00d22e69c (patch)
tree5912bfb14ac3d26b29eff947ded1eefa008e80be /doc/wydawca.texi
parentfa78a9f21ff4fd85fb568232c9bee957b9c83497 (diff)
Improve SQL configuration.
* src/config.c (sql_kw): New statements: config-file and config-group. * src/sql.c (sql_init_dictionary): Handle config-file and config-group. Set CLIENT_MULTI_RESULTS option. * src/sql.h (struct sqlconn): New members: config_file and config_group. * NEWS, doc/wydawca.texi: Update.
Diffstat (limited to 'doc/wydawca.texi')
1 files changed, 71 insertions, 2 deletions
diff --git a/doc/wydawca.texi b/doc/wydawca.texi
index ab18e47..7e69831 100644
--- a/doc/wydawca.texi
+++ b/doc/wydawca.texi
@@ -1191,2 +1191,4 @@ releases).
sql @var{id} @{
+ config-file @var{file};
+ config-group @var{group};
host @var{hostname};
@@ -1201,3 +1203,3 @@ sql @var{id} @{
Here, @var{id} is a string uniquely identifying this
-database. It is used by another configuration statements (e.g. by
+database. It is used by other configuration statements (e.g. by
dictionaries, see the next section) to refer to this
@@ -1206,2 +1208,48 @@ database.
+@deffn {Config: sql} config-file @var{name}
+ Set the name of the @acronym{SQL} configuration file to read.
+@end deffn
+@deffn {Config: sql} config-group @var{name}
+ Set the name of the group in the @acronym{SQL} configuration file,
+from where to read configuration options.
+@end deffn
+ The statements above allow to keep all security-sensitive
+information, such as @acronym{SQL} username and password, in an
+external configuration file and thus to relax permission requirements
+for @file{wydawca.rc}. The exact format of such external configuration
+file depends on the flavor of @acronym{SQL} @acronym{DBMS} in use.
+As of version @value{VERSION} @command{wydawca} supports only
+@samp{MySQL}, so the configuration file is what is called @dfn{option
+file} in @samp{MySQL} parlance (@pxref{option-files, Using Option
+Files,,mysql,MySQL Manual}).
+ For example, suppose your @file{wydawca.rc} contains the following:
+sql default @{
+ config-file /etc/wydawca.mysql;
+ config-group wydawca;
+@end smallexample
+ Then, the @file{/etc/wydawca.mysql} would contain the actual
+parameters for accessing the database, e.g.:
+socket = /var/db/mysql.sock
+database = savane
+user = savane
+pass = guessme
+@end smallexample
+ Another way to specify database credentials is by using the
+statements described below. If you prefer this way, you will have to
+tighten the permissions of @file{wydawca.rc} so that no third person
+could see the @acronym{SQL} password. The recommended permissions are
@deffn {Config: sql} host @var{hostname}[:@var{port-or-socket}]
@@ -1245,2 +1293,18 @@ sql default @{
+ It is possible to combine both methods, e.g.:
+sql default @{
+ config-file /etc/wydawca.sql;
+ host project.database.com:3306;
+ database savane;
+@end group
+@end smallexample
+ Then, @command{wydawca} will attempt to obtain the missing
+information (username and password, in this case) from the
+@file{/etc/wydawca.sql} file.
@node dictionaries
@@ -1929,3 +1993,3 @@ The top-level Makefile.in in $@{WYDAWCA_DIST_FILE@} changes mode of
all the directories below the build tree to 777 before creating
-the tarball. This constitutes a security hole (see CVE-2009-4029[1],
+the tarball. This constitutes a security hole (see CVE-2009-4029[1],
for more details).
@@ -2824,2 +2888,7 @@ gpg-homedir @var{arg:@i{string}};
sql @var{id:@i{string}} @{
+ # @r{Set the name of the configuration file to read.}
+ config-file @var{name:@i{string}};
+ # @r{Set the name of the configuration file group to use.}
+ config-group @var{name:@i{string}};
# @r{Set SQL server hostname or IP address.}

Return to:

Send suggestions and report system problems to the System administrator.