####################################### # # Firebird configuration file # # Comments # -------- # The # character is used for comments and can be placed anywhere on a # line. Anything following the # character on a line is considered a # comment. # # Examples: # # # This is a comment # DefaultDbCachePages = 2048 # This is an end-of-line comment # # Entries # ------- # The default value for each entry is listed to the right of the "=". # To activate an entry, remove the leading "#"s and supply the desired # value. # # Please note, a number of the values are specified in **Bytes** (Not KB). # Accordingly, we have provided some simple conversion tables at the bottom # of this file. # # There are three types of configuration values: integer, boolean and string. # # Integer # -------- # Integers is what they sound like, an integral value. Examples: # 1 # 42 # 4711 # # Boolean # ------- # Boolean is expressed as integer values with 0 (zero) being "false" and # non-zero is taken to mean "true". For consistency we recommend you # only use 0/1. # # String # ------ # Strings are also what they sound like, strings. Examples: # RootDirectory = /opt/firebird # RemotePipeName = pipe47 # # # Portions of this file have been reproduced/made available with the # permission of Ann Harrison @ IBPhoenix. # ####################################### # ================================== # Settings for all platforms/engines # ================================== # # ---------------------------- # Specify the root directory under which Firebird is installed. # Can be used to override the OS-specifically determined one. # # Type: string # #RootDirectory = # ---------------------------- # Database Paths/Directories # # DatabaseAccess may be None, Full or Restrict. If you choose Restrict, # provide ';'-separated trees list, where database files are stored. # Relative paths are treated relative to RootDirectory entry # (see above). Default value 'Full' gives full access to all files # on your site. To specify access to specific trees, enum all required # paths (for Win32 this may be something like 'C:\DataBase;D:\Mirror', # for unix - '/db;/mnt/mirrordb'). If you choose 'None', then only # databases listed in aliases.conf can be attached. # # Note: simple quotation marks shown above should *NOT* be used when # specifying values and directory path names. Examples: # # DatabaseAccess = None # DatabaseAccess = Restrict C:\DataBase # DatabaseAccess = Restrict C:\DataBase;D:\Mirror # DatabaseAccess = Restrict /db # DatabaseAccess = Restrict /db;/mnt/mirrordb # DatabaseAccess = Full # # UNCONTROLLED DATABASE ACCESS MAY COMPROMISE YOUR SYSTEM! # IT IS STRONGLY RECOMMENDED THAT THIS SETTING BE USED TO LIMIT # DATABASE LOCATIONS! # # Type: string (special format) # #DatabaseAccess = Full # ---------------------------- # External File Paths/Directories # # ExternalFileAccess may be None, Full or Restrict. If you choose # Restrict, provide ';'-separated trees list, where external files # are stored. Relative paths are treated relative to RootDirectory entry # (see above). Default value 'None' disables any use of external files # on your site. To specify access to specific trees, enum all required # paths (for Win32 this may be something like 'C:\ExternalTables', # for unix - '/db/extern;/mnt/extern'). # # NOTE: THE EXTERNAL TABLE ENGINE FEATURE COULD BE USED TO COMPROMISE # THE SERVER/HOST AS WELL AS DATABASE SECURITY!! # # IT IS STRONGLY RECOMMENDED THAT THIS SETTING BE USED TO LIMIT # EXTERNAL TABLE LOCATIONS! # # Type: string (special format) # #ExternalFileAccess = None # ---------------------------- # External Function (UDF) Paths/Directories # # UdfAccess may be None, Full or Restrict. If you choose # Restrict, provide ';'-separated trees list, where UDF libraries # are stored. Relative paths are treated relative to RootDirectory entry # (see above). # # Default value 'Restrict UDF' provides the same restrictions # as in FB 1.0. To specify access to specific trees, enum all required # paths (for Win32 this may be something like 'C:\ExternalFunctions', # for unix - '/db/extern;/mnt/extern'). # # NOTE: THE EXTERNAL FUNCTION ENGINE FEATURE COULD BE USED TO COMPROMISE # THE SERVER/HOST AS WELL AS DATABASE SECURITY!! # # IT IS STRONGLY RECOMMENDED THAT THIS SETTING BE USED TO LIMIT # EXTERNAL FUNCTION LOCATIONS! # # Type: string (special format) # #UdfAccess = Restrict UDF # ---------------------------- # Temporary directories # # Provide ';'-separated trees list, where temporary files are stored. # Relative paths are treated relative to RootDirectory entry # (see above). Default value is determined using FIREBIRD_TMP, # TEMP or TMP environment options. Once the first specified # directory has no available space, the engine will switch to the # next one, and so on. # # E.g.: # TempDirectories = c:\temp # or # TempDirectories = c:\temp;d:\temp # # Type: string (special format) # #TempDirectories = # ---------------------------- # Legacy hash makes possible use of old security.fdb # after running misc/upgrade/security_database.sql. # If you want to disable logons with old passwords # after users' migration, set it to 0 (false). # Makes no difference when used with original # security2.fdb - it can't contain DES hash. # # Type: boolean # #LegacyHash = 1 # ---------------------------- # Which authentication method(s) should be used. # "native" means use of only traditional interbase/firebird # authentication with security database. # "trusted" (Windows Only) makes use of window trusted authentication, # and in some aspects this is the most secure way to authenticate. # "mixed" means both methods may be used. # # Type: string # #Authentication = native # ---------------------------- # Trace configuration file for system audit # # Empty value means that system audit is turned off. # # Type: string # #AuditTraceConfigFile = # ---------------------------- # Maximum summary size of each user trace session's log files in MB. # When log files size reach this limit, trace session automatically # suspends until interactive user service read and delete some log files. # # Type: integer # #MaxUserTraceLogSize = 10 # ---------------------------- # Number of cached database pages # # This sets the number of pages from any one database that can be held # in cache at once. If you increase this value, the engine will # allocate more pages to the cache for every database. By default # SuperServer allocates 2048 pages for each database whilst Classic # and SuperClassic allocate 75 pages per client connection per database. # # Type: integer # #DefaultDbCachePages = 2048 # ---------------------------- # Disk space preallocation # # Sets the amount of preallocated disk space in bytes. Disk space # preallocation allows to reduce physical file fragmentation and to make # database work in out of disk space condition. With preallocation enabled, # engine allocates 1/16nth of already allocated disk space at a time but # not less than 128KB and no more than DatabaseGrowthIncrement (128MB by # default). To disable preallocation set DatabaseGrowthIncrement to zero. # Shadow database files are not preallocated. # # Type: integer # #DatabaseGrowthIncrement = 134217728 # ---------------------------- # File system cache threshold # # The threshold value that determines whether Firebird will use file system # cache or not. File system caching is used if database cache size in pages # (configured explicitly in database header or via DefaultDbCachePages setting) # is less than FileSystemCacheThreshold value. # # To use file system cache always set FileSystemCacheThreshold to a large value. # To bypass file system cache for all databases set FileSystemCacheThreshold to # zero. # # Type: integer, measured in database pages # #FileSystemCacheThreshold = 65536 # ---------------------------- # File system cache size # # This setting controls the maximum amount of RAM used by Windows file system # cache on 64-bit Windows XP, Windows Server 2003 SP1 or later host. It has no # effect for Unix hosts in this release yet. # # Note that the lowest number presently supported is 10%, and the highest number # is 95%; numbers outside these limits will be set to the default of 30%. # # If the cache size has already been selected when the engine starts the host # setting will not be changed. Thus you may need to reboot the host for the # change of this setting to have effect. # # To leave host caching settings unchanged set this parameter to 0. This is # the default parameter value. # # Security note # To adjust the setting engine needs SeIncreaseQuotaPrivilege right. Built-in # service accounts and administrators have it by default. Installer grants this # right to Firebird service account. If the engine fails to adjust the cache # size setting it will log warning message to the firebird.log and continue. # # Type: integer, measured in % of total physical RAM # #FileSystemCacheSize = 0 # ---------------------------- # Remove protection against opening databases on NFS mounted volumes on # Linux/Unix and SMB/CIFS volumes on Windows. # # This also permits creating database shadows on mounted network volumes. # # ***WARNING*** ***WARNING*** ***WARNING*** ***WARNING*** # # This option removes an important safety feature of Firebird and can # cause irrecoverable database corruption. Do not use this option unless # you understand the risks and are prepared to accept the loss of the # contents of your database. # Unless this configuration option is changed from 0 to 1, Firebird can # open a database only if the database is stored on a drive physically # attached to the local computer - the computer running that copy of # Firebird. Requests for connections to databases stored on NFS mounted # drives are redirected to a Firebird server running on the computer that # "owns" the disk. # This restriction prevents two different copies of Firebird from opening # the same database without coordinating their activities. Uncoordinated # access by multiple copies of Firebird will corrupt a database. On a local # system, the system-level file locking prevents uncoordinated access to # the database file. # # NFS does not provide a reliable way to detect multiple users of a file on # an NFS mounted disk. If a second copy of Firebird connects to a database on # an NFS mounted disk, it will corrupt the database. # Under some circumstances, running a Firebird server on the computer that # owns NFS mounted volumes is inconvenient or impossible. Applications that # use the "embedded" variant of Firebird and never share access to a database # can use this option to permit direct access to databases on NFS mounted # volumes. # # The situation for SMB/CIFS is quite similar to NFS with not all configurations # providing file locking mechanisms needed for safe operation. Using SuperServer # engine with the database on NT file server may be considered relatively safe # as file locking protects the database from being used by the several engines. # Network stack can still change order of writes so you may get a corrupted # database in case of network errors or power outage. # # The useful and safe case is working with a shared database marked read-only. # # DO NOT ENABLE THIS OPTION UNLESS YOU REALLY KNOW WHAT YOU ARE DOING. # # Type: boolean # #RemoteFileOpenAbility = 0 # ---------------------------- # Temporary space management # # Temporary storage is used by the sorting module, it's also # intended to store temporary datasets etc. # # The parameters below handle the allocation and caching policy # for the temporary space manager. In previous Firebird versions, # they were prefixed with "SortMem" instead of current "Temp". # # The smallest block size being allocated in the temporary storage. # This value reflects the allocation granularity. # # Type: integer # #TempBlockSize = 1048576 # # The maximum amount of the temporary space that can be cached # in memory. # # For Classic servers, this setting is defaulted to 8 MB. # Although it can be increased, the value applies to each client # connection/server instance and thus consumes a lot of memory. # # Type: integer # #TempCacheLimit = 67108864 # ---------------------------- # Boolean evaluation method (complete or shortcut) # # If your SQL code depends on side-effects of full evaluation of OR # and AND statements (right-hand-side terms), even if the expressions # final result could be determined by just examining the value of the # first term, you might need to turn this on. # # Type: boolean # #CompleteBooleanEvaluation = 0 # ---------------------------- # # Determines the number of seconds that the lock manager will wait after a # conflict has been encountered before purging locks from dead processes # and doing extra deadlock scan cycle. Engine detects deadlocks instantly # in all normal cases, so this value affects things only if something goes # wrong. Setting it too low may degrade system performance. # # Type: integer # #DeadlockTimeout = 10 # ---------------------------- # # How often the pages are flushed on disk # (for databases with ForcedWrites=Off only) # # Number of unflushed writes which will accumulate before they are # flushed, at the next transaction commit. For non-Win32 ports, # the default value is -1 (Disabled) # # Type: integer # #MaxUnflushedWrites = 100 # # Number of seconds during which unflushed writes will accumulate # before they are flushed, at the next transaction commit. For non-Win32 # ports, the default value is -1 (Disabled) # # Type: integer # #MaxUnflushedWriteTime = 5 # ---------------------------- # # This option controls whether to call abort() when internal error or BUGCHECK # is encountered thus invoke post-mortem debugger which can dump core suitable # for off-line analysis. When disabled engine tries to minimize damage and # continue execution. # # Note that setting this option to 1 makes engine produce traceable coredumps # when something nasty like SIGSEGV happens inside UDF. On Windows enabling # this option makes engine invoke JIT debugger facilities when errors happen. # # For debugging builds (DEV_BUILD), default value is 1 (Enabled) # # Type: boolean # #BugcheckAbort = 0 # Prior to Firebird 1.5 various SELECT expressions generated unnamed # columns. This did not conform to the SQL standard. Fb 1.5 saw the # introduction of default aliases for these unnamed columns. In some # cases, particularly if string concatenation is used (via the || # operator) this breaks existing scripts. # # This setting will affect aliases generated via CONCATENATION, # CURRENT_DATE, CURRENT_TIME, CURRENT_TIMESTAMP and EXTRACT. Setting # the value to true will disable the alias generation. It is only # recommended to be used where legacy scripts need to be supported. # It will be marked deprecated in Firebird 2.0 and removed in # Firebird 3.0. # # Type: boolean # #OldColumnNaming = 0 # Prior to Firebird 2.5 the SET clause of the UPDATE statement assigned # columns in the user-defined order with the NEW column values being # immediately accessible to the subsequent assignments. This did not # conform to the SQL standard. Starting with Firebird 2.5, only OLD column # values are accessible to all the assignments of the SET clause. # # Example of the old vs new behaviour: # # UPDATE T SET A = B, B = A # old result: A gets equal to B, B doesn't change # new result: A and B get their values exchanged # # Change this configuration option to 1 (true) only if your SQL code relies # on the legacy semantics of the SET clause. It's provided as a temporary # solution for backward compatibility issues and will be deprecated in # future Firebird versions. # # Type: boolean # #OldSetClauseSemantics = 0 # ---------------------------- # Relaxing relation alias checking rules in SQL # # Since Firebird 2.0, strict alias checking rules were implemented in the SQL # parser to accord with the SQL standard requirements. This setting allows # these rules to be relaxed in order to allow legacy applications to run on # Firebird 2.0. # A setting of 1 (true) allows the parser to resolve a qualified column reference # using the relation name, where an alias has been specified for that relation. # # For example, it allows a query such as: # SELECT TABLE.X FROM TABLE A # # It is not recommended to enable this setting. It should be regarded as an # interim workaround for porting untidy legacy code, until it is practicable to # revise such code. # # CAUTION! # There is no guarantee that this setting will be available in future Firebird # versions. # # Type: boolean # #RelaxedAliasChecking = 0 # ---------------------------- # Client Connection Settings (Basic) # # Seconds to wait before concluding an attempt to connect has failed. # # Type: integer # #ConnectionTimeout = 180 # # Seconds to wait on a silent client connection before the server sends # dummy packets to request acknowledgment. # # NOTE. This option may hang or crash Windows NT4 or Windows 2000 pre SP3 # on the client side as explained here: # http://support.microsoft.com/default.aspx?kbid=296265. # or may not prevent eventual inactive client disconnection for other OS. # # Normally, Firebird uses SO_KEEPALIVE socket option to keep track of # active connections. If you do not like default 2-hour keepalive timeout # then adjust your server OS settings appropriately. On UNIX-like OS's, # modify contents of /proc/sys/net/ipv4/tcp_keepalive_*. On Windows, # follow instrutions of this article: # http://support.microsoft.com/default.aspx?kbid=140325 # # Type: integer # #DummyPacketInterval = 0 # ---------------------------- # TCP Protocol Settings # # The TCP Service name/Port number to be used for client database # connections. # # It is only necessary to change one of the entries, not both. The # order of precendence is the 'RemoteServiceName' (if an entry is # found in the 'services.' file) then the 'RemoteServicePort'. # # Type: string, integer # #RemoteServiceName = gds_db #RemoteServicePort = 3050 # # The TCP Port Number to be used for server Event Notification # messages. The value of 0 (Zero) means that the server will choose # a port number randomly. # # Type: integer # #RemoteAuxPort = 0 # # TCP/IP buffer size for send and receive buffers of both the client # and server. The engine reads ahead of the client and can send # several rows of data in a single packet. The larger the packet size, # the more data is sent per transfer. Range is 1448 to 32767 (MAX_SSHORT). # # Type: integer # #TcpRemoteBufferSize = 8192 # # Either enables or disables Nagle algorithm (TCP_NODELAY option of # socket) of the socket connection. # # Note: Currently is a default for classic and super servers. # # Type: boolean # #TcpNoNagle = 1 # # Allows incoming connections to be bound to the IP address of a # specific network card. It enables rejection of incoming connections # through any other network interface except this one. By default, # connections from any available network interface are allowed. # If you are using Classic Server, this setting is for Windows only. # Under Linux, BSD or Mac OS X, with Classic server use xinetd or launchd # configuration file (bind parameter). # # Type: string # #RemoteBindAddress = # ---------------------------- # Locking and shared memory parameters # # Bytes of shared memory allocated for lock manager. # In Classic mode, the size given is used for the initial allocation. The # table expands dynamically up to the limit of memory. In SuperServer, the # initial size is also the final size. # # Type: integer # #LockMemSize = 1048576 # # When a connection wants to lock an object, it gets a lock request # block which specifies the object and the lock level requested. Each # locked object has a lock block. Request blocks are connected to those # lock blocks either as requests that have been granted, or as pending # requests. # # The settings: # 1 means locks are granted first come, first served. # 0 means emulate InterBase v3.3 behavior, where locks are granted # as soon as they are available; can result in lock request # starvation. # # Type: integer/boolean # #LockGrantOrder = 1 # # In Classic, only one client process may access the lock table at any # time. Access to the lock table is governed by a mutex. The mutex can # be requested conditionally - a wait is a failure and the request must # be retried - or unconditionally - the request will wait until it is # satisfied. This parameter establishes the number of attempts that # will be made conditionally. Zero value means unconditional mode. # Relevant only on SMP machines. # # Type: integer # #LockAcquireSpins = 0 # # Tune lock hash list; more hash slots mean shorter hash chains. Only # necessary under very high load. Prime number values are recommended. # # Type: integer # #LockHashSlots = 1009 # ---------------------------- # # Bytes of shared memory allocated for event manager. # # Type: integer # #EventMemSize = 65536 # =========================== # SuperServer Engine Settings # =========================== # # ---------------------------- # Which CPUs should be used (Windows Only) # # In an SMP system, sets which processors can be used by the server. # The value is taken from a bit map in which each bit represents a CPU. # Thus, to use only the first processor, the value is 1. To use both # CPU 1 and CPU 2, the value is 3. To use CPU 2 and CPU 3, the value # is 6. The default value is 1. # # Type: integer # #CpuAffinityMask = 1 # ---------------------------- # Settings for the thread scheduler (Windows Only) # # If you have problems with computer response time, running firebird # on workstation, turn off thread scheduler. # # Type: boolean # #UsePriorityScheduler = 1 # # The wait time, in milli-seconds (ms), before the priority of: # - an active thread is reduced to 'Low', or # - an inactive thread is increased to 'High' # # Note: The default value was chosen based on experiments on Intel # PIII/P4 processors. It should be increased for using in the computer # with lower speed processors. # # Type: integer # #PrioritySwitchDelay = 100 # # Number of additional 'intervals' given to a 'High' priority thread. # # Type: integer # #PriorityBoost = 5 # ---------------------------- # Garbage collection policy # # Defines how engine does garbage collection. Valid values are : # cooperative # background # combined # # Note: this setting affects SuperServer only. # # ClassicServer (and SuperClassic) implements "cooperative" only, therefore it # uses "cooperative" policy regardless of the value. # # SuperServer implements all three policies and uses "combined" by default. # # Type: string (special format) # #GCPolicy = combined # ============================== # Classic Server Engine Settings # ============================== # # ============================== # Settings for Windows platforms # ============================== # # ---------------------------- # Does the guardian restart the server every time it crashes? # 0 - only start the engine/service once # 1 - always restart the engine/service if it terminates # # Type: integer/boolean # #GuardianOption = 1 # # ---------------------------- # Priority level/class for the server process. # # The values are: # 0 (Zero) - normal priority, # positive value - high priority (same as -B command line option) # negative value - low priority. # # Note: All changes to this value should be carefully tested to ensure # that engine is more responsive to requests. # # Type: integer # #ProcessPriorityLevel = 0 # ---------------------------- # Local Connection Settings # # The name of the shared memory area used as a transport channel in local protocol. # Note that the local protocol in v2.0 is not compatible with any previous version # if Firebird or InterBase. # # Please note that the server can register objects in Global\ kernel namespace # only if it runs under the account with SE_CREATE_GLOBAL_NAME privilege. # This means that if you run the server under a restricted account under # Windows Vista/XP SP2/2000 SP4 it will not be accessible using the # local protocol from other sessions. # # Type: string # #IpcName = FIREBIRD # # The name of the pipe used as a transport channel in NetBEUI protocol. # Has the same meaning as a port number for TCP/IP. The default value is # compatible with IB/FB1. # # Type: string # #RemotePipeName = interbas # ============================ # Settings for Unix/Linux platforms # ============================ # ---------------------------- # Remove protection against redirecting requests to other servers # # ***WARNING*** ***WARNING*** ***WARNING*** ***WARNING*** # # Ability to redirect requests to other servers was initially present # in Interbase, but was broken by Borland in Interbase 6.0, when # they added SQL dialects. Request redirection was fixed in firebird 2.0, # but today such behaviour (proxy) seems to be dangerous from security # point of view. Imagine, you have one carefully protected firebird server, # access to which is possible from global net. But in case when this server # has access to your internal LAN (may and should be restricted, # but often possible), it will work as a gateway for incoming requests like: # firebird.your.domain.com:internal_server:/private/database.fdb # It's enough to know name/IP of some internal server on your LAN, and for # this connection one even need not know login/password on external server. # Such gateway easily overrides firewall, installed to protect your LAN # from outside attack. # # DO NOT ENABLE THIS OPTION UNLESS YOU REALLY KNOW WHAT YOU ARE DOING. # # Type: boolean # #Redirection = 0 ####################################### # # KB to Bytes Conversion table # ####################################### # # KB Bytes KB Bytes # ---- --------- ---- --------- # 1 1024 32 32768 # 2 2048 64 65536 # 4 4096 128 131072 # 8 8192 256 262144 # 16 16384 512 524288 # ####################################### # # MB to Bytes Conversion table # ####################################### # # MB Bytes MB Bytes MB Bytes # --- --------- --- ----------- --- ----------- # 1 1048576 64 67108864 448 469762048 # 2 2097152 128 134217728 512 536870912 # 4 4194304 192 201326592 640 671088640 # 8 8388608 256 268435456 768 805306368 # 16 16777216 320 335544320 896 939524096 # 32 33554432 384 402653184 1024 1073741824 #