daveh@marob.masa.com (Dave Hammond) (05/31/89)
System: AT/286-compatible OS: SCO Xenix 2.2.1 Database: Informix ISQL 2.0. When attempting to create or drop a table, we are getting a `no system permission' type of error. The operation has been attempted as `informix', as `root' and as the table owner (dave): > drop table stkord__dtl; 211: Cannot read system catalog (systables). 111: C-ISAM error: no record found. > Error in line 1 Near character position 23 --- The only system change which has occured is that the owner (dave) username has been changed to `daveh'. However, his UID is unchanged. The following `ls' outputs detail the permissions and ownership of related programs and data files: /u0/informix/bin: total 2902 -rwsr-xr-t 1 informix informix 132574 Apr 26 1988 isql /u0/informix/lib: total 538 -rwsr-sr-t 1 informix informix 61561 Apr 26 1988 pisam -rwsr-sr-t 1 informix informix 208558 Apr 26 1988 sqlexec /u0/cmx2/data: drwxrwxrwx 5 root gods 3360 May 22 18:27 . drwxrwxrwx 2 informix informix 784 May 19 15:19 carna.dbs -rw-rw-rw- 1 informix informix 1024 Mar 27 19:53 carna.dbs/systabauth.dat -rw-rw-rw- 1 informix informix 3584 Mar 27 19:53 carna.dbs/systabauth.idx -rw-rw-rw- 1 informix informix 4608 Mar 27 19:53 carna.dbs/systables.dat -rw-rw-rw- 1 informix informix 3584 Mar 27 19:53 carna.dbs/systables.idx --- The following transcript shows that the `systables' table is readable: > select * from systables where tabname = "stkord__dtl"; tabname stkord__dtl owner dave dirpath stkord_149 tabid 149 rowsize 108 ncols 8 nindexes 2 nrows 19741 created 11/04/1988 version 5 tabtype T audpath 1 row(s) retrieved. --- Any clues to our problem would be greatly appreciated. BTW, assuming that a true resolve to this problem never appears, can we achieve the same effect as a "drop table" SQL command, by deleting the associated `sys*' table records, .dat and .idx files? Also, on an unrelated note-- We have several machines which are running ISQL 2.0 which lacks the `dbschema' utility. Can the version supplied with ISQL 2.1 function with ISQL 2.0 tables? I will monitor this group for replys, however e-mail responses are prefferable. Thanks in advance. -- Dave Hammond DSI Communications, Inc. daveh@dsix2.uucp -or- daveh@marob.masa.com
john@riddle.UUCP (Jonathan Leffler) (06/07/89)
In article <714@marob.masa.com> daveh@marob.masa.com (Dave Hammond) writes: >> drop table stkord__dtl; > 211: Cannot read system catalog (systables). > 111: C-ISAM error: no record found. >--- >The only system change which has occured is that the owner (dave) >username has been changed to `daveh'. However, his UID is unchanged. Notes: 1. permissions in Informix store user names and not UIDs. 2. changing back to dave, sorting out the table and then changing back to daveh should fix it. Your permissions are shot to pieces. You should `re-install' the software by: 1. Taking a copy of $INFORMIXDIR/etc/sqlfiles 2. Editing the version in $INFORMIXDIR/etc and removing any references to BRAND. 3. As root, run $INFORMIXDIR/sqlinstall 4. Restore the original sqlfiles (the one you copied). You should also set up the permissions on your database correctly. The changed permissions do not affect the way Informix behave, but do allow anyone to crap all over your database. >/u0/informix/bin: >total 2902 >-rwsr-xr-t 1 informix informix 132574 Apr 26 1988 isql Wrong: -rwxr-xr-t 1 informix informix 132574 Apr 26 1988 isql >/u0/informix/lib: >total 538 >-rwsr-sr-t 1 informix informix 61561 Apr 26 1988 pisam >-rwsr-sr-t 1 informix informix 208558 Apr 26 1988 sqlexec Wrong: -rwsr-sr-t 1 root informix 208558 Apr 26 1988 sqlexec >/u0/cmx2/data: >drwxrwxrwx 5 root gods 3360 May 22 18:27 . >drwxrwxrwx 2 informix informix 784 May 19 15:19 carna.dbs >-rw-rw-rw- 1 informix informix 1024 Mar 27 19:53 carna.dbs/systabauth.dat >-rw-rw-rw- 1 informix informix 3584 Mar 27 19:53 carna.dbs/systabauth.idx >-rw-rw-rw- 1 informix informix 4608 Mar 27 19:53 carna.dbs/systables.dat >-rw-rw-rw- 1 informix informix 3584 Mar 27 19:53 carna.dbs/systables.idx Probably wrong: drwxrwxr-x 5 root gods 3360 May 22 18:27 . Wrong: drwxrwx--- 2 informix informix 784 May 19 15:19 carna.dbs Wrong: -rw-rw---- 1 informix informix 1024 Mar 27 19:53 carna.dbs/systabauth.dat Wrong: -rw-rw---- 1 informix informix 3584 Mar 27 19:53 carna.dbs/systabauth.idx Wrong: -rw-rw---- 1 informix informix 4608 Mar 27 19:53 carna.dbs/systables.dat Wrong: -rw-rw---- 1 informix informix 3584 Mar 27 19:53 carna.dbs/systables.idx Most likely, the database should be owned by dave or daveh (but in group informix). Logging in as user informix should be forbidden -- change the password entry to NOLOGIN. Using sticky bits is not wrong but somewhat unusual. >The following transcript shows that the `systables' table is readable: >> select * from systables where tabname = "stkord__dtl"; >tabname stkord__dtl >owner dave >dirpath stkord_149 >tabid 149 >rowsize 108 >ncols 8 >nindexes 2 >nrows 19741 >created 11/04/1988 >version 5 >tabtype T >audpath This shows the problem completely. User dave owns the table. At a guess, user dave is also the DBA. Only user dave or the DBA can drop his table. User daveh is not the same user (see note 1 above). User daveh cannot go around dropping other people's tables. Good for Informix permissions, I say! Re: dbschema. If you can get around the licensing rules (you probably can't), it would work. You would probably need the 2.10 sqlexec on the machine with 2.00 -- that is definitely not legal.