Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Contact Us
Online Help
Domain Status
Man Pages

Virtual Servers

Topology Map

Server Agreement
Year 2038

USA Flag



Man Pages

Manual Reference Pages  -  IPA_DB_SDB (8)


ipa_db_sdb -- IPA simple database module (database part)


Configuration File Format
See Also


ipa_db_sdb is an IPA database module with the following features:
- The module stores information in the ipa_sdb(5) database format;
- The module completely supports autorules, rules, limits and thresholds;
- Access to database files can be granted accordingly to the user group.
The name of the database is sdb.


Configuration for the module is integrated into the ipa.conf(5) file. The configuration prefix of this module is ‘‘sdb’’.

Following three parameters can be placed in global, rule or autorule sections. Static rules inherit settings from the global section. Dynamic rules inherit settings from their autorule sections, then from the global section.

The sdb:db_dir parameter allows to define the main database directory (the default value is /var/ipa_sdb):

sdb:db_dir = "/path/to/directory";

Since this parameter can be placed in rule or autorule section, then any rule can have own main directory for its database files and directories.

The sdb:db_group parameter determines the group owner of a rule’e directory:

sdb:db_group = <group>;

A group can be given by a name or as a numerical value. If a group is given by the name, then the corresponding GID is determined during the configuration file parsing phase. If some user belongs to the given users group, then he or she will have access to statistics for a rule.

By default if the module opened some file, then it closes it only when this file is not needed any more or when a rule becomes inactive. If there are many rules (limits or thresholds), then the module can use all available file descriptors. To close any opened file as quickly as possible set the sdb:close_fd parameter to ‘‘yes’’ (the default value is ‘‘no’’):

sdb:close_fd = <boolean>;

Next parameters can be placed only in the sdb: module’s section:

sdb: {
    /* Parameters. */

By default the module disallows using of symlinks in the database. To allow symlinks in the database set the allow_symlinks parameter to ‘‘yes’’ (the default value is ‘‘no’’):

sdb: {
    allow_symlinks = <boolean>;

The main database directory has a special file containing the version number of the database format and the module checks version saved in this file. To speedup the module startup in case if many main database directories are used it is possible to turn off database format version checking in the check_version parameter by setting it to ‘‘no’’ (the default value is ‘‘yes’’):

sdb: {
    check_version = <boolean>;

It is not recommended to turn off database format version checking.


db_mod "";

sdb: { allow_symlinks = yes; }

global { /* ... */ db_list = sdb; sdb:db_dir = "/var/db/ipa_sdb"; sdb:db_group = staff; }

rule 1 { /* ... */ sdb:close_fd = yes; }

rule 2 { /* ... */ sdb:db_dir = "/home/my/ipa_sdb"; sdb:db_group = wheel; }

autorule lan { /* ... */ sdb:db_group = users; }

First rule inherits values of sdb:db_dir and sdb:db_group parameters from the global section. Second rule has own values for these parameters. All rules generated from the given autorule will inherit the value of the sdb:db_group parameter from the autorule.


ipa_sdb(5), ipa_st_sdb(8), ipa_sdb_dump(8)


Andrey Simonenko <>


If you find any, please send email me.
Search for    or go to Top of page |  Section 8 |  Main Index

--> IPA_DB_SDB (8) July 19, 2007

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.