Administration API (isc_service_start) - Functional Specification
Once a client has attached to the services manager using isc_service_attach, the client uses this API call to start a service on the server. The service can perform such operations as backing up a database, retrieving the server's log file, or adding licenses to the server. Only one service can be started at a time. An error will result if an attempt is made to start more than 1 service on the server.
User Interface/Usability
This feature will only be available to the end user via a call into the InterBase API.
ISC_STATUS ISC_EXPORT isc_service_start
(ISC_STATUS *status_vector,
isc_svc_handle *svc_handle,
isc_resv_handle *reserved,
ISC_USHORT spb_length,
char *spb);
- returns
value of ISC_STATUS[1]:
0 if no error >0 if there is an error
- *status_vector
- pointer to a 20 element array of ISC_STATUS
- *svc_handle
- pointer to a long value used to store the handle of the service structure on the server. This must point to a handle previously allocated in isc_service_attach.
- *reserved
- this parameter is being reserved for future use
- spb_length
- length in characters of the send buffer
- `*spb
- pointer to a buffer containing flags instructing the service manager to process information
example (after isc_service_attach has been completed):
1. ISC_STATUS status [20];
2. char thd_buff[RESPBUF], *thd = thd_buff;
3. ISC_USHORT thdlen;
4. char *database = "foo.gdb", *backup_file = "foo.gbk";
5.
6. /* isc_service_attach happens here */
7. *thd++ = isc_action_svc_backup;
8.
9. /* Set the database name */
10. *thd++ = isc_spb_dbname;
11. ADD_SPB_LENGTH (thd, strlen (database));
12. for (x = database; *x;)
13. *thd++ = *x++;
14.
15. /* Set the backup file name */
16. *thd++ = isc_spb_bkp_file;
17. ADD_SPB_LENGTH (thd, strlen (backup_file));
18. for (x = backup_file; *x;)
19. *thd++ = *x++;
20.
21. /* Tell backup process that you want output */
22. *thd++ = isc_spb_verbose;
23.
24. thdlen = thd - thd_buff;
25.
26. if (isc_service_start(status, &svc_handle, NULL, thdlen, thd_buff))
27. {
28. ISC_STATUS *vector = status;
29. printf ("Unable to start service:n");
30. while (isc_interprete (respbuf, &vector))
31. printf ("ERROR: %sn", respbuf);
32. printf ("End of errorsn");
33. isc_service_detach (status, &svc_handle);
34. exit(1);
35. }
The return value and status from isc_service_start represents any error that could have occurred either in the process of launching the service thread or from the service itself, for example, the database to backup could not be opened. isc_service_start will not return until the service has completed its initialization and is actually running.
For each service action, there is a list of parameters which define that action. The paramters consist of three different peices of information: the parameter name, a length, and a value. The length and value are specific to the individual parameters.
Since all length values in the spb must be 2 bytes and all numeric data values in the spb must be 4 bytes, there are two new macros that have been added to ibase.h. They are ADD_SPB_LENGTH and ADD_SPB_NUMERIC. Each of these takes a pointer to the spb and the data to be added. ADD_SPB_LENGTH adds the length to the spb as 2 bytes and ADD_SPB_DATA adds the data to the spb as 4 bytes. After each of these macros are called, the spb is incremented to the next available slot in the buffer. The macros are defined as follows:
#define ADD_SPB_LENGTH (p, length) {*p++ = length;
*p++ = length >> 8;}
#define ADD_SPB_NUMERIC (p, data) {*p++ = length;
*p++ = length >> 8;
*p++ = length >> 16;
*p++ = length >> 24;}
Valid services and their parameters are as follows. Please note that some parameters may be used by more than one service.
Service: isc_action_svc_backup
Purpose: tell the server to initiate a database backup. The server must have file open access to the backup file being created.
| Parameter Name | Length | Data | Description |
|---|---|---|---|
| isc_spb_dbname | length of database name | the name of the database | specifies the database to backup |
| isc_spb_role_name | length of the role name | the name of the role | the role to use to connect to the database |
| isc_spb_verbose | 0 | 0 | specifies that output be sent to the client |
| isc_spb_bkp_file | string length of a backup file | the name of the backup | specifies the backup file name |
| isc_spb_bkp_factor | 4 | blocking factor to use | Use blocking factor n for tape device |
| isc_spb_bkp_length | 4 | length of backup file | used when splitting backup files, the length of one |
| isc_spb_options | 0 | 0 | specifies that the next value is a bitmask of options |
| isc_spb_bkp_ignore_checksums | 1 | bitmask | ignore checksums during backup |
| isc_spb_bkp_ignore_limbo | 1 | bitmask | ignore limbo transactions during backup |
| isc_spb_bkp_metadata_only | 1 | bitmask | backup metadata only, no data |
| isc_spb_bkp_no_garbage_collect | 1 | bitmask | do not garbage collect during backup |
| isc_spb_bkp_old_descriptions | 1 | bitmask | backup metadata in old-style format |
| isc_spb_bkp_non_transportable | 1 | bitmask | create a non-transportable backup |
| isc_spb_bkp_convert | 1 | bitmask | convert external files to internal tables |
Notes:
The username and password used to connect to the services manager will be used to connect to the database for backup. This helps add some degree of security for this operation. Only the SYSDBA user or the owner of the database will be able to backup a database.
To split the backup among many different files, specifiy isc_spb_bkp_file and isc_spb_bkp_length for each backup file to create. The very last file does not need to have a length specified. Any remaining information will spillover into the last file. This will allow the backup service to write to more than one backup file. Any spillover of information between files will continue to the last file. If the last file can not be written to, then an error will result.
Under normal circumstances, when backing up a database, the backup file will always be located on the server machine since the backup program can not open a file over a network connection. The backup process can create a remote file if the following conditions are true:
- The server is running on Windows NT
- The path to the backup file is specified as a UNC name
- The destination for the file is another Windows NT machine or machine which can be connected to via UNC naming conventions
- -OR- the destination drive is mounted via NFS (or some equivalent) on the machine running the InterBase server.
Service: isc_action_svc_restore
Purpose: tell the server to initiate a database restore. The server must have file open access to the backup file being restored
| Parameter Name | Length | Data | Description |
|---|---|---|---|
| isc_spb_dbname | length of database name | the name of the database | specifies the database to restore |
| isc_spb_bkp_file | string length of a backup file | the name of the backup | specifies the backup file name |
| isc_spb_verbose | 0 | 0 | specifies that output be sent to the client |
| isc_spb_role_name | length of the role name | the name of the role | the role to use to connect to the database |
| isc_spb_res_buffers | 4 | number of page buffers | override default page buffers |
| isc_spb_res_page_size | 4 | page size to use | override the default page size |
| isc_spb_res_length | 4 | length of a backup file | used when restoring backup files, the length of backup file |
| isc_spb_options | 0 | 0 | specifies that the next value is a bitmask of options |
| isc_spb_res_deactivate_idx | 1 | bitmask | deactivate indicies during restore |
| isc_spb_res_no_shadow | 1 | bitmask | restore without creating shadow files |
| isc_spb_res_no_validity | 1 | bitmask | do not restore database validity conditions |
| isc_spb_res_one_ata_time | 1 | bitmask | restore one relation at a time |
| isc_spb_res_replace | 1 | bitmask | replace the database if it exists |
| isc_spb_res_create | 1 | bitmask | create a new database from the backup |
| isc_spb_res_use_all_space | 1 | bitmask | do not reserve space for record back versions |
Notes:
The username and password used to connect to the services manager will be used to connect to the database for restore. This helps add some degree of security for this operation.
Only the SYSDBA or owner of a database may use `isc_spb_res_replac`e to overwrite an existing database
Service: isc_action_svc_repair
Purpose: tell the server to start repair options on the database specified
| Parameter Name | Length | Data | Description |
|---|---|---|---|
| isc_spb_dbname | length of database name | database name | database name to repair |
| isc_spb_tra_id | sizeof (ISC_ULONG) | a transaction id | |
| isc_spb_rpr_commit_trans | 0 | 0 | commit the transactions that follow |
| isc_spb_rpr_rollback_trans | 0 | 0 | rollback the transactions that follow |
| isc_spb_rpr_recover_two_phase | 0 | 0 | perform automated two-phase commit recovery on the transactions that follow |
| isc_spb_single_tra_id | 0 | 0 | The transaction specified is a single database transaction |
| isc_spb_multi_tra_id | 0 | 0 | The transaction specified is a multi-database transaction |
| isc_spb_tra_state | 0 | 0 | The next byte represents the current state of the transaction |
| isc_spb_tra_state_limbo | 0 | 0 | The transaction is in limbo |
| isc_spb_tra_state_commit | 0 | 0 | The transaction has been committed |
| isc_spb_tra_state_rollback | 0 | 0 | The transaction has been rolledback |
| isc_spb_tra_state_unknown | 0 | 0 | The state of the transaction is unknown |
| isc_spb_tra_host_site | length of host site | host site name | The site at which the transaction was started |
| isc_spb_tra_remote_site | length of remote site | remote site name | The name of the remote site involved with the transaction |
| isc_spb_tra_db_path | length of the db path | db path name | The name of the database path on the remote site |
| isc_spb_tra_advise | 0 | 0 | The next byte is the server's recommended action for the transaction |
| isc_spb_tra_advise_commit | 0 | 0 | The transaction should be committed |
| isc_spb_tra_advise_rollback | 0 | 0 | The transaction should be rolledback |
| isc_spb_tra_advise_unknown | 0 | 0 | The server can not determine the state of the transaction |
| isc_spb_options | 0 | 0 | specifies that the next value is a bitmask of options |
| isc_spb_list_limbo_trans | 1 | bitmask | tells the server to return a list of limbo transactions |
| isc_spb_rpr_check_db | 1 | bitmask | just validates the database, doesn't fix it |
| isc_spb_rpr_ignore_checksum | 1 | bitmask | ignore all checksum errors |
| isc_spb_rpr_kill_shadows | 1 | bitmask | kill all unavailable shadow files |
| isc_spb_rpr_mend_db | 1 | bitmask | prepare a corrupt database for backup |
| isc_spb_rpr_sweep_db | 1 | bitmask | perform a database sweep |
| isc_spb_rpr_validate_db | 1 | bitmask | validate the database structure |
| isc_spb_rpr_full | 1 | bitmask | validate record fragments |
Notes:
When requesting information about limbo transactions, the response buffer will have the following format:
Single database transaction being returned:
isc_info_svc_limbo_trans isc_spb_single_tra_id <transaction id>Multiple database transaction being returned:
isc_info_svc_limbo_trans isc_spb_multi_tra_id isc_spb_tra_host_site <length> <data> isc_spb_tra_id <transaction id> isc_spb_tra_state isc_spb_tra_state_limbo | isc_spb_tra_state_commit | isc_spb_tra_state_rollback | isc_spb_tra_state_unknown isc_spb_tra_remote_site <length> <data> isc_spb_tra_db_path <length> <data> isc_spb_tra_advise isc_spb_tra_advise_commit | isc_spb_tra_advise_rollback | isc_spb_tra_advise_unknown
Service: isc_action_svc_properties
Purpose: tells the server to change the database properties to the ones specified in the spb
| Parameter Name | Length | Data | Description |
|---|---|---|---|
| isc_spb_dbname | length of database name | the name of the database | specifies the database to set properties on |
| isc_spb_prp_page_buffers | 4 | number of page buffers | set the number of page buffers for the db to n |
| isc_spb_prp_sweep_interval | 4 | new sweep interval | set the sweep interval to use for the database |
| isc_spb_prp_shutdown_db | 4 | seconds to wait for shut | shutdown the database after n seconds |
| isc_spb_prp_deny_new_transactions | 4 | seconds to deny | deny new transactions for n seconds then shutdown |
| isc_spb_prp_deny_new_attachments | 4 | seconds to deny | deny new attachments for n seconds then shutdown |
| isc_spb_prp_use_full_space | 0 | 0 | don't reserve space on the data page for versioning |
| isc_spb_prp_reserve_space | 0 | 0 | reserve space on the data page for versioning |
| isc_spb_prp_write_mode | 0 | 0 | the next byte specifies the database write mode |
| isc_spb_prp_wm_async | 0 | 0 | set database to use async writes |
| isc_spb_prp_wm_sync | 0 | 0 | set database to use sync writes |
| isc_spb_prp_access_mode | 0 | 0 | the next byte specifies the database access mode |
| isc_spb_prp_am_readonly | 0 | 0 | set database to be read-only |
| isc_spb_prp_am_readwrite | 0 | 0 | set the database to be read-write |
| isc_spb_options | 0 | 0 | specifies that the next value is a bitmask of options |
| isc_spb_prp_activate | 1 | bitmask | activate shadow file for database use |
| isc_spb_prp_db_online | 1 | bitmask | specifies that the database should be brought back online |
Notes:
To turn off database sweeps, set the sweep interval to 0.
To force a database shutdown without waiting use isc_spb_prp_shutdown_db specifiy the number of seconds to wait as 0.
If using isc_spb_prp_deny_new_`(`attachments or transactions) with a time period, the shutdown will fail if there are still active transactions or attachments to the database.
Only the SYSDBA user or the owner of the database will be able to run this service on a particular database.
Service: isc_action_svc_db_stats
Purpose: tell the server to retrieve database statistics for the database specified
| Parameter Name | Length | Data | Description |
|---|---|---|---|
| isc_spb_dbname | length of database name | the name of the database | specifies the database to get statistics from |
| isc_spb_options | 0 | 0 | specifies that the next value is a bitmask of options |
| isc_spb_sts_data_pages | 1 | bitmask | retrieve and display statistics on data tables in the database |
| isc_spb_sts_db_log | 1 | bitmask | stop reporting statistics after reporting the information on the log pages |
| isc_spb_sts_hdr_pages | 1 | bitmask | stop reporting statistics after reporting the information on the header page |
| isc_spb_sts_idx_pages | 1 | bitmask | retrieve and display statistics on indexes in the database |
| isc_spb_sts_sys_rels | 1 | bitmask | retrieve statistics on system tables and indexes in additon to user tables and indexes |
Notes:
Reading header information would normally not require that the server be running. However, in order to read the header information using this API, the server must be running as the logic for doing this is not in the client.
Only the SYSDBA user or the owner of the database will be able to run this service on a particular database.
Service: isc_action_svc_get_ib_log
Purpose: retrieve the interbase.log file from the server if the log file exists. An error is returned if the log file does not exist
| Parameter Name | Length | Data | Description |
|---|---|---|---|
| None | NA | NA | NA |
Notes:
Prepares the contents of the interbase.log file to send to the client. If the log file does not exist then an error is returned during the call to isc_service_start.
Service: isc_action_svc_add_user
Purpose: tell the server to add the user specified to the security database
| Parameter Name | Length | Data | Description |
|---|---|---|---|
| isc_spb_sql_role_name | length of role name | role name | role name to use when connecting to the security database (is not part of the add information) |
| isc_spb_sec_userid | 4 | user id | an integer that specifies a user ID |
| isc_spb_sec_groupid | 4 | group id | an integer that specifies a group ID |
| isc_spb_sec_username | length of username | username | username to add to the security database (max 31 chars) |
| isc_spb_sec_password | length of password | password | password for the user being added (max 32 only first 8 used) |
| isc_spb_sec_groupname | length of groupname | group name | name of a UNIX group as defined in /etc/groups |
| isc_spb_sec_firstname | length of first name | first name | the first name of the user being added |
| isc_spb_sec_middlename | length of middle name | middle name | the middle name of the user being added |
| isc_spb_sec_lastname | length of last name | last name | the last name of the user being added |
Notes:
When adding users to the security database, the only information required is the username and password and are restricted to ASCII characters. An error will result if either peice of information is missing.
The information for first name, middle, and last names are stored as Unicode FSS. If using unicode for this information, the length will need to reflect the number of bytes and not necessarilly the length of the string. The group name is also stored as ASCII.
By default, only SYSDBA is allowed to add user information in the security database, however, no checks are made by this API to enforce this. It is strictly enforced at the database level. This would allow the SYSDBA to grant update privileges to those fields that can be updatable by end users.
Service: isc_action_svc_delete_user
Purpose: tell the sever to remove the user specified from the security database
| Parameter Name | Length | Data | Description |
|---|---|---|---|
| isc_spb_sql_role_name | length of role name | role name | role name to use when connecting to the security database |
| isc_spb_username | length of username | username | the username to remove from the security database |
Notes:
Once a user has been removed from the security database, you will need to create a new user record using isc_action_svc_add_user before that user can connect to the server.
By default, only SYSDBA is allowed to remove user information in the security database, however, no checks are made by this API to enforce this. It is strictly enforced at the database level. This would allow the SYSDBA to grant update priviledges to those fields that can be updatable by end users.
Service: isc_action_svc_modify_user
Purpose: tell the user to make modifications to the record in the security database specified by the username
| Parameter Name | Length | Data | Description |
|---|---|---|---|
| isc_spb_sql_role_name | length of role name | role name | role name to use when connecting to the security database (is not part of the modify information) |
| isc_spb_sec_userid | 4 | user id | an integer that specifies a new user ID |
| isc_spb_sec_groupid | 4 | group id | an integer that specifies a new group ID |
| isc_spb_sec_username | length of username | username | username to modify in the security database (max 31 chars) |
| isc_spb_sec_password | length of password | password | new password for the user being modified (max 32, first 8 used) |
| isc_spb_sec_groupname | length of groupname | group name | name of the new UNIX group as defined in /etc/groups |
| isc_spb_sec_firstname | length of first name | first name | the new first name of the user being added |
| isc_spb_sec_middlename | length of middle name | middle name | the new middle name of the user being added |
| isc_spb_sec_lastname | length of last name | last name | the new last name of the user being added |
Notes:
To modify a particular peice of user information, specify its parameter and the new information. To remove a peice of information, specify the parameter, 0 for length and 0 for data. Only information that has a corresponding parameter will be modified and the username will never be modified. For example, if you were to specify the password and groupname, only these two peices of information would be modified, firstname and lastname (for example) would not. To change a username, that user must be removed from the security database and then re-added.
By default, only SYSDBA is allowed to modify user information in the security database, however, no checks are made by this API to enforce this. It is strictly enforced at the database level. This would allow the SYSDBA to grant update priviledges to those fields that can be updatable by end users.
Service: isc_action_svc_display_users
Purpose: retrieves user information for all or the specified user
| Parameter Name | Length | Data | Description |
|---|---|---|---|
| isc_spb_sec_username | length of username | username | username to retrieve info for |
Notes:
If you want to retrieve information for all users, omit the parameter isc_spb_sec_username and send only the service action
Service: isc_action_svc_add_license
Purpose: convert the license ID and key to a valid license and add it to the server's license file.
| Parameter Name | Length | Data | Description |
|---|---|---|---|
| isc_spb_lic_key | length of license key | the license key to add | certificate key to add to the license file |
| isc_spb_lic_id | length of license ID | the license ID | certificate ID to add to the license file |
Notes:
The server will need to be restarted if the license being added changes the server from a local server to a remote server. This is necessary because the listener threads are started and allocated once the server starts up. If the ID and key being added simply add user licenses to the server, no server restart is needed.
This service can also be used to add evaluation licenses. Evaluation licenses, however, can not be removed using the services manager or any other means.
Only the SYSDBA user can add licenses.
Service: isc_action_svc_remove_license
Purpose: tell the server to remove the license specified by the key
| Parameter Name | Length | Data | Description |
|---|---|---|---|
| isc_spb_lic_key | length of license key | the license key to add | the certificate key to be removed from the license file |
Notes:
The server will need to be restarted if the license being removed changes the server's state from a remote server to a local server. This is necessary because the listener threads will need to be shut down to complete the operation and cannot be shutdown while the server is in use. If the ID and key being removed simply removes user licenses to the server, no server restart is needed.
This service will not remove evaluation licenses.
Only the SYSDBA user can remove licenses.
Service: isc_action_svc_lock_stats (* IF TIME PERMITS - CURRENTLY NOT IN InterBase V6.0 *)
Purpose: tell the server to retrieve lock manager statistics from the server
| Parameter Name | Length | Data | Description |
|---|---|---|---|
| isc_spb_lck_sample | 4 | number of samples to take for statistics | number of samples to take for statistics |
| isc_spb_lck_secs | 4 | number of seconds to try the operation specified | number of seconds to try the operation specified |
| isc_spb_options | 0 | 0 | specifies that the next value is a bitmask of options |
| isc_spb_lck_contents | 1 | bitmask | prints a static view of the lock table |
| isc_spb_lck_summary | 1 | bitmask | prints static lock table summary and list of all owners |
| isc_spb_lck_wait | 1 | bitmask | prints out above plus wait statistics for each owner |
| isc_spb_lck_stats | 1 | bitmask | prints out all of the above statistics |
Notes:
This feature is slated for 'IF TIME PERMITS' since the output of a lock print is very difficult for the user to understand. There is currently no time available to reformat the results to be easier to understand and is beyond the scope of this project.
For each of the above flags (isc_spb_lck_contents, summary, wait, and stats) a sample and seconds value can be specified. In these circumstances the service buffer would look like the following:
1. ISC_ULONG options = 0;
2. options |= isc_lck_wait;
3.
4. *spb++ = isc_spb_lck_secs;
5. ADD_SPB_LENGTH (spb, 4);
6. ADD_SPB_DATA (spb, 10); /* take a sample every 10 seconds */
7.
8. *spb++ = isc_spb_lck_sample;
9. ADD_SPB_LENGTH (spb, 4);
10. ADD_SPB_DATA (spb, 10); /* take 10 samples */
11.
12. *spb++ = isc_spb_options;
13. ADD_SPB_DATA (spb, options);
It is important to note that all error information for these services must be retrieved by querying the service. The status vector for isc_service_query will consist of errors for any service that is currently running as well as for any query request made. Because of this fact, it is recommended that a call to isc_service_query that requests information about a running service (by specifying isc_info_svc_line or isc_info_svc_eof) not be mixed with a general service manager query (using isc_info_svc calls).
Requirements and Constraints
All functionality that mirrors that of a command line tool (i.e. backup and GBAK), will be implemented as threads in the server. This means that all command-line utilities will be made thread safe so that they can be added to the server in some fashion.
The primary goal for these services is to provide the same level of information through the API as is available via the Windows server manager (ibmgr32.exe). Currently, the only functionality available via the InterBase Server Manager is:
Database Backup
- Inhibit Garbage Collection (isc_spb_bkp_no_garbage_collect )
- Ignore bad checksums (isc_spb_bkp_ignore_checksums )
- Ignore transactions in limbo ( isc_spb_bkp_ignore_limbo )
- Backup metadata only ( isc_spb_bkp_metadata_only )
- Suppress Error messages on output
- Non-Transportable backup (isc_spb_bkp_non_transportable)
- Verify ( isc_spb_verbose )
- Show version
Database Restore
- Deactivate indexes during restore ( isc_spb_res_deactivate_idx )
- Restore without creating shadows ( isc_spb_res_no_shadow )
- Do not restore validity checks ( isc_spb_res_no_validity )
- Restore one table at a time ( isc_spb_res_one_ata_time )
- Suppress error messages on output
- Verify ( isc_spb_verbose )
- Page Size ( isc_spb_res_page_size )
Database Statistics
- Analyze data and index pages ( isc_spb_sts_idx, isc_spb_sts_data_pages )
- Analyze the database log ( isc_spb_sts_db_log )
Database Repair
- Shutdown : Deny new database attachments ( isc_spb_rpr_deny_new_attachments )
- Shutdown: Deny new transactions ( isc_spb_rpr_deny_new_transactions )
- Shutdown: force shutdown after timeout ( isc_spb_rpr_force_shutdown )
- Validation: Read-only validation ( isc_spb_rpr_check_db )
- Validation: Ignore Checksum errors ( isc_spb_rpr_ignore_checksum )
- Validation: Validate record fragments ( isc_spb_rpr_validate_db )
- Validation: List / fix limbo transactions ( isc_spb_rpr_list_limbo_trans, isc_spb_rpr_commit_trans, isc_spb_rpr_rollback_transactions)
Migration Issues
Currently, any user who has select privileges for a particular database can backup that database. With this API, however, this will change to only allow the database owner or the SYSDBA user
This functionality is currently available via the InterBase Server Manager (IBMGR32 on NT) to any user who can connect to a database. By going through this API, it will be possible to have security checks before accessing a database. This will prevent users from 'stealing' files. Users may need to change their practices regarding the backup and restoration of files.
The services API will be able to backup a database to tape, however, in the first implementation of this API, there will be no mechanism for reporting back to the client that another tape is needed to complete the backup process.