Configuring a Data Source in the Linux OS

The ODBC DRIVER (psqlodbcw.so) provided by GaussDB can be used after it has been configured in a data source. To configure a data source, you must configure the odbc.ini and odbcinst.ini files on the server. The two files are generated during the unixODBC compilation and installation, and are saved in the /usr/local/etc directory by default.

Procedure

Obtain the source code package of unixODBC by clicking the following link:
Download address: https://gitee.com/src-openeuler/unixODBC/blob/openEuler-22.03-LTS-SP1/unixODBC-2.3.7.tar.gz.

After the download, verify the integrity based on the integrity verification algorithm provided by the community.
Install unixODBC. It does not matter if unixODBC of another version has been installed.
For example, install unixODBC-2.3.7.
```
tar zxvf unixODBC-2.3.7.tar.gz
cd unixODBC-2.3.7

./configure --enable-gui=no # To perform compilation on an Arm server, add the configure parameter --build=aarch64-unknown-linux-gnu.
make
# The installation may require root permissions.
make install
```
- Currently, unixODBC-2.2.1 is not supported.
- By default, it is installed in the /usr/local directory. The data source file is generated in the /usr/local/etc directory, and the library file is generated in the /usr/local/lib directory.
- You can compile unixODBC with the --enable-fastvalidate=yes option to achieve higher performance. However, this option may cause an application that passes an invalid handle to the ODBC API to fail instead of returning an SQL_INVALID_HANDLE error.
Replace the GaussDB client driver.
Decompress GaussDB-Kernel_Database version number_OS version number_64bit_Odbc.tar.gz. After the decompression, the lib and odbc folders are generated. The odbc folder contains another lib folder. Copy all dynamic libraries in the /lib and /odbc/lib folders to the /usr/local/lib directory.

Configure a data source.

Configure the ODBC driver file.

Add the following content to the /usr/local/etc/odbcinst.ini file:

[GaussMPP]
Driver64=/usr/local/lib/psqlodbcw.so
setup=/usr/local/lib/psqlodbcw.so

For descriptions of the parameters in the odbcinst.ini file, see Table 1.

**Table 1** odbcinst.ini configuration parameters
Parameter	Description	Example
[DriverName]	Driver name, corresponding to Driver in DSN.	[DRIVER_N]
Driver64	Path of the dynamic driver library.	Driver64=/usr/local/lib/psqlodbcw.so
setup	Driver installation path, which is the same as the dynamic library path in Driver64.	setup=/usr/local/lib/psqlodbcw.so

Configure the data source file.

Add the following content to the /usr/local/etc/odbc.ini file:

[MPPODBC]
Driver=GaussMPP
Servername=127.0.0.1 (database server IP address)
Database=postgres  (database name)
Username=omm  (database username)
Password=  (database user password)
Port=8000 (database listening port)
Sslmode = allow

For descriptions of the parameters in the odbc.ini file, see Table 2.

**Table 2** odbc.ini configuration parameters
Parameter	Description	Example
[DSN]	Data source name.	[MPPODBC]
Driver	Driver name, corresponding to DriverName in odbcinst.ini.	Driver = DRIVER_N
Servername	Server IP address. Multiple IP addresses can be configured.	Servername=127.0.0.1
Database	Name of the database to connect.	Database = postgres
Username	Database username.	Username = omm
Password	Database user password. NOTE: After a user establishes a connection, the ODBC driver automatically clears their password stored in memory. However, if this parameter is configured, unixODBC will cache data source files, which may cause the password to be stored in the memory for a long time. When you connect to an application, you are advised to send your password through an API instead of writing it in a data source configuration file. After the connection has been established, immediately clear the memory segment where your password is stored. CAUTION: The password in the configuration file must comply with the following HTTP rules: Characters must comply with the URL encoding specifications. For example, the exclamation mark (!) must be written as %21, and the percent sign (%) must be written as %25. Therefore, pay attention to the characters. A plus sign (+) will be replaced by a space.	Password=********
Port	Port number of the server.	Port = 8000
Sslmode	Specifies whether to enable SSL.	Sslmode = allow
Debug	If this parameter is set to 1, the mylog file of the PostgreSQL ODBC driver will be printed. The directory generated for storing logs is /tmp/. If this parameter is set to 0, no directory is generated.	Debug = 1
UseServerSidePrepare	Specifies whether to enable the extended query protocol for the database. The value can be 0 or 1. The default value is 1, indicating that the extended query protocol is enabled.	UseServerSidePrepare = 1
UseBatchProtocol	Specifies whether to enable the batch query protocol. If it is enabled, DML performance can be improved. The value can be 0 or 1 (default). If this parameter is set to 0, the batch query protocol is disabled (mainly for communication with earlier database versions). If this parameter is set to 1 and support_batch_bind is set to on, the batch query protocol is enabled.	UseBatchProtocol = 1
ForExtensionConnector	This parameter specifies whether the savepoint is sent. The default value is 1. If the value is 0, the savepoint is sent. If the value is 1, the savepoint is not sent.	ForExtensionConnector = 1
ConnectionExtraInfo	Specifies whether to display the driver deployment path and process owner in the GUC parameter connection_info. NOTE: The default value is 0. If this parameter is set to 1, the ODBC driver reports the driver deployment path and process owner to the database and displays the information in the GUC parameter connection_info. In this case, you can query the information from PG_STAT_ACTIVITY.	ConnectionExtraInfo = 1
BoolAsChar	If this parameter is set to Yes, the Boolean value is mapped to the SQL_CHAR type. If this parameter is not set, the value is mapped to the SQL_BIT type.	BoolsAsChar = Yes
RowVersioning	When an attempt is made to update a row of data, setting this parameter to Yes allows the application to detect whether the data has been modified by other users.	RowVersioning = Yes
ShowSystemTables	By default, the driver regards the system table as a common SQL table.	ShowSystemTables = Yes
MaxCacheQueries	Controls the number of precompiled statements cached for each connection. If this parameter is set to 0, the precompiled statement cache pool is disabled on the client. If this parameter is set to a value greater than 4096, the value 4096 is used. If the number of executed statements exceeds the upper limit specified by MaxCacheQueries, the least recently used statements are eliminated. The default value is 0.	MaxCacheQueries=128
MaxCacheSizeMiB	Controls the total size of precompiled statements cached for each connection. This parameter takes effect when the value of MaxCacheQueries is greater than 0. If the total size of cached statements is greater than the value of MaxCacheSizeMiB, the least recently used statements are eliminated. If this parameter is set to a value greater than 4096, the value 4096 is used. The unit is MB. The default value is 1.	MaxCacheSizeMiB=10
TcpUserTimeout	Specifies the maximum duration for which transmitted data can remain unacknowledged before the TCP connection is forcibly closed on an OS that supports the TCP_USER_TIMEOUT socket option. 0 indicates that the default value is used. Ignore this parameter for Unix-domain connections. The unit is millisecond. The default value is 0.	TcpUserTimeout=5000

Table 3 Sslmode options describes the valid values of Sslmode.

**Table 3** Sslmode options
Sslmode	Whether SSL Encryption Is Enabled	Description
disable	No	SSL connection is not enabled.
allow	Possible	If the database server requires SSL connection, SSL connection can be enabled. However, authenticity of the database server will not be verified.
prefer	Possible	If the database supports SSL connection, SSL connection is preferred. However, authenticity of the database server will not be verified.
require	Yes	SSL connection is required and data is encrypted. However, authenticity of the database server will not be verified.
verify-ca	Yes	SSL connection is required and whether the database has a trusted certificate will be verified.
verify-full	Yes	SSL connection is required. In addition to the check scope specified by verify-ca, the system checks whether the name of the host where the database resides is the same as that in the certificate. GaussDB does not support this mode.

(Optional) Contact the administrator to generate an SSL certificate. This step and step 6 are required only when the server and client are connected in SSL mode. Skip the two steps if the non-SSL connection mode is used.
(Optional) Contact the administrator to replace the SSL certificate.
Enable the SSL mode. For details, contact the administrator.
Configure the database server. For details, contact the administrator.

Configure the environment variables on the client.

vim ~/.bashrc

Add the following information to the configuration file:

export LD_LIBRARY_PATH=/usr/local/lib/:$LD_LIBRARY_PATH
export ODBCSYSINI=/usr/local/etc
export ODBCINI=/usr/local/etc/odbc.ini

Make the setting take effect.
```
source ~/.bashrc
```

Verifying the Data Source Configuration

After the installation, the generated binary file is stored in the /usr/bin directory. You can run the isql -v MPPODBC command (MPPODBC is the data source name).

If the following information is displayed, the configuration is correct and the connection succeeds:

+---------------------------------------+
| Connected!                            |
|                                       |
| sql-statement                         |
| help [tablename]                      |
| quit                                  |
|                                       |
+---------------------------------------+

If error information is displayed, the configuration is incorrect. Check the configuration.

FAQs

[UnixODBC][Driver Manager]Can't open lib 'xxx/xxx/psqlodbcw.so' : file not found.
Possible causes:
- The path configured in the odbcinst.ini file is incorrect.
  Run ls to check the path in the error information, ensuring that the psqlodbcw.so file exists and you have execution permissions on it.
- The dependent library of psqlodbcw.so does not exist or is not in system environment variables.
  Run the ldd command to check the path in the error information. If the unixODBC library such as libodbc.so.1 is missing, reconfigure unixODBC according to the procedure, ensure that the lib directory in the installation path is added to LD_LIBRARY_PATH. If other libraries do not exist, add the lib directory under the ODBC driver package to LD_LIBRARY_PATH.
[UnixODBC]connect to server failed: no such file or directory
Possible causes:
- An incorrect or unreachable database IP address or port was configured.
  Check the Servername and Port configuration items in data sources.
- Server monitoring is improper.
  If Servername and Port are correctly configured, ensure the proper network adapter and port are monitored by following the database server configurations in the procedure in this section.
- Firewall and network gatekeeper settings are improper.
  Check firewall settings, and ensure that the database communication port is trusted.
  
  Check to ensure network gatekeeper settings are proper (if any).
[unixODBC]The password-stored method is not supported.
Possible causes:

The sslmode configuration item is not configured in the data sources.

Solution:

Set the configuration item to allow or a higher level. For details, see Table 3.
Server common name "xxxx" does not match host name "xxxxx"
Possible causes:

When verify-full is used for SSL encryption, the driver checks whether the host name in certificates is the same as the actual one.

Solution:

To solve this problem, use verify-ca to stop checking host names, or generate a set of CA certificates containing the actual host names.
Driver's SQLAllocHandle on SQL_HANDLE_DBC failed
Possible causes:

The executable file (such as the isql tool of unixODBC) and the database driver (psqlodbcw.so) depend on different library versions of ODBC, such as libodbc.so.1 and libodbc.so.2. You can verify this problem by using the following method:
```
ldd `which isql` | grep odbc
ldd psqlodbcw.so | grep odbc
```
If the suffix digits of the outputs libodbc.so are different or indicate different physical disk files, this problem exists. Both isql and psqlodbcw.so require libodbc.so to be loaded. If they load different physical files, two sets of function lists with the same name are generated in a visible domain (the libodbc.so.* function export lists of unixODBC are the same). This results in conflicts and the database driver cannot be loaded.

Solution:

Uninstall the unnecessary unixODBC, such as libodbc.so.2, and create a soft link with the same name and the .so.2 suffix for the remaining libodbc.so.1 library.
FATAL: Forbid remote connection with trust method!
For security purposes, the primary database node forbids access from other nodes in the database without authentication.

To access the primary database node from inside the database, deploy the ODBC program on the host where the primary database node is located and set the server address to 127.0.0.1. It is recommended that the service system be deployed outside the database. Otherwise, the database performance may be affected.
[unixODBC][Driver Manager]Invalid attribute value
The unixODBC version may not be the recommended one. You are advised to run the odbcinst --version command to check the unixODBC version in the environment.
authentication method 10 not supported.
If this error occurs on an open-source client, the cause may be:

The database stores only the SHA-256 hash of the password, but the open-source client supports only MD5 hashes.
- The database stores the hashes of user passwords instead of actual passwords.
- If a password is updated or a user is created, both types of hashes will be stored, compatible with open-source authentication protocols.
- An MD5 hash can only be generated using the original password, but the password cannot be obtained by reversing its SHA-256 hash. Passwords in the source version will only have SHA-256 hashes and not support MD5 authentication.
- The MD5 encryption algorithm has lower security and poses security risks. Therefore, you are advised to use a more secure encryption algorithm.
To solve this problem, you can update the user password (see ALTER USER) or create a user (see CREATE USER) having the same permissions as the faulty user.
unsupported frontend protocol 3.51: server supports 1.0 to 3.0
The database version is too early or the database is an open-source database. Use the driver of the required version to connect to the database.
FATAL: GSS authentication method is not allowed because XXXX user password is not disabled.
In pg_hba.conf of the target primary database node, the authentication mode is set to gss for authenticating the IP address of the current client. However, this authentication algorithm cannot authenticate clients. Change the authentication algorithm to sha256 and try again. For details, see 8.
isql: error while loading shared libraries:xxx
The dynamic library does not exist in the environment. You need to install the corresponding library.