HPE Community
Operating System - HP-UX
1752786 Members
5637 Online
108789 Solutions
New Discussion юеВ

oracle 10g root.sh script questions

 
Matthew McGee
Occasional Advisor

тАО05-27-2005 03:33 AM

тАО05-27-2005 03:33 AM

oracle 10g root.sh script questions

Why does root.sh have to set sticky bits for the nmo and nmb executables?

Ex.

#Change owner and permissions of the remote operations executable
$CHOWN root $ORACLE_HOME/bin/nmo
$CHMOD 6750 $ORACLE_HOME/bin/nmo

#Change ownner and permissions of the program that does memory computations
$CHOWN root $ORACLE_HOME/bin/nmb
$CHMOD 6750 $ORACLE_HOME/bin/nmb

These examples set the root sticky bit for owner and group.


The script goes on to chmod on swapinfo and /dev/rdsk/*.

It then starts to set up OCR without an option to not set it up.

It also initializes Oracle cluster services. We do not want Oracle cluster services.

Has anyone else encountered this?

Thanks,

Matt
0 Kudos
5 REPLIES 5
Steven E. Protter
Exalted Contributor

тАО05-27-2005 04:55 AM

тАО05-27-2005 04:55 AM

Re: oracle 10g root.sh script questions

These Oracle scripts are ugly and I've encournted these issues with Oracle over the years.

Example:
1) Oracle 10g requires fuser be usable by the installation user. This is a huge security problem and I have nightmares about my last job where I left and the onsite guy has fuser enabled for the ias10g user.

2) Suid is required to set up web servers and other products that need to establish socket connections on priviledged ports below 1024. That could explain whats going on with your setup.

The OCR thing is typical oracle. Every database server install I've done the past few years installs a web server for monitoring, stopping and starting the database. It runs once on install and then is forgotten, primarily because nobody cares and oracle doesn't bother to set up auto start on hp-ux systems, something they do routinely on Linux.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Matthew McGee
Occasional Advisor

тАО05-27-2005 05:07 AM

тАО05-27-2005 05:07 AM

Re: oracle 10g root.sh script questions

Can the setuid be skipped?
0 Kudos
Devesh Pant_1
Esteemed Contributor

тАО05-27-2005 10:39 AM

тАО05-27-2005 10:39 AM

Re: oracle 10g root.sh script questions

Matt,
Skipping setuid will result in issues down the road as Steve points out above. However Cluster part can be trimmed from the root.sh without any harm.

thanks
Devesh
0 Kudos
Jean-Luc Oudart
Honored Contributor

тАО05-27-2005 10:21 PM

тАО05-27-2005 10:21 PM

Re: oracle 10g root.sh script questions

Matt

BTW this is no sticky bit but suid and sgid

cf. thread http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=458147

for explanation

Regards
Jean-Luc
fiat lux
0 Kudos
Matthew McGee
Occasional Advisor

тАО06-14-2005 04:11 AM

тАО06-14-2005 04:11 AM

Re: oracle 10g root.sh script questions

Thanks for your replies.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.