Simpler Navigation for Servers and Operating Systems - Please Update Your Bookmarks
Completed: a much simpler Servers and Operating Systems section of the Community. We combined many of the older boards, so you won't have to click through so many levels to get at the information you need. Check the consolidated boards here as many sub-forums are now single boards.
If you have bookmarked forums or discussion boards in Servers and Operating Systems, we suggest you check and update them as needed.
General
cancel
Showing results for 
Search instead for 
Did you mean: 

controlfile permissions not umask settings

Pablo Noya Noya
Occasional Advisor

controlfile permissions not umask settings

Hello all !!!!
Does anyone know why on creation of a controlfile backup (alter database backup controlfile to '......';) the permissions are rw-rw---?? Can I change these settings?? My umask settings for the Oracle user are set to 0 which on creating a blank file with the touch command creates a file with rw-rw-rw permissions. Why should this be different? I really need 666 for the controlfile backup as it's the only way a backup configuration I have will work.
Regards and thanks in advance,

Pablo
5 REPLIES
bhavin asokan
Honored Contributor

Re: controlfile permissions not umask settings

hi,


see the following link and answer of Clay Stephenson.If you have umask set to 000 then whatever mode results when the application creats a file is the mode that the programmer intended.

http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=723084


regds,
Jean-Luc Oudart
Honored Contributor

Re: controlfile permissions not umask settings

HI Pablo,

Which utility do you use to run this command ?
You probably have a front end and connect to the Database through SQLNET. Therefore, the permissions would be the one of the user starting the tns process (listener).
What are they ?

Regards
Jean-Luc
fiat lux
Patti Johnson
Respected Contributor

Re: controlfile permissions not umask settings

I could not find a way to get oracle to create the controlfile with the permissions that you want. But there is no harm in changing the permission after the file is created. Try this from your backup script
SQL> alter database backup controlfile to '/tmp/bk1';

SQL> host chmod 666 /tmp/bk1

Patti
Pablo Noya Noya
Occasional Advisor

Re: controlfile permissions not umask settings

In reply to your queries, I am integrating a SAP R3 instance, Data Protector and EMC Symmetrix for an online split mirror backup. It works fine except when backing up the copy of the control file. However, on changing the permissions of the file to 666, all is well.
I have tested the creation of the control file directly from the db server with sqlplus thus avoiding any connection via Net8, therefore Oracle directly creates the file with these permissions. But I am still unable to identify the origin of the permissions granted. When creating a datafile, the same permissions are granted.
Patti Johnson
Respected Contributor

Re: controlfile permissions not umask settings

I believe the file permissions are a combination of the umask of the Oracle account and the permissions on the oracle executable.
If you set the oracle account umask to 022 - then files created by oracle will have 640 as their permission - if you change it to 000 - then the files are created as 660.
The permissions on $ORACLE_HOME/bin/oracle are set to rwsr_s__x
I tried setting the permission on $ORACLE_HOME/bin/oracle to rwsrwsrwx and the files are still created the same.
For security it's best to have the Oracle files created as 640 so that only the Oracle account owner can delete database files. Oracle will allow you to change for the Oracle group - but does not allow you to give delete (write) permission to world. Changing after file creation is probably your safest option.

Patti