- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: permissions on group and other groups
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-24-2008 01:04 PM
тАО06-24-2008 01:04 PM
permissions on group and other groups
The Oracle 10g has the permission setting on its ORACLE_HOME folder that is not the same as 9i.
drwxr-x--- 66 oracle oinstall 2048 Jun 24 15:14 OraHome102
It sets drwxr-xr-x on 9i. Maybe it is for the security reason. This remind me to restrict the access on ORACLE_HOME.
I am asking how to setup the permission that a user belonging to group "orausers" (not in "oinstall") can execute some (just some, not all in $ORACLE_HOME\bin) utilities (like sqlplus, expdp etc.) and avoid other users (not in "oinstall" and "orausers") to access ORACLE_HOME.
Thank you.
Xiaogang
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-24-2008 01:30 PM
тАО06-24-2008 01:30 PM
Re: permissions on group and other groups
to give permission other users to execute utulities as if they are oracle, you can use
sudo. this is manual page:
http://www.sudo.ws/sudo/man/sudoers.html
and this is the download page:
http://hpux.connect.org.uk/hppd/hpux/Sysadmin/sudo-1.6.9p16/
>drwxr-x--- 66 oracle oinstall 2048 Jun 24 15:14 OraHome102
with this permission set, other users can't already cd to $ORACLE_HOME.
Kenan.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-24-2008 03:31 PM
тАО06-24-2008 03:31 PM
Re: permissions on group and other groups
You could run the $ORACLE_HOME/install/changePerm.sh to relax the permissions.
Alternatively, if this is a DB server and you have clients on it(????), you could install a separate /opt/oracle/product/10.2.0/client_1 for a client installation.
This would comply with the OFA, and will have effect of removing dependencies, if you want to apply a client only patch or a DB only patch too.
For selected executables alone, Kenan's suggestion is more apt, as you have more control on specifics, but be aware that your users will not be able to use sqlplus without having access to the lib / msb files in other directories.
Best Regards.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-24-2008 10:30 PM
тАО06-24-2008 10:30 PM
Re: permissions on group and other groups
>but be aware that your users will not be able to use sqlplus without having access to the lib / msb files in other directories.
Yes, but if you add corresponding env variables in users profile it's possible.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-24-2008 10:52 PM
тАО06-24-2008 10:52 PM
Re: permissions on group and other groups
Rajesh was saying that ENV vars won't let you access shlibs that are not executable. You need to make those lib directories R & X.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-24-2008 11:03 PM
тАО06-24-2008 11:03 PM
Re: permissions on group and other groups
i see. in the OS(with oracle 9i) i tried, it was r,x.thanks.