Operating System - HP-UX
1830241 Members
1427 Online
109999 Solutions
New Discussion

Oracle user & database permissions

 
SOLVED
Go to solution
Tim O'Connell
Regular Advisor

Oracle user & database permissions

We are moving our Oracle users/databases from Unixware2.1.3 to HPUX11. Is there a document worth reading which gives info on what permissions database files should have, who should be a member of dba group, what permissions directories should have etc. I think our current situation is quite good but I just want to be sure that what I am replicating is correct. Hope someone can point me in the right direction.

Thanks,

Tim
4 REPLIES 4
Jeff_Traigle
Honored Contributor
Solution

Re: Oracle user & database permissions

I don't have a document handy though I do have one at home from my previous job that spelled out things like this. Basically, it boiled down to the following as best I can recall:

All datafiles and directories concerning the database and additional administration scripts were set with 770 or 660 permissions, as appropriate. All of these were owned by user oracle in group dba. WHo's a member of the dba group could vary depending on your environment, but ours only had oracle in it. The rc scripts were configured with the same ownership and permissions as any other.
--
Jeff Traigle
Fred Ruffet
Honored Contributor

Re: Oracle user & database permissions

Hi !

Depend on what you want, but putting an umask of 027 to oracle user may be good. As long as the Oracle software is installed with this user and Database Files are created with him, it will give access to him and his group (dba). This will be enough (no need for other users to read those files).

It may also be a good think to follow OFA organization wich is highly recommended by Oracle.

Regards,

Fred
--

"Reality is just a point of view." (P. K. D.)
Steven E. Protter
Exalted Contributor

Re: Oracle user & database permissions

Don't need a doc for that.

oracle should be a normal user group dba is optional but thats a convention.

Oracle developers should be part of the dba group. Oracle users that need command line access should be part of the group.

All of these users should have a umask of 022 or 027.

Your ORACLE_HOME and ORACLE_SID environment variables should be set the same though the utility you use to set them will probably require some changes.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Tim O'Connell
Regular Advisor

Re: Oracle user & database permissions

Thanks for all the responses. Points awarded

Tim