i,m a sr. unix admin and would love to restrict root access permission that is granted to one of my database admin without stopping him from doing his oracle functions. what shell do i need to run to accomplish these.please respond ASAP. Thanks, bassey essien.
Is he not able to do his Oracle activities from the 'oracle' account (or whatever you've called it). He shouldn't need root access just to administer the databases.
sudo sounds like a good choice. You can configure the DBA to have root access to only those commands you specify in the sudoers file. Additional, there is good logging associated with the utility and all sudo commands will be logged with a date-time stamp.
Why does he need root access? Here no oracle user have root privilege, I mean no dba have root passwd... now when they need anything they should ask the sysadm...(Thats the official version...) If root privilege is needed for a special task you have 2 choices: 1)look if you cannot solve this with restricted SAM. 2) Use sudo which will give root priv. for what you have defined
Restricted SAM and sudo are both good options. Personally, I prefer sudo because you have a finer degree of control over the specific ativities allowed and because I find teh sulog easier to examine/parse tha SAMlogs.
I usually try to steer clear of this issue, but I find it highly amusing that the only post in this thread which was helpful to the OP was apparently Chris' request that points be assigned.
