| OS authentication [message #573724] |
Wed, 02 January 2013 15:50  |
 |
thiyagusham
Messages: 112
Registered: April 2012
Location: Chennai
|
Senior Member |
|
|
Hi to all ;
I need some clarity regarding OS pasword authentication.
I red many articles still i need some clarity some clarity.
Testing From User A
# useradd -m -g oinstall a
# passwd a
Changing password for user a.
New UNIX password:
BAD PASSWORD: it's WAY too short
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
su - a
[a@testorcl ~]$ export ORACLE_HOME=/u01/app/oracle/product/10.2.0/db_1
$ export PATH=$PATH:$ORACLE_HOME/bin
$ export ORACLE_SID=testdb
$ sqlplus /nolog
SQL*Plus: Release 10.2.0.1.0 - Production on Thu Jan 3 01:33:49 2013
Copyright (c) 1982, 2005, Oracle. All rights reserved.
Testing From user B :
# useradd -m -g dba b
# passwd b
Changing password for user b.
New UNIX password:
BAD PASSWORD: it's WAY too short
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
su - b
Password:
$ export ORACLE_HOME=/u01/app/oracle/product/10.2.0/db_1
$ export PATH=$PATH:$ORACLE_HOME/bin
$ export ORACLE_SID=testdb
$ sqlplus /nolog
sqlplus: error while loading shared libraries: libsqlplus.so: cannot open shared object file: No such file or directory
[b@testorcl ~]$
I need one more clarification ..
Mostly all docs saying In UNIX platform, the special user group is called the DBA group,
but i see user a belongs with oinstall and "user b belongs with dba So user b could n't login."
Which one group is authorized to authenticate "conn /as sysdba"
[Updated on: Wed, 02 January 2013 15:52] Report message to a moderator |
|
|
|
|
|
|
|
|
|
| Re: OS authentication [message #573747 is a reply to message #573732] |
Wed, 02 January 2013 23:24  |
|
thiyagusham
Messages: 112
Registered: April 2012
Location: Chennai
|
Senior Member |
|
|
Thanks to your reply.
Yes you are right user b lacks to invoke sqlplus. so that i set env for both users
$ export ORACLE_HOME=/u01/app/oracle/product/10.2.0/db_1
$ export PATH=$PATH:$ORACLE_HOME/bin
$ export ORACLE_SID=testdb
Given information is not irrelevant & immaterial.
i don't know , what do you expect from me ?
Please see how both users added
Quote:user A with oinstall
user B with dba
my straight ques is
which group is authorized to provide os authentication to os users except oracle user ?
Note : Oracle docs saying who belongs dba group (local DB connctivity)
without username/password verification can login as (connect /as sysdba)
but i checked it provide -ve result (dba group). So that i am asking.
Regards
Sham .G
[Updated on: Wed, 02 January 2013 23:32] Report message to a moderator |
|
|
|
|
|
|
|
|
|
| Re: OS authentication [message #573866 is a reply to message #573864] |
Thu, 03 January 2013 13:22 |
 |
Michel Cadot
Messages: 68637
Registered: March 2007
Location: Nanterre, France, http://...
|
Senior Member
Account Moderator |
|
|
You seem to want to ignore the FIRST condition which is not in Oracle documentation because it is implicit for any system and product/program: you must FIRST be able to use the program that is you must FIRST have the privileges at OS level to execute the program and any of the libraries it requires.
Your error has nothing to do with Oracle itself, it is the privileges on oracle binaries and libraries at OS level.
So back to your first error: what are the privileges on "libsqlplus.so"?
Regards
Michel
[Updated on: Thu, 03 January 2013 13:22] Report message to a moderator |
|
|
|
|
|
|
|
|
|
| Re: OS authentication [message #573871 is a reply to message #573870] |
Thu, 03 January 2013 14:08 |
|
thiyagusham
Messages: 112
Registered: April 2012
Location: Chennai
|
Senior Member |
|
|
Yes Blackswan now you repeat same answer ,
Here we have problem with dba group and oinstall group.
If i add again user b with oinstall group , user b can connect to sqlplus. (i.e. connect /as sysdba)
problem is oinstall vs dba group only.
Quote:
why OS user with oinstall can access DB ?
why OS user with dba can't access DB ?
How can i troubleshoot ?
[Updated on: Thu, 03 January 2013 14:11] Report message to a moderator |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| Re: OS authentication [message #573882 is a reply to message #573880] |
Thu, 03 January 2013 16:47 |
|
thiyagusham
Messages: 112
Registered: April 2012
Location: Chennai
|
Senior Member |
|
|
Hi Michel;
Thanks for your help Michel !
$ find $ORACLE_HOME -name 'perm*sh' -ls
no output here ..
$ cd install
[oracle@testorcl install]$ ls -l
total 240
-rw-r----- 1 oracle oinstall 0 Jun 7 2005 createseed1.sh
-rw-r----- 1 oracle oinstall 0 Jun 7 2005 createseed.sh
-rw-r----- 1 oracle oinstall 977 Dec 24 03:29 envVars.properties
drwxr-x--- 2 oracle oinstall 4096 Dec 24 03:26 jlib
-rw-r----- 1 oracle oinstall 194849 Dec 24 03:29 make.log
-rwxr-xr-x 1 oracle oinstall 0 Dec 24 03:29 oratab
-rw-r----- 1 oracle oinstall 132 Dec 24 04:01 portlist.ini
-rw-r----- 1 oracle oinstall 221 Dec 24 04:02 readme.txt
-rwxr-xr-x 1 oracle oinstall 824 Dec 24 03:28 rootdeletenode.sh
-rw-r----- 1 oracle oinstall 9646 Dec 24 03:28 rootlocaladd
-rw-r----- 1 oracle oinstall 0 Jun 7 2005 seed.log
-rw-r----- 1 oracle oinstall 2800 Jun 7 2005 templocal
drwxr-x--- 2 oracle oinstall 4096 Dec 24 03:29 unix
drwxr-x--- 2 oracle oinstall 4096 Dec 24 03:28 utl
Related file not found here ..
[Updated on: Thu, 03 January 2013 16:48] Report message to a moderator |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| Re: OS authentication [message #573980 is a reply to message #573978] |
Fri, 04 January 2013 12:58 |
|
thiyagusham
Messages: 112
Registered: April 2012
Location: Chennai
|
Senior Member |
|
|
Hi Blackswan ;
Oh ! Myself , " don't understand how OS permission actually work."
then , try to provide correct solution to me.
Quote:Why we are making these of conversations here ?
I tried to set os authentication to few users.
I wan't to Everything i mean "what i am doing presently"
See here .. what's my current goal ? and please ignore ops$ account.
Everything is here. I want to explain clearly
why os account without dba group i.e . why i am getting error.
I have responsibility what i did ? Simply i can't say to my XXXXXX
"Problem Exists Between Keyboard And Chair "
SQL> create user ops$sam identified externally;
User created.
SQL> grant connect to ops$sam;
Grant succeeded.
useradd -m -g oinstall sam
# passwd sam
Changing password for user sam.
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
# su - sam
$ export ORACLE_HOME=/u01/app/oracle/product/10.2.0/db_1
$ export PATH=$PATH:$ORACLE_HOME/bin
$ export ORACLE_SID=testdb
$ sqlplus /
SQL*Plus: Release 10.2.0.1.0 - Production on Tue Dec 25 03:38:52 2012
Copyright (c) 1982, 2005, Oracle. All rights reserved.
SQL> show user;
USER is "OPS$SAM"
Without understanding concept of permissions i'm not doing this ..
Please provide useful information .. but you are criticizing me!
Thanks Blackswan !!
[Updated on: Fri, 04 January 2013 13:01] Report message to a moderator |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| Re: OS authentication [message #574062 is a reply to message #574059] |
Sun, 06 January 2013 08:06 |
|
Michel Cadot
Messages: 68637
Registered: March 2007
Location: Nanterre, France, http://...
|
Senior Member
Account Moderator |
|
|
I don't understand what you want to show.
Once more, answer my second question.
I'm not under pressure, I can wait as long as long as you don't answer and don't explain what your posts mean.
Regards
Michel
|
|
|
|
] 
Blog
Search
Help
Members
Register
Login
Home
