From oracle-l-bounce@freelists.org Wed Mar 30 22:21:28 2005 Return-Path: Received: from air891.startdedicated.com (root@localhost) by orafaq.com (8.12.10/8.12.10) with ESMTP id j2V4LS47008424 for ; Wed, 30 Mar 2005 22:21:28 -0600 X-ClientAddr: 206.53.239.180 Received: from turing.freelists.org (freelists-180.iquest.net [206.53.239.180]) by air891.startdedicated.com (8.12.10/8.12.10) with ESMTP id j2V4LQem008419 for ; Wed, 30 Mar 2005 22:21:27 -0600 Received: from localhost (localhost [127.0.0.1]) by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTP id 525DC8AF24; Wed, 30 Mar 2005 22:19:30 -0500 (EST) Received: from turing.freelists.org ([127.0.0.1]) by localhost (turing [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 32204-04; Wed, 30 Mar 2005 22:19:30 -0500 (EST) Received: from turing (localhost [127.0.0.1]) by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTP id CCE868AF26; Wed, 30 Mar 2005 22:19:29 -0500 (EST) Message-ID: <424B6BD2.2080701@yahoo.co.nz> Date: Thu, 31 Mar 2005 13:17:38 +1000 From: Mark Burgess User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Kip.Bryant@Vishay.com Cc: oracle-l@freelists.org Subject: Re: urgent connect '/ as sysdba' insufficient privs References: <01LMHWZENKAI9353IR@Mail.Vishay.com> In-Reply-To: <01LMHWZENKAI9353IR@Mail.Vishay.com> Content-type: text/plain Content-Transfer-Encoding: 8bit X-archive-position: 17883 X-ecartis-version: Ecartis v1.0.0 Sender: oracle-l-bounce@freelists.org Errors-To: oracle-l-bounce@freelists.org X-original-sender: mburgess_nz@yahoo.co.nz Precedence: normal Reply-To: mburgess_nz@yahoo.co.nz X-list: oracle-l X-Virus-Scanned: by amavisd-new-20030616-p9 (Debian) at avenirtech.net X-Spam-Checker-Version: SpamAssassin 2.60 (1.212-2003-09-23-exp) on air891.startdedicated.com X-Spam-Status: No, hits=0.0 required=5.0 tests=none autolearn=ham version=2.60 X-Spam-Level: Hi Kip, yes I have had this issue recently whilst setting up RAC in a test environment..different GID and UID between the nodes caused a few ownership issues on the datafiles depending on what instance was last writing to the datafiles. This was corrected this by setting the UID and GID for oracle to the same values for both nodes resolving the ownership problems however I could not connect "/ as sysdba". Resolved this through a relink of the binaries. From memory and unfortunately I dont have any notes to back this up the uid and gid are stamped on the oracle binary along with the datafile headers. I have done a little research and the UID and GID are stored in the file inode for the oracle binary. One could assume that changing the uid or gid for the oracle unix user without changing the oracle binary would result in a mis-match between the two ids. The relink resolves this through recreating the oracle binary which in turn I suspect resets the uid and gid for the inode for the oracle executable. Perhaps someone on the list could offer some more insight into how this works... Regards, Mark Kip.Bryant@Vishay.com wrote: > Hi Mark, > > Interesting note about UID. Have you experienced this yourself? I went > through a disaster recovery drill at an outsourced site where everything was > built up from bare metal including accounts. My notes are not clear on when I > finally got annoyed enough to have the SA's create accounts with the original > UID so maybe I just got lucky. Startup with svrmgrl was OK. I added need for > documenting of original UID to procedures in the event that accounts still had > to be created from scratch. > > Kip > > |Hi April, > |have there been any previous changes to gid or uid for the oracle unix > |user after the last relink of the oracle executable? if so then you > |might have to relink the oracle binaries: > > |$ORACLE_HOME/bin/relink all > > |also check the permissions on $ORACLE_HOME/bin/oracle as well..they > |should be 6751 or rwsr-s--x > > |from memory the uid and gid is stored in the oracle executable on > |relink..subsequent changes to the uid or gid for the oracle user can > |result in this sort of permissions error.. > > |aj wells wrote: > |> 9i instance > |> Linux > |> > |> Okay, we have an instance that we can log into connect sys/password as > |> sysdba and it works fine > |> however... > |> if we try to log in '/ as sysdba' it complains about insufficient privs... > |> > |> > |> suggestions would be most welcome > |> > |> have deleted password file and recreated password file > |> oracle user is a member of the dba group > |> relinked sqlplus > |> what are we missing? > |> > |> ajw > |> -- > |> http://www.freelists.org/webpage/oracle-l > |> > > > > |-- > |http://www.freelists.org/webpage/oracle-l > -- > http://www.freelists.org/webpage/oracle-l > -- http://www.freelists.org/webpage/oracle-l