Re: Create operating system file

cakilner_at_my-deja.com wrote:
>
> Here's the problem.
>
> I have a UNIX account that runs a cronjob and creates an operating
> system file. The problem is the operating system file is owned by
> ORACLE which is not the same account that the cronjob exists. I need
> this file to have write permissions for this other unix account
> (although preferably owned by this other account).
>
> I've tried the UMASK command on Oracle account and other account to have
> "others" with RW. I couldn't get it to work, but I don't really like
> this option as it opens a lot of security holes.
>
> Any suggestions on the Oracle side what I can do?

This is a well-documented problem On UNIX the fix is easy.

In the shell script that is run from cron, create the file like this:

>myfile.dat

Then chmod/chgrp/chown to get it the way you want. You must give global write permissions. I tend to go with 666 but if you are worried about security you might want to use 222.

Pass the path and name of this file (as separate parameters) to your program. I'm going to guess that this is either a pl/sql program or that you have an embedded pl/sql block which uses utl_file, so in that program just do the utl_file.fopen() with the path and name that you passed in and with a mode of 'A' (append).

When the program exits, use chmod/chgrp/chown again as necessary to put the file in the final state.

One other possability that you might want to consider is to create a temp file with a name like

/tmp/tmp$$.tmp (shell will expand $$ to the pid of the program) and pass this to your program. When the program exits then copy the temp file to the permanent file name and set permissions/ownership as desired. You could even try making the temp file a hidden file to keep casual explorers at bay.

I'll grant that this has a certain level of security weakness, but the solution does work predictably and will probably be good enough for what you need. Received on Mon Jan 03 2000 - 13:59:16 CST