Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: safe to delete 'old' archive logs?

Re: safe to delete 'old' archive logs?

From: Holger Baer <holger.baer_at_science-computing.de>
Date: Wed, 19 May 2004 09:42:31 +0200
Message-ID: <c8f359$b2i$1@news.BelWue.DE> 





G Dahler wrote:


> "Howard J. Rogers" <hjr_at_dizwell.com> a écrit dans le message de

> news:40a96d09$0$3032$afc38c87_at_news.optusnet.com.au...

> 

> 


>>But getting back to the thread. My point was that the group for the OPs
>>archives, which you seemed to dislike on the grounds that they were
>>'oinstall', were actually correct, surely? Depending on what groups he
>>specified at install time, of course.
>>
>>That therefore suggesting he change their ownership is a bit of a
>>blunderbuss technique. Possibly.
>>




> 

> 

> I think that once the database is running, files created by the oracle

> software are supposed to be owned by "oracle" account and the dba group.

> 

> I still wonder why oracle decided to further complicate installation by

> adding that confusing "oinstall" thing.  I may be wrong, but I still use

> only ONE uid/gid and that's oracle:dba. Maybe they invented that concept

> only to please the sysadmins so that they could install oracle themselves

> (and most of the time in an horrible manner) instead of working WITH their

> DBA.


> 

> Otherwise, I had all sorts of problems with the universal installer trying

> to update it's inventory when adding products on a machine and using a

> different uid as the software owner for another product in another oracle

> home. Some files we not group writable (they were supposed to be, it was an

> OUI bug) and I ended up having to reinstall ALL the software.

> 

> I now stick to a single group.

> 

> I think oracle has corrected the OUI since then.

> 




I always understood that the distinction between oinstall and dba was to make sure
that someone with the dba group can act as sysdba *within* the database by means
of sql*plus, rman, svrmgr etc. but at the same time prevent those people to
muck around with the OS. It's a bit like granting the privilege to execute a
procedure or package to manipulate database objects, but no privilege on the
objects themself.



So it's just how Oracle sees the world, not necessarily how the world in reality
is. And sometimes (as with archivelogs, tracefiles etc. ) it's quite inconvenient,
too.



My 2 EuroCent



Holger
Received on Wed May 19 2004 - 02:42:31 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US