| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.server -> Re: Creating a instance for another user...
HARI OM wrote:
> I am using Oracle 9.2.0.1.0 on IBM AIX 5.1L
>
> I have Oracle installed on /usr/local/oracle with Username:Group as
> oraown:oracle
>
> Now, I have one more AIX user named "tiger" who would like to use
this
> DB. So, when I create a new instance for this user ("tiger") do I
> create it using User ORAOWN or Uer TIGER?
> The reason I am asking is becos Tiger might NOT have access to
DBF/LOG
> Files as does Oracle User.
Please be sure you understand the meanings of "instance," "database," and "user." It kind of sounds like you don't.
>
> Example: ALL my DB data is stored under /u01/data/ with user:group as
> oraown:oracle which means Tiger does not have access to this
directory
> and so does the directory to execute SQLPLPUS... So, what is the best
> solution in these circumstances...
>
> I was thinking of having user "Tiger" belong to Group "oracle" and
then
> have Directory permissions as "drwxrwxr-x" for Directories
(/u01/data,
> /u02/redo1, /u03/redo3, /usr/local/oracle etc...) and have the
instance
> created using DBCA as user "oraown"
> So, is this the best solution ... Can there be any security flwas in
> having these permissions...
>
> Or is there any better solution...
If you give Tiger the oracle group, he will be able to destroy everything. Is that what you want?
Naming the group "oracle" is pretty confusing, that is why the group is usually named something like "dba." Then you might have some other group with some other name for users. They login to oracle with a tool or application using their username and password, and oracle then allows them to access the data you've set up for them, either automatically in their own schema or with grants and perhaps synonyms in another. You can also set things up so they don't have to give oracle a password, letting the OS handle that.
>
> THANKS!
>
> HARI OM
Oracle, the executable, should be the only one messing with the data
files - that is why it has strange looking permissions like -rwsr-s--x.
Normally, an instance should be controlling a database, and users
should be accessing the data through their schemata.
Have you tried following the installation instructions?
jg
-- @home.com is bogus. "[Hunter S. Thompson] was the last person in the world I would have expected to kill himself. I would have been less surprised if he had shot me." - Mike CleverlyReceived on Tue Feb 22 2005 - 16:16:18 CST
 |
 |