Re: Different OS user to start/stop listener
Date: Fri, 04 Nov 2011 18:30:53 +0000
Message-ID: <4EB42F5D.4020007_at_petefinnigan.com>
In 10g the local listener authentication worked at the OSDBA group level, in 11g it works at the user level hence you get this error message.
You need to simply stop and start the listener with one user and make sure that user owns the logs.
Doint relax security, Oracle have made the secruity of the listener stronger so it makes sense not to weaken it.
cheers
Pete
LS Cheng wrote:
> Hi
> Does anyone know if it is possible to stop a listener started by another
> user in 11gR2 (I am not sure if 10g had same behaviour).
>
> For instance I have user1 and user2 as dba users in the operating system,
> if user1 starts listener then it seems that only user1 can stop the
> listener, when trying with user2 I am getting
>
> TNS-01190: The user is not authorized to execute the requested listener
> command
>
> I also have a problem with the logfile, since the listener logfiles are
> created with 640 permission if I start the listener using a user who didnt
> create this file before then nothing is written in the log, this obvious
> due to 640 permission but the not so obvious thing is I dont get any
> complaints when starting the listener as another user.
>
> Anyone's got experience with these issues :-? May be I need to relax some
> security restrictions?
>
> Thanks
>
> --
> LSC
>
>
> --
> http://www.freelists.org/webpage/oracle-l
>
>
>
-- Pete Finnigan CEO and Founder PeteFinnigan.com Limited Specialists in database security. Makers of PFCLScan the database security auditing tool. Makers of PFCLObfuscate the tool to protect IPR in your PL/SQL If you need help to audit or secure an Oracle database, please ask for details of our training courses and consulting services Phone: +44 (0)1904 791188 Fax : +44 (0)1904 791188 Mob : +44 (0)7759 277220 email: pete_at_petefinnigan.com site : http://www.petefinnigan.com Registered Office: 9 Beech Grove, Acomb, York, YO26 5LD, United Kingdom Company No : 4664901 VAT No. : 940668114 Please note that this email communication is intended only for the addressee and may contain confidential or privileged information. The contents of this email may be circulated internally within your organisation only and may not be communicated to third parties without the prior written permission of PeteFinnigan.com Limited. This email is not intended nor should it be taken to create any legal relations, contractual or otherwise. -- http://www.freelists.org/webpage/oracle-lReceived on Fri Nov 04 2011 - 13:30:53 CDT