| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.tools -> Re: how to set up oracle user ( begginer question)
In article <39a6648b.3863176_at_news.mindspring.com>,
techsup_at_mindspring.com (James Williams) wrote:
> jkucharski_at_altavista.net wrote:
>
> To create an Oracle user you must add an entry to the Oracle database.
>
> create user xxxx identified by yyyyy default tablespace xxxx temporary
> tablespace dddd; and on and on. Suggest you talk to your Oracle
> DBA. Regardless of the UNIX group the user is in they must still have
> a userid in the database. The roles and priviliges granted to this ID
> determine authority after the initial authentication.
> >Hi,
> >
> >I have an oracle database on solaris installed by oracle user.
> >
> >Now how can I create a new user who will be able to execute only
certain
> >commands from /oracle..../bin ( e.g. run sqlplus )
> >
> >Is it better to create a group which will have these provileges ( how
) ?
> >An then assign a user to this group ?
> >I already have a group called DBA ( but this group is too powerfull
for
> >the new user to be in ).
> >
> >This user also has to have the PATH to be set up ( i think .profile
will
> >take care of it ).
> >
> >I am quite ignorant at the moment how to do this.
> >
> >Please any suggestions and pointers to books will be appreciated.
> >
> >Thanks
> >Jan
> >jkucharski_at_altavista.net
>
>
This is an excellent answer, but doesn't address the question. The user is an operating system user, NOT an Oracle database user.
Let's address the issue from the standpoint of executing commands. For the most part the executables in $ORACLE_HOME/bin are set up so that anyone can run them, including svrmgrl (should it exist -- newer versions of 8i invoke sqlplus to start and stop the database). So, by simply setting the proper environment variables in a users .profile, and by setting the path to include $ORACLE_HOME/bin, the user will have access to these executables. My guess on this is that you do not want every executable in $ORACLE_HOME/bin to be available to all users; you are wanting a subset of these commands available, such as sqlplus, sqlldr and, possibly, exp and imp, commands that can do little damage outside of a DBA's hands. I have not found the presence of these commands to be a problem for regular users, that is to say that regular users (non-DBA's) either don't know about the commands or cannot connect to the database with any permissions allowing them to run amok and do damage. I wouldn't worry about it.
Simply set up the users as you normally would for UNIX the set the proper environment variables and path for Oracle access in the .profile.
-- David Fitzjarrell Oracle Certified DBA Sent via Deja.com http://www.deja.com/ Before you buy.Received on Fri Aug 25 2000 - 09:56:36 CDT
 |
 |