svrmgrl privileges

I have two instances running on a single (Irix) server. Since certain select users have access to the oracle software owner password, I would like to remove their ability to access either db through svrmgr(connecting as internal). I have changed the owner of svrmgr to a different user than the oracle software owner, and the group is dba. The oracle(software owner) user isn't a member of the dba group in /etc/group. If execute permission is set for the group dba on svrmgr, then the oracle account can run svrmgr and connect as internal...no questions asked. If I remove the execute permission for the dba group, then the oracle account can't run svrmgr. Does someone know if there is something in the code of svrmgr which automagically makes the oracle software owner a member of the dba group?

My understanding (which may be incorrect), is that there isn't a way to set a password for the internal user for svrmgr. This, I assumed, was a result of being able to run svrmgr, and connect internally, while the database (which contains the users/passwords) is still down. Please inform me if this is incorrect, as setting a password for "internal" would be easier than the roundabout steps I've been taking.

I realize the easiest possibility is to change the oracle software account passwd, but currently this isn't an simple option.

For all of the above "svrmgr" I'm actually referring to svrmgrl.

Thanks in advance,

Coburn Watson
Information Systems Support - Research
Scios, Inc.
cpw_at_slip.net

yes, my opinions are my own..... Received on Wed Mar 12 1997 - 00:00:00 CST