Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: How to prevent oracle from deleting audit trail files

Re: How to prevent oracle from deleting audit trail files

From: Chuck <skilover_nospam_at_bluebottle.com>
Date: Mon, 08 May 2006 13:32:18 GMT
Message-ID: <CLH7g.4789$k%2.2749@trnddc03>


dbaplusplus_at_hotmail.com wrote:
> My question is more of UNIX admin question, but since some people in
> this group are both UNIX and Oracle administartors, I am asking here
> for advice.
>
>
> I have Oracle installed as oracle UNIX login on a HP UNIX 11i,
> Oracle processes also run from oracle UNIX login. Oracle is writing
> some audit files in a directory. Is there anyway for me to ensure:
>
> 1. audit files cannot be deleted by oracle.
> 2. audit files cannot be modified by oracle outside of oracle
> processes, i.e., oracle processes can obviously write the information,
> but I if I login using oracle, I cannot edit the file.
>
> Only solution I know is to have a cron script that runs every few
> minutes, which will change the ownership of files to root (or a non
> oracle login). But then the script has to figure out when the file is
> completely written (i.e., oracle is done with all its writing. I.e., no
> longer will write to this file ...).
>
> Are there other solutions? Any pointers will be helpful.
>
> Thanks
>

Install and run oracle from an account that nobody has permissions to. Allow read only access to other accounts for the audit files. Received on Mon May 08 2006 - 08:32:18 CDT

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US