Re: Oracle 7 and UNIX permissions - Help

bagley_at_zimmer.CSUFresno.EDU (Elizabeth Bagley) wrote:

>Gerard H. Pille (ghp_at_infosoft.be) wrote:
 

>: Hello Lisa,
 

>: Are you sure you have run 'root.sh' after installation? It might be that oracle (in
>: $ORACLE_HOME/bin) hasn't got its setuid bit on.
>: ls -l $ORACLE_HOME/bin/oracle should give something like
 

>: -rws--x--x oracle dba ...... oracle
>: ^
 

>Thanks for your response. I checked all of the modifications that should
>have been made by root.sh and all appears okay. The permissions on the
>oracle binary are 6751, so that appears okay as well.
 

>: Or your problem might be more basic: do the users, on login, execute oraenv, which sets
>: up their environment for a specific $ORACLE_SID?
 

>Unfortunately, the environment appears to be set appropriately. I can connect
>to the databases just fine when I've temporarily made the dbs files group
>writable when I'm a member of that group or when I've temporarily made the
>files world (!) writable.
 

>If the setuid is actually setting the uid, is does seem odd that I don't
>have permission to access the files in dbs that are owned by oracle.
 

>Any other thoughts on what I should look at are most humbly welcomed.

What are the permissions on the directories in the path to the database files. Given that you were successful in adding your identity to the dba group. The implication is that you are not being permitted toaccess the directory. As my Unix is SVR5.4 it may not be true for Solaris but directories should be 755 to allow users to search for Oracle files. The Oracle owner should have a umask 022 to allow group and other read(and directory search) but not write when creating objects. Your ordinary users will be other as far as Unix is concerned with regard to the Oracle files which is as you require.

Second thoughts are there any restrictions in the Solaris kernel on which users are permitted to invoke setuid which needs to be relaxed.

Best Regards
Renhart    Received on Tue Apr 02 1996 - 00:00:00 CEST