Yep... and we've seen this problem before. The Oracle file systems may need
to be "owned" by the Oracle dba-id; then, the file/directory permissions
can be set with user or group permissions that allow the same Ora dba-id to
read-write-execute. When this is the case, "root" cannot do backup/restore
since it lacks file system and file access permissions... so, AutoSys or
Cron are used by the Ora dba's to schedule their backups. And, always, the
Oracle dba must handle restores.
In case "root" owns the Ora file systems, and has permissions to run the
backups, I've used a separate daemon, with pre-schedulecmd to (a) suid to
the Ora dba-id, then (b) run the Ora admin script for shutdown of the db's;
then the backup runs, and a post-schedule cmd runs the Ora admin script to
start up the db's. If Ora dba-id has file permissions, they can always do
the restores at their convenience.
Technical Architect - Unix Engineering/P.A.C.E.
San Jose, CA
mailto:dfrance AT pacbell DOT net
PACE - http://www.pacepros.com
Bus-Ph: (408) 257-3037
From: Murphy.Jacqueline [mailto:Jacqueline_Murphy AT FTB.CA DOT GOV]
Sent: Wednesday, August 09, 2000 1:12 PM
To: ADSM-L AT VM.MARIST DOT EDU
Subject: FW: Restoring files
Since you're memo did not provide any history, I'm making some
assumption here forgive for starting at the top:
Though we're running UDB EEE, this should still apply. If the
Oracle person can backup to *SM then he/she should be able to restore
modifying their operating system privileges.
They should be able to backup their database to the filesystem and
restore from that backup (the is totally independent of *SM). If not it's
an access privilege issue (ex. user doesn't have the right user group
privileges; user trying to write out to a filesystem they don't have access
to) and or setup issue
(ex. flags are not set...sorry don't know Oracle well enough to provide
examples, or USERID does not have backup/restore privileges within Oracle
the Senior Oracle DBA must set this up).
Do you and/or the UNIX Admin know for certain whether or not this
"pseudo" individual" has backup their data to the local filesystem? If they
can perform a successful backup and restore to/from the filesystem but they
have not backup to *SM I would suggest checking the *SM API configuration
> -----Original Message-----
> From: Gill, Geoffrey L. [SMTP:GEOFFREY.L.GILL AT SAIC DOT COM]
> Sent: Wednesday, August 09, 2000 10:04 AM
> To: ADSM-L AT VM.MARIST DOT EDU
> Subject: Restoring files
> Someone please enlighten me. I have a Unix Administrator who has root
> to all of his computers. He basically wants to give all of his users the
> right to restore files anytime they want. His reasoning is because he
> doesn't have access, here is his note to me:
> Note that we're talking about one pseudo-DBA on the Data Warehouse server.
> He doesn't have root access. He does have "oracle" access (which I don't)
> which means he can only restore database related stuff (which I don't have
> responsibility for).
> He makes it sound like he can't do this but I get the feeling he just
> doesn't want to. Someone please help me understand why he couldn't do
> restores because of his access. I am trying to limit the number of users
> that can do restores so this doesn't get out of hand.
> > Geoff Gill
> > NT Systems Support Engineer
> > Computer Systems Group
> > E-Mail: gillg AT saic DOT com
> > Phone: (858) 826-4062
> > Pager: (888) 997-9614