Hello All,
I have a question about Oracle User;
When I check the image list by using bplist
command, I see that ‘oratpp’ user has backed up the FILES which
seems like a member of Oratpp Group. The first weird thing is we dont have a
group as named ‘Oratpp’. If you check the ‘/etc/group’
and ‘/etc/passwd’ outputs below; you will see that ‘Oratpp’
user is member of ‘dba’, ‘oper’ and ‘sapsys’.
As you see below, it doesn’t show the
group column as ‘dba’. I showld be ‘Oratpp + dba’, not
‘Oratpp + Oratpp’.
I’ve cheked the ‘umask’ for
Oratpp user and it is ‘006’. So the permissions should be ‘660
(-rw-rw----)’ NOT ‘600 (-rw-------) as seems.
We have many DB agents, just this one is
weird.
We suggest that the permissions are ‘660’
as it has to be, to Duplicate the DATA to the another Oracle Client.
By the way, the DATABASE has been established
under the HOME directory of Oratpp user (/Oracle/TPP).
The one more information; when we run the
Control Files backups by RMAN, the permissions seem like 640.. It is better
than other and looks enough for us.
All of the outputs are below.
Does anyone has any idea? Let me know please.
Many Thanks.
Regards.
Servet INCE
bash-3.00# ./bplist -t 4
-l -R /
-rw-------
oratpp oratpp 93052416K Feb 04
09:10 /bk_7244_1_677921171
-rw-------
oratpp oratpp 82575360
Feb 04 06:17 /al_7243_1_677917042
-rw-------
oratpp oratpp 928251904 Feb 04
03:24 /al_7242_1_677906244
-rw-------
oratpp oratpp 103961344K Feb 04 07:25
/bk_7241_1_677905277
-rw-------
oratpp oratpp 249036800 Feb 04
00:17 /al_7240_1_677895439
-rw-------
oratpp oratpp 137101312 Feb 03
21:17 /al_7239_1_677884638
-rw-------
oratpp oratpp 1473792K
Feb 03 18:19 /al_7238_1_677873839
-rw-------
oratpp oratpp 720896000 Feb 03
15:19 /al_7237_1_677863042
-rw------- oratpp
oratpp 761004032 Feb 03 12:18
/al_7236_1_677852237
-rw-------
oratpp oratpp 247463936 Feb 03
10:05 /al_7235_1_677844275
-rw-------
oratpp oratpp 456130560 Feb 03
09:18 /al_7234_1_677841446
-rw-------
oratpp oratpp 92893184K Feb 03
10:03 /bk_7232_1_677830585
-rw-------
oratpp oratpp 85721088
Feb 03 06:17 /al_7233_1_677830640
-rw-------
oratpp oratpp 103886848K Feb 03 06:16
/bk_7230_1_677818866
-rw-------
oratpp oratpp 1660416K
Feb 03 03:20 /al_7231_1_677819839
-rw-------
oratpp oratpp 199229440 Feb 03
00:18 /al_7229_1_677809038
-rw-------
oratpp oratpp 148635648 Feb 02
21:17 /al_7228_1_677798237
-rw-------
oratpp oratpp 657719296 Feb 02
18:18 /al_7227_1_677787439
-rw-------
oratpp oratpp 1052508160 Feb 02 15:19
/al_7226_1_677776652
-rw-------
oratpp oratpp 1587712K
Feb 02 12:19 /al_7225_1_677765831
TPSAPPRO üzerindeki
/etc/group
bash-3.00# cat
/etc/group
root::0:
other::1:root
bin::2:root,daemon
sys::3:root,bin,adm
adm::4:root,daemon
uucp::5:root
mail::6:root
tty::7:root,adm
lp::8:root,adm
nuucp::9:root
staff::10:
daemon::12:root
sysadmin::14:
smmsp::25:
gdm::50:
webservd::80:
postgres::90:
nobody::60001:
noaccess::60002:
nogroup::65534:
sapsys::100:oratpp
oper::101:tppadm,oratpp
dba::102:tppadm
sdofflin::103
TPSAPPRO /etc/passwd
bash-3.00# cat
/etc/passwd
root:x:0:0:Super-User:/:/sbin/sh
daemon:x:1:1::/:
bin:x:2:2::/usr/bin:
sys:x:3:3::/:
adm:x:4:4:Admin:/var/adm:
lp:x:71:8:Line Printer Admin:/usr/spool/lp:
uucp:x:5:5:uucp
Admin:/usr/lib/uucp:
nuucp:x:9:9:uucp
Admin:/var/spool/uucppublic:/usr/lib/uucp/uucico
smmsp:x:25:25:SendMail
Message Submission Program:/:
listen:x:37:4:Network
Admin:/usr/net/nls:
gdm:x:50:50:GDM Reserved
UID:/:
webservd:x:80:80:WebServer
Reserved UID:/:
postgres:x:90:90:PostgreSQL
Reserved UID:/:/usr/bin/pfksh
svctag:x:95:12:Service
Tag UID:/:
nobody:x:60001:60001:NFS
Anonymous Access User:/:
noaccess:x:60002:60002:No
Access User:/:
nobody4:x:65534:65534:SunOS
4.x NFS Anonymous Access User:/:
tppadm:x:100:100:SAP
System Administrator:/export/home/tppadm:/usr/bin/csh
oratpp:x:101:102:SAP
Database Administrator:/oracle/TPP:/usr/bin/csh
tpftp:x:102:100:Tupras
FTP Kullanicisi:/usr/sap/trans/EPS:/bin/sh
humanist:x:103:1:FTP
User:/usr/sap/trans/humanist:/bin/sh
veritas:x:104:102::/veritas:/usr/bin/ksh
The one more information; when we run the
Control Files backups by RMAN, the permissions seem like 640.. It is better
than other and looks enough for us.
bash-3.00$ id
uid=101(oratpp)
gid=102(dba)
bash-3.00$ rman catalog
rman/rman@rmandb target /
Recovery Manager:
Release 9.2.0.7.0 - 64bit Production
Copyright (c) 1995,
2002, Oracle Corporation. All rights reserved.
connected to target
database: TPP (DBID=1318170203)
connected to recovery
catalog database
RMAN> run
2> {
3> allocate channel c1
type disk;
4> backup current
controlfile format '/veritas/TPP_controlfile';
5> release channel c1;
6>
}
starting full resync of
recovery catalog
full resync complete
allocated channel: c1
channel c1: sid=21
devtype=DISK
Starting backup at
09-FEB-09
channel c1: starting
full datafile backupset
channel c1: specifying
datafile(s) in backupset
including current
controlfile in backupset
channel c1: starting
piece 1 at 09-FEB-09
channel c1: finished
piece 1 at 09-FEB-09
piece
handle=/veritas/TPP_controlfile comment=NONE
channel c1: backup set
complete, elapsed time: 00:00:01
Finished backup at
09-FEB-09
released channel: c1
RMAN>
bash-3.00# cd veritas/
bash-3.00# ls -l
total 37972
-rw-r----- 1
oratpp dba 9699328 Feb 9 16:59
TPP_controlfile
-rwxrwxrwx 1
root root 11019 Jan
30 18:15 arch.sh
-rw-rw-rw- 1
root root
3317 Feb 9 15:30 arch.sh.out
-rw-r--r-- 1
root
root 288 Jan 23 09:56
cont_restore.sh
-rw-r--r-- 1
root root
3087 Jan 23 15:35 duplicate.sh
-rw-r--r-- 1
root
root 505 Apr 4 2007
hot.err
-rwxrwxrwx 1
veritas dba 11120 Jan 30 18:10
hot.sh
-rw-rw-rw- 1
root root
4878 Feb 9 05:47 hot.sh.out
-r-xr-xr-x 1
root root 11483
Dec 9 2006 hot_database_backup.sh
-rw-r--r-- 1
root
root 290 May 31 2008
restore_arch.rcv
-rw-r----- 1
oratpp dba 9674752 Jan 23 10:09
tpp_cont.ctl