Previous Article "errors caused by Oracle user group errors
"An error occurred due to the user group permissions in 11gr2. In this article, we will summarize the user groups in 11gr2.
User Group in 11gr2:
Description |
OS group name |
OS users assigned to this group |
Oracle Permissions |
Oracle group name |
Oracle list and software owner |
Oinstall |
Grid, Oracle |
|
|
Oracle Automatic Storage Management Group |
Asmadmin |
Grid |
Sysasm |
Osasm |
ASM Database Administrator Group |
Asmdba |
Grid, Oracle |
Sysdba of ASM |
Osdba for ASM |
ASM operator Group |
Asmoper |
Grid |
Sysoper of ASM |
Osoper for ASM |
Database Administrator |
DBA |
Oracle |
Sysdba
|
Osdba |
Database Operator |
Bytes |
Oracle |
Sysoper |
Osoper |
- Oracle List Group (generallyOinstall
)Oinstall
Members of the group are considered as "owners" of Oracle software and have write permissions on Oracle central list (orainventory. When Oracle software is installed on a Linux system for the first time, oui creates/Etc/orainst. Loc
File. This file specifies the name of the Oracle List Group (default:Oinstall
) And the path of the Oracle central list directory.
If the orainventory group does not exist, by default, the installer lists the master Group of the installation owner of the Cluster's grid infrastructure as the orainventory group. Make sure that all planned Oracle software installation owners use this group as the master group. For this guide, you mustGrid
AndOracle
The installation owner is configuredOinstall
As the main group.
This is critical. In 11gr2, RAC is installed differently than 10 Gb. RAC is replaced with grid infrastructure. If a grid user is added, orainventory needs to be accessible by the oinstall user group in both components.
- Oracle Automatic Storage Management Group (generallyAsmadmin
)This group is required. If you want the Oracle ASM administrator and Oracle Database Administrator to belong to different management permission groups, you can create this group separately. In the Oracle document,Osasm
A group is an operating system group with permissions granted to its members. In the code example, A group is created to grant this permission. The group name isAsmadmin
.
Osasm
Members of the Group can use SQLSysasm
Identity to connect to an oracle ASM instance.Sysasm
The permission is in Oracle ASM 11G
Introduced in version 1st (11.1), now in Oracle ASM 11G
In version 2nd (11.2), the permission has been obtained fromSysdba
Permissions are completely separated.Sysasm
Permissions are no longer granted to RDBMS instances. UseSysasm
Permission substitutionSysdba
Permissions are used to provide system permissions at the storage layer, which makes the division of responsibility between ASM management and database management clear and helps prevent different databases with the same storage from inadvertently overwriting files of other databases.Sysasm
Permission allows you to mount and detach a disk group and perform other storage management tasks.
- ASM Database Administrator group (osdba for ASM, generallyAsmdba
)The members of the ASM Database Administrator group (osdba for ASM) areSysasm
A subset of permissions that has read and write permissions on the files managed by Oracle ASM. Grid infrastructure installation owner (Grid
And all Oracle database software owners (Oracle
Must be a member of this group, and all files that have the right to access the Oracle ASM management and have the databaseOsdba
The user of the member relationship must be ASM'sOsdba
Group member.
- ASM operator group (osoper for ASM, usuallyAsmoper
)This group is optional. If you need to create a group of operating system users with limited Oracle ASM instance management permissions (sysoper permission of ASM, including the permission to start and stop Oracle ASM instances. By default,Osasm
The group members will haveSysoper
All permissions granted.
Use the ASM operator group to create an ASM Administrator group (the Group has more permissions than the defaultAsmadmin
To install grid infrastructure software, you must select the advanced installation type. In this case, oui prompts you to specify the group name. In this Guide, the group isAsmoper
.
If you want to have an osoper for ASM group, the grid infrastructure software owner of the cluster (Grid
Must be a member of this group.
- Database Administrator (osdba, generallyDBA
)Osdba
Members of the Group can use SQLSysdba
Identity to connect to an oracle instance. Members of this group can perform key database management tasks, such as creating databases, starting and disabling instances. The default group name isDBA
.Sysdba
System permissions allow access to database instances even if the database is not opened. This permission is beyond the control of the database itself.
Do not confuseSysdba
System permissions and database rolesDBA
.DBA
Roles not includedSysdba
OrSysoper
System permissions.
- Database operator group (osoper, usuallyBytes
)Osoper
Members of the Group can use SQLSysoper
Identity to connect to an oracle instance. Members of this optional group have limited database management permissions, such as managing and running backups. The default group name isBytes
.Sysoper
System permissions allow access to database instances even if the database is not opened. This permission is beyond the control of the database itself. To use this group, select the advanced installation type to install the Oracle database software.
Oracle Technology Forum
Http://www.oraforum.net