Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Oracle DBA needs root access to run Upgrade Scripts

Status
Not open for further replies.
kozlow

kozlow

MIS
Mar 3, 2003
326
US
We are trying to find out what other shops have done to answer this age old problem....

Oracle requires root to run Install and Upgrade scripts.

We do not allow DBA to have root access, so we would need to run the scripts for them.

We where looking at SUDO, but not sure what commands the scripts might need since they are always different.

Could click the bit to "run as" root, but that would send red flags up during an audit....

What have you done at your facility to resolve the issue?
 
Sort by date Sort by votes
This is a difficult one to solve... sometimes the easiest thing is just to run the Oracle root.shs when the DBA asks you to.

The problem is that the sripts change for every single Oracle patch, and they are writeable by the Oracle user; so a malicious DBA (not saying that there is such a thing!) could add any commands they liked to the root.sh and use sudo to run it.

At one site I worked for we built up a collection of sample root.shs for the various Oracle patches and wrote a wrapper to compare the one they were running with those in the collection (ignoring lines that were expected to vary); but this was difficult to manage with the frequency of Oracle patches and inconsistencies in installation locations, etc.

Annihilannic.
 
Upvote 0 Downvote
I have heard the same all over... We are just going to have to come in with our dba's when installs and patches are added...

Thanks..
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

ziggy6
  • Locked
  • Question
Help using awk or some kind of Tool in Unix to Read a file, cut fields and write to a file
Replies
2
Views
371
mikrom
mikrom
ziggy6
  • Locked
  • Question
Trying to Install Openssl 1.1.1. on SCO 5.0.7
Replies
0
Views
320
ziggy6
ziggy6
mduddytel
  • Locked
  • Question
Unix Root inbox - how to clear
Replies
0
Views
286
mduddytel
mduddytel
MikeDave888
  • Locked
  • Question
Run a Crontab job on odd/even weeks 1
Replies
2
Views
340
MikeDave888
MikeDave888
Kishore Nandagopal
  • Locked
  • Question
Call a Oracle function and get result assaign in a variable
Replies
1
Views
108
johnherman
johnherman

Part and Inventory Search

Sponsor

Back
Top