3 Replies Latest reply: Aug 3, 2012 7:59 AM by athompson88 RSS

    client wallet file permissions

    athompson88
      I am going to be using oracle wallets to store passwords on hosts for per/shell scripts. I created the wallet with the local auto-login option. Updated the sqlnet.ora file, created an entry in the new wallet, and when I'm logged into the OS (RHEL 5) as the oracle user, I can access the wallet and connect to the db just fine. However when I switched to another OS user account to see if our application owner could connect as well, I get

      SQL*Plus: Release 11.2.0.1.0 Production on Thu Aug 2 16:15:41 2012

      Copyright (c) 1982, 2009, Oracle. All rights reserved.

      ERROR:
      ORA-12578: TNS:wallet open failed


      The file permissions are:

      203076 8 -rw-r----- 1 oracle owallet 3965 Aug 2 15:40 cwallet.sso
      195860 8 -rw-r----- 1 oracle owallet 3888 Aug 2 15:40 ewallet.p12


      and the application owner, my_app_owner, is part of the owallet group

      -bash-3.2$ grep ediuser /etc/group
      apache:x:48:ediuser
      my_app_owner:x:2003:ediuser,apache
      owallet:x:1000:oracle,my_app_owner


      I am able to connect to the database from the my_app_owner OS account using the credentials stored in the wallet if I provide them directly to SQL*Plus as we would normally.

      Any ideas?