Database Administration (MOSC)

MOSC Banner

Oracle EE DB Local Oracle User Necessity

in Database Administration (MOSC) 3 commentsAnswered

I notice that out of the box Oracle EE 19c installs a local Linux user oracle and a group named oinstall of which this user is a member. This user is also a member of the dba group and hence has OS auth capability as SYSDBA. All the file ownership/group permissions of the oracle installation are set to this user/group pair.

Now our DBAs are insisting that when upgrading Oracle they need to logon/su into this oracle user account. Our Security team are questioning why they need to do this? Our security team are proposing that since our RHEL 7 machines are Active Directory joined we simply grant file permissions to the AD users to access the oracle binaries and grant logon as SYSDBA to these domain users also to do this work. We grant the permissions using AD groups so not tied to individual users.

Howdy, Stranger!

Log In

To view full details, sign in to My Oracle Support Community.

Register

Don't have a My Oracle Support Community account? Click here to get started.

Category Leaderboard

Top contributors this month

Instructions for posting

×

1. Select a discussion category from the picklist.


2. Enter a title that clearly identifies the subject of your question.


3. In the body, insert detailed information, including Oracle product and version.


Please abide by the Oracle Community guidelines and refrain from posting any customer or personally identifiable information (PI/CI).


Cloud / Fusion customers - Our Cloud community has moved! Please go to Cloud Customer Connect .


New to My Oracle Support Community? Visit our Welcome Center

MOSC Help Center