Re: Sticky bit set on linux password file

  • From: "Jared Still" <jkstill@xxxxxxxxx>
  • To: "Kurt Franke" <Kurt-Franke@xxxxxx>
  • Date: Tue, 1 Jul 2008 12:25:22 -0700

On Tue, Jul 1, 2008 at 12:11 PM, Kurt Franke <Kurt-Franke@xxxxxx> wrote:

>
> Hi Jared,
>
> its just for Security.
>
>
Thanks Kurt, that makes perfect sense.

I renamed the password file, and copied in one that I owned, and
via root chown'd to my linux account.

While the theory is good, the reality seems to be a bit different.

Though the remote logon as sysdba took longer than normal, I was
still able to successfully logon as sysdba.

The password file is still owned by me.

An attempt to grant sysdba to a user did initially fail:

12:21:33 - sys@orcl SQL> grant sysdba to scott;
grant sysdba to scott
*
ERROR at line 1:
ORA-01993: error writing password file
'/u01/app/oracle/product/9.2.0/aglqa/dbs/orapworcl'
ORA-27091: skgfqio: unable to queue I/O
ORA-27041: unable to open file
Linux-x86_64 Error: 13: Permission denied
Additional information: 3

After doing "chmod 660 orapworcl", the next attempt to grant sysdba to scott
succeeded.

User SCOTT successfully did a remote sysdba logon to the database.

The password file is still owned by me.

Maybe a bug?  Guess it's time to check the ML bug database.


-- 
Jared Still
Certifiable Oracle DBA and Part Time Perl Evangelist

Other related posts: