Chris,
If you want the script to run as somebody in the dba group, you can
use the setuid bit (chmod u+s), not 100% sure but I think that it should
work if you run as an externally identified account. Basically the
script runs as if launched by its owner (stored procedures implemented
the same kind of stuff, but later).
Perhaps that a simpler solution would be to do it through Oracle
stored procedures if you are uncomfortable with bash, though. Your
script could be a simple wrapper calling sqlplus.
HTH,
Stéphane Faroult
On 14/10/15 09:27, Chris King wrote:
I've written two sql scripts which can be used to expand a tablespace. The intent is to make these scripts available to non-DBAs to manage potential off-hours issues.
Because the scripts will be run by non-DBAs, I would like to modify them such that the user will not have direct passwords or database permissions, but just permission to execute the scripts. i.e. the scripts will handle all permission issues.
I'm having trouble finding the details of how to do this both on the linux and oracle side of things. So far for Oracle, I've found the externally identified type accounts, but I'm concerned that this may not be secure. And for scripting on linux, I'm at a loss.
Could someone point me in the right direction?
Many thanks!
