Shulou(Shulou.com)06/01 Report--

Due to various reasons, I haven't come here for a long time to publish my own article. I encountered an interesting question some time ago, which made it difficult for me all afternoon. I wrote it here to share with you.

When you use the sqlplus tool to log in to the Oracle database as sysdba, you suddenly encounter the problem of no permissions. At that time, I felt very strange, and the local login command: sqlplus / as sysdba is the safest login method as far as I know. How can it be reported that there is no permission. My head is sweating a little. After half an afternoon of fiddling, it was still fruitless, and now I think it was nonsense at that time! There is no inference of the problem from the principle at all, it is just a random test, and it is reasonable that there is no result. After calming down and thinking, finally sorted out the train of thought, this kind of landing way is the operating system authentication, can eliminate the monitoring fault influence. Verify that logging in through the sqlplus sys/xxx as sysdba command is normal, excluding the possibility of abnormal password files. Then the necessary condition for operating system authentication is the correctness of uid and gid as well as the user name group name. Let me check it with the id command. Sure enough, the oracle user id and the user name correspond normally, but the gid and the group name do not correspond. It only shows that the gid does not show the group name. Why is that? How strange! Think about where the correspondence between the gid and the group name of the unix system comes from. The answer is in front of the / etc/group file, yes! That's him! Check his permissions and find that in addition to root users and root groups have read permissions, other users do not have, how can this? Prove that oracle users can't read the contents of the file at all! No wonder the group name corresponding to gid cannot be seen when oracle users execute the id command. Modify the permissions of the file correctly, chmod astatr / etc/group. Then go to the oracle user to view, the id command displays normally. You can log in normally through sqlplus / as sysdba without prompting you to have no permissions.

So far, it's done! If anything is not inferred from the principle, it will not be solved, but it may make things worse!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.