How to Create the DBA Group and the DBA User Accounts

In installations of Oracle RAC with Sun Cluster, the DBA group is normally named dba. This group normally contains the root user and the oracle user.

This configuration of users and groups differs from the configuration that is described in the Oracle documentation for a standalone installation of Oracle RAC. A standalone installation of Oracle RAC uses a primary DBA group that is named oinstall and a secondary group that is named dba. Some applications also require a secondary group that is named oper. For more information, see your Oracle documentation.

Perform this task on each cluster node.

1. On the node where you are performing this task, become superuser.

2. Add an entry for the DBA group and potential users in the group to the /etc/group file.

   # echo 'group-name:*:group-id:user-list' >> /etc/group

   group-name

   Specifies the name of the group for which you are adding an entry. This group is normally named dba.

   group-id

   Specifies the group's unique numerical ID (GID) within the system.

   user-list

   Specifies a comma-separated list of the user names that are allowed in the group. Ensure that the list contains the names of all DBA users that are required. This group normally contains the root user and the oracle user.

   Ensure that the entry is identical on each node that can run Sun Cluster Support for Oracle RAC.

   You can create the name service entries in a network name service, such as the Network Information Service (NIS) or NIS+, so that the information is available to the data service clients. You can also create entries in the local /etc files to eliminate dependency on the network name service.

3. Create the home directory of each potential user in the DBA group that you defined in Step 2.

   You are not required to create a home directory for the root user.

   For each potential user whose home directory you are creating, type the following command:

   # mkdir -p user-home

   user-home

   Specifies the full path of the home directory that you are creating.

4. Add each potential user in the DBA group that you defined in Step 2 to the system.

   You are not required to add the root user.

   Use the useradd(1M) command to add each user. Adding a user to the system adds an entry for the user to the following files:

   • /etc/passwd

   • /etc/shadow

   # useradd -u user-id -g group-name -d user-home[ -s user-shell] user-name

   -u user-id

   Specifies the user's unique numerical ID (UID) within the system.

   -g group-name

   Specifies the name of the user group of which the user is a member. You must specify the DBA group that you defined in Step 2.

   -d user-home

   Specifies the full path of the user's home directory. You must specify the home directory that you created for the user in Step 3.

   -s user-shell

   Optionally specifies the full path name of the program that is to be used as the user's shell when the user logs in. If you omit the -s option, the system uses the /bin/sh program by default. If you specify the -s option, user-shell must specify a valid executable file.

   user-name

   Specifies the user name of the user that you are adding. You must specify the name of a potential user in the DBA group that you defined in Step 2.

   Ensure that each user is identical on each node that can run Sun Cluster Support for Oracle RAC.

5. Set the password of each user that you added in Step 4.

   Use the passwd(1) command to set the password of each user.

   1. Type the following command:

      # password user-name

      user-name

      Specifies the user name of the user whose password you are setting. You must specify the name of a user in the DBA group that you added in Step 4.

      The passwd command prompts you for the password.

   2. In response to the prompt, type the password and press Return.

      The passwd command prompts you to retype the password.

   3. In response to the prompt, retype the password and press Return.

6. Change the ownership of each home directory that you created in Step 3 as follows:

   • Owner: the user for which you created the home directory

   • Group: the DBA group that you defined in Step 2

   For each home directory for which you are changing ownership, type the following command:

   # chown user-name:group-name user-home

   user-name

   Specifies the user name of the user for whose home directory you are changing ownership. You must specify the name of a user in the DBA group that you added in Step 4.

   group-name

   Specifies the name of the user group of which the user is a member. You must specify the DBA group that you defined in Step 2.

   user-home

   Specifies the full path of the user's home directory. You must specify the home directory that you created for the user in Step 3.

7. Create a subdirectory of the /var/opt directory for each user in the DBA group that you added in Step 4.

   For each subdirectory that you are creating, type the following command:

   # mkdir /var/opt/user-name

   user-name

   Specifies the user name of the user whose subdirectory of the /var/opt directory you are creating. You must specify the name of a user in the DBA group that you added in Step 4.

8. Change the ownership of each directory that you created in Step 7 as follows:

   • Owner: the user for which you created the directory

   • Group: the DBA group that you defined in Step 2

   For each directory for which you are changing ownership, type the following command:

   # chown user-name:group-name /var/opt/user-name

   user-name

   Specifies the user name of the user for whose home directory you are changing ownership. You must specify the name of a user in the DBA group that you added in Step 4.

   group-name

   Specifies the name of the user group of which the user is a member. You must specify the DBA group that you defined in Step 2.

Example 1–1 Creating the DBA Group and the DBA User Accounts

This example shows the sequence of commands for creating the DBA group dba, which is to contain the users root and oracle.

The dba group and the oracle user are created as follows:

• The GID of the dba group is 520.

• The home directory of the oracle user is /Oracle-home.

• The UID of the oracle user is 120.

• The oracle user's login shell is the Korn shell.

# echo 'dba:*:520:root,oracle' >> /etc/group
# mkdir /Oracle-home
# useradd -u 120 -g dba -d /Oracle-home -s /bin/ksh oracle
# passwd oracle
New Password:oracle
Re-enter new Password:oracle
passwd: password successfully changed for oracle
# chown oracle:dba /Oracle-home
# mkdir /var/opt/oracle
# chown oracle:dba /var/opt/oracle

See Also

The following man pages:

• passwd(1)

• useradd(1M)

• group(4)

• passwd(4)

• shadow(4)

Next Steps

Go to How to Configure Shared Memory for the Oracle RAC Software.