test

Sun Cluster 3.0 U1 Release Notes Supplement

How to Set Up Oracle Database Permissions

When completing Step 2 or Step 3 of this procedure, select and configure either the Oracle authentication method or the Solaris authentication method for fault monitoring access.

  1. Determine the Oracle release you are using.

    If you are using Oracle 8i, go to Step 2.

    If you are using Oracle 9i, skip to Step 3.

  2. Enable access for the user and password to be used for fault monitoring for Oracle 8i.

    Note -

    If you are using Oracle 9i, go to Step 3.

    To complete this step, perform one of the following tasks, then skip to Step 4.

    • Oracle authentication method for Oracle 8i - For all supported Oracle releases, enter the following script into the screen that the srvmgrl command displays to enable access.


      # svrmgrl
 
	connect internal;
			grant connect, resource to user identified by passwd;
			alter user user default tablespace system quota 1m on
				system;
       			grant select on v_$sysstat to user;
			grant create session to user;
			grant create table to user;
	disconnect;

   exit;

    • Solaris authentication method for Oracle 8i - Grant permission for the database to use Solaris authentication.

      Note -

      The user for whom you enable Solaris authentication is the user who owns the files under the $ORACLE_HOME directory. The following code sample shows that the user oracle owns these files.


      # svrmgrl
 
	connect internal;
			create user ops$oracle identified by externally
				default tablespace system quota 1m on system;
			grant connect, resource to ops$oracle;
      			grant select on v_$sysstat to ops$oracle;
			grant create session to ops$oracle;
			grant create table to ops$oracle;
	disconnect;

   exit;

  3. Enable access for the user and password to be used for fault monitoring for Oracle 9i.

    Note -

    If you are using Oracle 8i, go to Step 2.

    • To use the Oracle authentication method for Oracle 9i - For all supported Oracle releases, enter the following script into the screen that the sqlplus command displays to enable access.


      # sqlplus "/as sysdba"
 
			grant connect, resource to user identified by passwd;
			alter user user default tablespace system quota 1m on
				system;
       			grant select on v_$sysstat to user;
			grant create session to user;
			grant create table to user;
 
   exit;

    • To use the Solaris authentication method for Oracle 9i - Grant permission for the database to use Solaris authentication.

      Note -

      The user for which you enable Solaris authentication is the user who owns the files under the $ORACLE_HOME directory. The following code sample shows that the user oracle owns these files.


      # sqlplus "/as sysdba"
 
			create user ops$oracle identified by externally
				default tablespace system quota 1m on system;
			grant connect, resource to ops$oracle;
      			grant select on v_$sysstat to ops$oracle;
			grant create session to ops$oracle;
			grant create table to ops$oracle;
 
   exit;

  4. Configure NET8 for the Sun Cluster software.

    The listener.ora and tnsnames.ora files must be accessible from all the nodes in the cluster. Place these files either under the cluster file system or in the local file system of each node that can potentially run the Oracle resources.

    Note -

    If you place the listener.ora and tnsnames.ora files in a location other than the /var/opt/oracle directory or the $ORACLE_HOME/network/admin directory, then you must specify TNS_ADMIN or an equivalent Oracle variable (see the Oracle documentation for details) in a user-environment file. You must also run the scrgadm(1M) command to set the resource extension parameter User_env, which will source the user-environment file.

    Sun Cluster HA for Oracle imposes no restrictions on the listener name--it can be any valid Oracle listener name.

    The following code sample identifies the lines in listener.ora that are updated.


    LISTENER =
	(ADDRESS_LIST =
			(ADDRESS =
				(PROTOCOL = TCP) 
					(HOST = logical-hostname) <- use logical hostname
				(PORT = 1527)
			)
	)
.
.
SID_LIST_LISTENER =
	.
			.
						(SID_NAME = SID) <- Database name, default is ORCL

    The following code sample identifies the lines in tnsnames.ora that are updated on client machines.


    service_name =
	.
			.
						(ADDRESS = 
								(PROTOCOL = TCP)
								(HOST = logicalhostname)	<- logical hostname
								(PORT = 1527) <- must match port in LISTENER.ORA
						)
				)
				(CONNECT_DATA =
						(SID = <SID>)) <- database name, default is ORCL

    The following example shows how to update the listener.ora and tnsnames.ora files given the following Oracle instances.

    Instance 

    Logical Host 

    Listener 

    ora8

    hadbms3

    LISTENER-ora8

    ora7

    hadbms4

    LISTENER-ora7

    The corresponding listener.ora entries are the following entries.


    LISTENER-ora7 =
	(ADDRESS_LIST =
			(ADDRESS =
				(PROTOCOL = TCP)
				(HOST = hadbms4)
				(PORT = 1530)
			)
		)
SID_LIST_LISTENER-ora7 =
	(SID_LIST =
			(SID_DESC =
				(SID_NAME = ora7)
			)
		)
LISTENER-ora8 =
  (ADDRESS_LIST =
    (ADDRESS= (PROTOCOL=TCP) (HOST=hadbms3)(PORT=1806))
  )
SID_LIST_LISTENER-ora8 =
  (SID_LIST =
     (SID_DESC =
			(SID_NAME = ora8)
		 )	
  )

    The corresponding tnsnames.ora entries are the following entries.


    ora8 =
(DESCRIPTION =
   (ADDRESS_LIST = 
			(ADDRESS = (PROTOCOL = TCP) 
			(HOST = hadbms3) 
			(PORT = 1806))
   	)    
	(CONNECT_DATA = (SID = ora8))
)
ora7 =
(DESCRIPTION =
  (ADDRESS_LIST =
        (ADDRESS = 
				(PROTOCOL = TCP) 
				(HOST = hadbms4) 
				(PORT = 1530))
  )
  	(CONNECT_DATA = (SID = ora7))
)

  5. Verify that the Sun Cluster software is installed and running on all nodes.


    # scstat