09-29-2009
Vulnerability AIX server (GROUPS/USERS) and SAP Systems ?
I hope you can understand me, although my english is not so good.
I have a problem. I have installed 4 SAP Systems with different releases on the same server (AIX). Each SAP system has got its own operating system user through the installation. But all users belong to the group SAPSYS. So in other SAP users to inventory the existing look or read files. Here's my question: How do I implement it that the group SAPSYS will not be deleted but the user can't read or look of any other system-dependent files? It should be borne in mind that I may not use any other right structure for the files because the SAP system would not run otherwise. How can I add the group SAPSYS for all SAP Systems, without that the user of the same group can read other Systemfiles? May sound silly but it's a real problem.
Thanks in advance for your answers.
Regards
Muhammet
10 More Discussions You Might Find Interesting
1. Cybersecurity
Hi,
Is it possible that one user belongs to many groups, or the relation of user/group is 1/1?. Thanks
Ramón (2 Replies)
Discussion started by: rsanz
2 Replies
2. Linux
RH 7.2
I'm trying to list the users & groups on my machine. I found the lsuser & lsgroup commands but no associated man pages.
I typed: lsuser
I get --> Valid options are: -a
So I typed: lsuser -a
I get --> Valid options are: groups, home
So I typed: lsuser -a groups
I get -->... (2 Replies)
Discussion started by: jalburger
2 Replies
3. UNIX for Dummies Questions & Answers
hi eveyone i've recently requested my unix admin to create a userid for 2 groups. He created the id and i can see it by grep "id" /etc/group.
But when i login with that id into unix and try to cd that group it says permission denied. something like cd /groupname -- permission denied
Can my admin... (1 Reply)
Discussion started by: sammet
1 Replies
4. Solaris
How do I remove a user from a group? I'm using the usermod command but its not working.
I have a user "abc" who is a member of the groups root and other. I'm trying to remove him from the group "other" (using CLI) which is his secondary group but it's not working.
How do I do this? Is there any... (11 Replies)
Discussion started by: the_red_dove
11 Replies
5. Solaris
Hi
Ive been facing a prob today in SAP which is been installed in solaris .the prob is one of my file systems tat is /usr/sap/psu is gettin full.i chkd the file named core which gets generated so i was asked to delete that file after doing tat my file systems space was 90%,but the prob is that... (0 Replies)
Discussion started by: madanmeer
0 Replies
6. Shell Programming and Scripting
I have a AIX server o/s 5.3.0.0 and a few at o/s 6.1.0.0
The issue I am haveing is running this on the server with o/s of 5.3 works good but not on the o/s of 6.1 any help out here??
#!/usr/bin/ksh
user -a pgrp groups ALL |awk '{print $1}' > a1
lsuser -a pgrp groups ALL |awk '{print $2}'|cut... (4 Replies)
Discussion started by: Jcraft
4 Replies
7. UNIX for Advanced & Expert Users
Hi folks
Howto do quick remote health check for SAP systems on UNIX commandline? To see if a SAP system is down or in maintenace mode (no login).
I am searching something like "tnsping"/Oracle for SAP systems. (2 Replies)
Discussion started by: slashdotweenie
2 Replies
8. UNIX for Dummies Questions & Answers
Hi
I am new to unix so hopefully someone can help. I need to list all the users I have in my unix enviroment (AIX) and the groups (primary and secondary) they belong to.
Can anyone help?
Many thanks in advance (2 Replies)
Discussion started by: m3y
2 Replies
9. UNIX for Advanced & Expert Users
Hi
Could anyone please suggest how we can check in Linux if a user or a group name is already existing? In case of a user the command should also be able to specify the user with a given directory and shell. We can of course check this using a grep command but since that is just a pattern match,... (12 Replies)
Discussion started by: Dorothy
12 Replies
10. AIX
Hi
I want to change password for around 100 users on an aix server.
I have the list of those 100 users with me.
instead of doing
# passwd username
for all the 100 users one by one, can you please help with a script through which we can change the password for all the 100 users in a... (2 Replies)
Discussion started by: newtoaixos
2 Replies
LEARN ABOUT DEBIAN
ocf_heartbeat_sapdatabase
OCF_HEARTBEAT_SAPDAT(7) OCF resource agents OCF_HEARTBEAT_SAPDAT(7)
NAME
ocf_heartbeat_SAPDatabase - Manages any SAP database (based on Oracle, MaxDB, or DB2)
SYNOPSIS
SAPDatabase [start | stop | status | monitor | meta-data | validate-all]
DESCRIPTION
Resource script for SAP databases. It manages a SAP database of any type as an HA resource.
SUPPORTED PARAMETERS
SID
The unique SAP system identifier. e.g. P01 (unique, required, string, no default)
DIR_EXECUTABLE
The full qualified path where to find sapstartsrv and sapcontrol. (unique, optional, string, no default)
DBTYPE
The name of the database vendor you use. Set either: ORA,DB6,ADA (unique, required, string, no default)
NETSERVICENAME
The Oracle TNS listener name. (unique, optional, string, no default)
DBJ2EE_ONLY
If you do not have a ABAP stack installed in the SAP database, set this to TRUE (unique, optional, boolean, default false)
JAVA_HOME
This is only needed if the DBJ2EE_ONLY parameter is set to true. Enter the path to the Java SDK which is used by the SAP WebAS Java
(unique, optional, string, no default)
STRICT_MONITORING
This controls how the resource agent monitors the database. If set to true, it will use SAP tools to test the connect to the database.
Do not use with Oracle, because it will result in unwanted failovers in case of an archiver stuck (unique, optional, boolean, default
false)
AUTOMATIC_RECOVER
The SAPDatabase resource agent tries to recover a failed start attempt automatically one time. This is done by running a forced abort
of the RDBMS and/or executing recovery commands. (unique, optional, boolean, default false)
DIR_BOOTSTRAP
The full qualified path where to find the J2EE instance bootstrap directory. e.g. /usr/sap/P01/J00/j2ee/cluster/bootstrap (unique,
optional, string, no default)
DIR_SECSTORE
The full qualified path where to find the J2EE security store directory. e.g. /usr/sap/P01/SYS/global/security/lib/tools (unique,
optional, string, no default)
DB_JARS
The full qualified filename of the jdbc driver for the database connection test. It will be automatically read from the
bootstrap.properties file in Java engine 6.40 and 7.00. For Java engine 7.10 and higher the parameter is mandatory. (unique, optional,
string, no default)
PRE_START_USEREXIT
The full qualified path where to find a script or program which should be executed before this resource gets started. (unique,
optional, string, no default)
POST_START_USEREXIT
The full qualified path where to find a script or program which should be executed after this resource got started. (unique, optional,
string, no default)
PRE_STOP_USEREXIT
The full qualified path where to find a script or program which should be executed before this resource gets stopped. (unique,
optional, string, no default)
POST_STOP_USEREXIT
The full qualified path where to find a script or program which should be executed after this resource got stopped. (unique, optional,
string, no default)
SUPPORTED ACTIONS
This resource agent supports the following actions (operations):
start
Starts the resource. Suggested minimum timeout: 1800.
stop
Stops the resource. Suggested minimum timeout: 1800.
status
Performs a status check. Suggested minimum timeout: 60.
monitor
Performs a detailed status check. Suggested minimum timeout: 60. Suggested interval: 120.
validate-all
Performs a validation of the resource configuration. Suggested minimum timeout: 5.
meta-data
Retrieves resource agent metadata (internal use only). Suggested minimum timeout: 5.
methods
Suggested minimum timeout: 5.
EXAMPLE
The following is an example configuration for a SAPDatabase resource using the crm(8) shell:
primitive p_SAPDatabase ocf:heartbeat:SAPDatabase
params
SID=string
DBTYPE=string
op monitor depth="0" timeout="60" interval="120"
SEE ALSO
http://www.linux-ha.org/wiki/SAPDatabase_(resource_agent)
AUTHOR
Linux-HA contributors (see the resource agent source for information about individual authors)
resource-agents UNKNOWN 03/09/2014 OCF_HEARTBEAT_SAPDAT(7)