This appendix describes the minimum user permissions for Oracle: Database and why they are needed.
If your user is “oracle”, the default Oracle OS user, you should already have all the required permissions.
Oracle: Database Minimum Permissions Needed (Linux Only)
To collect data using the "Oracle: DB Archived File System Stats" and "Oracle: DB Non-Archived File System Stats" Dynamic Applications, the SSH user must have:
- Read access (r) to the following Oracle archive and data directories:
- Subdirectories under $ORACLE_BASE
- /u01/app/oracle/fast_recovery_area/ (for archived logs)
- /u01/oradata/ (for non-archived logs)
Use ls -ld on the target directory to check that the SSH user has Read access.
- Subdirectories under $ORACLE_BASE
- Execute (x) permissions on all parent directories. The user have permissions to traverse all parent directories leading to the paths in the archive and data directories and subdirectories listed above. For example:
- /u01
- /u01/app
- /u01/app/oracle, and so on
Optionally, if the files are owned by the Oracle user and not world-readable, you can add the SSH user to the Oracle group "dba" or "oinstall":
usermod -aG dba your_ssh_user
or, you can create a read-only clone or symlink to the Oracle directories if security policy restricts group membership.
Creating a read-only clone or symlink requires root or sudo privileges.