0

Say, I have an oracle directory and granted to user 'scott'

CREATE OR REPLACE DIRECTORY dataFolder AS '/data/';
GRANT READ, WRITE ON DIRECTORY dataFolder TO scott;

Then, I have a shell script say ExtractData.sh which uses UTL_FILE to convert BLOB data from database to physical files stored in the above directory dataFolder.

However, due to security concern in server, this /data/ directory is only given 770 permission, hence causing my script fails to write file into the directory.

But, when I change the permission to 777, script successfully writes file.

How to solve this by not giving 777 permission?

Burhan Khalid
  • 169,990
  • 18
  • 245
  • 284
bigbang
  • 5
  • 1
  • 2
  • unix and linux are two different things; don't confuse them; especially when you are really asking about is a _shell script_. – Burhan Khalid Oct 19 '14 at 06:58
  • Why is this a shell script? All the functionality appears to be PL/SQL so presumably you're just calling a stored procedure. Why not bring that call into the database as well? – APC Oct 19 '14 at 07:46
  • Yes, the script calling PL/SQL and doing some other stuff – bigbang Oct 19 '14 at 14:49

1 Answers1

2

You failed to mention the owner of the directory.

Use a directory owned by oracle or in the osoper or dba group and you won't need 777 permissions. Apparently the directory is owned by root or some other user, so owner and group bits aren't helping you.

You can use chown to change ownership.

chown oracle:osoper /data

Just make sure you are aware of other programs accessing /data, if you change ownership make sure to adjust privs accordingly.

codenheim
  • 20,467
  • 1
  • 59
  • 80
  • can i add this user: oracle:osper to the folder group owner instead ? – bigbang Oct 19 '14 at 14:44
  • For example adding the oracle:osper to group say 'admins' that is given access to the folder. Is this command correct? usermod -a -G admins oracle:osoper – bigbang Oct 19 '14 at 14:56