Entering content frame

Function documentation UNIX: Special Operating System Users and Groups Locate the document in its SAP Library structure

Use

For the database system’s security, from Version 7.5.00, MaxDB on UNIX uses special operating system users and groups:

·        <sdb_user>

·        <sdba_group>

·        Support group

Only these operating system users or members of these operating system groups have direct access to the database resources at operating system level.

Note

The operating system administrator root is only required for installing the database software, not for productive operation.

A SetUID root program is only required for switching to the user change to <sdb_user>.

Overview of special operating system users and groups

Name

System Default

Type

User Rights

root

root

User

Install the database software

Grant access rights to operating system users using their group affiliation

<sdb_user>

sdb

Users

Owner of all database resources

<sdba_group>

sdba

Group

Create database instances

Start, stop and update the MaxDB X Server

Analysis and error elimination

Support group

sdb<database_name>

Group

Optional; support tasks

Others

 

Manage database instances with the Database Manager

Use other database tools (Loader, SQLCLI)

Use the ODBC, JDBC, SQLDBC interfaces and all programs that use these interfaces (such as Database Analyzer, Web Tools)

Start the MaxDB X Server

Activities

The special operating system users and groups are created when the installation program installs the database software. For more information, see the Installation Manual in Installing/Updating the Software on UNIX.

Recommendation

We recommend that you create the special operating system users and groups before installing the software. During the installation, they then receive the authorizations described here for accessing the database resources.

Caution

If you manage the operating system users and groups for your system centrally in the network, then you have to create them before starting the installation. For information about how you create operating system users and groups, see your operating system documentation.

Which authorizations individual operating system users have for the database system depend on the operating system group they belong to. The operating system administrator is responsible for assigning operating system users to operating system groups. For local user administration, root is the operating system administrator; for user administration using Network Information Services (NIS) it is the NIS administrator.

Example

The following figure shows an operating system user’s authorizations. The user does not belong to a special operating system group.

This graphic is explained in the accompanying text

 

Leaving content frame