Special Operating System Users and Groups (UNIX/Linux) (SAP Library

Special Operating System Users and Groups (UNIX/Linux)

Use

To protect database resources from unauthorized access, MaxDB uses special operating system users and user groups on UNIX and Linux.

· <sdb_user>

· <sdba_group>

· Support Group

Only these operating system users or members of these operating system groups have direct access to the database resources at the operating system level.

Note

The operating system administrator root is only required for installing the database software, not for productive operation.

A SetUID root program is only required for a user change to <sdb_user>.

Overview of Special Operating System Users and Groups

Name	System Default Value	Type	User Rights
root	root	User	Installing the database software Granting access rights to operating system users (by their group affiliation)
<sdb_user>	sdb	User	Owner of all database resources
<sdba_group>	sdba	Group	Creating database instances Starting, stopping and updating the MaxDB X Server Analysis and error handling
Support Group	sdb<database_name>	Group	Optional; support tasks
<os_user>		User	Normal operating system user Accessing the database tool Database Manager (requires a valid DBM operator name and a password to log on to the database instance) Accessing other database tools (e.g. Loader, SQLCLI), interfaces (ODBC, JDBC, SQLDBC) and all the database tools that use these interfaces (Database Analyzer, Web Tools); here a database user name and password are required Starting the X Server
<sid>adm		User	SAP system administrator and database administrator in SAP systems Member of the group <sdba_group>
sqd<sid>		User	Obsolete, not for liveCache database instances Owner of all database resources

Activities

The installation program creates the special operating system users and groups during the installation of the database software. For more information, see the Installation Manual, Structure link Installing/Updating the Software on UNIX and the corresponding Installation Guide for SAP systems.

Recommendation

We recommend that you create the special operating system users and groups before installing the software. During the installation, they then receive the authorizations described here for accessing the database resources.

Caution

If you manage the operating system users and groups for your system centrally in the network, then you have to create them there before starting the installation. For information about how you create operating system users and groups, see your operating system documentation.

Which authorizations individual operating system users have for the database system depends on the operating system group they belong to. The operating system administrator is responsible for assigning operating system users to operating system groups. For local user administration, root is the operating system administrator; for user administration using Network Information Services (NIS) it is the NIS administrator.