Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!usc!sdd.hp.com!spool.mu.edu!uunet!uswnvg!gbarnet From: gbarnet@uswnvg.UUCP (Gary Barnette) Newsgroups: comp.unix.admin Subject: Who's in charge here: Oracle or Unix? Keywords: Oracle, system, files Message-ID: <635@uswnvg.UUCP> Date: 5 Feb 91 18:45:06 GMT Organization: US West NewVector, Bellevue, Wash. Lines: 44 Request for open discussion: There has been a battle going on around here on administrating some of the system flat files associated with Unix. The file of concern are /etc/passwd, /etc/group, /etc/hosts, and some configuration files used by a menuing system. On one side is the system administration staff and on the other is the Oracle dba staff and other Oracle developers. The Oracle people want their database to contain the "seat of truth" when it comes to Unix system files. They want Oracle applications written (some are in development as I write this) that will accept input of what would normally be put directly into the flat files mentioned above. Then, Oracle would execute a SUID program with PRO-C calls to extract the information from from its tables and modify the system files. System administration is fighting to have this approach stopped and wonder why there is even a hassle about it. Database people contend: The master of all data (even system) is Oracle. This data is needed for a variety of things and, because of company policy, if it is in the database that should be the master copy. More check can be made on the integrity of the data and that means a more dependable system. Sys admin responds: Fine, if you want system data, the files are readable. But, Oracle does not control the system; Oracle run on top of Unix If it takes root access, it's our responsibility so don't worry about it We don't want any Oracle programs controlling system files for the following reasons: a. Support issues (system administration doesn't know Oracle). b. We want to build and modify our own admin tools. c. There is a question of security. Database people need root access to write these applications. Also, anyone could put a command in to provide a suid shell. d. If something break, who get called? System administration. Has anyone run into this argument before? Can someone explain to me why there is even an issue here? I admit to being a system administrator but tried to relate what is happening with as little bias as possible. Thank you all, Gary Barnette uunet!uswnvg!gbarnet