Non-Oracle User Unable To Access Sqlplus. Permission Denied Error
(Doc ID 1223449.1)
Last updated on FEBRUARY 15, 2023
Applies to:
SQL*Plus - Version 11.1.0.7 and laterGeneric UNIX
Symptoms
Non-oracle user is trying to login to database via SQL*Plus. The environment is setup correctly, but attempts to access Sql*Plus results in a permission denied error. Trying to execute Sql*Plus as oracle user works fine.
Example
Environment Variables for oracle and non-oracle user
ORACLE_HOME=/u01/app/oracle/software/database
PATH=/u01/app/oracle/software/database/bin:.:/bin:/usr/kerberos/bin:/usr/local/adm/bin:/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/bin:/usr/bin
[-] sqlplus executable is owned by "oracle" user and it belongs to "oinstall" group.
[-] Non-oracle user does not belong to "oinstall" group.
sqlplus permissions
-rwxr-xr-x 1 oracle oinstall 9173 May 3 16:32 sqlplus
[-] From above permissions it is clear that users that do not belong to "oinstall" group can read and execute sqlplus. Permissions for others is "r-x"
Connected as non-oracle user
$ sqlplus
-bash: sqlplus: command not found
$ /u01/app/oracle/software/database/bin/sqlplus
-bash: /u01/app/oracle/software/database/bin/sqlplus: Permission denied
$ ls -l $ORACLE_HOME/bin/sqlplus
ls: /u01/app/oracle/software/database/bin/sqlplus: Permission denied
$ which sqlplus
/usr/bin/which: no sqlplus in (/u01/app/oracle/software/database/bin:.:/bin:/usr/kerberos/bin:/usr/local/adm/bin:/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/bin:/usr/bin)
Connected as oracle user
$ ls -l $ORACLE_HOME/bin/sqlplus
-rwxr-xr-x 1 oracle oinstall 9173 May 3 16:32 /u01/app/oracle/software/database/bin/sqlplus
$ which sqlplus
/u01/app/oracle/software/database/bin/sqlplus
ORACLE_HOME=/u01/app/oracle/software/database
PATH=/u01/app/oracle/software/database/bin:.:/bin:/usr/kerberos/bin:/usr/local/adm/bin:/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/bin:/usr/bin
[-] sqlplus executable is owned by "oracle" user and it belongs to "oinstall" group.
[-] Non-oracle user does not belong to "oinstall" group.
sqlplus permissions
-rwxr-xr-x 1 oracle oinstall 9173 May 3 16:32 sqlplus
[-] From above permissions it is clear that users that do not belong to "oinstall" group can read and execute sqlplus. Permissions for others is "r-x"
Connected as non-oracle user
$ sqlplus
-bash: sqlplus: command not found
$ /u01/app/oracle/software/database/bin/sqlplus
-bash: /u01/app/oracle/software/database/bin/sqlplus: Permission denied
$ ls -l $ORACLE_HOME/bin/sqlplus
ls: /u01/app/oracle/software/database/bin/sqlplus: Permission denied
$ which sqlplus
/usr/bin/which: no sqlplus in (/u01/app/oracle/software/database/bin:.:/bin:/usr/kerberos/bin:/usr/local/adm/bin:/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/bin:/usr/bin)
Connected as oracle user
$ ls -l $ORACLE_HOME/bin/sqlplus
-rwxr-xr-x 1 oracle oinstall 9173 May 3 16:32 /u01/app/oracle/software/database/bin/sqlplus
$ which sqlplus
/u01/app/oracle/software/database/bin/sqlplus
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Cause |
Solution |