troubleshooting Question

installing/patching Oracle 11g, 12c, 19c requires umask of 022 (& umask 027 wont work)?

Avatar of sunhux
sunhux asked on
Linux SecurityOracle DatabaseOS Security
4 Comments2 Solutions110 ViewsLast Modified:
our DBA shared that he would run into issues with installing or applying Oracle 11g patches
if 'umask 027' is set  & he requires it to be 'umask 022'  (basically rwxr-xr-x  for all Oracle DB
or its related files &  folders).

Is it the right practice for him to set  either  global umask (in /etc/profile) or Oracle's  (in

Or only set  'umask 022' in $ORACLE_HOME/.profile for the session he's installing/patching
& once it's over, set it back to 'umask 027'?   External audit requires that we set individual
users'  as well as global (in /etc/profile) umask to minimally 027

Or what's the recommended practice??

My gut feel is to identify which files/folders  Oracle installation/patching requires &
set using Linux's  (we use Oracle linux & RHEL 7)  the relevant ACLs to give a granular
permission ie to fulfill 'need-to basis' : so we don't just grant entire group or 'Others'
Read (& Execute)  unnecessarily.  If we should adopt the ACL method,  can anyone
share which files/folders in Oracle 12c & 19c requires which id (oracle id?) what
types of access (read, execute, write?)
Senior Oracle DBA

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 2 Answers and 4 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 2 Answers and 4 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros