![[20170705]理解linux su命令.txt-小浪學習網](http://www.babyishan.com/wp-content/themes/zibll/img/icon.png){kind=icon}
[20170705]理解linux su命令.txt
–//我一般在維護時經常使用root用戶登錄,然后su – oracle 轉到其他用戶操作
–//一般都加入 – 參數.這個已經成了條件反射…^_^.
# man su?? ?? ?
change the effective user id and group id to that of user.
-, -l, –login
make the shell a login shell
–//也就是使用login里面的shell,設置好對應的環境.
–//如果執行沒有-,也就是僅僅run a shell with substitute user and group ids,不替換里面的環境變量或者相關參數.
1.測試1:
–//當前以root用戶登錄:
# id
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
# echo $oracle_home
# export aaa=test
# echo $aaa
test
# su? – oracle
$ id
uid=1001(oracle) gid=1001(oinstall) groups=101(fuse),1001(oinstall),1002(dba),1003(racoper),1004(asmdba)
$ echo $aaa
–//無顯示.
$ echo $oracle_home
/u01/app/oracle/product/11.2.0.4/dbhome_1
2.如果執行不加參數 – 呢?
$ echo $oracle_home
–//環境變量oracle_home沒有設置,而root設置的環境變量aaa呢?
$ echo $aaa
test
–//可以發現可以顯示環境變量aaa.
3.這樣看來應該很少使用-參數.
–//實際上rac的管理oracle引入許多東西,建立grid用戶.通過一些特殊例子來說明問題:
–//以grid用戶登錄:
[grid@dm01dbadm02 ~ ]$ ocrcheck
status of oracle cluster registry is as follows :
???????? version????????????????? :????????? 3
???????? total space (kbytes)???? :???? 262120
???????? used space (kbytes)????? :?????? 3852
???????? available space (kbytes) :???? 258268
???????? id?????????????????????? : 2101855892
???????? device/file name???????? :?? +dbfs_dg
??????????????????????????????????? device/file integrity check succeeded
??????????????????????????????????? device/file not configured
??????????????????????????????????? device/file not configured
??????????????????????????????????? device/file not configured
??????????????????????????????????? device/file not configured
???????? cluster registry integrity check succeeded
???????? logical corruption check bypassed due to non-privileged user
–//ok.如果你加入參數:
$ ocrcheck -local
protl-602: failed to retrieve data from the local registry
procl-26: error while accessing the physical storage operating system error [permission denied] [13]
–//跟蹤看看:
$ strace -f -o /tmp/b1.txt ocrcheck -local
protl-602: failed to retrieve data from the local registry
procl-26: error while accessing the physical storage operating system error [permission denied] [13]
$ grep ‘permission denied’ /tmp/b1.txt
14849 open(“/u01/app/11.2.0.4/grid/cdata/dm01dbadm02.olr”, o_rdonly|o_sync) = -1 eacces (permission denied)
–//要打開文件/u01/app/11.2.0.4/grid/cdata/dm01dbadm02.olr.
$ ls -l /u01/app/11.2.0.4/grid/cdata/dm01dbadm02.olr
-rw——- 1 root oinstall 272756736 2017-07-05 09:45:15 /u01/app/11.2.0.4/grid/cdata/dm01dbadm02.olr
–//注意看用戶,組是root,oinstall,grid用戶根本沒有權限打開這個文件.
–//要解決這個問題一些dba采用把root用戶里面加入grid的許多環境變量.以root用戶執行,不過這樣我認為不是很好!!
–//實際上很簡單的方法就是切換到root用戶執行,注意這個時候不能加入- 參數,因為這樣grid的環境參數就丟失了,實際上這樣就以
–//root用戶執行,而使用的環境還是grid用戶的.
$ su root
password:
# id
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
# echo $path
/usr/local/bin:/bin:/usr/bin:/u01/app/11.2.0.4/grid/bin:.:/u01/app/11.2.0.4/grid/bin
# echo $oracle_home
/u01/app/11.2.0.4/grid
–//你可以發現grid的環境參數還在.這個使用以root用戶執行如下:
# ocrcheck -local
status of oracle local registry is as follows :
???????? version????????????????? :????????? 3
???????? total space (kbytes)???? :???? 262120
???????? used space (kbytes)????? :?????? 2800
???????? available space (kbytes) :???? 259320
???????? id?????????????????????? : 1632195400
???????? device/file name???????? : /u01/app/11.2.0.4/grid/cdata/dm01dbadm02.olr
??????????????????????????????????? device/file integrity check succeeded
???????? local registry integrity check succeeded
???????? logical corruption check succeeded
–//當然還可以以另外的方式,就是使用sudo命令. sudo ocrcheck -local
–//注意要修改/etc/sudoers,加入:
grid??? all=(all)?? all
$ sudo ocrcheck -local
[sudo] password for grid:
status of oracle local registry is as follows :
???????? version????????????????? :????????? 3
???????? total space (kbytes)???? :???? 262120
???????? used space (kbytes)????? :?????? 2800
???????? available space (kbytes) :???? 259320
???????? id?????????????????????? : 1632195400
???????? device/file name???????? : /u01/app/11.2.0.4/grid/cdata/dm01dbadm02.olr
??????????????????????????????????? device/file integrity check succeeded
???????? local registry integrity check succeeded
???????? logical corruption check succeeded
