My Oracle DBA Colleague is requesting root access on our production servers.
He is arguing that he need it to perform some operations like rebooting the server and some other tasks.
I do not not agree with him because I've set him a Oracle user/group and a dba group where Oracle user belong. Everything is running smoothly and without the DBA having root access currently.
I also think that all administrative tasks like scheduled server reboot needs to be done by the proper administrator (The Systems administrator on our case) to avoid any kind of issues related to a misunderstanding of the infrastructure interactions.
I would like input from both sysadmins and Oracle DBAs – Is there any good reason for an Oracle DBA to have root access in a production environment?
If my colleague really needs this level of access I'll provide it, but I'm quite afraid of doing so because of security and system integrity concerns.
I'm not looking for pros/cons but rather advice on the how I should take to deal with this situation.
Best Answer
Who installs Oracle on the servers?
If it's the DBA they need root access. If it's sysadmin, the DBA doesn't.
Who is called late at night when database server is down?
If you can't ensure sysadmins are available 24/7 you may want to give root access to the DBA.
Bear in mind that if your DBA already has shell access as a regular user (with or without some commands he can run via sudo; with or without being chrooted) that's enough to mess with the server (a bad guy stealing his account can fork bomb, exceed ulimit sending spam, drop the database, ...).
For all these reasons, I think in an ideal world DBAs should not have root access; but in the real world, they should at least always be able to obtain it in case of emergency.