Tuesday, 16 January 2018

Step 10 - Oracle DBCS : Create Additional OS Users On Oracle Cloud Compute Node

When a Oracle Database Cloud deployment is created, it creates following 3 OS users:
  1. opc: This user is authorized to login to compute and execute root commands. It can use sudo -s command to switch to root.
  2. root: This user is not authorized to login to the compute node. To perform operations that requires root user access, connect to the compute node as opc user and use the sudo command.
  3. oracle: This user is authorized to login to the compute node and execute user level commands but not root commands.
If you want you can create additional operating system users to login to the compute node. The new user can perform OS standard operations, such as Install, configuring and running applications. You can provide sudo access to this user to execute sudo commands.



In this article we will demonstrate how to create additions OS users and grant the sudo permissions to execute sudo commands.



Steps to create additional OS users on Oracle Cloud Compute Node

Open PuTTY session on your desktop and enter Compute Node IP address


  • On the left pane, expand "SSH" and select "Auth". On the right pane, click on "Browse" button. Select the Private Key that matches the Public Key for your Deployment. Click "Open"


  • Enter login as "opc". This will connect you to the compute node without password. Switch to root by executing "sudo -s" command. Confirm that you are switched to root by executing "id" command.


  • Use the "useradd" command to create new user. Here we are creating a new OS user by name "nsmuser"


  • Now create the ".ssh" directory and "authorized_keys" file as shown below.


  • Copy the SSH Public key value from your desktop


  • Paste the SSH public key value to the "authorized_key" file. Save and exit the file


  • Verify the file is created and the contents of the file


  • Add the new user to the allowed users list under "sshd_config" file. Open the "sshd_config" file


  • Add the new user "nsmuser" to the the "Allowusers" line as show below. Save and exit the file


  • Verify the file is modified


  • Change the ownership and permissions of ".ssh" directory as show below. Restart the sshd daemon so the changes made to "sshd_config" can take affect.


  • Add the new user "nsmuser" to the "sudoers" file allow root access. Open the "sudoers" file as shown below


  • Add the line to the sudoers file as shown below


  • Verify that the new user is added to the sudoers file


  • Login to the Compute node using new user created above. Open PuTTY session and enter the Compute Node IP address, select the private key that matches the Public Key for your Deployment


  • Login as "nsmuser". Execute "sudo -s" to switch to root user



Conclusion


In this article we have learned about cloud database deployment OS users, how to create additional OS user and grant sudoers permissions to execute sudo commands.

2 comments:

  1. Thanks for sharing . it would help a lot .

    Thanks,
    Rafi pasha

    ReplyDelete

Oracle Transparent Data Encryption (TDE) On Exadata

Oracle Transparent Data Encryption (TDE) enables the organizations to encrypt sensitive application data on storage media completely transp...