This section describes how to set up users and the file system to support the database and CenterView.
CenterView supports all of the major server operating systems, UNIX, Linux and Windows. The information in this section describes users, file structures and permissions for typical Linux and Microsoft Windows installations however the requirements/principles remain the same for the other operating systems.
Linux/UNIX
Users & Groups
To support secure and auditable access, the following groups and users should be created:
Group: cview | This group is the primary group for all CenterView users below (cview, individual and tomcat) |
Group: oinstall | This is the standard name for the Oracle install group. Users cview and tomcat should be members of this group. |
User: cview | This user owns the CenterView directory (‘/opt/centerview’) and will be used to perform certain maintenance tasks. This user should be able to
This user should not be able to:
|
Individual Support Users | These represent individuals who will perform support and maintenance tasks on CenterView. These users should be able to
These users should not be able to:
At the administrator’s discretion, the cview user and individual support users may be combined into a single user. |
User: tomcat | The tomcat user will be used to run the Apache Tomcat web server, and will own all files directly used by the web server. This user should be able to
This user should not be able to
|
Notes | 1. | If on Linux: increase the per-user limit on open files for the tomcat user to 4096. To do this edit /etc/security/limits.conf and add the following line: tomcat hard nofile 4095 |
| 2. | Set umask 22 for the tomcat user and umask 2 for user cview and individual support users. |
| 3. | Add the oracle user to the cview group – this will allow oracle to write data pump files into the CenterView directory |
File System
The following directories should be set up within the application installations and data partition.
Directory | Owner | Owner rights | Group rights | Other rights |
$app/centerview | cview | rwx | rwS | --- |
$app/centerview/data | cview | rwx | rwS | --- |
$app/centerview/data/import | cview | rwx | rwS | --- |
$app/centerview/data/export | cview | rwx | rwS | --- |
$app/centerview/data/archive | cview | rwx | rwS | --- |
$app/centerview/data/restore | cview | rwx | rwS | --- |
$app/centerview/data/templates | cview | rwx | rwS | --- |
$app/centerview/data/plugins | cview | rwx | rwS | --- |
$app/centerview/data/temp | cview | rwx | rwS | --- |
$app/centerview/dbexport | cview | rwx | rwS | --- |
$app/centerview/release | cview | rwx | rwS | --- |
$app/centerview/temp | cview | rwx | rwS | --- |
$app/tomcat | tomcat | rwx | r-x | --- |
In addition, the following logical directory structure should be set up:
Directory | Link To |
/opt/centerview | $app/centerview |
/opt/tomcat | $app/tomcat |
Notes | 1. | /opt/centerview and all directories beneath it have the group id bit set in order to ensure that all directories and files under /opt/centerview can be read and written by any CenterView support user and by tomcat |
| 2. | /opt/tomcat and all directories beneath it have the group permissions set to read-only so that only the tomcat user can write or modify files under /opt/tomcat |
WINDOWS
Users & Groups
By default, both the database and web app server run under the local SYSTEM account so there is no need to set up any additional users or groups for running the applications however user accounts should be set up for installation and support purposes.
You need a user with local administrator access in order to install the database, web app server or CenterView.
Individual Support Users | These represent individuals who will install CenterView and perform support and maintenance tasks on CenterView. These users should have local administrator rights on the server and should be able to:
At the administrator’s discretion, a single support user ‘cview’ user may be set up however we recommend setting up individual accounts. |
File System
The following directories should be set up within the application installations and file data partition.
Directory |
$app/centerview |
$app/centerview/data |
$app/centerview/data/import |
$app/centerview/data/export |
$app/centerview/data/archive |
$app/centerview/data/restore |
$app/centerview/data/templates |
$app/centerview/data/plugins |
$app/centerview/data/temp |
$app/centerview/dbexport |
$app/centerview/release |
$app/centerview/temp |
$app/tomcat |
In addition, the following logical directory structure should be set up:
Directory | Link To |
C:/opt/centerview | $app/centerview |
C:/opt/tomcat | $app/tomcat |
Notes | 1. | To set up an NTFS symbolic link: Run cmd.exe (you might need to run as administrator) MKLINK [/D] link target e.g. cmd> cd c:\opt cmd> mklink /D tomcat c:\u02\tomcat |