Special Operating System Users and Groups (UNIX/Linux)


To protect database resources from unauthorized access, MaxDB uses special operating system users and user groups on UNIX and Linux.

·        <sdb_user>

·        <sdba_group>

·        Support Group

Only these operating system users or members of these operating system groups have direct access to the database resources at the operating system level.

The operating system administrator root is only required for installing the database software, not for productive operation.

A SetUID root program is only required for a user change to <sdb_user>.

Overview of Special Operating System Users and Groups


System Default Value


User Rights




Installing the database software

Granting access rights to operating system users (by their group affiliation)




Owner of all database resources




Creating database instances

Starting, stopping and updating the MaxDB X Server

Analysis and error handling

Support Group



Optional; support tasks



Normal operating system user

Accessing the database tool Database Manager (requires a valid DBM operator name and a password to log on to the database instance)

Accessing other database tools (e.g. Loader, SQLCLI), interfaces (ODBC, JDBC, SQLDBC) and all the database tools that use these interfaces (Database Analyzer, Web Tools); here a database user name and password are required

Starting the X Server



SAP system administrator and database administrator in SAP systems

Member of the group <sdba_group>



Obsolete, not for liveCache database instances

Owner of all database resources


The installation program creates the special operating system users and groups during the installation of the database software. For more information, see the Installation Manual, Installing/Updating the Software on UNIX and the corresponding Installation Guide for SAP systems.

We recommend that you create the special operating system users and groups before installing the software. During the installation, they then receive the authorizations described here for accessing the database resources.

If you manage the operating system users and groups for your system centrally in the network, then you have to create them there before starting the installation. For information about how you create operating system users and groups, see your operating system documentation.

Which authorizations individual operating system users have for the database system depends on the operating system group they belong to. The operating system administrator is responsible for assigning operating system users to operating system groups. For local user administration, root is the operating system administrator; for user administration using Network Information Services (NIS) it is the NIS administrator.

See also:

Users, Authentication and Authorizations