Skip to content

Published on

setuid and setgid (short for "set user ID upon execution" and "set group ID upon execution", respectively).

They are Unix access rights flags that allow users to run an executable with the permissions of the executable's owner or group respectively.

They are often used to allow users on a computer system to run programs with temporarily elevated privileges in order to perform a specific task. While the assumed user id or group id privileges provided are not always elevated, at a minimum they are specific.

Now this user hear was connecting, to get at the secure connection where ORACLE_HOME/bin has not given the permission of the shared permissions to support TWO_TASK.

The reason why is very simple: you removed the SUID permission on the file oracle. When the user executes a local connection, he essentially tries to run the executable oracle, but because the SUID is not set, it's not tried as user oracle but rather as EXP_BKP. As user EXP_BKP does not have permission to run this file, it will not be executed

i.e.

SETUID AND SETGID for the Oracle

$ id
uid=241(test1) gid=202(users) groups=1(staff),13(dba)
$
$ cd $ORACLE_HOME/bin
$ ls -ltr oracle
-rwxr-xr-x    1 oracle   dba       136803483 Mar 16 20:32 oracle
$
$ chmod 6751 oracle
$ ls -ltr oracle
-rwsr-s--x    1 oracle   dba       136803483 Mar 16 20:32 oracle
$

Now the question is why such permission is to be given as

ipcs -a

IPC status from as of Fri Apr 27 13:21:23 PDT 2012
T ID KEY MODE OWNER GROUP CREATOR CGROUP CBYTES QNUM QBYTES LSPID LRPID STIME RTIME CTIME
Message Queues:
T ID KEY MODE OWNER GROUP CREATOR CGROUP NATTCH SEGSZ CPID LPID ATIME DTIME CTIME
Shared Memory:
m 8 0x759c6b1c --rw-rw---- oracle dba oracle dba 2 1895833600 7173 18689 13:21:21 13:21:21 14:56:53
T ID KEY MODE OWNER GROUP CREATOR CGROUP NSEMS OTIME CTIME
Semaphores:
s 14 0xab90108c --ra-ra---- oracle dba oracle dba 154 11:23:28 14:56:55

So it will not be able to use shared memory which is used by ORACLE to execute.

So either we change the user permission to be equivalent to oracle user or set the oracle binary to perform two task.

Published on

Oracle Issues Statement
REDWOOD SHORES, Calif., September 4, 2012

Oracle issued the following statement today:

Previously, Oracle announced that it would stop developing new versions of its software on Itanium microprocessors. For example, that meant version 12c of the Oracle database due out in early 2013 would not be available on Itanium.

However, a judge recently ruled that Oracle has a contract to continue porting its software to Itanium computers for as long as HP sells Itanium computers.

Therefore, Oracle will continue building the latest versions of its database and other software covered by the judge's ruling to HP Itanium computers. Oracle software on HP's Itanium computers will be released on approximately the same schedule as Oracle software on IBM's Power systems.

http://www.oracle.com/us/corporate/features/itanium-346707.html?origref=http://www.oracle.com/us/corporate/press/346696

Published on

In order to restore the database until a specific time with your rman catalogue

RUN the following queries in the RMAN CATALOG

sqlplus <catlog user>/<password>@<catlog tns>

alter session set nls_date_format='DD-MM-yyyy hh:mi:ss';
select DB_NAME,STATUS,COMPLETION_TIME from RC_BACKUP_CONTROLFILE where DB_NAME='CRMPROD' and rownum < 11 order by CREATION_TIME;

now from here chose the date the time till when we need to restore the Database.

and place in the restoration script

export ORACLE_HOME={ORACLE HOME}
export ORACLE_SID={ORACLE SID}
$ORACLE_HOME/bin/rman catalog=<catlog user>/<password>@<catlog tns> << EOF
connect target /
run
{
set until time "to_date('16-08-2012 02:56:03','dd-mm-yyyy- hh24:mi:ss')";
allocate channel c1 device type 'sbt_tape' parms 'ENV=(TDPO_OPTFILE=/usr/tivoli/tsm/client/oracle/bin64/tdpo.opt)';
restore database ;
release channel c1;
}
EOF

 

Published on
Prerequisites
  1. Need Separate mount point 11g OEM Agent
  2. Need Binaries for 11g OEM Agent
  3. Validate /etc/hosts entry for similar entry for the host in both target and the host-server.
  4. Validate the pings to the host and source and the source to host
  5. Need the validation of OEM configuration and passwords:
    1. OMS_HOST=XXX.XX.XX.XXX
    2. OMS_PORT=XXXX
    3. AGENT_REGISTRATION_PASSWORD=XXXXXXXXX
    4. Validate the permission for the host and the folders.

Installation Process

    1. Unzip the binary.

Set the additional_responce.rsp with the following parameter

  1. SECURITY_UPDATES_VIA_MYORACLESUPPORT=FALSE
  2. DECLINE_SECURITY_UPDATES=TRUE
  3. ORACLE_AGENT_HOME_LOCATION=/OEMAGENT11G/oracle/oemagent
  4. b_silentInstall=true
  5. OMS_HOST=<OEM HOST>
  6. OMS_PORT=<OEM PORT>
  7. AGENT_REGISTRATION_PASSWORD=<PLEASE SET THE PASSWORD>
  8. Create ORACLE_AGENT_HOME_LOCATION.

Unset the following ORACLE PARAMETERS(Ensure that there are no entry in this to your production DB/CLUSTER/10g AGENT home)

  1. ORACLE_HOME
  2. ORACLE_SID
  3. LIBPATH
  4. LD_LIBRARY_PATH
  5. PATH

<UNZIP_DIR>/<runInstaller> -silent -responseFile <location>/additional_agent.rspRun the installation

        1. After the completion of the setup and validate from the logs and then validate the agent status

 

Login to the OEM and configure the database via valid credentials

  1. ORACLE_HOME
  2. Dbsnmp password
  3. ORACLE_SID
  4. LISTENER Port

Installation Complete

Published on

Upgrade 10.2.0.1 to 10.2.0.5

I had done this in  VMWARE in OEL REDHAT 5
the process remains same for almost all the other server act just can vary with some minute OS level difference.
download the patch 8202632 for your operating system.
in this case LINUX

p8202632_10205_LINUX.zip
unzip this file
Check that the
Step 1: Prerequisites check before applying the patch set (8202632).

Check your dba_registry view oracle database components status is valid or not, version is 10.2.0.1. Have a look at the below output

SQL> Select comp_name, version, status from sys.dba_registry;

Check your v$version view

SQL> select * from v$version;

Check your database objects are valid or not

SQL> select object_name,status from dba_objects where status='INVALID';
No rows selected

In my environment, here are no invalid objects. If you have any invalid objects then you have to really

Validate your database objects through the below scripts

SQL> exec utl_recomp.recomp_serial (); -> this is for all user’s objects across the database

Then stop all the process like sql, emctl, tnslistener and shutdown your database.

$ sqlplus / as sysdba
SQL> shutdown immediate

$ isqlplusctl stop

$ emctl stop dbconsole
$ lsnrctl stop

Step 2:

Do take Cold Backup of your oracle database 10g and $ORACLE_HOME using Operating system ( This is just in case of any failuir)

Install the patch set 10.2.0.5

$ cd <path of 8202632 path>
$ unzip p8202632_10205_Linux.zip
$ cd Disk1/
$ ./runInstaller

after this please follow the floowing step:

cd $ORACLE_HOME/rdbms/admin
sqlplus "/as sysdba"
SQL>startup upgrade;
SQL>@catupgrd.sql
SQL>shutdown immediate;
SQL>startup;
SQL>@utlrp.sql
SQL> select object_name,status from dba_objects where status='INVALID';

Validate INVALID Objests if any

Congratulation's now you have upgraded the Database from 10.2.0.1 to 10.2.0.5....

Published on 
export ORACLE_HOME={ORACLE_HOME}
export ORACLE_SID={ORACLE_SID}
$ORACLE_HOME/bin/rman catalog=[username]/[PASSWORD]@[RMANCAT_TNS_NAME]  << EOF
connect target /
run
{
allocate channel c1 device type 'sbt_tape' parms 'ENV=(TDPO_OPTFILE=/usr/tivoli/tsm/client/oracle/bin64/tdpo.opt)';
restore controlfile from autobackup;
alter database mount;
restore database;
release channel c1;
}
EOF

Published on

A Normal process to Bounce the ORACLE ERP Apache

$ id
uid=113(appldev) gid=105(dba)

$ cd $APPLCSF/scripts/$CONTEXT_NAME
$ ls -ltr
total 41898
-rwx------   1 appldev    dba          14568 Jun 13 19:55 adpreclone.pl
-rwx------   1 appldev    dba           6870 Jun 13 19:55 adexecsql.pl
-rwx------   1 appldev    dba           5805 Jun 13 19:56 adstpall.sh
-rwx------   1 appldev    dba           5857 Jun 13 19:56 adstrtal.sh
-rwx------   1 appldev    dba           1544 Jun 13 19:56 adautocfg.sh
-rwx------   1 appldev    dba           6782 Jun 13 19:56 adalnctl.sh
-rwx------   1 appldev    dba           6817 Jun 13 19:56 adfmcctl.sh
-rwx------   1 appldev    dba           5406 Jun 13 19:56 adtcfctl.sh
-rwx------   1 appldev    dba          22860 Jun 13 19:56 adapcctl.sh
-rwx------   1 appldev    dba          10400 Jun 13 19:56 adaprstctl.sh
-rwx------   1 appldev    dba           6006 Jun 13 19:56 adfmsctl.sh
-rwx------   1 appldev    dba           7467 Jun 13 19:57 addisctl.sh
-rwx------   1 appldev    dba           6187 Jun 13 20:06 jtffmctl.sh
-rwx------   1 appldev    dba           8132 Jun 15 13:15 adfrmctl.sh
-rwx------   1 appldev    dba           2699 Jun 15 13:15 gsmstart.sh
-rw-rw-rw-   1 appldev    dba          17376 Jun 19 03:22 sqlnet.log
-rw-------   1 appldev    dba        21309396 Jun 20 16:39 core
$ adapcctl.sh status

adapcctl.sh version 115.55

Apache Web Server Listener :httpd ( pid 19488 ) is running.
Apache Web Server Listener (PLSQL) :httpd ( pid 19541 ) is running.

adapcctl.sh: exiting with status 0

$ adapcctl.sh stop

adapcctl.sh version 115.55

Apache Web Server Listener :httpd ( pid 19488 ) is running.
Stopping Apache Web Server Listener (dedicated HTTP) ...
Apache Web Server Listener (PLSQL) :httpd ( pid 19541 ) is running.
Stopping Apache Web Server Listener (dedicated PLSQL) ...

adapcctl.sh: exiting with status 0

$ adapcctl.sh start

adapcctl.sh version 115.55

Apache Web Server Listener is not running.
Starting Apache Web Server Listener (dedicated HTTP) ...
Apache Web Server Listener (PLSQL) is not running.
Starting Apache Web Server Listener (dedicated PLSQL) ...

adapcctl.sh: exiting with status 0

Published on

Sometime after the Exadata installation, we find the Enterprise manager Does not Detect the DB NODE and all the cluster properly.

This is due to that OEM 12 C agent was configured by the properly while installation. (this have been noticed many times)

Solution:

$AGENT_HOME/bin/emctl config agent addinternaltargets 

$AGENT_HOME/bin/emctl stop agent 

$AGENT_HOME/bin/emctl clearstate agent 

$AGENT_HOME/bin/emctl secure agent <password> 

$AGENT_HOME/bin/emctl start agent 

$AGENT_HOME/bin/emctl upload 

$AGENT_HOME/bin/emctl status agent

After this, you will be able to process

Published on

1. take new raw device name from your Unix team (like /dev/rdisk/disk20)
2. make sure that you get its ownership change to oracle:dba
3. Add the new device name in asm_diskstring parameter dynamically as like below statement; in this statement only /dev/rdisk/disk20 disk is being added, all other existed previously:

alter system set asm_diskstring='/dev/rdisk/disk4','/dev/rdisk/disk6','/dev/rdisk/disk10','/dev/rdisk/disk12','/dev/rdisk/disk14','/dev/rdisk/disk16','/dev/rdisk/disk18','/dev/rdisk/disk20';

4. To verify, that new disk has been detected by ASM, you can check the value of column HEADER_STATUS from V$ASM_DISK,
it will show CANDIDATE here(Disk is not part of a disk group and may be added to a disk group with the ALTER DISKGROUP statement).

SQL> select GROUP_NUMBER,NAME,state,HEADER_STATUS,PATH from v$asm_disk;

GROUP_NUMBER NAME STATE HEADER_STATU PATH
------------ ------------------------------ -------- ------------ ------------------------------
0 NORMAL CANDIDATE /dev/rdisk/disk20
1 DATA_0000 NORMAL MEMBER /dev/rdisk/disk4
1 DATA_0001 NORMAL MEMBER /dev/rdisk/disk6
2 REDO_0000 NORMAL MEMBER /dev/rdisk/disk10
2 REDO_0001 NORMAL MEMBER /dev/rdisk/disk12
2 REDO_0002 NORMAL MEMBER /dev/rdisk/disk14
2 REDO_0003 NORMAL MEMBER /dev/rdisk/disk16
2 REDO_0004 NORMAL MEMBER /dev/rdisk/disk18

8 rows selected.

5. Add the disk to diskgroup :

ALTER DISKGROUP DATA ADD DISK '/dev/rdisk/disk20' REBALANCE POWER 1;

6. Again query v$asm_disk to verify that disk has been added.

SQL> select GROUP_NUMBER,NAME,state,HEADER_STATUS,PATH from v$asm_disk;

GROUP_NUMBER NAME STATE HEADER_STATU PATH
------------ ------------------------------ -------- ------------ ------------------------------
1 DATA_0000 NORMAL MEMBER /dev/rdisk/disk4
1 DATA_0001 NORMAL MEMBER /dev/rdisk/disk6
2 REDO_0000 NORMAL MEMBER /dev/rdisk/disk10
2 REDO_0001 NORMAL MEMBER /dev/rdisk/disk12
2 REDO_0002 NORMAL MEMBER /dev/rdisk/disk14
2 REDO_0003 NORMAL MEMBER /dev/rdisk/disk16
2 REDO_0004 NORMAL MEMBER /dev/rdisk/disk18
1 DATA_0002 NORMAL MEMBER /dev/rdisk/disk20

8 rows selected.

SQL> select GROUP_NUMBER,NAME,state,HEADER_STATUS,PATH,total_mb,free_mb from v$asm_disk;

GROUP_NUMBER NAME STATE HEADER_STATU PATH TOTAL_MB FREE_MB
------------ ------------------------------ -------- ------------ ------------------------------ ---------- ----------
1 DATA_0000 NORMAL MEMBER /dev/rdisk/disk4 157184 2766
1 DATA_0001 NORMAL MEMBER /dev/rdisk/disk6 157184 2756
2 REDO_0000 NORMAL MEMBER /dev/rdisk/disk10 768 241
2 REDO_0001 NORMAL MEMBER /dev/rdisk/disk12 768 243
2 REDO_0002 NORMAL MEMBER /dev/rdisk/disk14 768 248
2 REDO_0003 NORMAL MEMBER /dev/rdisk/disk16 768 245
2 REDO_0004 NORMAL MEMBER /dev/rdisk/disk18 768 247
1 DATA_0002 NORMAL MEMBER /dev/rdisk/disk20 157184 154356

8 rows selected.

7. Free space added is now being reflected in v$asm_diskgroup:

SQL> select NAME,TOTAL_MB,FREE_MB from v$asm_diskgroup;

NAME TOTAL_MB FREE_MB
------------------------------ ---------- ----------
DATA 471552 159878
REDO 3840 1224

 

Published on

Find the command set to create the Oracle Database 10g:

please make sure that ORACLE HOME is set :

$ echo $ORACLE_HOME
/orahome/product/10g

YOU CAN CHANGE THE PARAMETER AS PER YOUR REQUIREMENTS:

CREATE DATABASE TEST
LOGFILE GROUP 1 ('+TESTDATA','+TESTDATA') SIZE 500M,
GROUP 2 ('+TESTDATA','+TESTDATA') SIZE 500M
MAXLOGFILES 5
MAXLOGMEMBERS 5
MAXLOGHISTORY 1
MAXDATAFILES 100
MAXINSTANCES 1
CHARACTER SET US7ASCII
NATIONAL CHARACTER SET AL16UTF16
DATAFILE '+TESTDATA' SIZE 325M REUSE
EXTENT MANAGEMENT LOCAL
SYSAUX DATAFILE '+TESTDATA' SIZE 325M REUSE
DEFAULT TEMPORARY TABLESPACE TEMP TEMPFILE '+TESTDATA' SIZE 200M REUSE
UNDO TABLESPACE UNDOTBS1
DATAFILE '+TESTDATA'
SIZE 200M REUSE AUTOEXTEND ON MAXSIZE UNLIMITED;