Archive for October, 2015

Automating Oracle database startup and shutdown on Linux.

If you are using Oracle Clusterware 10gR2 or above for RAC or just for a single instance using ASM, the Clusterware automatically starts and stops the Oracle database instances and listeners, so the following procedures are not necessary. Where the Clusterware is not being used, these methods allow you to automate the startup and shutdown of Oracle databases on Linux.
The following represents the Oracle recommended method for automating database startup and shutdown of Oracle 9i instances on Linux, but it works equally well for Oracle 10g, 11G and 12c also. It can be used on any RHEL-style distribution, including Oracle Linux, up to and including Oracle Linux 7.

The below example was created on Oracle Linux 7 and Oracle database 11gR2.
Once the instance is created, edit the /etc/oratab file setting the restart flag for each instance to ‘Y’.


Create a file called ‘/etc/init.d/dbora’ as the root user, containing the following code.

# chkconfig: 345 99 10
# description: Oracle auto start-stop script.
# Set ORA_HOME to be equivalent to the $ORACLE_HOME
# from which you wish to execute dbstart and dbshut;
# Set ORA_OWNER to the user id of the owner of the 
# Oracle database in ORA_HOME.

export ORACLE_UNQNAME=orcl11gr2

if [ ! -f $ORA_HOME/bin/dbstart ]
    echo "Oracle startup: cannot start"

case "$1" in
        # Start the Oracle databases:
        # The following command assumes that the oracle login 
        # will not prompt the user for any values
        # Remove "&" if you don't want startup as a background process.
        #su $ORA_OWNER -c "$ORA_HOME/bin/lsnrctl start" &
        su $ORA_OWNER -c "$ORA_HOME/bin/dbstart $ORA_HOME" &
        touch /var/lock/subsys/dbora
        # Stop the Oracle databases:
        # The following command assumes that the oracle login 
        # will not prompt the user for any values
        su $ORA_OWNER -c "$ORA_HOME/bin/dbshut $ORA_HOME"
        #su $ORA_OWNER -c "$ORA_HOME/bin/lsnrctl stop"
        rm -f /var/lock/subsys/dbora

The lines to start and stop the listener are no longer needed under Oracle 10g Release 2 onward, as the dbstart command includes an automatic start of the listener. If you still need the commands to start and stop listener – just unhash them.
Use the chmod command to set the privileges to 750:

chmod 750 /etc/init.d/dbora

Associate the ‘dbora’ service with the appropriate run levels and set it to auto-start using the following command.

chkconfig --add dbora

The relevant instances should now startup/shutdown automatically at system startup/shutdown.
Now to start the database run the command as root user:

service dbora start

Similarly to stop the database run the command as root user:

service dbora stop

How to set the default boot entry in Oracle Linux 7 (for example, set the UEK as the default boot kernel)?

GRUB 2 can load many operating systems in addition to Oracle Linux and it can chain-load proprietary operating systems. GRUB 2 understands the formats of file systems and kernel executables, which allows it to load an arbitrary operating system without needing to know the exact location of the kernel on the boot device. GRUB 2 requires only the file name and drive partitions to load a kernel. You can configure this information by using the GRUB 2 menu or by entering it on the command line.
Do not edit the GRUB 2 configuration file directly. On BIOS-based systems, the configuration file is /boot/grub2/grub.cfg, on UEFI-based systems, the configuration file is /boot/efi/EFI/redhat/grub.cfg.
The grub2-mkconfig command generates the configuration file using the template scripts in /etc/grub.d and menu-configuration settings taken from the configuration file /etc/default/grub.
The default menu entry is determined by the value of the GRUB_DEFAULT parameter in /etc/default/grub. The value saved allows you to use the grub2-set-default (sets the default entry for all subsequent reboots) and grub2-reboot (sets the default entry for the next reboot only) commands to specify the default entry.
If you specify a numeric value as the value of GRUB_DEFAULT or as an argument to either grub2-reboot or grub2-set-default, GRUB 2 counts the menu entries in the configuration file starting at 0 for the first entry.

To set the UEK as the default boot kernel, first, display the menu entries that are defined in the configuration file, for example:

# grep '^menuentry' /boot/grub2/grub.cfg
menuentry 'Oracle Linux Everything, with Linux 3.10.0-123.el7.x86_64' ... {
menuentry 'Oracle Linux Everything, with Linux 3.8.13-35.2.1.el7uek.x86_64' ... {
menuentry 'Oracle Linux Everything, with Linux 0-rescue-052e316f566e4a45a3391cff21b4174b' ... {

In this example for a BIOS-based system, the configuration file is /boot/grub2/grub.cfg, which contains menu entries 0, 1, and 2 that correspond to the RHCK, UEK, and the rescue kernel respectively.
Enter the following commands to make the UEK (entry 1) the default boot kernel:

# grub2-set-default 1
# grub2-mkconfig -o /boot/grub2/grub.cfg 

Alternatively, you can specify the value of the text of the entry as a string enclosed in quotes.

# grub2-set-default 'Oracle Linux Everything, with Linux 3.8.13-35.2.1.el7uek.x86_64'
# grub2-mkconfig -o /boot/grub2/grub.cfg 
Categories: Oracle Linux, OS Tags: ,

How to simplify Oracle Database 11gR2 and 12cR1 installation on Oracle Linux 7.

Before installing Oracle Database 11g or 12c on a Linux system, you need to preconfigure the operating system environment since the Oracle database requires certain software packages, package versions, and tweaks to kernel parameters.
You can do it manually – be sure to review the appropriate Oracle Database installation guide to familiarize yourself with hardware, software, and operating system requirements. On Oracle Linux, however, there is a remarkably easy way to address these installation prerequisites automatically.
First, depending on your database version, install either the RPM package called oracle-rdbms-server-11gR2-preinstall or oracle-rdbms-server-12cR1-preinstall (formerly known as oracle-validated). This RPM packages performs a number of preconfiguration steps, including the following:
1. Automatically downloading and installing any additional software packages and specific package versions needed for installing Oracle Grid Infrastructure and 11g Release 2 ( or Oracle Database 12 c Release 1 (12.1), with package dependencies resolved via yum or up2date capabilities.
2. Creating the user oracle and the groups oinstall (for OraInventory) and dba (for OSDBA), which are used during database installation. For security purposes, this user has no password by default and cannot log in remotely. To enable remote login, you need to set a password manually.
3. Modifying kernel parameters in /etc/sysctl.conf file to change settings for shared memory, semaphores, the maximum number of file descriptors, and so on.
4. Setting hard and soft shell resource limits in /etc/security/limits.conf file, such as the locked-in memory address space, the number of open files, the number of processes, and core file size.
5. Setting numa=off in the kernel for x86_64 machines.
Note that oracle-rdbms-server-11gR2-preinstall or oracle-rdbms-server-12cR1-preinstall parses the existing /etc/sysctl.conf and /etc/security/limits.conf files and updates values only as needed for database installation. Any precustomized settings not related to database installation are left as is.
The oracle-rdbms-server-11gR2-preinstall and oracle-rdbms-server-12cR1-preinstall RPM packages are accessible through the Oracle Unbreakable Linux Network (ULN, which requires a support contract), from the Oracle Linux distribution media, or from the Oracle public yum repository. In addition, the Oracle public yum repository now includes all security and bug errata, ensuring systems are secured and stable with the latest security updates and bug fixes.
To install the oracle-rdbms-server-11gR2-preinstall package with YUM repository use the following command (as root):

[root@orclprod ~]# yum -y --enablerepo=ol7_addons install oracle-rdbms-server-11gR2-preinstall.x86_64

To check what the above package changed, you could use the following command (you should see something like this “# oracle-rdbms-server-11gR2-preinstall setting for …” if the preinstall package was installed successfully):

[root@orclprod ~]# more /etc/sysctl.conf
# oracle-rdbms-server-11gR2-preinstall setting for fs.file-max is 6815744
fs.file-max = 6815744
# oracle-rdbms-server-11gR2-preinstall setting for kernel.sem is '250 32000 100 
kernel.sem = 250 32000 100 128
# oracle-rdbms-server-11gR2-preinstall setting for net.ipv4.ip_local_port_range 
is 9000 65500
net.ipv4.ip_local_port_range = 9000 65500

In the perfect world, we should trust the preinstall package and proceed with the Oracle database installation. But I would prefer to check and verify what the preinstall package did and what not. And to do this I’ll use the script.
RDA stands for “Remote Diagnostic Agent” and is a script that can be run to obtain information on the system that it is being run on. Oracle Support will often ask for the results of running this script (which is normally and HTML formatted report), so that they can very quickly with minimal effort of the DBA get an overall picture of the setup and potentially information on the problem/issue.
First, we need to download script – it can be download from the Metalink note 314422.1, Remote Diagnostic Agent (RDA) ā€“ Getting Started.
Then unzip the tool as user oracle:

[oracle@orclprod ~]$ unzip

Execute the script as follows (parameters HCVE stand for Health Check Validation Engine):

[oracle@orclprod ~]$ ./ -T hcve

You will be prompted to answer a question ā€“ what ruleset to use (what configuration we want to analyse for):

Processing HCVE tests ...
Available Pre-Installation Rule Sets:
   1.  Oracle Database 10g R1 (10.1.0) Preinstall (Linux)
   2.  Oracle Database 10g R2 (10.2.0) Preinstall (Linux)
   3.  Oracle Database 11g R1 (11.1) Preinstall (Linux)
   4.  Oracle Database 11g R2 (11.2.0) Preinstall (Linux)
   5.  Oracle Database 12c R1 (12.1.0) Preinstallation (Linux)

In this case, I am checking for 11.2.0 Preinstall (Linux) which is option 4 – below is a transcript of this:

Enter the HCVE rule set number or 0 to cancel the test
Press Return to accept the default (0)
> 4

Performing HCVE checks ...
Enter value for < Planned ORACLE_HOME location >
> /u01/app/oracle/products/1120    

Enter value for < JDK Home >

Test "Oracle Database 11g R2 (11.2.0) Preinstall (Linux)" executed at 21-Oct-2015 12:27:33

Test Results
ID     NAME                 RESULT  VALUE
====== ==================== ======= ==========================================
A00010 OS Certified?        WARNING
A00020 User in /etc/passwd? PASSED  userOK
A00040 Group in /etc/group? PASSED  GroupOK
A00050 Enter ORACLE_HOME    RECORD  /u01/app/oracle/products/1120
A00060 ORACLE_HOME Valid?   FAILED  OHnotvalid
A00070 O_H Permissions OK?  SKIPPED Requires valid Oracle home
A00080 oraInventory Permiss PASSED  oraInventoryNotFound
A00090 Got Software Tools?  FAILED  ArElsewhere LdElsewhere NmElsewhere M...
A00100 Umask Set to 022?    PASSED  UmaskOK
A00120 Limits Processes     PASSED  Adequate
A00125 Limits Stacksize     PASSED  Adequate
A00130 Limits Descriptors   PASSED  Adequate
A00180 JAVA_HOME Unset?     PASSED  UnSet
A00190 Enter JDK Home       RECORD  
A00200 JDK Version          FAILED  JDK home is missing
A00210 Other O_Hs in PATH?  PASSED  NoneFound
A00220 Other OUI Up?        PASSED  NoOtherOUI
A00230 Temp Adequate?       PASSED  TempSpaceOK
A00240 Disk Space OK?       SKIPPED Requires valid Oracle home
A00250 Swap (in MB)         RECORD  3967
A00260 RAM (in MB)          PASSED  7985
A00270 Swap OK?             FAILED  SwapLessThanRam
A00280 Network              PASSED  Connected
A00290 IP Address           RECORD
A00300 Domain Name          RECORD  NotFound
A00310 DNS Lookup           FAILED  nslookup host.domain
A00320 /etc/hosts Format    FAILED  No entry found
A00330 Kernel Parameters OK PASSED  KernelOK
A00380 Tainted Kernel?      PASSED  NotVerifiable
A00400 ip_local_port_range  PASSED  RangeOK
A00480 OL4 RPMs OK?         SKIPPED NotOL4
A00490 OL5 RPMs OK?         SKIPPED NotOL5
A00500 OL6 RPMs OK?         SKIPPED NotOL6
A00510 OL7 RPMs OK?         FAILED  [glibc(i686)] not installed [glibc-de...
A00530 RHEL4 RPMs OK?       SKIPPED NotRedHat
A00540 RHEL5 RPMs OK?       SKIPPED NotRedHat
A00550 RHEL6 RPMs OK?       SKIPPED NotRedHat
A00560 RHEL7 RPMs OK?       SKIPPED NotRedHat
A00570 SLES10 RPMs OK?      SKIPPED NotSuSE
A00580 SLES11 RPMs OK?      SKIPPED NotSuSE
Result file: output/collect/DB_HCVE_A_DB11R2_lin_res.htm

As you can see, we have a bit of work to do, even after the preinstall package installed. So, first of all we need to take care of missing packages. The ‘A00310 DNS Lookup’ and ‘A00320 /etc/hosts Format’ could be ignore – especially, if you don’t have a DNS server. If the ping command resolve tha server name, then it should work. Swap size also could be ignore (4GB will be more than enough).
By the way, many people follow an old rule of thumb that your swap partition should be twice the size of your main system RAM. This rule is a pure nonsense. On a modern system, that’s a lot of RAM, most people prefer that their systems never swap. You don’t want your system to ever run out of RAM+swap, but you usually would rather have enough RAM in the system, so it doesn’t need to swap. The more RAM a system has the less swap space it typically needs.
So what is the lesson learned? Trust, but verify. Alternatively, RTFM šŸ™‚

How to stop/start and disable/enable firewall on Oracle Linux 7.

Fedora 18 introduced firewalld as a replacement for the previous iptables service. Since RHEL7 and Oracle Linux 7 are based on Fedora 19, the switch from iptables service to firewalld is now part of the Enterprise Linux distributions.
The firewall on Oracle Linux 7 system is enabled by default. Normally there should not be a need to disable firewall but it may be quite handy for testing purposes etc. The firewall runs as firewalld daemon. Bellow command can be used to check the firewall status:

[root@orclprod ~]# systemctl status firewalld
firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)
   Active: active (running) since Fri 2015-10-16 14:54:37 CEST; 18s ago
 Main PID: 2481 (firewalld)
   CGroup: /system.slice/firewalld.service
           LĀ¦2481 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid

Oct 16 14:54:37 orclprod systemd[1]: Started firewalld - dynamic firewall d...n.
Hint: Some lines were ellipsized, use -l to show in full.

From the above output we can see that the firewall is enabled, which means it will start automatically after reboot and that is also current active. Furthermore, you can even check all currently applied rules with:

[root@orclprod ~]# iptables-save

You need to distinguish between the iptables service and the iptables command. Although firewalld is a replacement for the firewall management provided by iptables service, it still uses the iptables command for dynamic communication with the kernel packet filter (netfilter). So it is only the iptables service that is replaced, not the iptables command. That can be a confusing distinction at first.
The firewall on Oracle Linux 7 system can be stopped by a following command:

[root@orclprod ~]# service firewalld stop
Redirecting to /bin/systemctl stop  firewalld.service

Stopped firewall will start again after system’s reboot. To start firewall use the following command:

[root@orclprod ~]# service firewalld start
Redirecting to /bin/systemctl start  firewalld.service

In order to completely disable OL7 firewall, so it would not start after reboot, run:

[root@orclprod ~]# systemctl disable firewalld
rm '/etc/systemd/system/'
rm '/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service'

Now the firewall would not start after system’s reboot. To enable the firewall again run:

[root@orclprod ~]# systemctl enable firewalld
ln -s '/usr/lib/systemd/system/firewalld.service' '/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service'
ln -s '/usr/lib/systemd/system/firewalld.service' '/etc/systemd/system/'
Categories: Oracle Linux, OS Tags: , ,

How to disable SELinux on Oracle Linux 7.

Security-Enhanced Linux (SELinux) is an implementation of security policies for operating systems that provides a mechanism to support and help control access in the linux kernel. On Red Hat Enterprise Linux 7 (RHEL 7), CentOS 7 and Oracle Linux 7 (OL7), SELinux services were installed by default. The following tutorial will show you the basic steps to permanently disable SELinux on OL7 – should works also on RHEL 7 and CentOS 7.
You can check the SELinux status with the following command:

[root@orclprod ~]# sestatus
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   enforcing
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      28

To disable SELinux you have to change the “SELINUX=enforcing” to “SELINUX=disabled” in the /etc/sysconfig/selinux configuration file:

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
# SELINUXTYPE= can take one of these two values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.

Then reboot the server to take effect and check the SELinux status once again just to make sure:

[root@orclprod ~]# sestatus
SELinux status:                 disabled
Categories: Oracle Linux, OS Tags: , ,

How to turn on the network connection during Oracle Linux 7 startup.

First of all check the network interface configuration file located in the /etc/sysconfig/network-scripts folder (in my case it’s the ifcfg-enp0s8 file):

[root@orclprod ~]# more /etc/sysconfig/network-scripts/ifcfg-enp0s8

Be sure that ONBOOT setting is set on yes – this should do the trick.
Be aware that while configuring the network on command line, the GUI could not catching up with the updates you made. It will be synchronised by rebooting the server (network interface restart should also fix this issue).

Categories: Oracle Linux, OS Tags: , ,

How to turn on the NetworkManager on Oracle Linux 7.

NetworkManager is a dynamic network control and configuration system that attempts to keep network devices and connections up and active when they are available. NetworkManager consists of a core daemon, a GNOME Notification Area applet that provides network status information, and graphical configuration tools that can create, edit and remove connections and interfaces. NetworkManager can be used to configure the following types of connections: Ethernet, wireless, mobile broadband (such as cellular 3G), and DSL and PPPoE (Point-to-Point over Ethernet). In addition, NetworkManager allows for the configuration of network aliases, static routes, DNS information and VPN connections, as well as many connection-specific parameters. Finally, NetworkManager provides a rich API via D-Bus which allows applications to query and control network configuration and state.
The NetworkManager daemon runs with root privileges and is usually configured to start up at boot time. You can determine whether the NetworkManager daemon is running by entering the following command:

[root@orclprod ~]# service NetworkManager status
Redirecting to /bin/systemctl status  NetworkManager.service
NetworkManager.service - Network Manager
   Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service; disabled)
   Active: inactive (dead)

The service command will report NetworkManager is stopped if the NetworkManager service is not running. To start it for the current session use the following command:

[root@orclprod ~]# service NetworkManager start
Redirecting to /bin/systemctl start  NetworkManager.service

Run the chkconfig command to ensure that NetworkManager starts up every time the system boots:

[root@orclprod ~]# chkconfig NetworkManager on
Note: Forwarding request to 'systemctl enable NetworkManager.service'.
ln -s '/usr/lib/systemd/system/NetworkManager.service' '/etc/systemd/system/dbus-org.freedesktop.NetworkManager.service'
ln -s '/usr/lib/systemd/system/NetworkManager.service' '/etc/systemd/system/'
ln -s '/usr/lib/systemd/system/NetworkManager-dispatcher.service' '/etc/systemd/system/dbus-org.freedesktop.nm-dispatcher.service'