oracle uses linux mint
as soon as one wants to use encryption oracle needs a wallet to be created. when using orapki to create the wallet there is an option “-auto_login” that might be used to enable the database to auto open the wallet with each startup. there seems to be a misunderstanding that you might not change this after the wallet was created. let’s see:
orapki wallet create -wallet . -pwd "blabla1234" Oracle PKI Tool : Version 12.1.0.1 Copyright (c) 2004, 2012, Oracle and/or its affiliates. All rights reserved. dbs300@oel6.lcsys.ch lcsdb:/oradata/dbs300/wallet $ ls -la total 12 drwxr-x--- 2 lcsdb lcsi 4096 11. Nov 22:54 ./ drwxr-x--- 12 lcsdb lcsi 4096 11. Nov 16:03 ../ -rw------- 1 lcsdb lcsi 2856 11. Nov 22:54 ewallet.p12 -rw------- 1 lcsdb lcsi 0 11. Nov 22:54 ewallet.p12.lck
this created the wallet without the “-auto_login” option, thus requires us to provide the wallet password with each database restart. letting orapki print its help:
orapki wallet -h
Oracle PKI Tool : Version 12.1.0.1
Copyright (c) 2004, 2012, Oracle and/or its affiliates. All rights reserved.
Invalid command: -h
wallet:
create [-wallet [wallet]] [[-pwd ] [-auto_login|-auto_login_local]] | [-auto_login_only]
display [-wallet [wallet]] [-pwd ]
change_pwd [-wallet [wallet]] [-oldpwd ] [-newpwd ]
add [-wallet [wallet]]
<-self_signed [-validity [days]] | [-valid_from [mm/dd/yyyy] -valid_until [mm/dd/yyyy]]
[-serial_file ] | [-serial_num ]>
[-pwd ] | [-auto_login_only]
[-sign_alg ]
remove [-wallet [wallet]] [-dn [dn]] [-trusted_cert_all|-trusted_cert|-user_cert|-cert_req]
[-pwd ] | [-auto_login_only]
export [-wallet [wallet]] [-dn [dn]] [-cert [filename] | -request [filename]] [-pwd ]
export_trust_chain [-wallet [wallet]] [-certchain [filename]] [-dn [user_cert_dn]] [-pwd ]
upload [-wallet [wallet]] [-ldap [host:port]] [-user [user]] [-userpwd [userpwd]] [-pwd ]
download [-wallet [wallet]] [-ldap [host:nonsslport]] [-user [user]] [-userpwd [userpwd]] [-pwd ]
jks_to_pkcs12 [-wallet [wallet]] [-pwd ] [-keystore [keystore]] [-jkspwd [jkspwd]]
pkcs12_to_jks [-wallet [wallet]] [-pwd ] [-jksKeyStoreLoc -jksKeyStorepwd ]
[-jksTrustStoreLoc -jksTrustStorepwd ]
p11_add [-wallet [wallet]] [-p11_lib ] [-p11_tokenlabel ]
[-p11_tokenpw ] [-p11_certlabel ] [-pwd ]
p11_verify [-wallet [wallet]] [-pwd ]
help
it really seems that you can only provide the “-auto_login” option while creating the wallet but not after that point. well, this is an example of misleading syntax as you actually can change the option with “orapki wallet create” without destroying the original wallet:
orapki wallet create -wallet . -pwd "blabla1234" -auto_login Oracle PKI Tool : Version 12.1.0.1 Copyright (c) 2004, 2012, Oracle and/or its affiliates. All rights reserved. dbs300@oel6.lcsys.ch lcsdb:/oradata/dbs300/wallet $ ls -la total 16 drwxr-x--- 2 lcsdb lcsi 4096 11. Nov 22:55 ./ drwxr-x--- 12 lcsdb lcsi 4096 11. Nov 16:03 ../ -rw------- 1 lcsdb lcsi 2901 11. Nov 22:55 cwallet.sso -rw------- 1 lcsdb lcsi 0 11. Nov 22:55 cwallet.sso.lck -rw------- 1 lcsdb lcsi 2856 11. Nov 22:54 ewallet.p12 -rw------- 1 lcsdb lcsi 0 11. Nov 22:54 ewallet.p12.lck
a better orapki help or a better syntax might not be too bad :)
mike dietrich added a counter for the end of premium support to his blog:
https://blogs.oracle.com/UPGRADE/entry/did_you_know
time to prepare …
if you are working on written requirements there is a need to exactly define the meaning of words. The The Internet Engineering Task Force (IETF) already did this for some keywords:
1. MUST This word, or the terms "REQUIRED" or "SHALL", mean that the definition is an absolute requirement of the specification. 2. MUST NOT This phrase, or the phrase "SHALL NOT", mean that the definition is an absolute prohibition of the specification. 3. SHOULD This word, or the adjective "RECOMMENDED", mean that there may exist valid reasons in particular circumstances to ignore a particular item, but the full implications must be understood and carefully weighed before choosing a different course. 4. SHOULD NOT This phrase, or the phrase "NOT RECOMMENDED" mean that there may exist valid reasons in particular circumstances when the particular behavior is acceptable or even useful, but the full implications should be understood and the case carefully weighed before implementing any behavior described with this label. 5. MAY This word, or the adjective "OPTIONAL", mean that an item is truly optional. One vendor may choose to include the item because a particular marketplace requires it or because the vendor feels that it enhances the product while another vendor may omit the same item. An implementation which does not include a particular option MUST be prepared to interoperate with another implementation which does include the option, though perhaps with reduced functionality. In the same vein an implementation which does include a particular option MUST be prepared to interoperate with another implementation which does not include the option (except, of course, for the feature the option provides.)
The whole document can be found here.
there is a nice link on planet.postgres.org to a picture showing the oracle architecture in a funny way
Thanks to Dinesh Kumar for spending work on this…
similar to tree there is a command to show all the mounts in a nice tree like output: findmnt
findmnt
TARGET SOURCE
/ /dev/disk/by-uuid/cb51d0c9-6cde-49c9-ae17-2ca37ecc2f7f
├─/sys sysfs
│ ├─/sys/fs/cgroup
│ │ └─/sys/fs/cgroup/systemd systemd
│ ├─/sys/fs/fuse/connections
│ ├─/sys/kernel/debug
│ ├─/sys/kernel/security
│ └─/sys/fs/pstore
├─/proc proc
│ └─/proc/sys/fs/binfmt_misc binfmt_misc
├─/dev udev
│ └─/dev/pts devpts
└─/run tmpfs
├─/run/lock
├─/run/shm
└─/run/user
└─/run/user/1000/gvfs gvfsd-fuse
Note: I omitted the last to columns to allow the output to fit on screen.
from time to time I am testing different flavors of linux on my workstation/laptop. this time it is fedora 20 (kde edition). tried to install oracle 12c with my simple script and ups:
****** *** creating database SQL*Plus: Release 12.1.0.1.0 Production on Thu Jan 2 17:19:07 2014 Copyright (c) 1982, 2013, Oracle. All rights reserved. ERROR: ORA-12547: TNS:lost contact
the script does not work anymore. what happened? the problem is with the linking phase, reproducable by:
[oracle@localhost ~]$ /opt/oracle/product/base/12.1.0.1/bin/relink all writing relink log to: /opt/oracle/product/base/12.1.0.1/install/relink.log tail -100 /opt/oracle/product/base/12.1.0.1/install/relink.log ..... /usr/bin/ld: /opt/oracle/product/base/12.1.0.1/lib//libnls12.a(lxhclrs.o): undefined reference to symbol '__tls_get_addr@@GLIBC_2.3' /usr/bin/ld: note: '__tls_get_addr@@GLIBC_2.3' is defined in DSO /lib64/ld-linux-x86-64.so.2 so try adding it to the linker command line /lib64/ld-linux-x86-64.so.2: could not read symbols: Invalid operation collect2: error: ld returned 1 exit status make: *** [/opt/oracle/product/base/12.1.0.1/rdbms/lib/rman] Error 1 Error in invoking target 'irman ioracle' of makefile '/opt/oracle/product/base/12.1.0.1/rdbms/lib/ins_rdbms.mk'. See '/opt/oracle/product/base/12.1.0.1/install/relinkActions2014-01-02_05-24-05-PM.log' for details.
asking my favorite search engine gave the right answer
so, here is an updated version of the script which works for fedora20 ( keep in mind that fedora is not supported ):
#!/bin/bash
##################################################
# CONFIGURATION SECTION #
##################################################
# ** location of the database source files
SOURCEPATH=/home/dwe/Downloads
# ** name of the first source file
SOURCE1=linuxamd64_12c_database_1of2.zip
# ** name of the second source file
SOURCE2=linuxamd64_12c_database_2of2.zip
# ** working directory for extracting the source
WORKDIR=/opt/oracle/stage
# ** the oracle top directory
ORATOPDIR=/opt/oracle
# ** the oracle inventory
ORAINVDIR=${ORATOPDIR}/oraInventory
# ** the ORACLE_BASE to use
ORACLE_BASE=${ORATOPDIR}/product/base
# ** the ORACLE_HOME to use
ORACLE_HOME=${ORACLE_BASE}/12.1.0.1
# ** base directory for the oracle database files
ORABASEDIR=/oradata
# the ORACLE_SID to use
ORACLE_SID=orcl
# ** the owner of the oracle software
ORAOWNER=oracle
# ** the primary installation group
ORAINSTGROUP=oinstall
# ** the dba group
ORADBAGROUP=dba
# ** the oper group
ORAOPERGROUP=oper
# ** the backup dba group
ORABACKUPDBA=backupdba
# ** the dataguard dba group
ORADGBAGROUP=dgdba
# ** the transparent data encryption group
ORAKMBAGROUP=kmdba
##################################################
# MAIN SECTION #
##################################################
PFILE=${ORACLE_HOME}/dbs/init${ORACLE_SID}.ora
# print the header
_header() {
echo "*** ---------------------------- ***"
echo "*** -- starting oracle 12c setup ***"
echo "*** ---------------------------- ***"
}
# print simple log messages to screen
_log() {
echo "****** $1 "
}
# check for the current os user
_check_user() {
if [ $(id -un) != "${1}" ]; then
_log "you must run this as ${1}"
exit 0
fi
}
# create the user and the groups
_create_user_and_groups() {
_log "*** checking for group: ${ORAINSTGROUP} "
getent group ${ORAINSTGROUP}
if [ "$?" -ne "0" ]; then
/usr/sbin/groupadd ${ORAINSTGROUP} 2> /dev/null || :
fi
_log "*** checking for group: ${ORADBAGROUP} "
getent group ${ORADBAGROUP}
if [ "$?" -ne "0" ]; then
/usr/sbin/groupadd ${ORADBAGROUP} 2> /dev/null || :
fi
_log "*** checking for group: ${ORAOPERGROUP} "
getent group ${ORAOPERGROUP}
if [ "$?" -ne "0" ]; then
/usr/sbin/groupadd ${ORAOPERGROUP} 2> /dev/null || :
fi
_log "*** checking for group: ${ORABACKUPDBA} "
getent group ${ORABACKUPDBA}
if [ "$?" -ne "0" ]; then
/usr/sbin/groupadd ${ORABACKUPDBA} 2> /dev/null || :
fi
_log "*** checking for group: ${ORADGBAGROUP} "
getent group ${ORADGBAGROUP}
if [ "$?" -ne "0" ]; then
/usr/sbin/groupadd ${ORADGBAGROUP} 2> /dev/null || :
fi
_log "*** checking for group: ${ORAKMBAGROUP} "
getent group ${ORAKMBAGROUP}
if [ "$?" -ne "0" ]; then
/usr/sbin/groupadd ${ORAKMBAGROUP} 2> /dev/null || :
fi
_log "*** checking for user: ${ORAOWNER} "
getent passwd ${ORAOWNER}
if [ "$?" -ne "0" ]; then
/usr/sbin/useradd -g ${ORAINSTGROUP} -G ${ORADBAGROUP},${ORAOPERGROUP},${ORABACKUPDBA},${ORADGBAGROUP},${ORAKMBAGROUP} \
-c "oracle software owner" -m -d /home/${ORAOWNER} -s /bin/bash ${ORAOWNER}
fi
}
# create the directories
_create_dirs() {
_log "*** creating: ${WORKDIR} "
mkdir -p ${WORKDIR}
chown ${ORAOWNER}:${ORAINSTGROUP} ${WORKDIR}
_log "*** creating: ${ORATOPDIR} "
mkdir -p ${ORATOPDIR}
chown ${ORAOWNER}:${ORAINSTGROUP} ${ORATOPDIR}
_log "*** creating: ${ORACLE_BASE} "
mkdir -p ${ORACLE_BASE}
chown ${ORAOWNER}:${ORAINSTGROUP} ${ORACLE_BASE}
_log "*** creating: ${ORACLE_HOME} "
mkdir -p ${ORACLE_HOME}
chown ${ORAOWNER}:${ORAINSTGROUP} ${ORACLE_HOME}
_log "*** creating: ${ORABASEDIR} "
mkdir -p ${ORABASEDIR}
chown ${ORAOWNER}:${ORAINSTGROUP} ${ORABASEDIR}
_log "*** creating: ${ORABASEDIR}/${ORACLE_SID} "
mkdir -p ${ORABASEDIR}/${ORACLE_SID}
chown ${ORAOWNER}:${ORAINSTGROUP} ${ORABASEDIR}/${ORACLE_SID}
_log "*** creating: ${ORABASEDIR}/${ORACLE_SID}/rdo1 "
mkdir -p ${ORABASEDIR}/${ORACLE_SID}/rdo1
_log "*** creating: ${ORABASEDIR}/${ORACLE_SID}/rdo2 "
mkdir -p ${ORABASEDIR}/${ORACLE_SID}/rdo2
_log "*** creating: ${ORABASEDIR}/${ORACLE_SID}/dbf "
mkdir -p ${ORABASEDIR}/${ORACLE_SID}/dbf
_log "*** creating: ${ORABASEDIR}/${ORACLE_SID}/arch "
mkdir -p ${ORABASEDIR}/${ORACLE_SID}/arch
_log "*** creating: ${ORABASEDIR}/${ORACLE_SID}/admin "
mkdir -p ${ORABASEDIR}/${ORACLE_SID}/admin
_log "*** creating: ${ORABASEDIR}/${ORACLE_SID}/admin/adump "
mkdir -p ${ORABASEDIR}/${ORACLE_SID}/admin/adump
_log "*** creating: ${ORABASEDIR}/${ORACLE_SID}/pdbseed "
mkdir -p ${ORABASEDIR}/${ORACLE_SID}/pdbseed
chown -R ${ORAOWNER}:${ORADBAGROUP} ${ORABASEDIR}/${ORACLE_SID}
}
# extract the source files
_extract_sources() {
cp ${SOURCEPATH}/${SOURCE1} ${WORKDIR}
cp ${SOURCEPATH}/${SOURCE2} ${WORKDIR}
chown ${ORAOWNER}:${ORAINSTGROUP} ${WORKDIR}/*
_log "*** extracting: ${SOURCE1} "
su - ${ORAOWNER} -c "unzip -d ${WORKDIR} ${WORKDIR}/${SOURCE1}"
_log "*** extracting: ${SOURCE2} "
su - ${ORAOWNER} -c "unzip -d ${WORKDIR} ${WORKDIR}/${SOURCE2}"
}
# install required software
_install_required_software() {
_log "*** installing required software "
yum install -y binutils compat-libcap1 compat-libstdc++-33 gcc gcc-c++ glibc glibc-devel ksh \
libgcc libstdc++ libstdc++-devel libaio libaio-devel libXext libXtst libX11 libXau libxcb libXi make sysstat
}
# install oracle software
_install_oracle_software() {
_log "*** installing oracle software"
su - ${ORAOWNER} -c "cd ${WORKDIR}/database; ./runInstaller oracle.install.option=INSTALL_DB_SWONLY \
ORACLE_BASE=${ORACLE_BASE} \
ORACLE_HOME=${ORACLE_HOME} \
UNIX_GROUP_NAME=${ORAINSTGROUP} \
oracle.install.db.DBA_GROUP=${ORADBAGROUP} \
oracle.install.db.OPER_GROUP=${ORAOPERGROUP} \
oracle.install.db.BACKUPDBA_GROUP=${ORABACKUPDBA} \
oracle.install.db.DGDBA_GROUP=${ORADGBAGROUP} \
oracle.install.db.KMDBA_GROUP=${ORAKMBAGROUP} \
FROM_LOCATION=../stage/products.xml \
INVENTORY_LOCATION=${ORAINVDIR} \
SELECTED_LANGUAGES=en \
oracle.install.db.InstallEdition=EE \
DECLINE_SECURITY_UPDATES=true -silent -ignoreSysPrereqs -ignorePrereq -waitForCompletion"
${ORAINVDIR}/orainstRoot.sh
${ORACLE_HOME}/root.sh
}
# create a very minimal pfile
_create_pfile() {
_log "*** creating pfile "
echo "instance_name=${ORACLE_SID}" > ${PFILE}
echo "db_name=${ORACLE_SID}" >> ${PFILE}
echo "db_block_size=8192" >> ${PFILE}
echo "control_files=${ORABASEDIR}/${ORACLE_SID}/rdo1/control01.ctl,${ORABASEDIR}/${ORACLE_SID}/rdo2/control02.ctl" >> ${PFILE}
echo "sga_max_size=512m" >> ${PFILE}
echo "sga_target=512m" >> ${PFILE}
echo "diagnostic_dest=${ORABASEDIR}/${ORACLE_SID}/admin" >> ${PFILE}
echo "audit_file_dest=${ORABASEDIR}/${ORACLE_SID}/admin/adump" >> ${PFILE}
echo "enable_pluggable_database=true" >> ${PFILE}
}
# create the database
_create_database() {
_log "*** creating database "
# escaping the dollar seems not to work in EOF
echo "alter pluggable database pdb\$seed close;" > ${ORABASEDIR}/${ORACLE_SID}/admin/seedhack.sql
echo "alter pluggable database pdb\$seed open;" >> ${ORABASEDIR}/${ORACLE_SID}/admin/seedhack.sql
su - ${ORAOWNER} -c "export ORACLE_HOME=${ORACLE_HOME};export LD_LIBRARY_PATH=${LD_LIBRARY_PATH};export PATH=${ORACLE_HOME}/bin:${PATH};export ORACLE_SID=${ORACLE_SID};export PERL5LIB=${ORACLE_HOME}/rdbms/admin; sqlplus / as sysdba <> /home/${ORAOWNER}/.bash_profile
echo "ORACLE_HOME=${ORACLE_HOME}" >> /home/${ORAOWNER}/.bash_profile
echo "ORACLE_SID=${ORACLE_SID}" >> /home/${ORAOWNER}/.bash_profile
echo "LD_LIBRARY_PATH=${ORACLE_HOME}/lib:${LD_LIBRARY_PATH}" >> /home/${ORAOWNER}/.bash_profile
echo "PATH=${ORACLE_HOME}/bin:${PATH}" >> /home/${ORAOWNER}/.bash_profile
echo "export ORACLE_BASE ORACLE_HOME ORACLE_SID LD_LIBRARY_PATH PATH" >> /home/${ORAOWNER}/.bash_profile
}
# fix for fedora 20
_fix_fedora_20() {
is_20=`cat /etc/fedora-release | grep Heisenbug`
if [ $? -eq "0" ]; then
_log "running on fedora 20 -> applying fix"
rm -f $ORACLE_HOME/rdbms/lib/config.o
mv $ORACLE_HOME/lib/stubs $ORACLE_HOME/lib/stubs_bak
sed 's/LINKTTLIBS\=\$(LLIBCLNTSH) \$(ORACLETTLIBS) \$(LINKLDLIBS)/LINKTTLIBS\=\$(LLIBCLNTSH) \$(ORACLETTLIBS) \$(LINKLDLIBS) -lons/' $ORACLE_HOME/rdbms/lib/env_rdbms.mk > /tmp/env_rdbms.mk
cp /tmp/env_rdbms.mk $ORACLE_HOME/rdbms/lib/env_rdbms.mk
sed 's/LINK\=\$(FORT_CMD) \$(PURECMDS) \$(ORALD) \$(LDFLAGS) \$(COMPSOBJS)/LINK\=\$(FORT_CMD) \$(PURECMDS) \$(ORALD) \$(LDFLAGS) \$(COMPSOBJS) -Wl,--no-as-needed/' $ORACLE_HOME/rdbms/lib/env_rdbms.mk > /tmp/env_rdbms.mk
cp /tmp/env_rdbms.mk $ORACLE_HOME/rdbms/lib/env_rdbms.mk
sed 's/LINK32\=\$(FORT_CMD) \$(PURECMDS) \$(ORALD) \$(LDFLAGS32) \$(COMPSOBJS)/LINK32\=\$(FORT_CMD) \$(PURECMDS) \$(ORALD) \$(LDFLAGS32) \$(COMPSOBJS) -Wl,--no-as-needed/' $ORACLE_HOME/rdbms/lib/env_rdbms.mk > /tmp/env_rdbms.mk
cp /tmp/env_rdbms.mk $ORACLE_HOME/rdbms/lib/env_rdbms.mk
su - ${ORAOWNER} -c "export ORACLE_HOME=${ORACLE_HOME}; $ORACLE_HOME/bin/relink all"
fi
}
_header
_check_user "root"
_create_user_and_groups
_create_dirs
_install_required_software
_extract_sources
_install_oracle_software
######## fedora 20 fix
_fix_fedora_20
######################
_create_pfile
_create_database
_create_env
ever wanted to quickly display the directory structure and files in there? use tree:
~/VirtualBox VMs $ tree . ├── centOS_latest │ ├── centOS_latest.vbox │ ├── centOS_latest.vbox-prev │ ├── centOS_latest.vdi │ ├── Logs │ │ ├── VBox.log │ │ ├── VBox.log.1 │ │ ├── VBox.log.2 │ │ └── VBox.log.3 │ └── Snapshots │ └── 2013-12-13T09-27-06-012274000Z.sav ├── nohup.out ├── oel_latest │ ├── Logs │ │ ├── VBox.log │ │ ├── VBox.log.1 │ │ ├── VBox.log.2 │ │ └── VBox.log.3 │ ├── oel_latest.vbox │ ├── oel_latest.vbox-prev │ └── Snapshots │ └── 2013-08-19T13-58-33-388114000Z.sav ...
Daniel Westermann's Blog 