wget http://dag.wieers.com/rpm/packages/yum/yum-2.4.2-0.4.el4.rf.noarch.rpm

wget ftp://fr2.rpmfind.net/linux/PLD/dists/ac/ready/i386/libsqlite-2.8.15-1.i386.rpm

wget ftp://rpmfind.net/linux/dag/redhat/el4/en/i386/dag/RPMS/python-elementtree-1.2.6-7.el4.rf.i386.rpm

wget ftp://rpmfind.net/linux/dag/redhat/el4/en/i386/dag/RPMS/python-sqlite-0.5.0-1.2.el4.rf.i386.rpm

wget ftp://rpmfind.net/linux/dag/redhat/el4/en/x86_64/dag/RPMS/python-urlgrabber-2.9.7-1.2.el4.rf.noarch.rpm

rpm -ivh libsqlite-2.8.15-1.i386.rpm
rpm -ivh python-elementtree-1.2.6-7.el4.rf.i386.rpm
rpm -ivh python-sqlite-0.5.0-1.2.el4.rf.i386.rpm
rpm -ivh python-urlgrabber-2.9.7-1.2.el4.rf.noarch.rpm
rpm -ivh yum-2.4.2-0.4.el4.rf.noarch.rpm

wget http://dag.wieers.com/rpm/packages/rpmforge-release/rpmforge-release-0.3.6-1.el4.rf.i386.rpm
rpm -ivh rpmforge-release-0.3.6-1.el4.rf.i386.rpm

yum update

신고



댓글을 달아 주세요

Installing Oracle Database 10g Release 2 on Linux - (RHEL 5)

by Jeff Hunter, Sr. Database Administrator


Contents

  1. Overview
  2. Hardware Overview
  3. Install the Linux Operating System
  4. Install Required Linux Packages for Oracle
  5. Disk Configuration
  6. Operating System Configuration
  7. Network Configuration
  8. Create "oracle" User and Directories
  9. Download the Oracle Database 10g Release 2 Software
  10. Pre-Installation Tasks
  11. Install the Oracle Database 10g Release 2 Software
  12. Install the Oracle Database 10g Companion CD Release 2 Software
  13. Apply the 10.2.0.3 Database Patchset
  14. Configure Oracle Networking
  15. Create the Oracle Database
  16. Post-Installation Tasks
  17. Creating / Altering Tablespaces
  18. Setting up Automatic Database Starting and Stopping
  19. Miscellaneous Options
  20. About the Author



Overview

This article is a comprehensive guide for installing Oracle Database 10g Release 2 on the Red Hat Enterprise Linux 5 (RHEL5) operating environment.

Please keep in mind that this article should not be considered a substitution for completely reading and understanding the official installation guide and release notes from Oracle. The following links can be used to download the official installation guides for Oracle10g Release 2 (10.2.0):

  Oracle Database Installation Guide 10g Release 2 (10.2) for Linux x86 - (B15660-02)
  Oracle Database Quick Installation Guide 10g Release 2 (10.2) for Linux x86 - (B28052-01)
Here is a short introduction to some of the configuration parameters that will be used for installing the Oracle Database Software and creating a fully functional Oracle10g database:

  • ORACLE_BASE : /u01/app/oracle
  • ORACLE_HOME : /u01/app/oracle/product/10.2.0/db_1
  • ORACLE_SID : TESTDB


By the time you finish this article, the following will be installed and configured:

  • Oracle Database 10g software installed on a local file system (namely /u01/app/oracle/product/10.2.0/db_1).
  • Installed software from the Oracle Database 10g Companion CD which improves the performance of Oracle Database 10g on your system.
  • Oracle Database 10g patch install 10.2.0.3. (This is patch # 5337014 on Metalink released on 21-FEB-2007)
  • Default Oracle Net Listener running on the system.
  • A fully configured general-purpose Oracle10g database that makes use of the local file system for physical database file storage (data files, control files, online redo log files, flash recovery area).
  • Optional instructions are included to put the new database into Archive Log Mode.
  • Oracle Enterprise Manager Database Control and iSQL*Plus running and can be accessed using a Web browser.


The following is a list of items NOT covered in this article:

  • Installing the Oracle Database software on a system that has an existing Oracle software installation. The installation in this article describes installing the Oracle Database 10g software on a system with no previous Oracle installation.
  • Installing Oracle Cluster Ready Services (CRS) and Oracle Real Application Clusters (RAC) on a cluster. For a complete discussion on installing Oracle RAC 10g (using iSCSI for the shared storage), see my article "Building an Inexpensive Oracle RAC 10g Release 2 on Linux - (CentOS 4.5 / iSCSI)".
  • Enabling Enterprise Manager e-mail notifications or automated backups.


  Although this article is titled and introduced to work with Red Hat Enterprise Linux 5.1, I will actually be using a Red Hat Linux clone named CentOS. To read more about about CentOS, please visit their website at www.centos.org. I will also provide additional details about CentOS along with installation instructions later in this article.



Hardware Overview

For the purpose of this document, I will be utilizing a Pentium 4 (32-bit Clone) running CentOS Release 5.1. The Pentium 4 server will consist of three 36GB internal disks and 1GB of RAM. The first hard disk (/dev/sda) will be used to store the Linux operating system while the second hard disk (/dev/sdb) will be used to store the Oracle Database software. Finally, the third hard disk (/dev/sdc) will be used for all physical database files (data files, control files, online redo log files, flash recovery area)

The Pentium 4 server is configured as follows:

Oracle Database Server
Machine Name: vmlinux1.idevelopment.info
IP Address: 192.168.1.111
Processor: Pentium 4 - (1.8 GHz.)
Operation Environment: CentOS Release 5.1 - (32-bit)
Memory: 1 GB
Network: Intel 10/100/1000Mbps PCI Desktop Adapter - (PWLA8391GT)
Internal Disks: 3 x 36GB SCSI hard drives identified as follows:
  • /dev/sda
  • /dev/sdb
  • /dev/sdc

After discussing the hardware being utilized for this article, I end this section by describing how each of the disks will be used for the database software installation and database:

Software and Database Storage
Device Type Size - (GB) Usage Mount Point
/dev/sda Internal 36 CentOS Release 5.1 Operating System /
/dev/sdb Internal 36 Oracle Database 10g Software.
  • ORACLE_BASE: /u01/app/oracle
  • ORACLE_HOME: /u01/app/oracle/product/10.2.0/db_1
/u01
/dev/sdc Internal 36 Physical Database and Backup Files.
  • /u02/oradata/<ORACLE_SID>
  • /u02/flash_recovery_area
/u02



Install the Linux Operating System

This section provides a summary of the screens used to install the Linux operating system. As already mentioned, this article will use CentOS 5.1. Although I have used Red Hat Fedora and Red Hat Enterprise Linux in the past, I wanted to switch to a Linux environment that would guarantee all of the functionality contained with Oracle. This is where CentOS comes in. The CentOS Project takes the Red Hat Enterprise Linux 5 source RPMs, and compiles them into a free clone of the Red Hat Enterprise Server 5 product. This provides a free and stable version of the Red Hat Enterprise Linux 5 (AS/ES) operating environment that I can now use for testing different Oracle configurations. I have moved away from Fedora as I need a stable environment that is not only free, but as close to the actual Oracle supported operating system as possible. While CentOS is not the only project performing the same functionality, I tend to stick with it as it is stable and reacts fast with regards to updates by Red Hat.

Downloading CentOS

Use the links (below) to download CentOS 5.1. After downloading CentOS, you will then want to burn each of the ISO images to CD.

  CentOS.org

  If you are downloading the above ISO files to a MS Windows machine, there are many options for burning these images (ISO files) to a CD. You may already be familiar with and have the proper software to burn images to CD. If you are not familiar with this process and do not have the required software to burn images to CD, here are just two (of many) software packages that can be used:

  UltraISO
  Magic ISO Maker


Installing CentOS

This section provides a summary of the screens used to install CentOS. For more detailed installation instructions, it is possible to use the manuals from Red Hat Linux http://www.redhat.com/docs/manuals/. I would suggest, however, that the instructions I have provided below be used for this Oracle 10g configuration.

After downloading and burning the CentOS images (ISO files) to CD, insert CentOS Disk #1 into the database server (vmlinux1 in this example), power it on, and answer the installation screen prompts as noted below.

Boot Screen

The first screen is the CentOS boot screen. At the boot: prompt, hit [Enter] to start the installation process.
Media Test
When asked to test the CD media, tab over to [Skip] and hit [Enter]. If there were any errors, the media burning software would have warned us. After several seconds, the installer should then detect the video card, monitor, and mouse. The installer then goes into GUI mode.
Welcome to CentOS
At the welcome screen, click [Next] to continue.
Language / Keyboard Selection
The next two screens prompt you for the Language and Keyboard settings. Make the appropriate selection for your configuration and click [Next] to continue.
Detect Previous Installation
Note that if the installer detects a previous version of CentOS, it will ask if you would like to "Install CentOS" or "Upgrade an existing Installation". Always select to "Install CentOS".
Disk Partitioning Setup
If prompted to initialize any of the drives (i.e. the partition table on device /dev/sdX was unreadable), click [Yes] to acknowledge the warning. Keep the default selection to [Remove linux partitions on selected drives and create default layout] and check the option to [Review and modify partitioning layout].

Note: When the installer detects multiple initialized drives, it will check all of them to be used for the Linux installation. For this installation, I only want to install the Linux software on the first hard disk (/dev/sda) so I will keep it selected (checked). Uncheck all other drives that the installer selected which for my installation was /dev/sdb and /dev/sdc. I will manually partition and create a file system for /dev/sdb and /dev/sdc later in this article.

Click [Next] to continue.

You will then be prompted with a dialog window asking if you really want to remove all partitions. Click [Yes] to acknowledge this warning.

Partitioning
The installer will then allow you to view (and modify if needed) the disk partitions it automatically selected.

For most automatic layouts, the installer will choose 100MB for /boot, double the amount of RAM (systems with < 2GB RAM) or an amount equal to RAM (systems with > 2GB RAM) for swap, and the rest going to the root (/) partition. Starting with EL 4, the installer will create the same disk configuration as just noted but will create them using the Logical Volume Manager (LVM). For example, it will partition the first hard drive (/dev/sda for my configuration) into two partitions — one for the /boot partition (/dev/sda1) and the remainder of the disk dedicate to a LVM named VolGroup00 (/dev/sda2). The LVM Volume Group (VolGroup00) is then partitioned into two LVM partitions - one for the root filesystem (/) and another for swap.

The main concern during the partitioning phase is to ensure enough swap space is allocated as required by Oracle (which is a multiple of the available RAM). The following is Oracle's requirement for swap space:

Available RAM Swap Space Required
Between 1 GB and 2 GB 1.5 times the size of RAM
Between 2 GB and 8 GB Equal to the size of RAM
More than 8 GB .75 times the size of RAM

For the purpose of this install, I will accept all automatically preferred sizes. (Including 2GB for swap since I have 2GB of RAM installed.)

If for any reason, the automatic layout does not configure an adequate amount of swap space, you can easily change that from this screen. To increase the size of the swap partition, [Edit] the volume group VolGroup00. This will bring up the "Edit LVM Volume Group: VolGroup00" dialog. First, [Edit] and decrease the size of the root file system (/) by the amount you want to add to the swap partition. For example, to add another 512MB to swap, you would decrease the size of the root file system by 512MB (i.e. 36,032MB - 512MB = 35,520MB). Now add the space you decreased from the root file system (512MB) to the swap partition. When completed, click [OK] on the "Edit LVM Volume Group: VolGroup00" dialog.

Finally, verify that no partitions or file systems exist for /dev/sdb and /dev/sdc. If any do exist, click on the partition and [Delete] it so that the entire disk has a single free entry with all "Free space" available. When all complete, the only partitions that should be created are the two partitions on the first SCSI disk (/dev/sda1 and /dev/sda2) described earlier in this section.

Once you are satisfied with the disk layout, click [Next] to continue.

Boot Loader Configuration
The installer will use the GRUB boot loader by default. To use the GRUB boot loader, accept all default values and click [Next] to continue.
Network Configuration
Before starting the Linux installation, I verified the NIC interface (card) was installed. This screen should have successfully detected the network device. Since we will be using this machine to host an Oracle database, there will be several changes that need to be made to the network configuration. The settings you make here will, of course, depend on your network configuration. The key point to make is that the machine should never be configured with DHCP since it will be used to host the Oracle database server. You will need to configure the machine with a static IP address. You will also need to configure the server with a real host name.

First, make sure that the network device is checked to [Active on boot]. (This should already be checked by the installer.)

Second, [Edit] eth0 as follows. Verify that the option "Enable IPv4 support" is selected. Click off the option for "Use dynamic IP configuration (DHCP)" and configure a static IP address and Netmask for your environment. Click off the option to "Enable IPv6 support". You may choose to use a different IP address for eth0 that I have documented in this guide and that is OK. Ensure eth0 is configured for your public network:

eth0:
- Check ON the option to [Enable IPv4 support]
- Check OFF the option to [Use dynamic IP configuration (DHCP)] - (select Manual configuration)
   IPv4 Address: 192.168.1.111
   Prefix (Netmask): 255.255.255.0
- Check OFF the option to [Enable IPv6 support]

Continue by manually setting your hostname. I used "vmlinux1" for the node. Finish this dialog off by supplying your gateway and DNS servers.

Time Zone Selection
Select the appropriate time zone for your environment and click [Next] to continue.
Set Root Password
Select a root password and click [Next] to continue.
Package Installation Defaults
By default, CentOS installs most of the software required for a typical server. There are several other packages (RPMs), however, that are required to successfully install the Oracle Database software. For the purpose of this article, select the radio button [Customize now] and click [Next] to continue.

This is where you pick the packages to install. Most of the packages required for the Oracle software are grouped into "Package Groups" (i.e. Application -> Editors). Since this node will be hosting the Oracle Database software, verify that at least the following package groups are selected for install. Note that for many of the Linux package groups, not all of the packages associated with that group get selected for installation. (Note the "Optional packages" button after selecting a package group.) So although the package group gets selected for install, some of the packages required by Oracle do not get installed. In fact, there are some packages that are required by Oracle that do not belong to any of the available package groups (i.e. libaio-devel). Not to worry. A complete list of required packages for Oracle Database 10g will be provided at the end of this section. These packages will need to be manually installed from the CentOS CDs after the operating system install. For now, install the following package groups:

  • Desktop Environments
    • GNOME Desktop Environment
  • Applications
    • Editors
    • Graphical Internet
    • Text-based Internet
  • Development
    • Development Libraries
    • Development Tools
    • Legacy Software Development
  • Servers
    • Server Configuration Tools
  • Base System
    • Administration Tools
    • Base
    • Java
    • Legacy Software Support
    • System Tools
    • X Window System

In addition to the above packages, select any additional packages you wish to install for this node. After selecting the packages to install click [Next] to continue.

About to Install
This screen is basically a confirmation screen. Click [Continue] to start the installation. During the installation process, you will be asked to switch CDs depending on which packages you selected to install.
Congratulations
And that's it. You have successfully installed CentOS on the database server. The installer will eject the CD from the CD-ROM drive. Take out the CD and click [Reboot] to reboot the system.
Post Installation Wizard Welcome Screen
When the system boots into CentOS for the first time, it will prompt you with another Welcome screen for the "Post Installation Wizard". The post installation wizard allows you to make final O/S configuration settings. On the "Welcome" screen, click [Forward] to continue.
Firewall
On this screen, make sure to select the [Disabled] option and click [Forward] to continue.

You will be prompted with a warning dialog about not setting the firewall. When this occurs, click [Yes] to continue.

SELinux
On the SELinux screen, choose the [Disabled] option if you plan to use the Oracle Cluster File System (OCFS2). For Oracle installations, I typically opt to disable SELinux. Click [Forward] to continue.

You will be prompted with a warning dialog warning that changing the SELinux setting will require rebooting the system so the entire file system can be relabeled. When this occurs, click [Yes] to acknowledge a reboot of the system will occur after firstboot (Post Installation Wizard) is completed.

Kdump
Accept the default setting on the Kdump screen (disabled) and click [Forward] to continue.
Date and Time Settings
Adjust the date and time settings if necessary and click [Forward] to continue.
Create User
Create any additional (non-oracle) operating system user accounts if desired and click [Forward] to continue. For the purpose of this article, I will not be creating any additional operating system accounts. I will be creating the "oracle" user account during the Oracle database installation later in this guide.

If you chose not to define any additional operating system user accounts, click [Continue] to acknowledge the warning dialog.

Sound Card
This screen will only appear if the wizard detects a sound card. On the sound card screen click [Forward] to continue.
Additional CDs
On the "Additional CDs" screen click [Finish] to continue.
Reboot System
Given I changed the SELinux option (to disabled), I am prompted to reboot the system. Click [OK] to reboot the system for normal use.
Login Screen
After rebooting the machine, you are presented with the login screen. Login using the "root" user account and the password you provided during the installation.



Install Required Linux Packages for Oracle

After installing CentOS, the next step is to verify and install all packages (RPMs) required by Oracle Database 10g. The Oracle Universal Installer (OUI) performs checks on your machine during installation to verify that it meets the appropriate operating system package requirements. To ensure that these checks complete successfully, verify the software requirements documented in this section before starting the Oracle installs.

Although many of the required packages for Oracle were installed during the CentOS installation, several will be missing either because they were considered optional within the package group or simply didn't exist in any package group!

The packages listed in this section (or later versions) are required for Oracle Database 10g Release 2 running on the x86 (32-bit) CentOS 5.1 platform.

  • binutils-2.17.50.0.6-5
  • compat-db-4.2.52-5.1
  • compat-gcc-34-3.4.6-4
  • compat-gcc-34-c++-3.4.6-4
  • compat-libstdc++-33-3.2.3-61
  • gcc-4.1.2-14
  • gcc-c++-4.1.2-14
  • glibc-2.5-18
  • glibc-common-2.5-18
  • glibc-devel-2.5-18
  • libaio-0.3.106-3.2
  • libaio-devel-0.3.106-3.2
  • libgcc-4.1.2-14
  • libstdc++-4.1.2-14
  • libstdc++-devel-4.1.2-14
  • libXp-1.0.0-8.1
  • make-3.81-1.1
  • openmotif-2.3.0-0.3
  • setarch-2.0-1.1
  • sysstat-7.0.0-3

Each of the packages listed above can be found on CD #1, CD #2, or CD #3 on the CentOS 5.1 CDs. While it is possible to query each individual package to determine which ones are missing and need to be installed, an easier method is to run the rpm -Uvh PackageName command from the three CDs as follows. For packages that already exist and are up to date, the RPM command will simply ignore the install and print a warning message to the console that the package is already installed.

# From CentOS 5.1 - [CD #1]
mkdir -p /media/cdrom
mount -r /dev/cdrom /media/cdrom
cd /media/cdrom/CentOS
rpm -Uvh binutils-2.*
rpm -Uvh glibc-2*
rpm -Uvh glibc-common-2.*
rpm -Uvh libaio-0*
rpm -Uvh libgcc-4.*
rpm -Uvh libstdc++-4.*
rpm -Uvh make-3*
rpm -Uvh setarch-2*
cd /
eject

# From CentOS 5.1 - [CD #2]
mount -r /dev/cdrom /media/cdrom
cd /media/cdrom/CentOS
rpm -Uvh glibc-devel-2.*
rpm -Uvh gcc-4*
rpm -Uvh gcc-c++-4.*
rpm -Uvh libstdc++-devel-4.*
cd /
eject

# From CentOS 5.1 - [CD #3]
mount -r /dev/cdrom /media/cdrom
cd /media/cdrom/CentOS
rpm -Uvh compat-db-4*
rpm -Uvh compat-gcc-34-3*
rpm -Uvh compat-gcc-34-c++-3*
rpm -Uvh compat-libstdc++-33-3*
rpm -Uvh libaio-devel-0.*
rpm -Uvh libXp-1*
rpm -Uvh openmotif-2*
rpm -Uvh sysstat-7.*
cd /
eject



Disk Configuration

As noted in the section "Hardware Overview", I discussed the disks that will be used for the Linux operating system, the Oracle Database 10g Software installation, and the physical database files. This section discusses the steps required to partition (and mount) the two internal SCSI hard drives to be used by the Oracle software and database files.

Before using the second and third SCSI hard disk, we need to first partition the disks and then create a file system (ext3) on them. After partitioning and creating the file system, each of the disks will need to be mounted.

The Linux operating system was installed on the first disk /dev/sda. The second hard disk (/dev/sdb) will be used to store the Oracle Database 10g Software and mounted to the directory /u01. The third internal SCSI disk (/dev/sdc) will be used to store the physical database files and mounted to the directory /u02.

  The steps in this section are completely optional as it is possible to simply create the directories required for installing the Oracle Database 10g software and database files off of the root directory (i.e. mkdir /u01 /u02). For the sake of simplicity, this is often done in test environments but however is not recommended as a general practice.

In a production environment, these directories would be created on a separate file system.

The following steps require use of the root user account:


# [ LOGIN AS ROOT ] # su -
# [ CREATE SINGLE PARTITION ON SECOND INTERNAL SCSI HARD DISK ] # fdisk /dev/sdb Command (m for help): n Command action e extended p primary partition (1-4) p Partition number (1-4): 1 First cylinder (1-4699, default 1): 1 Last cylinder or +size or +sizeM or +sizeK (1-4699, default 4699): 4699 Command (m for help): p Disk /dev/sdb: 38.6 GB, 38654705664 bytes 255 heads, 63 sectors/track, 4699 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System /dev/sdb1 1 4699 37744686 83 Linux Command (m for help): w The partition table has been altered! Calling ioctl() to re-read partition table. Syncing disks.
# [ CREATE SINGLE PARTITION ON THIRD INTERNAL SCSI HARD DISK ] # fdisk /dev/sdc Command (m for help): n Command action e extended p primary partition (1-4) p Partition number (1-4): 1 First cylinder (1-4699, default 1): 1 Last cylinder or +size or +sizeM or +sizeK (1-4699, default 4699): 4699 Command (m for help): p Disk /dev/sdc: 38.6 GB, 38654705664 bytes 255 heads, 63 sectors/track, 4699 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System /dev/sdc1 1 4699 37744686 83 Linux Command (m for help): w The partition table has been altered! Calling ioctl() to re-read partition table. Syncing disks.
# [ CREATE NEW EXT3 FILE SYSTEM ON SECOND INTERNAL SCSI HARD DISK ] # mkfs.ext3 -b 4096 /dev/sdb1 mke2fs 1.39 (29-May-2006) Filesystem label= OS type: Linux Block size=4096 (log=2) Fragment size=4096 (log=2) 4718592 inodes, 9436171 blocks 471808 blocks (5.00%) reserved for the super user First data block=0 Maximum filesystem blocks=0 288 block groups 32768 blocks per group, 32768 fragments per group 16384 inodes per group Superblock backups stored on blocks: 32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208, 4096000, 7962624 Writing inode tables: done Creating journal (32768 blocks): done Writing superblocks and filesystem accounting information: done This filesystem will be automatically checked every 38 mounts or 180 days, whichever comes first. Use tune2fs -c or -i to override.
# [ CREATE NEW EXT3 FILE SYSTEM ON THIRD INTERNAL SCSI HARD DISK ] # mkfs.ext3 -b 4096 /dev/sdc1 mke2fs 1.39 (29-May-2006) Filesystem label= OS type: Linux Block size=4096 (log=2) Fragment size=4096 (log=2) 4718592 inodes, 9436171 blocks 471808 blocks (5.00%) reserved for the super user First data block=0 Maximum filesystem blocks=0 288 block groups 32768 blocks per group, 32768 fragments per group 16384 inodes per group Superblock backups stored on blocks: 32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208, 4096000, 7962624 Writing inode tables: done Creating journal (32768 blocks): done Writing superblocks and filesystem accounting information: done This filesystem will be automatically checked every 35 mounts or 180 days, whichever comes first. Use tune2fs -c or -i to override.
# [ CREATE MOUNT POINT DIRECTORIES ] # mkdir /u01 # mkdir /u02
# [ INSERT THE FOLLOWING ENTRIES INTO /etc/vfstab ] # echo "/dev/sdb1 /u01 ext3 defaults 1 1" >> /etc/fstab # echo "/dev/sdc1 /u02 ext3 defaults 1 1" >> /etc/fstab
# [ MOUNT THE NEW FILE SYSTEMS ] # mount /u01 # mount /u02
# [ CHECK FOR NEW FILE SYSTEMS ] # df -k Filesystem 1K-blocks Used Available Use% Mounted on /dev/mapper/VolGroup00-LogVol00 34470656 2787292 29904064 9% / /dev/sda1 101086 11784 84083 13% /boot tmpfs 517660 0 517660 0% /dev/shm /dev/sdb1 37152364 180240 35084892 1% /u01 /dev/sdc1 37152364 180240 35084892 1% /u02



Operating System Configuration

This section describes hardware/software requirements and the steps that should be performed by the DBA as it relates to the Linux operating system before performing the Oracle Database 10g software installation. The following steps need to be performed as the root user account.

Login as root

% su -


RAM Memory

Installing Oracle Database 10g on Linux requires a minimum of 512MB of memory. I highly recommend installing at least 1GB of memory when running Oracle 10g. Although 512MB will work, it is extremely tight.

To check the amount of memory you have installed, type:

# cat /proc/meminfo | grep MemTotal
MemTotal:      1035324 kB


Swap Space

The following is Oracle's requirement for swap space:

Available RAM Swap Space Required
Between 1 GB and 2 GB 1.5 times the size of RAM
Between 2 GB and 8 GB Equal to the size of RAM
More than 8 GB .75 times the size of RAM

(An inadequate amount of swap during the installation will cause the Oracle Universal Installer to either "hang" or "die")

To check the amount of memory you have, type:

# cat /proc/meminfo | grep MemTotal
MemTotal:      1035324 kB

To check the amount of swap you have allocated, type:

# cat /proc/meminfo | grep SwapTotal
SwapTotal:     2031608 kB

  If you have less than 1GB of memory (between your RAM and SWAP), you can add temporary swap space by creating a temporary swap file. This way you do not have to use a raw device or even more drastic, rebuild your system.

As root, make a file that will act as additional swap space, let's say about 500MB:
# dd if=/dev/zero of=tempswap bs=1k count=500000

Now we should change the file permissions:
# chmod 600 tempswap

Finally we format the "partition" as swap and add it to the swap space:
# mke2fs tempswap
# mkswap tempswap
# swapon tempswap


Checking /tmp Directory

Ensure enough disk space in the /tmp directory. An amount of disk space equal to 400 MB (or greater) needs to be available for the Oracle Database installation.

To check the amount of free disk available in the /tmp directory, type:

# df -h /tmp
Filesystem            Size  Used Avail Use% Mounted on
/dev/mapper/VolGroup00-LogVol00
                       33G  2.7G   29G   9% /

  If 1 GB or more is not available in /tmp, you can create a "tmp" directory in another file system, then set the environment variables TMP (used by Oracle) and TMPDIR (used by operating system programs like the linker "ld" and library archiver "ar") to point to this location. For example:
# mkdir /u01/app/oracle/tmp
# TEMP=/u01/app/oracle/tmp; export TEMP
# TMPDIR=/u01/app/oracle/tmp; export TMPDIR


Configuring Kernel Parameters

This section documents the checks and modifications to the Linux kernel that should be made by the DBA to support Oracle Database 10g. Before detailing these individual kernel parameters, it is important to fully understand the key kernel components that are used to support the Oracle Database environment.

The kernel parameters and shell limits presented in this section are recommended values only as documented by Oracle. For production database systems, Oracle recommends that you tune these values to optimize the performance of the system.

Verify that the kernel parameters shown in this section are set to values greater than or equal to the recommended values. Also note that when setting the four semaphore values that all four values need to be entered on one line.

Shared Memory

Shared memory allows processes to access common structures and data by placing them in a shared memory segment. This is the fastest form of Inter-Process Communications (IPC) available - mainly due to the fact that no kernel involvement occurs when data is being passed between the processes. Data does not need to be copied between processes.

Oracle makes use of shared memory for its Shared Global Area (SGA) which is an area of memory that is shared by all Oracle backup and foreground processes. Adequate sizing of the SGA is critical to Oracle performance since it is responsible for holding the database buffer cache, shared SQL, access paths, and so much more.

To determine all current shared memory limits, use the following:

# ipcs -lm

------ Shared Memory Limits --------
max number of segments = 4096
max seg size (kbytes) = 4194303
max total shared memory (kbytes) = 1073741824
min seg size (bytes) = 1

The following list describes the kernel parameters that can be used to change the shared memory configuration for the server:

  • shmmax - Defines the maximum size (in bytes) for a shared memory segment. The Oracle SGA is comprised of shared memory and it is possible that incorrectly setting shmmax could limit the size of the SGA. When setting shmmax, keep in mind that the size of the SGA should fit within one shared memory segment. An inadequate shmmax setting could result in the following:
    ORA-27123: unable to attach to shared memory segment

    You can determine the value of shmmax by performing the following:

    # cat /proc/sys/kernel/shmmax
    4294967295
    For most Linux systems, the default value for shmmax is 32MB. This size is often too small to configure the Oracle SGA. The default value for shmmax in CentOS 5 is 4GB which is more than enough for the Oracle configuration described in this article. Note that this value of 4GB is not the "normal" default value for shmmax in a Linux environment — CentOS 5 inserts the following two entries in the file /etc/sysctl.conf:
    # Controls the maximum shared segment size, in bytes
    kernel.shmmax = 4294967295
  • shmmni - This kernel parameter is used to set the maximum number of shared memory segments system wide. The default value for this parameter is 4096. This value is sufficient and typically does not need to be changed.

    You can determine the value of shmmni by performing the following:

    # cat /proc/sys/kernel/shmmni
    4096
  • shmall - This parameter controls the total amount of shared memory (in pages) that can be used at one time on the system. The value of this parameter should always be at least:

    ceil(SHMMAX/PAGE_SIZE)

    You can determine the value of shmall by performing the following:

    # cat /proc/sys/kernel/shmall
    268435456
    For most Linux systems, the default value for shmall is 2097152 and is adequate for most configurations. The default value for shmall in CentOS 5 is 268435456 (see above) which is more than enough for the Oracle configuration described in this article. Note that this value of 268435456 is not the "normal" default value for shmall in a Linux environment — CentOS 5 inserts the following two entries in the file /etc/sysctl.conf:
    # Controls the maximum number of shared memory segments, in pages
    kernel.shmall = 268435456
  • shmmin - This parameter controls the minimum size (in bytes) for a shared memory segment. The default value for shmmin is 1 and is adequate for the Oracle configuration described in this article.

    You can determine the value of shmmin by performing the following:

    # ipcs -lm | grep "min seg size"
    min seg size (bytes) = 1
Semaphores
After the DBA has configured the shared memory settings, it is time to take care of configuring the semaphores. The best way to describe a semaphore is as a counter that is used to provide synchronization between processes (or threads within a process) for shared resources like shared memory. Semaphore sets are supported in System V where each one is a counting semaphore. When an application requests semaphores, it does so using "sets".

To determine all current semaphore limits, use the following:

# ipcs -ls

------ Semaphore Limits --------
max number of arrays = 128
max semaphores per array = 250
max semaphores system wide = 32000
max ops per semop call = 32
semaphore max value = 32767
You can also use the following command:
# cat /proc/sys/kernel/sem
250     32000   32      128

The following list describes the kernel parameters that can be used to change the semaphore configuration for the server:

  • semmsl - This kernel parameter is used to control the maximum number of semaphores per semaphore set. Oracle recommends setting semmsl to the largest PROCESS instance parameter setting in the init.ora file for all databases on the Linux system plus 10. Also, Oracle recommends setting the semmsl to a value of no less than 100.
  • semmni - This kernel parameter is used to control the maximum number of semaphore sets in the entire Linux system. Oracle recommends setting semmni to a value of no less than 100.
  • semmns - This kernel parameter is used to control the maximum number of semaphores (not semaphore sets) in the entire Linux system. Oracle recommends setting the semmns to the sum of the PROCESSES instance parameter setting for each database on the system, adding the largest PROCESSES twice, and then finally adding 10 for each Oracle database on the system. Use the following calculation to determine the maximum number of semaphores that can be allocated on a Linux system. It will be the lesser of:
    SEMMNS  -or-  (SEMMSL * SEMMNI)
  • semopm - This kernel parameter is used to control the number of semaphore operations that can be performed per semop system call. The semop system call (function) provides the ability to do operations for multiple semaphores with one semop system call. A semaphore set can have the maximum number of semmsl semaphores per semaphore set and is therefore recommended to set semopm equal to semmsl in some situations. Oracle recommends setting the semopm to a value of no less than 100.
File Handles
When configuring the Linux server, it is critical to ensure that the maximum number of file handles is large enough. The setting for file handles denotes the number of open files that you can have on the Linux system.

Use the following command to determine the maximum number of file handles for the entire system:

# cat /proc/sys/fs/file-max
102312

Oracle recommends that the file handles for the entire system be set to at least 65536.

  You can query the current usage of file handles by using the following:
# cat /proc/sys/fs/file-nr
3072    0       102312
The file-nr file displays three parameters:
  • Total allocated file handles
  • Currently used file handles
  • Maximum file handles that can be allocated

  If you need to increase the value in /proc/sys/fs/file-max, then make sure that the ulimit is set properly. Usually for Linux 2.4 and 2.6 it is set to unlimited. Verify the ulimit setting my issuing the ulimit command:
# ulimit
unlimited

IP Local Port Range
Oracle strongly recommends to set the local port range ip_local_port_range for outgoing messages to "1024 65000" which is needed for systems with high-usage. This kernel parameter defines the local port range for TCP and UDP traffic to choose from.

The default value for ip_local_port_range is ports 32768 through 61000 which is inadequate for a successful Oracle configuration.

Use the following command to determine the value of ip_local_port_range:

# cat /proc/sys/net/ipv4/ip_local_port_range
32768   61000
Networking Settings
With Oracle 9.2.0.1 and later, Oracle makes use of UDP as the default protocol on Linux for inter-process communication (IPC), such as Cache Fusion and Cluster Manager buffer transfers between instances within the RAC cluster.

Oracle strongly suggests to adjust the default and maximum receive buffer size (SO_RCVBUF socket option) to 1MB and the default and maximum send buffer size (SO_SNDBUF socket option) to 256KB.

The receive buffers are used by TCP and UDP to hold received data until it is read by the application. The receive buffer cannot overflow because the peer is not allowed to send data beyond the buffer size window. This means that datagrams will be discarded if they don't fit in the socket receive buffer, potentially causing the sender to overwhelm the receiver.

Use the following commands to determine the current buffer size (in bytes) of each of the IPC networking parameters:

# cat /proc/sys/net/core/rmem_default
109568

# cat /proc/sys/net/core/rmem_max
131071

# cat /proc/sys/net/core/wmem_default
109568

# cat /proc/sys/net/core/wmem_max
131071
Oracle 10g Required Kernel Parameter Settings
Now let's review what has been covered thus far. The Oracle Database 10g documentation defines the following parameters and limits that should be validated before creating an Oracle database.

Parameter Recommended Value Default Value How to Check
shmmax 2147483648 33554432 cat /proc/sys/kernel/shmmax
shmmni 4096 4096 cat /proc/sys/kernel/shmmni
shmall 2097152 2097152 cat /proc/sys/kernel/shmall
shmmin 1 1 ipcs -lm | grep "min seg size"
 
semmsl 250 250 cat /proc/sys/kernel/sem | awk '{print $1}'
semmns 32000 32000 cat /proc/sys/kernel/sem | awk '{print $2}'
semopm 100 32 cat /proc/sys/kernel/sem | awk '{print $3}'
semmni 128 128 cat /proc/sys/kernel/sem | awk '{print $4}'
 
file-max 65536 102696 cat /proc/sys/fs/file-max
 
ip_local_port_range 1024   65000 32768   61000 cat /proc/sys/net/ipv4/ip_local_port_range
 
rmem_default 1048576 109568 cat /proc/sys/net/core/rmem_default
rmem_max 1048576 131071 cat /proc/sys/net/core/rmem_max
wmem_default 262144 109568 cat /proc/sys/net/core/wmem_default
wmem_max 262144 131071 cat /proc/sys/net/core/wmem_max

  If the current value for any parameter is higher than the value listed in this table, do not change the value of that parameter.

Setting Kernel Parameters for Oracle
If the value of any kernel parameter is different to the recommended value, they will need to be modified. For this article, I identified and provide the following values that will need to be added to the /etc/sysctl.conf file which is used during the boot process.

Please note that prior to adding the following kernel parameter values to /etc/sysctl.conf, I removed the two shared memory kernel parameters (kernel.shmmax and kernel.shmall) put in by CentOS 5.

# +---------------------------------------------------------+
# | KERNEL PARAMETERS FOR ORACLE 10g                        |
# +---------------------------------------------------------+
# | Configure the kernel parameters for all Oracle Linux    |
# | servers by setting shared memory and semaphores,        |
# | setting the maximum amount of file handles, setting the |
# | networking parameters, and finally setting the IP local |
# | port range.                                             |
# +---------------------------------------------------------+

# +---------------------------------------------------------+
# | SHARED MEMORY                                           |
# +---------------------------------------------------------+
kernel.shmmax = 2147483648
kernel.shmmni = 4096
kernel.shmall = 2097152

# +---------------------------------------------------------+
# | SEMAPHORES                                              |
# | ----------                                              |
# |                                                         |
# | SEMMSL_value  SEMMNS_value  SEMOPM_value  SEMMNI_value  |
# |                                                         |
# +---------------------------------------------------------+
kernel.sem = 250 32000 100 128

# +---------------------------------------------------------+
# | FILE HANDLES                                            |
# ----------------------------------------------------------+
fs.file-max = 65536

# +---------------------------------------------------------+
# | LOCAL IP RANGE                                          |
# ----------------------------------------------------------+
net.ipv4.ip_local_port_range = 1024 65000

# +---------------------------------------------------------+
# | NETWORKING                                              |
# ----------------------------------------------------------+
net.core.rmem_default = 1048576
net.core.rmem_max = 1048576
net.core.wmem_default = 262144
net.core.wmem_max = 262144

After adding the above lines to the /etc/sysctl.conf file, they persist each time the system reboots. If you would like to make these kernel parameter value changes to the current system without having to first reboot, enter the following command:

# /sbin/sysctl -p
net.ipv4.ip_forward = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 2147483648
kernel.shmmni = 4096
kernel.shmall = 2097152
kernel.sem = 250 32000 100 128
fs.file-max = 65536
net.ipv4.ip_local_port_range = 1024 65000
net.core.rmem_default = 1048576
net.core.rmem_max = 1048576
net.core.wmem_default = 262144
net.core.wmem_max = 262144
Review the output from the above command and verify that the values are correct. If the values are not correct, edit the /etc/sysctl.conf to correct the values, re-run the sysctl -p command and verify the values.


Configuring Shell Limits for the oracle User

To improve the performance of the software on Linux systems, Oracle recommends you increase the following shell limits for the oracle user:

Shell Limit Item in limits.conf Hard Limit
Maximum number of open file descriptors nofile 65536
Maximum number of processes available to a single user nproc 16384

To make these changes, run the following as root:

cat >> /etc/security/limits.conf <<EOF
oracle soft nproc 2047
oracle hard nproc 16384
oracle soft nofile 1024
oracle hard nofile 65536
EOF

cat >> /etc/pam.d/login <<EOF
session required /lib/security/pam_limits.so
EOF
Update the default shell startup file for the "oracle" UNIX account.

  • For the Bourne, Bash, or Korn shell, add the following lines to the /etc/profile file by running the following command:
    cat >> /etc/profile <<EOF
    if [ \$USER = "oracle" ]; then 
        if [ \$SHELL = "/bin/ksh" ]; then
            ulimit -p 16384
            ulimit -n 65536
        else
            ulimit -u 16384 -n 65536
        fi
        umask 022
    fi
    EOF
  • For the C shell (csh or tcsh), add the following lines to the /etc/csh.login file by running the following command:
    cat >> /etc/csh.login <<EOF
    if ( \$USER == "oracle" ) then
        limit maxproc 16384
        limit descriptors 65536
    endif
    EOF


Check and Turn off UDP ICMP Rejections

During the Linux installation process, I indicated to not configure the firewall option. (By default the option to configure a firewall is selected by the installer.) I like to do a double-check that the firewall option is not configured and to ensure udp ICMP filtering is turned off.

  1. Check to ensure that the firewall option is turned off. If the firewall option is stopped (like it is in my example below) you do not have to proceed with the following steps.
    # /etc/rc.d/init.d/iptables status
    Firewall is stopped.
  2. If the firewall option is operating you will need to first manually disable UDP ICMP rejections:
    # /etc/rc.d/init.d/iptables stop
    
    Flushing firewall rules: [  OK  ]
    Setting chains to policy ACCEPT: filter [  OK  ]
    Unloading iptables modules: [  OK  ]
  3. Then, to turn UDP ICMP rejections off for next server reboot (which should always be turned off):
    # chkconfig iptables off 



Network Configuration

During the Linux operating system install we already configured the IP address and host name for the database node. We now need to configure the /etc/hosts file.

Note that the Oracle database server should have a static IP address configured for the public network (eth0 for this article). Do not use DHCP naming for the public IP address; you need a static IP address!

Confirm the Node Name is Not Listed in Loopback Address

Ensure that the node name (vmlinux1) is not included for the loopback address in the /etc/hosts file. If the machine name is listed in the in the loopback address entry as below:
    127.0.0.1        vmlinux1 localhost.localdomain localhost
it should be removed as shown below:
    127.0.0.1        localhost.localdomain localhost


Remove IPv6 Entries

Remove any entry that has to do with IPv6 (for example, ::1 localhost6.localdomain6 localhost6).


Sample /etc/hosts File

The following is an example /etc/hosts file I used for this article:

Sample /etc/hosts File
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1       localhost.localdomain localhost
#
192.168.1.102   alex              alex.idevelopment.info
192.168.1.105   bartman           bartman.idevelopment.info
192.168.1.120   cartman           cartman.idevelopment.info
192.168.1.106   melody            melody.idevelopment.info
192.168.1.190   george            george.idevelopment.info
#
192.168.1.1     router            router.idevelopment.info
192.168.1.245   accesspoint       accesspoint.idevelopment.info
#
# ------------- [  LINUX  ] -------------------------------------
192.168.1.111   vmlinux1          vmlinux1.idevelopment.info
192.168.1.112   vmlinux2          vmlinux2.idevelopment.info
192.168.1.131   vmlinux3          vmlinux3.idevelopment.info
192.168.1.132   vmlinux4          vmlinux4.idevelopment.info



Create "oracle" User and Directories

This section covers the steps required to create the UNIX groups (oinstall, dba, and oper) and user (oracle) that will be used to install the Oracle Database 10g software.

Note that members of the UNIX group oinstall are considered the "owners" of the Oracle software. Members of the dba group can administer Oracle databases, for example starting up and shutting down databases. In this article, we are creating the oracle user account to have both responsibilities!

The UNIX group oinstall is used by organizations that have separate teams responsible for maintaining the Oracle software and the database(s). In situations like this, the group membership prevents unauthorized access to the database by personal who only maintain the Oracle software. At the same time, it also prevents database administrators from making modifications to the database software and the installation's Inventory directory.

The Oracle documentation uses the following definitions when describing the UNIX groups:

  • The oinstall group (the Oracle Inventory group)
  • The dba group (the OSDBA group)
  • The oper group (the OSOPER group)

If you intend to use the oinstall group during the installation process, then you must set the default group to the one that will be maintaining the database before creating the database or permission problems will arise. In this article, we will be taking care of this issue when we install the database software.

The thing to keep in mind is that the UNIX oinstall group is completely optional and is not required if the same individuals will be maintaining the software and the database. Some consider it unnecessary work which adds another layer of complexity to the maintenance of the installation. In this type of scenario, all that would be required is the UNIX group dba (and assigning dba as the primary UNIX group for the "oracle" user account).

This article (along with other Oracle installation guides on this site) adhere to the Optimal Flexible Architecture (OFA) and create both the oinstall and dba UNIX groups.

  This guide adheres to the Optimal Flexible Architecture (OFA) for naming conventions used in creating the directory structure.


Create Group and User for Oracle

Lets start this section by creating the UNIX oinstall and dba group and oracle user account:

# groupadd -g 501 oinstall
# groupadd -g 502 dba
# groupadd -g 503 oper
# useradd -m -u 501 -g oinstall -G dba,oper -d /home/oracle -s /bin/bash -c "Oracle Software Owner" oracle
# id oracle
uid=501(oracle) gid=501(oinstall) groups=501(oinstall),502(dba),503(oper)
Set the password for the oracle account:
# passwd oracle
Changing password for user oracle.
New UNIX password: xxxxxxxxxxx
Retype new UNIX password: xxxxxxxxxxx
passwd: all authentication tokens updated successfully.


Verify That the User nobody Exists

Before installing the Oracle software, complete the following procedure to verify that the user nobody exists on the system:

  1. To determine if the user exists, enter the following command:
    # id nobody
    uid=99(nobody) gid=99(nobody) groups=99(nobody)
    If this command displays information about the nobody user, then you do not have to create that user.
  2. If the user nobody does not exist, then enter the following command to create it:
    # /usr/sbin/useradd nobody


Create the Oracle Base Directory

The next step is to create a new directory that will be used to store the Oracle Database software. When configuring the oracle user's environment (later in this section) we will be assigning the location of this directory to the $ORACLE_BASE environment variable.

After the directory is created, you must then specify the correct owner, group, and permissions for it.

# mkdir -p /u01/app/oracle
# chown -R oracle:oinstall /u01/app/oracle
# chmod -R 775 /u01/app/oracle

At the end of this procedure, you will have the following:

  • /u01 owned by root.
  • /u01/app owned by root.
  • /u01/app/oracle owned by oracle:oinstall with 775 permissions. This ownership and permissions enables the OUI to create the oraInventory directory, in the path /u01/app/oracle/oraInventory.


Create Directory for Database Files

Let's now create the directory that will be used to store the Oracle database files and backup files (on the /u02 file system):
# mkdir -p /u02/oradata
# chown oracle:oinstall /u02/oradata
# chmod 775 /u02/oradata

# mkdir -p /u02/flash_recovery_area
# chown oracle:oinstall /u02/flash_recovery_area
# chmod 775 /u02/flash_recovery_area


Create Login Script for oracle User Account

To ensure that the environment is setup correctly for the "oracle" UNIX user account, use the following .bash_profile:

Login to the database server as the oracle user account:

# su - oracle
.bash_profile for Oracle User
# .bash_profile

# Get the aliases and functions
if [ -f ~/.bashrc ]; then
      . ~/.bashrc
fi

alias ls="ls -FA"

export JAVA_HOME=/usr/local/java

# User specific environment and startup programs
export ORACLE_BASE=/u01/app/oracle
export ORACLE_HOME=$ORACLE_BASE/product/10.2.0/db_1
export ORACLE_PATH=$ORACLE_BASE/common/oracle/sql:.:$ORACLE_HOME/rdbms/admin
export ORACLE_SID=TESTDB

export PATH=.:${JAVA_HOME}/bin:${PATH}:$HOME/bin:$ORACLE_HOME/bin
export PATH=${PATH}:/usr/bin:/bin:/usr/bin/X11:/usr/local/bin
export PATH=${PATH}:$ORACLE_BASE/common/oracle/bin
export ORACLE_TERM=xterm
export TNS_ADMIN=$ORACLE_HOME/network/admin
export ORA_NLS10=$ORACLE_HOME/nls/data
export LD_LIBRARY_PATH=$ORACLE_HOME/lib
export LD_LIBRARY_PATH=${LD_LIBRARY_PATH}:$ORACLE_HOME/oracm/lib
export LD_LIBRARY_PATH=${LD_LIBRARY_PATH}:/lib:/usr/lib:/usr/local/lib
export CLASSPATH=$ORACLE_HOME/JRE
export CLASSPATH=${CLASSPATH}:$ORACLE_HOME/jlib
export CLASSPATH=${CLASSPATH}:$ORACLE_HOME/rdbms/jlib
export CLASSPATH=${CLASSPATH}:$ORACLE_HOME/network/jlib
export THREADS_FLAG=native
export TEMP=/tmp
export TMPDIR=/tmp



Download the Oracle Database 10g Release 2 Software

The next logical step is to install Oracle Database 10g Release 2 (10.2.0.1.0) and optionally the Companion CD Release 2 (10.2.0.1.0) for Linux x86 software. However, we must first download and extract the required Oracle software packages from the Oracle Technology Network (OTN).

  If you do not currently have an account with Oracle OTN, you will need to create one. This is a FREE account!

Oracle offers a development and testing license free of charge. No support, however, is provided and the license does not permit production use. A full description of the license agreement is available on OTN.

In this section, we will be downloading and extracting the required software from Oracle to the database server. Login to the database server as the "oracle" user account. In this article, I will be downloading the required Oracle software to vmlinux1 and saving it to "~oracle/orainstall".

Oracle Database 10g Release 2 (10.2.0.1.0) for Linux x86

Download the Oracle Database 10g Release 2 (10.2.0.1.0) Software for Linux x86.

  Oracle Database 10g Release 2 (10.2.0.1.0)


Oracle Database 10g Companion CD Release 2 (10.2.0.1.0) for Linux x86

Next, download the Oracle Database 10g Companion CD for Linux x86. This can be downloaded from the same page used to download the Oracle Database software:

  Oracle Database 10g Companion CD Release 2 (10.2.0.1.0)

As the "oracle" user account, extract the two packages you downloaded to a temporary directory. In this example, I will use "~oracle/orainstall".

Extract the Oracle Database 10g Software:

# su - oracle
$ mkdir -p ~oracle/orainstall
$ cd ~oracle/orainstall
$ unzip 10201_database_linux32.zip

Extract the Oracle Database 10g Companion CD Software:

$ cd ~oracle/orainstall
$ unzip 10201_companion_linux32.zip



Pre-Installation Tasks

This section contains the mandatory tasks that need to be completed before install the Oracle Database 10g software.

Modify the Red Hat Release File

One of the first checks performed by the Oracle Universal Installer (OUI) is to determine if the host platform is supported. The OUI uses the file /etc/redhat-release to determine the platform. For the case of Red Hat Enterprise Linux, Oracle Database 10g Release 2 expects either RHEL 3 or RHEL/OEL 4. The OUI will immediately fail if it doesn't recognize either of these two platforms:
$ /home/oracle/orainstall/database/runInstaller

Starting Oracle Universal Installer...

Checking installer requirements...

Checking operating system version: 
    must be redhat-3, SuSE-9, redhat-4, UnitedLinux-1.0, asianux-1 or asianux-2
       Failed <<<<

Exiting Oracle Universal Installer, log for this session can be found at
    /tmp/OraInstall2008-01-08_06-06-36PM/installActions2008-01-08_06-06-36PM.log
The easiest way to get around this error is to modify the /etc/redhat-release file replacing the current release information (CentOS release 5 (Final)) with the following:
redhat-4
Before modifying /etc/redhat-release, make a backup copy of the file and ensure to replace the original one after the Oracle installation and patch process has been completed.
$ su -
# cp /etc/redhat-release /etc/redhat-release.original
# echo "redhat-4" > /etc/redhat-release



Install the Oracle Database 10g Release 2 Software

We are now ready to install the Oracle Database 10g Release 2 software. This section will provide the steps necessary to configure the database server to successfully run the Oracle Universal Installer (OUI).

  For the purpose of this example, we will forgo the "Create Database" option when installing the Oracle Database software. We will, instead, create the database using the Database Configuration Assistant (DBCA) after all of the software and patches have been installed.

X Windows Server Requirements

Beginning with Oracle version 8i, the Oracle Universal Installer (OUI) is a Java application and uses a JRE (Java runtime Environment) shipped on the media. Other Java applications that utilize the JRE are the Database Configuration Assistant and the Oracle Net Assistant. The JRE shipped by Oracle is the only one supported to run with these applications. Installations can no longer be performed using character mode.

  You must install the Oracle database software from an X windows workstation, an X terminal, or a PC or other system with X server software installed.

Before starting the Oracle Universal Installer, you should first verify you are logged onto the server you will be running the installer from (i.e. vmlinux1) then run the xhost + command as root from the console to allow X Server connections.

Next, login as the oracle user account. If you are using a remote client to connect to the node performing the installation (SSH or Telnet to vmlinux1 from a workstation configured with an X Server), you will need to set the DISPLAY variable to point to your local workstation:

# hostname
vmlinux1

# xhost +
access control disabled, clients can connect from any host

# su - oracle

$ # IF YOU ARE USING A REMOTE CLIENT TO CONNECT TO THE
$ # NODE PERFORMING THE INSTALL
$ DISPLAY=<your local workstation>:0.0
$ export DISPLAY

  If you are using Hummingbird's Exceed X-Windows emulator while installing and using Oracle10g, set the window manager to run in "Native" mode so that Microsoft windows functions as the window manager. See your Exceed documentation for instructions on configuring the window manager.


Install the Oracle Database 10g Release 2 Software

Install the Oracle Database 10g Release 2 software as follows:

$ cd ~oracle
$ /home/oracle/orainstall/database/runInstaller

Oracle Database 10g Software Installation Screen Responses
Screen Name Response
Select Installation Method Select the Advanced Method option and click Next to start the installation process.
Specify Inventory directory
and credentials
Accept the default values:
   Inventory directory: /u01/app/oracle/oraInventory
   Operating System group name: oinstall
Select Installation Type Select the type of installation to perform (Enterprise Edition, Standard Edition, or Custom). I selected the Custom option for this example given I wanted to install Oracle Label Security and other components not available with the Enterprise or Standard Edition installation option.
Specify Home Details Set the Name and Path for the ORACLE_HOME as follows:
   Name: OraDb10g_home1
   Location: /u01/app/oracle/product/10.2.0/db_1
Available Product Components If you selected the Custom installation type, the next screen (Available Product Components) allows you to select from all available components. Select the appropriate components for your environment and click Next to continue.
Product-Specific
Prerequisite Checks
The installer will run through a series of checks to determine if the node meets the minimum requirements for installing and configuring the Oracle database software. If any of the checks fail, you will need to manually verify the check that failed by clicking on the checkbox.

For my installation, all checks passed with no problems.

It is possible to receive an error about the available swap space not meeting its minimum requirements:

Checking available swap space requirements...
Expected result: 3036MB
Actual Result: 1983MB

In most cases, you will have the minimum required swap space (as shown above) and this can be safely ignored. Simply click the check-box for "Checking available swap space requirements..." and click Next to continue.

Privileged Operating
System Groups
Select the UNIX groups that will be used for each of the Oracle group names as follows:

   Database Administrator (OSDBA) Group: dba
   Database Operator (OSOPER) Group: oper

Create Database Select the option to Install database Software only.

Remember that we will create the database as a separate step using DBCA.

Summary Click Install to start the installation!
Root Script Window - Run root.sh After the installation has completed, you will be prompted to run the orainstRoot.sh and root.sh script. Open a new console window as the "root" user account.

Navigate to the /u01/app/oracle/oraInventory directory and run orainstRoot.sh.

NOTE: After executing the orainstRoot.sh script, verify the permissions of the file "/etc/oraInst.loc" are 644 (-rw-r--r--) and owned by root:root. Problems can occur during the installation of Oracle if the oracle user account does not have read permissions to this file - (the location of the oraInventory directory cannot be determined). If the permissions to /etc/oraInst.loc are not set correctly, it is possible you didn't run orainstRoot.sh before running root.sh. Also, the umask setting may be off - it should be 0022.


Navigate to the /u01/app/oracle/product/10.2.0/db_1 directory and run root.sh accepting all default values.

After running the root.sh script go back to the OUI and acknowledge the "Execute Configuration scripts" dialog window.

End of installation At the end of the installation, exit from the OUI.

The last screen of a successful Oracle Database 10g Release 2 installation is the "End of Installation" screen. The OUI provides you with several URLs that will be activated by the OUI:

The following J2EE Applications have been deployed and are accessible
at the URLs listed below.

iSQL*Plus URL:
http://vmlinux1:5560/isqlplus

iSQL*Plus DBA URL:
http://vmlinux1:5560/isqlplus/dba



Install the Oracle Database 10g Companion CD Release 2 Software

After successfully installing the Oracle Database software, the next step is to install the Oracle Database 10g Companion CD Release 2 software (10.2.0.1.0).

Please keep in mind that this is an optional step. For the purpose of this article, my testing database will often make use of the Java Virtual Machine (Java VM) and Oracle interMedia and therefore will require the installation of the Oracle Database 10g Companion CD. The type of installation to perform will be the Oracle Database 10g Products installation type.

This installation type includes the Natively Compiled Java Libraries (NCOMP) files to improve Java performance. If you do not install the NCOMP files, the "ORA-29558:JAccelerator (NCOMP) not installed" error occurs when a database that uses Java VM is upgraded to the patch release.

Login as the oracle User Account and Set DISPLAY (if necessary)

As discussed in the previous section, (Install Oracle Database 10g Software), the terminal shell environment needs to run an X Windows application as the "oracle" user account. Note that you can utilize the same terminal shell session used in the previous section which in this case, you do not have to take any of the actions described below with regards to setting the DISPLAY variable:
# su - oracle

$ # IF YOU ARE USING A REMOTE CLIENT TO CONNECT TO THE
$ # NODE PERFORMING THE INSTALL
$ DISPLAY=<your local workstation>:0.0
$ export DISPLAY


Install Oracle10g Companion CD Software

Install the Oracle 10g Companion CD Software as follows:
$ cd ~oracle
$ /home/oracle/orainstall/companion/runInstaller

Oracle Database 10g Companion CD Installation Screen Responses
Screen Name Response
Welcome Screen Click Next
Select a Product to Install Select the Oracle Database 10g Products 10.2.0.1.0 option.
Specify Home Details Set the destination for the ORACLE_HOME Name and Path to that of the previous Oracle10g Database software install as follows:
   Name: OraDb10g_home1
   Path: /u01/app/oracle/product/10.2.0/db_1
Product-Specific
Prerequisite Checks
The installer will run through a series of checks to determine if the node meets the minimum requirements for installing and configuring the Oracle10g Companion CD Software. If any of the checks fail, you will need to manually verify the check that failed by clicking on the checkbox. For my installation, all checks passed with no problems.

Click Next to continue.

Summary On the Summary screen, click Install to start the installation!
End of installation At the end of the installation, exit from the OUI.

The last screen of a successful Oracle Database 10g Companion CD Release 2 installation is the "End of Installation" screen. The OUI provides you with several URLs that will be activated by the OUI:

Ultra Search URL:
http://vmlinux1:5620/ultrasearch

Ultra Search Administration Tool URL:
http://vmlinux1:5620/ultrasearch/admin


  It has been reported that for users who installed the 10g Apache server standalone from the Companion CD on CentOS 5 (which is not discussed in this article), elicits the following error from the configuration assistant:
libdb.so.2: cannot open shared object file
A workaround was posted on an Oracle forum and consists of the following tasks:
  1. As root, create the following symbolic link:
    ln -s /usr/lib/libgdbm.so.2.0.0 /usr/lib/libdb.so.2
  2. Change the permissions in the libdb.so.2 file:
    chmod 755 /usr/lib/libgdbm.so.2.0.0 
    chmod 755 /usr/lib/libdb.so.2
  3. Re-execute the Configuration Assitant.



Apply the 10.2.0.3 Database Patchset

At the time of this writing, the latest patchset for Oracle Database 10g Release 2 running on Linux x86 (32-bit) is 10.2.0.3 (also known as patch 5337014).

Downloading the Patchset

The Oracle 10.2.0.3 patchset will need to be downloaded from the Oracle Metalink website (http://metalink.oracle.com).

  Access to Oracle Metalink requires a valid login and CSI number.

After logging in to the Oracle Metalink website, click on the "Patches & Updates" tab on the top menu and use the following to download the correct database patchset:

  1. On the "Patches & Updates" screen, select the link for Simple Search.
  2. From the Simple Search screen, select the "Product or Family" option in the Search By pull-down listing. In the text field to the right, enter "RDBMS Server".
  3. In the Release option, select "Oracle 10.2.0.3".
  4. For the Patch Type option, select "Patchset/Minipack".
  5. Finally, for the Platform or Language option, select "Linux x86".
  6. When all of the options are filled out, click the "Go" button.
  7. This will bring up the available patchsets in the Results section. For the purpose of this article, I will be downloading and installing patch: 5337014. Select this patchset in the Results section and then click the Download button to start the download process.

      The file name of the patchset to download is p5337014_10203_LINUX.zip (last updated 21-FEB-2007) and is 900MB in size. This may take some time to download.


Extract the Patch File

As the oracle user account, extract the patch file to a temporary directory:
$ id -a
uid=501(oracle) gid=501(oinstall) groups=501(oinstall),502(dba),503(oper)

$ mkdir -p /home/oracle/orainstall/patches/database_10.2.0.3
$ mv p5337014_10203_LINUX.zip /home/oracle/orainstall/patches/database_10.2.0.3
$ cd /home/oracle/orainstall/patches/database_10.2.0.3
$ unzip p5337014_10203_LINUX.zip


Login as the oracle User Account and Set DISPLAY (if necessary)

As discussed in the previous section, (Install the Oracle Database 10g Companion CD Release 2 Software), the terminal shell environment needs to run an X Windows application as the "oracle" user account. Note that you can utilize the same terminal shell session used in the previous section which in this case, you do not have to take any of the actions described below with regards to setting the DISPLAY variable:
# su - oracle

$ # IF YOU ARE USING A REMOTE CLIENT TO CONNECT TO THE
$ # NODE PERFORMING THE INSTALL
$ DISPLAY=<your local workstation>:0.0
$ export DISPLAY


Stop All Oracle Processes

Before starting the OUI to install the patch set, we need to stop all listeners and other processes running in the Oracle home directory. If you have been following the instructions in this article, there should be no Oracle processes running:
$ ps -ef | grep ora


Applying the Patchset

Once all processes running in the Oracle home directory have been stopped, we can now start the patch installation process. To do this, run the OUI installer (runInstaller) out of the directory where you extracted the patch set to as the oracle UNIX user account:
$ id -a
uid=501(oracle) gid=501(oinstall) groups=501(oinstall),502(dba),503(oper)

$ cd ~oracle
$ /home/oracle/orainstall/patches/database_10.2.0.3/Disk1/runInstaller

Oracle 10.2.0.3 Patchset Installation Screen Responses
Screen Name Response
Welcome Screen Click Next
Specify Home Details Set the destination for the ORACLE_HOME Name and Path to that of the previous Oracle10g Database software install as follows:
   Name: OraDb10g_home1
   Path: /u01/app/oracle/product/10.2.0/db_1
Summary On the Summary screen, click Install to start the installation!
Root Script Window - Run root.sh After the patch installation has completed, you will be prompted to run the root.sh script. Open a new console window as the "root" user account.

Navigate to the /u01/app/oracle/product/10.2.0/db_1 directory and run root.sh accepting all default values.

After running the root.sh script go back to the OUI and acknowledge the "Execute Configuration scripts" dialog window.

End of installation At the end of the installation, exit from the OUI.

The Oracle Database 10g Release 2 Patch Set 2 has now been successfully applied!


Running changePerm.sh Script on an Oracle Database Server Home

During patch set installation, all new files and directories are created with restricted access, by default. Users or third party applications with a different group identifier from that of the database owner (dba and oper for example), which try to access client-side utilities or libraries in the database home, will see permission errors when trying to access these files or directories. Perform the following steps to change the permissions so that groups other then just the database owner (for this example, the database owner is oracle:oinstall) can access client-side utilities and libraries.

  1. Change to the install directory by using the following command:
    $ cd $ORACLE_HOME/install
  2. Run changePerm.sh and specify the patched server Oracle home location, before accessing client-side utilities or libraries in the database home. Please note that this script may take several minutes to complete:
    $ ./changePerm.sh
    
    -------------------------------------------------------------------------------
    Disclaimer: The purpose of this script is to relax permissions on some of the
    files in the database Oracle Home so that all clients can access them.
    Please note that Oracle Corporation recommends using the most restrictive file
    permissions as possible for your given implementation.  Running this script
    should be done only after considering all security ramifications.
    -------------------------------------------------------------------------------
    
    Do you wish to continue (y/n) [n]: y
    Finished running the script successfully
    Please see /tmp/changePerm_err.log for errors and /tmp/changePerm.log for the log of events



Configure Oracle Networking

The Database Configuration Assistant (DBCA) requires the Oracle TNS Listener process to be configured and running on the database server before it can create the database.

Bring up the Network Configuration Assistant (NETCA) and run through the process of creating a new TNS listener process and to also configure the node for local access.

The terminal shell environment needs to run an X Windows application as the "oracle" user account. Note that you can utilize the same terminal shell session used in the previous section which in this case, you do not have to take any of the actions described below with regards to setting the DISPLAY variable:

# su - oracle

$ # IF YOU ARE USING A REMOTE CLIENT TO CONNECT TO THE
$ # NODE PERFORMING THE INSTALL
$ DISPLAY=<your local workstation>:0.0
$ export DISPLAY

To start the NETCA, run the following:

$ netca &
Oracle Network Configuration Installation Screen Responses
Screen Name Response
Welcome Select Listener configuration.
Listener Configuration
(Next 6 Screens)
The following screens are now like any other normal listener configuration. You can simply accept the default parameters for the next six screens:
   What do you want to do: Add
   Listener name: LISTENER
   Selected protocols: TCP
   Port number: 1521
   Configure another listener: No
   Listener configuration complete! [ Next ]
You will be returned to this Welcome (Type of Configuration) Screen.
Welcome Select Naming Methods configuration.
Naming Methods Configuration The following screens are:
   Selected Naming Methods: Local Naming
   Naming Methods configuration complete! [ Next ]
You will be returned to this Welcome (Type of Configuration) Screen.
Welcome Click Finish to exit the NETCA.

The Oracle TNS listener process should now be running:

$ ps -ef | grep lsnr | grep -v 'grep' | awk '{print $9}'
LISTENER



Create the Oracle Database

We will be using the Oracle Database Configuration Assistant (DBCA) to create a database / instance named TESTDB.

Before executing the Database Configuration Assistant, make sure that $ORACLE_HOME and $PATH are set appropriately for the $ORACLE_BASE/product/10.2.0/db_1 environment.

You should also verify that the Oracle TNS listener service is running before attempting to start the database creation process.

Login as the oracle User Account and Set DISPLAY (if necessary)

As discussed in the previous section, the terminal shell environment needs to run an X Windows application as the "oracle" user account. Note that you can utilize the same terminal shell session used in the previous section which in this case, you do not have to take any of the actions described below with regards to setting the DISPLAY variable:
# su - oracle

$ # IF YOU ARE USING A REMOTE CLIENT TO CONNECT TO THE
$ # NODE PERFORMING THE INSTALL
$ DISPLAY=<your local workstation>:0.0
$ export DISPLAY


Create the Database

To start the database creation process, run the following:

$ dbca &
Screen Name Response
Welcome Screen Click Next
Operations Select Create a Database.
Database Templates Select Custom Database
Database Identification Select:
   Global Database Name: TESTDB.IDEVELOPMENT.INFO
   SID: TESTDB

  I used IDEVELOPMENT.INFO for the database domain. You may use any domain. Keep in mind that this domain does not have to be a valid DNS domain.

Management Option Leave the default options here which is to Configure the Database with Enterprise Manager / Use Database Control for Database Management
Database Credentials I selected to Use the Same Password for All Accounts. Enter the password (twice) and make sure the password does not start with a digit number.
Storage Options For this article, we will select to use File System.
Database File Locations Select the option to use Use Oracle-Managed Files:
   Database Area: /u02/oradata
Recovery Configuration Check the option for Specify Flash Recovery Area. For this example, I will create a Flash Recovery Area of 10GB.
   Flash Recovery Area: /u02/flash_recovery_area
   Flash Recovery Area Size: 10240
Database Content I left all of the Database Components (and destination tablespaces) set to their default value, although it is perfectly OK to select the Sample Schemas. This option is available since we installed the Oracle Companion CD software.
Initialization Parameters Change any parameters for your environment. I left them all at their default settings.
Database Storage Change any parameters for your environment. I left them all at their default settings.
Creation Options Keep the default option Create Database selected. I also always select to Generate Database Creation Scripts. Click Finish to start the database creation process. After acknowledging the database creation report and script generation dialog, the database creation will start.

Click OK on the "Summary" screen.

End of Database Creation At the end of the database creation, exit from the DBCA.

When the Oracle Database Configuration Assistant has completed, you will have a fully functional Oracle database running!

If you selected to configure Enterprise Manager during the database creation process, the OUI will provide the URL. For example:

http://vmlinux1:1158/em

  I like to review the log files that were created by the DBCA process. For the purpose of the example in this article, my log files were created in "/u01/app/oracle/product/10.2.0/db_1/cfgtoollogs/dbca/TESTDB".



Post-Installation Tasks

This section contains several tasks that can be applied to your new Oracle 10g environment in order to enhance availability as well as database management. Also included are the steps required to restore the Red Hat Release File which was modified earlier in this article.

Restore the Red Hat Release File

Earlier in this article during the Pre-Installation Tasks section, we were required to Modify the Red Hat Release File (/etc/redhat-release) in order for the Oracle Universal Installer to detect a supported platform.

Prior to modifying the Red Hat Release File, we made a backup copy of the original file. Given the Oracle database installation is now completed, we should now restore the original version of this file:

$ su -
# cp /etc/redhat-release.original /etc/redhat-release


Re-compile Invalid Objects

Run the utlrp.sql script to recompile all invalid PL/SQL packages now instead of when the packages are accessed for the first time. This step is optional but recommended.
$ id -a
uid=501(oracle) gid=501(oinstall) groups=501(oinstall),502(dba),503(oper)

$ sqlplus "/ as sysdba"
SQL> @?/rdbms/admin/utlrp.sql
  When the 10.2.0.3 patch set is applied to an Oracle Database 10g Standard Edition database or Standard Edition One database, there may be 42 invalid objects after the utlrp.sql script runs. These objects belong to the unsupported components and do not affect the database operation.

Ignore any messages indicating that the database contains invalid recycle bin objects similar to the following:

BIN$4lzljWIt9gfgMFeM2hVSoA==$0


Enabling Archive Logs - (Optional)

Oracle tracks and logs all changes to database blocks in online redolog files. An Oracle instance (i.e. TESTDB) will have its own set of online redolog files known as a thread. The Oracle instance (or thread) will use its group of online redologs in a circular manner. Once an online redolog fills, Oracle moves to the next one. If the database is in "Archive Log Mode", Oracle will make a copy of the online redo log before it gets reused. A thread must contain at least two online redologs (or online redolog groups).

As already mentioned, Oracle writes to its online redolog files in a circular manner. When the current online redolog fills, Oracle will switch to the next one. To facilitate media recovery, Oracle allows the DBA to put the database into "Archive Log Mode" which makes a copy of the online redolog after it fills (and before it gets reused). This is a process known as archiving.

The Database Configuration Assistant (DBCA) allows users to configure a new database to be in archive log mode, however most DBA's opt to bypass this option during initial database creation. In cases like this where the database is in no archive log mode, it is a simple task to put the database into archive log mode. Note however that this will require a short database outage. Use the following tasks to put your new database into archive log mode.

  1. Login to the database server as the "oracle" user account and shutdown the database:
    $ id -a
    uid=501(oracle) gid=501(oinstall) groups=501(oinstall),502(dba),503(oper)
    
    $ sqlplus "/ as sysdba"
    SQL> shutdown immediate
  2. Next, MOUNT the database:
    SQL> startup mount
  3. Enable archiving:
    SQL> alter database archivelog;
  4. Open the database for read/write which is now in archivelog mode:
    SQL> alter database open;
  5. Login to the database and verify Archive Log Mode is enabled:
    SQL> archive log list
    Database log mode              Archive Mode
    Automatic archival             Enabled
    Archive destination            USE_DB_RECOVERY_FILE_DEST
    Oldest online log sequence     27
    Next log sequence to archive   29
    Current log sequence           29


Download and Install Custom Oracle Database Scripts - (Optional)

DBA's rely on Oracle's data dictionary views and dynamic performance views in order to support and better manage their databases. Although these views provide a simple and easy mechanism to query critical information regarding the database, it helps to have a collection of accurate and readily available SQL scripts to query these views.

In this section you will download and install a collection of Oracle DBA scripts that can be used to manage many aspects of your database including space management, performance, backups, security, and session management. The Oracle DBA scripts archive can be downloaded using the following link http://www.idevelopment.info/data/Oracle/DBA_scripts/common.zip. As the oracle user account, download the common.zip archive to the $ORACLE_BASE directory. For the purpose of this example, the common.zip archive will be copied to /u01/app/oracle. Next, unzip the archive file to the $ORACLE_BASE directory.

For example, perform the following as the oracle user account:

$ mv common.zip /u01/app/oracle
$ cd /u01/app/oracle
$ unzip common.zip
The final step is to verify (or set) the appropriate environment variable for the current UNIX shell to ensure the Oracle SQL scripts can be run from SQL*Plus while in any directory. For UNIX verify the following environment variable is set and included in your login shell script:
ORACLE_PATH=$ORACLE_BASE/common/oracle/sql:.:$ORACLE_HOME/rdbms/admin
export ORACLE_PATH

  Note that the ORACLE_PATH environment variable should already be set in the .bash_profile login script that was created in the section Create Login Script for oracle User Account.

Now that the Oracle DBA scripts have been unzipped and the UNIX environment variable ($ORACLE_PATH) has been set to the appropriate directory, you should now be able to run any of the SQL scripts in your $ORACLE_BASE/common/oracle/sql while logged into SQL*Plus. For example, to query tablespace information while logged into the Oracle database as a DBA user:

SQL> @dba_tablespaces

Status    Tablespace Name TS Type      Ext. Mgt.  Seg. Mgt.    Tablespace Size    Used (in bytes) Pct. Used
--------- --------------- ------------ ---------- --------- ------------------ ------------------ ---------
ONLINE    UNDOTBS1        UNDO         LOCAL      MANUAL           241,172,480        239,075,328        99
ONLINE    SYSAUX          PERMANENT    LOCAL      AUTO             272,629,760        270,663,680        99
ONLINE    USERS           PERMANENT    LOCAL      AUTO               5,242,880             65,536         1
ONLINE    SYSTEM          PERMANENT    LOCAL      MANUAL           513,802,240        503,250,944        98
ONLINE    TEMP            TEMPORARY    LOCAL      MANUAL            29,360,128         28,311,552        96
                                                            ------------------ ------------------ ---------
avg                                                                                                      79
sum                                                              1,062,207,488      1,041,367,040
To obtain a list of all available Oracle DBA scripts while logged into SQL*Plus, run the help.sql script:
SQL> @help.sql

========================================
Automatic Shared Memory Management
========================================
asmm_components.sql

========================================
Automatic Storage Management
========================================
asm_alias.sql
asm_clients.sql
asm_diskgroups.sql
asm_disks.sql
asm_disks_perf.sql
asm_drop_files.sql
asm_files.sql
asm_files2.sql
asm_templates.sql

< --- SNIP --- >

perf_top_sql_by_buffer_gets.sql
perf_top_sql_by_disk_reads.sql

========================================
Workspace Manager
========================================
wm_create_workspace.sql
wm_disable_versioning.sql
wm_enable_versioning.sql
wm_freeze_workspace.sql
wm_get_workspace.sql
wm_goto_workspace.sql
wm_merge_workspace.sql
wm_refresh_workspace.sql
wm_remove_workspace.sql
wm_unfreeze_workspace.sql
wm_workspaces.sql



Creating / Altering Tablespaces

When creating the Oracle database, we left all tablespaces set to their default size. If you are using a large set of drives for database storage, you may want to make a sizable testing database.

Below are several optional SQL commands for modifying and creating all tablespaces for the test database.

NOTE: Please keep in mind that the database file names (OMF files) being listed in these examples may differ from what the Oracle Database Configuration Assistant (DBCA) creates for your environment. When working through this section, substitute the data file names that were created in your environment where appropriate. The following query can be used to determine the file names for your environment:

SQL> select tablespace_name, file_name
  2  from dba_data_files
  3  union
  4  select tablespace_name, file_name
  5  from dba_temp_files;

TABLESPACE_NAME     FILE_NAME
--------------- ---------------------------------------------------------
SYSAUX          /u02/oradata/TESTDB/datafile/o1_mf_sysaux_3rbj68np_.dbf
SYSTEM          /u02/oradata/TESTDB/datafile/o1_mf_system_3rbj5g8h_.dbf
TEMP            /u02/oradata/TESTDB/datafile/o1_mf_temp_3rbj6f1s_.tmp
UNDOTBS1        /u02/oradata/TESTDB/datafile/o1_mf_undotbs1_3rbj61p7_.dbf
USERS           /u02/oradata/TESTDB/datafile/o1_mf_users_3rbj6q3y_.dbf

$ sqlplus "/ as sysdba"

SQL> create user scott identified by tiger default tablespace users;

SQL> grant dba, resource, connect to scott;

SQL> alter database datafile '/u02/oradata/TESTDB/datafile/o1_mf_users_3rbj6q3y_.dbf' resize 1024m;

SQL> alter tablespace users add datafile size 1024m autoextend off;

SQL> create tablespace indx datafile size 1024m
  2  autoextend on next 100m maxsize unlimited
  3  extent management local autoallocate
  4  segment space management auto;

SQL> -- SYSTEM Tablespace
SQL> alter database datafile '/u02/oradata/TESTDB/datafile/o1_mf_system_3rbj5g8h_.dbf' resize 1024m;

SQL> -- SYSAUX Tablespace
SQL> alter database datafile '/u02/oradata/TESTDB/datafile/o1_mf_sysaux_3rbj68np_.dbf' resize 1024m;

SQL> -- UNDO Tablespace
SQL> alter database datafile '/u02/oradata/TESTDB/datafile/o1_mf_undotbs1_3rbj61p7_.dbf' resize 1024m;

SQL> -- Temporary Tablespace
SQL> alter database tempfile '/u02/oradata/TESTDB/datafile/o1_mf_temp_3rbj6f1s_.tmp' resize 1024m;

Here is a snapshot of the tablespaces I have defined for my test database environment:

SQL> @dba_tablespaces

Status    Tablespace Name TS Type      Ext. Mgt.  Seg. Mgt.    Tablespace Size    Used (in bytes) Pct. Used
--------- --------------- ------------ ---------- --------- ------------------ ------------------ ---------
ONLINE    UNDOTBS1        UNDO         LOCAL      MANUAL         1,073,741,824        239,075,328        22
ONLINE    SYSAUX          PERMANENT    LOCAL      AUTO           1,073,741,824        270,663,680        25
ONLINE    USERS           PERMANENT    LOCAL      AUTO           2,147,483,648            131,072         0
ONLINE    SYSTEM          PERMANENT    LOCAL      MANUAL         1,073,741,824        503,250,944        47
ONLINE    INDX            PERMANENT    LOCAL      AUTO           1,073,741,824             65,536         0
ONLINE    TEMP            TEMPORARY    LOCAL      MANUAL         1,073,741,824         28,311,552         3
                                                            ------------------ ------------------ ---------
avg                                                                                                      16
sum                                                              7,516,192,768      1,041,498,112

6 rows selected.



Setting up Automatic Database Starting and Stopping

This section contains the recommended method defined by Oracle for automating database startup and shutdown of Oracle10g and Oracle11g instances.

Automatic Database Startup/Shutdown in Oracle10g

Once the instance is created, edit the /etc/oratab file setting the restart flag (the last field) to "Y" for the instance you want to automatically startup and shutdown. For the purpose of this example, the only instance defined in the /etc/oratab file is TESTDB:

/etc/oratab
...
TESTDB:/u01/app/oracle/product/10.2.0/db_1:Y
...

Next, create a text file named /etc/init.d/dbora as the root user, containing the following:

/etc/init.d/dbora
#!/bin/sh
# chkconfig: 345 99 10
# description: Oracle auto start-stop script.
#
# Set ORA_HOME to be equivalent to the $ORACLE_HOME
# from which you wish to execute dbstart and dbshut;
#
# Set ORA_OWNER to the user id of the owner of the 
# Oracle database in ORA_HOME.

ORA_HOME=/u01/app/oracle/product/10.2.0/db_1
ORA_OWNER=oracle

if [ ! -f $ORA_HOME/bin/dbstart ]
then
    echo "Oracle startup: cannot start"
    exit
fi

case "$1" in
    'start')
        # Start the Oracle databases:
        # The following command assumes that the oracle login 
        # will not prompt the user for any values
        su - $ORA_OWNER -c "$ORA_HOME/bin/dbstart $ORA_HOME"
        ;;
    'stop')
        # Stop the Oracle databases:
        # The following command assumes that the oracle login 
        # will not prompt the user for any values
        su - $ORA_OWNER -c "$ORA_HOME/bin/dbshut $ORA_HOME"
        ;;
esac

  Note that the /etc/init.d/dbora script listed above may look a little different from a similar one used for Oracle9i — most notably the omission of the commands to start/stop the Oracle TNS listener process. As of Oracle 10g Release 2 the dbstart script includes the commands to automatically start/stop the listener.

Use the chmod command to set the privileges to 750:

# chmod 750 /etc/init.d/dbora

Associate the dbora service with the appropriate run levels and set it to auto-start using the following command:

# chkconfig --level 345 dbora on
The relevant instances should now startup/shutdown automatically at system startup/shutdown!


Known Issues

The following known issue does not apply to this article since we applied the Oracle 10.2.0.3 patchset.

If you haven't patched the Oracle Database software, there is a documented bug with Oracle 10g Release 2 where calling dbstart might result in the following error message:

Failed to auto-start Oracle Net Listener using /ade/vikrkuma_new/oracle/bin/tnslsnr
This is due to a hard coded path in the dbstart script. To correct this, edit the $ORACLE_HOME/bin/dbstart script and replace the following line (approximately line 78):
ORACLE_HOME_LISTNER=/ade/vikrkuma_new/oracle
with this:
ORACLE_HOME_LISTNER=$ORACLE_HOME
The dbstart script shold now start the listener as expected.


Final Notes

The /etc/init.d/dbora script defined in this section uses the "su -" command to run the Oracle scripts dbstart and dbshut:
su - $ORA_OWNER -c "$ORA_HOME/bin/dbstart $ORA_HOME"

(and...)

su - $ORA_OWNER -c "$ORA_HOME/bin/dbshut $ORA_HOME"
Starting with Oracle10g, Oracle switched from recommending the "su" command to the "rsh" command of which I completely disagree with. When using the rsh method, the /etc/init.d/dbora script would be defined as follows:

/etc/init.d/dbora - (rsh method)
#!/bin/sh
# chkconfig: 345 99 10
# description: Oracle auto start-stop script.
#
# Change the value of ORACLE_HOME to specify the correct Oracle home
# directory for your installation.

ORACLE_HOME=/u01/app/oracle/product/10.2.0/db_1
#
# Change the value of ORACLE to the login name of the
# oracle owner at your site.
#
ORACLE=oracle

PATH=${PATH}:$ORACLE_HOME/bin
HOST=`hostname`
PLATFORM=`uname`
export ORACLE_HOME PATH
#
if [ ! "$2" = "ORA_DB" ] ; then
   if [ "$PLATFORM" = "HP-UX" ] ; then
      remsh $HOST -l $ORACLE -n "$0 $1 ORA_DB"
      exit
   else
      rsh $HOST -l $ORACLE  $0 $1 ORA_DB
      exit
   fi
fi
#
case $1 in
'start')
        $ORACLE_HOME/bin/dbstart $ORACLE_HOME
        ;;
'stop')
        $ORACLE_HOME/bin/dbshut $ORACLE_HOME
        ;;
*)
        echo "usage: $0 {start|stop}"
        exit
        ;;
esac
#
exit

Note that this method relies on the presence of an RSH server, which requires additional packages and configuration. The RSH server does not get installed by default on many Linux distributions (and for good reason!).

Given the RSH server (and other r* packages) do not get installed by default, the DBA would need to locate and install them before this method could be used:

# -- Install the rhs and rsh-server packages from the OS CD/DVD --
# rpm -Uvh --force rsh-*

# -- Enable rsh and rlogin --
# chkconfig rsh on
# chkconfig rlogin on
# service xinetd reload

I completely disagree with the recommendation to use rsh and prefer to stick with using the su command method. Furthermore, using the rsh method can be problematic when attempting to use it under Fedora Core 5 and Fedora Core 6 where rsh is deprecated.



Miscellaneous Options

This final section of the article contains several miscellaneous options that may be of use to newcomers of Oracle10g.

Enterprise Manager - Database Console

During the database creation section, we asked for DBCA to create the Enterprise Manager Database Console application. In almost all cases, the DBCA will automatically start the OEM Database Console application. To check for the process, type the following:
$ emctl status dbconsole
TZ set to US/Eastern
Oracle Enterprise Manager 10g Database Control Release 10.2.0.3.0
Copyright (c) 1996, 2006 Oracle Corporation.  All rights reserved.
http://vmlinux1:1158/em/console/aboutApplication
Oracle Enterprise Manager 10g is running.
------------------------------------------------------------------
Logs are generated in directory /u01/app/oracle/product/10.2.0/db_1/vmlinux1_TESTDB/sysman/log
If you recieve something similar to the above output, then OEM Database Console is running. If you need to manually start this application, login as the UNIX oracle user account and type the following:
$ emctl start dbconsole
TZ set to US/Eastern
Oracle Enterprise Manager 10g Database Control Release 10.2.0.3.0
Copyright (c) 1996, 2006 Oracle Corporation.  All rights reserved.
http://vmlinux1:1158/em/console/aboutApplication
Starting Oracle Enterprise Manager 10g Database Control ............ started.
------------------------------------------------------------------
Logs are generated in directory /u01/app/oracle/product/10.2.0/db_1/vmlinux1_TESTDB/sysman/log
The OEM DB Console application may take several minutes to start.

Once the DB Console application is up and running, point your web browser to http://<Database_Server>:1158/em as in the following:

http://vmlinux1:1158/em
Login:
User Name: SYSTEM
Password: <The password you chose during installation>
Connect As: Normal

  The emctl start dbconsole / emctl stop dbconsole commands can be placed in the /etc/init.d/dbora script to be started and stopped when the database server is cycled.


Changing Your Oracle Database Environment

In some cases, you may have more than one database running on your single database server. It is even possible to be using two different databases running on different releases of the Oracle Database software. (i.e. Oracle 8.1.7, Oracle 9.2.0, and 10.2.0). For example, you may have two database - ORA920 (using Oracle release 9.2.0) and TESTDB (using Oracle release 10.2.0). Whatever the case may be, you need an efficient way to modify your environment variables to switch between these two databases. This requires you update environment variables like ORACLE_HOME, ORACLE_SID, PATH, LD_LIBRARY_PATH, etc. Although this can be done manually at the command line, it can get old real quick. Instead you can use a single command line script to switch between all database environments declared in your /etc/oratab file.

If you have been following along with this article, the required scripts for switching your Oracle database environment is already included (in /usr/local/bin). From the command prompt, simply run the following:

$ . oraenv
ORACLE_SID = [ORA920] ? TESTDB
Notice that in the above example, we didn't just run the oraenv script, but rather, we sourced it by using a dot followed by a space and then the script name oraenv. When sourcing the oraenv script, it will prompt you for the ORACLE_SID, (defined in your /etc/oratab file), you want to switch to. In the above example, if an entry exists for TESTDB, then all required environment variables would be reset to access this database.



About the Author

Jeffrey Hunter graduated from Stanislaus State University in Turlock, California, with a Bachelor's degree in Computer Science. Jeff is an Oracle Certified Professional, Java Development Certified Professional, Author, and currently works as a Senior Database Administrator for The DBA Zone, Inc.. His work includes advanced performance tuning, Java and PL/SQL programming, capacity planning, database security, and physical / logical database design in a UNIX, Linux, and Windows server environment. Jeff's other interests include mathematical encryption theory, programming language processors (compilers and interpreters) in Java and C, LDAP, writing web-based database administration tools, and of course Linux. Jeff has been a Sr. Database Administrator and Software Engineer for over 13 years and maintains his own website site at: http://www.iDevelopment.info.
신고



댓글을 달아 주세요

###리눅스 sendmail 메일서버구축###


centos 4.4 기준으로 테스트하였음.


1. 설치

아래 패키지 없으면 설치함.

[root@msg sasl2]# rpm -qa | grep sendmail
sendmail-cf-8.13.1-3.RHEL4.5
sendmail-8.13.1-3.RHEL4.5


2. 패치된 버전 업그래이드 설치

yum 으로 최신 버전으로 업그레이드 할것.

3. /etc/mail/sendmail.mc 파일 편집

/etc/mail/sendmail.mc 파일을 편집기를 이용해서 열어야 합니다.
44, 45번째 줄의 내용을 편집합니다. 이는 smtp 인증 기능 사용을 위해서입니다. 이 smtp 인증기능을 사용하는 이유는 smtp 프로토콜은 아주 오래전에 만들어진 것입니다. 그 때는 스팸메일을 보내는 사람들도 없었기 때문에 모두 open relay이었습니다. 하지만 시간이 지나면서 이 open relay를 이용해 스패머들이 스팸메일을 뿌리기 시작했습니다. 이를 막기위해 인가된 사용자의 메일만 relay(중계)하는 방법이 필요했고, 이 방법을 smtp 프로토콜 위에 얹은 것 정도로 보시면 됩니다. 이 smpt 인증 방법이전에는 사용자의 ip로 인증하곤 했었습니다.

dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl


위의 내용에서 빨간 부분을 지우시기 바랍니다.
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
위와같이 되죠^^;

85번재 줄을 편집합니다. senmail은 언제부턴가 로컬(서버)에서 보내는 메일만 relay(전달)하였습니다. 하지만, 메일서버로 사용하기 위해서는 이 설정을 지워야 합니다.
DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
아래와 같이 빨간 부분을 적어 넣어 주석 처리 합니다.
dnl DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl


이렇게 하면 sendmail.mc 파일 편집은 끝납니다.

이젠 만들어진 sendmail.mc 파일로 sendmail.cf 파을을 만들어야 합니다.
[root@test mail]# pwd
/etc/mail
[root@test mail]# m4 sendmail.mc > sendmail.cf

/usr/lib/sasl2/Sendmail.conf  --->centos 4.4
pwcheck_method:saslauthd

/etc/init.d/saslauthd start

위와같이 한줄로 sendmail.cf파일은 생성됩니다. 이렇게 생성 하였다면, 반드시 sendmail을 재 시작해야 합니다. sendmail은 시작할 때 환경설정파일(sendmail.cf )을 로드 하기 때문입니다.
[root@test mail]# /etc/rc.d/init.d/sendmail restart
sendmail를 종료하고 있습니다:                              [  확인  ]
sm-client을 종료하고 있습니다:                             [  확인  ]
sendmail (을)를 시작합니다:                                [  확인  ]
sm-client을 시작하고 있습니다:                             [  확인  ]


4. /etc/mail/access 파일 편집
 이 파일을 잘 사용하면 조금의 스팸 필터링을 할 수 있습니다. 하지만 기본 설정만 하도록 하겠습니다.
이 서버에서 사용할 도메인을 다음과 같이 넣어줘야 합니다. 예를 들어 도메인이 0link.co.kr 이라면,
0link.co.kr                    RELAY
이렇게 relay가 가능하게 합니다. 이 설정은 메일을 보낼 때 위 도메인으로 메일을 보내면 relay를 하겠단 설정입니다.
이렇게 설정하고 다음과같이 db를 만둘어 주어야 합니다.
[root@test mail]# makemap hash access < access
이때 주의 하시기 바랍니다. "< " 이렇게 되죠^^:

5. /etc/mail/local-host-names
 이 파일은 쉽게 설명하면 메일을 받을 도메인을 넣어두는 파일입니다.. 예를들어 도메인이 0link.co.kr이라면,
0link.co.kr
위와같이 도메인을 달랑 적어주면 됩니다. 물론 다중 도메인이면 한 도메인에 한줄씩 줄~줄~ 적으면 됩니다.
위 파일설정을 바꾼 다음엔 반드시 sendmail을 재 시작해 줘야합니다.~

6. /etc/mail/virtusertable 파일 이용한 가상 유저 셋팅
sendmail은 기본적으로 시스템(리눅스)의 계정을 사용합니다. 그래서 도메인이 다르다고 하더라도 계정이 이름이 같으면 같은 사람으로 취급합니다. 예를 들면, 셋팅한 서버에 2개의 도메인(0link.co.kr, hyung.co.kr)이 설정되어있다고 가정합니다. 모두 홈페이지를 운영하고 있다면, webmaster@0link.co.krwebmaster@hyung.co.kr 이라는 메일 주소가 존재 할 것입니다. 그렇다면 서버에서 webmaster이라는 계정을 생성한 다음 메일을 받아보면, 위 2 주소로 보낸 메일 모두 webmaster라는 계정으로 들어오게 됩니다. 이런 경우 사용하는 것이 virtusertable입니다.
 webmaster@0link.co.kr 이라는 계정으로 오는 메일은 link 라는 계정으로
 webmaster@hyung.co.kr 으로 오는 메일은 hyung 라는 계정으로 받아보게 설정하는 것입니다.

webmaster@0link.co.kr             link
webmaster@hyung.co.kr           hyung
위와같이 설정하면 가능합니다.
(주의) 메일 계정과 linux 계정 사이에는 키로 띄워 주시기 바랍니다. 그렇게 하지 않으면 인식하지 못합니다.

이렇게 설정하고 다음과같이 db를 만둘어 주어야 합니다.
[root@test mail]# makemap hash virtusertable < virtusertable
이때 주의 하시기 바랍니다. "< " 이렇게 되죠^^:


테스트

[root@oops mail]# php -r 'echo base64_encode("user")."\n";'
dXNlcg==

[root@oops mail]# php -r 'echo base64_encode("password")."\n";'
cGFzc3dvcmQ=

[root@oops mail]# telnet localhost 25

Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 work.oops.org ESMTP Sendmail 8.12.9/8.12.9; Sat, 23 Aug 2003 01:27:54 +0900
AUTH LOGIN
334 VXNlcm5hbWU6
dXNlcg==
334 UGFzc3dvcmQ6
cGFzc3dvcmQ=
235 2.0.0 OK Authenticated
quit
221 2.0.0 work.oops.org closing connection
Connection closed by foreign host.


7. pop3 서버 설치

qpopper4.0.8.tar.gz

./configure --enable-specialauth --enable-servermode --enable-shy
make
make install

cp popper/popper /usr/local/lib

vi /etc/xinetd.d/pop3

service pop3
{
       disable         = no
       socket_type     = stream
       wait            = no
       user            = root
       server          = /usr/local/lib/popper
       log_on_success += HOST DURATION
       log_on_failure += HOST
}

vi /etc/hosts.allow

popper:ALL ---> 추가


xinetd를 재 시작해야 합니다.
[root@test mail]# /etc/rc.d/init.d/xinetd restart
xinetd 를 정지함:                                          [  확인  ]
xinetd (을)를 시작합니다:                                  [  확인  ]

모두들 아실 것이라고 믿고 outlook설정은 설명하지 않겠습니다. 단지 설정하시고,
도구 -> 계정 -> 속성 -> 서버 -> 인증필요(채크) -> 적용
위와같이 설정하시기 바랍니다.(smtp 인증법)

8. 서버 데몬 확인 및 서비스 확인
 이렇게 설치 하셨다면, 간단한 메일 서버는 셋팅은 끝입니다.  이제 서비스를 확인해야 합니다.
[root@test mail]# netstat -an | grep LISTEN
tcp        0      0 0.0.0.0:1024            0.0.0.0:*               LISTEN     
tcp        0      0 127.0.0.1:1029          0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:110             0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN     

현재 열려있는 포트입니다. 다른 것들은 서비스에 따라 다를 수 있으니 신경쓰지 마시구요, 110 포트(pop3),
25번 포트(smtp 그러니까 sendmail)입니다. 위와같아야 합니다.

9. 메일큐 내용 확인하기
 홈페이지 운영하다 메일링 리스트에서 메일을 보내게 되면, 정상적인 메일주소로는 메일이 가지만, 정상적인 메일주소가 아닌 경우 가지도 않고 메일큐(/var/spool/mqueue)에 쌓여서 서버의 부하를 주는 경우가 있습니다.. sendmail은 기본설치된 것이 1시간마다 메일큐를 비우게 되어 있고, 한 번 보낸 메일은 7일동안 메일을 보내려고 시도하게 됩니다.. 메일큐에 보내지 못한 메일이 많으면 서버에 부하만 늘어납니다.  이런 경우 mailq라는 명령어로 큐 내용을 확인하여 지워줘야 합니다..
[root@test root]# mailq
/var/spool/mqueue is empty
               Total requests: 0
위와 같은 경우 메일큐가 비어있는 상태입니다.
큐를 지우는 방법은
[root@test root]# rm -rf /var/spool/mqueue/*
이렇게 해서 메일큐를 비울 수 있습니다.. 모두 지웠다면 반드시 sendmail을 재시작 해 주기 바랍니다.

10. 도메인 셋팅 스크립트
 서버를 많이 관리하다보면 파일 하나 하나 열어서 셋팅하는 일이 귀찮고도 시간이 많이 걸립니다. 항상 스크립트를 작성해두고 설정하는 것이 실수를 줄이고, 작업 시간도 줄일 수 있습니다. 다음과 같이 간단 한 스크립트를 작성해서 저장합니다.

파일을 만들어서 위 내용을 붙여 넣은 다음에 실행 권한을 줍니다. 그리구 아래와같이 실행하면,
[root@test root]# ./mailsetup.sh
간단한 메일 셋팅 프로그램 by doly엣superuser.co.kr

############ 사용법 ##############
./mailsetup.sh 아이디 도메인

위와같이 실행시키면 간단한 사용법이 나옵니다.

[root@test root]# ./mailsetup.sh doly 0link.co.kr
간단하 메일 셋팅 프로그램 by doly엣superuser.co.kr
webmaster@0link.co.kr 으로 들어오는 메일은 doly@0link.co.kr 메일계정으로 받습니다.
1. db 생성중..
2. 센드메일 재 시작중
sendmail를 종료하고 있습니다:                              [  확인  ]
sm-client을 종료하고 있습니다:                             [  확인  ]
sendmail (을)를 시작합니다:                                [  확인  ]
sm-client을 시작하고 있습니다:                             [  확인  ]


위와같이 id : doly , 0link.co.kr으로 입력하면 위와같이 자동 셋팅됩니다.
/etc/mail/access 파일, /etc/mail/local-host-names, /etc/mail/virtusertable 파일이 변경되고, db 갱신되며, sendmail 재시작 됩니다.

11. 마치며..


2004.08.26 Fedora Core 2에서 smtp 인증기능 : /etc/rc.d/init.d/saslauthd 데몬을 띄워야 합니다.


신고



댓글을 달아 주세요

sendmail 설정

OS/Linux 2008.08.13 16:48 |

우선 패키지가 있는지를 확인한다

# rpm -qa | grep sendmail

sendmail은 이멜을 보내고 받기위한 패키지이다.


sendmail-debuginfo-8.12.10-1
sendmail-doc-8.12.10-1
sendmail-cf-8.12.10-1
sendmail-devel-8.12.10-1
sendmail-8.12.10-1


# rpm -qa | grep imap

imap은 클라이언트로 이멜을 받기 위한 패키지 이다.


imap-2001a-18
imap-devel-2001a-18


난 이렇게 깔려 있다. 버전은 상관없다 다만 저 패키지들이 있지는지만 신경을 써라.ㅎㅎ

저 패키지가 저렇게 깔려 있다면 /etc/mail 을 보면 여러 파일들이 있다.

이중 우리가 건드려야 하는 파일은 사실 몇개 안된다.

ㅎㅎ


local-host-names

sendmail.cf

sendmail.mc

virtusertable


이것만 건들면 된다.

다른건 건들지 마라 ㅋㅋ


local-host-names - 자기가 서버 명을 넣으면 된다. 그 서버명으로 파일을 보내게 된다


anyons.net


그냥쓰고 나가면 된다.


sendmail.mc & sendmail.cf

mc파일을 건들면 cf가 생성이 된다. 이건 좀 복잡하다. 요즘은 이멜을 스펨으로 보내는 사람들때문에 당하지 않으려면 relay를 막고 인증받은 사람만 이멜을 보내게 해야 한다.


TRUST_AUTH_MECH 와 define(`confAUTH_MECHANISMS' 로 시작하는 라인을 찾아서 아래와 같이 수정한다.


TRUST_AUTH_MECH(`LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl
define(`confAUTH_MECHANISMS', `LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl


위와 같은 내용을 쓰고 다음의 명령을 하면된다.


# m4 ./sendmail.mc > ./sendmail.cf


virtusertable - 자기가 서버 명을 넣으면 된다.

서버에 계정이 없는 이메일 계정을 사용할때 쓴다. 아래의 경우는 webmaster@anyons.net으로 오는 메일을 thedragon이라는 계정을 가진사람에게 보내게 한다.


webmaster@anyons.net         thedragon


위와 같은 내용을 쓰고 다음의 명령을 하면 된다.


# makemap hash /etc/mail/virtusertable < /etc/mail/virtusertable



다 고쳤으면 sendmail을 다시 시작한다.

# /etc/rc.d/init.d/sendmail restart

신고



댓글을 달아 주세요

*로그를 보내는 서버  (HP-UX)
 
#vi /etc/syslog.conf
 *.debug;mail.none       @krcipf1.kor.hp.com
 
 [root@krctst1:/] /sbin/init.d/syslogd stop
syslogd stopped
[root@krctst1:/] /sbin/init.d/syslogd start
System message logger started
 
 
 
* 디버깅 메세지를 받는쪽,(Linux서버)


1) -r 옵션 으로 syslogd 실행하기


/etc/sysconfig/syslog 파일을 열어 다음과 같이 -r 옵션을 주어 syslogd 실행되도록 합니다.

SYSLOGD_OPTIONS="-m 0 -r"


2) /etc/syslog.conf 확인, 주석제거 및 로그저장될 파일 명시(/var/log/messages)

debug.*       /var/log/hpux.log


3) syslog 재실행

$ service syslog restart

신고



댓글을 달아 주세요

sendmail 설정하기

OS/Linux 2008.06.25 22:52 |

내가 갖고 있는 도메인(firstdedicated.co.kr)으로 내가 소유한 서버에서 메일을 보내고 받을 수 있게 설정해 보자.
제일먼저 확인해야 할 것은 도메인이 사용하는 네임서버의 zone 파일에서 mx 레코드가 내 서버의 ip로 연결되어 있어야 한다.

firstdedicated.co.kr 도메인의 MX레코드가 아래와 같이 설정 되어있다.

                 MX      10 mail
 mail            A       192.168.0.16

그럼 이제부터 192.168.0.16의 서버에서 xxx@firstdedicated.co.kr의 주소로 들어오는 메일을 받을수 있게 설정해 보자.

* 받는 메일서버 설정

메일을 받기 위해서는 우선 pop3 데몬이 떠 있어야 한다. xinetd.d 디렉토리내에 ipop3d 를 사용한다면 별 어려움 없이 pop3데몬을 띄울수 있다.
기본적으로 제공되는 ipop3 데몬을 띄우기 위해서 /etc/xinetd.d/ipop3d 파일을 편집기로 열고 disable = yes 부분만 disable = no로 변경시키고 xinetd 데몬을 리스타트 하면 된다.

1. /etc/xinetd.d/ipop3d 파일 수정.

[root@localhost root]# cat /etc/xinetd.d/ipop3d
service pop3
{
        disable = no
        socket_type     = stream
        wait    = no
        user    = root
        server  = /usr/sbin/ipop3d
        log_on_success  += USERID
        log_on_failure  += USERID
}

2. xinetd 데몬 리스타트

[root@localhost root]# /etc/rc.d/init.d/xinetd restart
Stopping xinetd:                                           [  OK  ]
Starting xinetd:                                           [  OK  ]

3. 110번 포트 확인

[root@localhost root]# netstat -nat | grep LISTEN | grep 110
tcp        0      0 0.0.0.0:110            0.0.0.0:*               LISTEN

4. /etc/mail/local-host-names 파일에 메일을 사용할 도메인 추가한 후 sendmail 데몬 리스타트

[root@localhost root]# cat /etc/mail/local-host-names
firstdedicated.co.kr
[root@localhost root]# /etc/rc.d/init.d/sendmail restart
Shutting down sendmail:                                    [  OK  ]
Shutting down sm-client:                                   [  OK  ]
Starting sendmail:                                         [  OK  ]
Starting sm-client:                                        [  OK  ]

이상의 설정만 하면 메일을 받을수 있게 된다. useradd명령으로 계정을 추가하고 메일을 사용하면 된다.


* 보내는 메일서버 설정

위의 설정은 메일을 받기만 할수 있도록 설정한 것이다.
내 서버(192.168.0.16) 에서 메일을 보낼수 있도록 설정을 하는것 역시 별 어려움 없이 할수 있다.
sendmail 설정파일(/etc/sendmail.cf)에는 기본적으로 smtp가 닫혀 있도록 설정이 되어 있다.
smtp를 열어놓기 위해서는 sendmail.cf 파일에서 한줄만 수정하면 된다.

1. sendmail.cf 수정

sendmail.cf 파일에서 아래부분을 찾아 주석(#)을 제거하고 sendmail을 리스타트 하면 smtp가 열리게 된다. 그런데 아래에서 주석만 제거할 경우는 localhost, 즉 서버내에서만 mail command로 메일을 발송할수 있고 원격에서 아웃룩 등으로 연결해서 사용할수가 없게 된다. 아웃룩 등으로 서버에 접속해서 메일을 보낼수 있게 설정하려면 Addr=127.0.0.1 부분을 삭제 하면 된다.

#O DaemonPortOptions=Port=smtp,Addr=127.0.0.1, Name=MTA
--->  O DaemonPortOptions=Port=smtp, Name=MTA  (수정)

2. sendmail 리스타트

[root@localhost root]# /etc/rc.d/init.d/sendmail restart
Shutting down sendmail:                                    [  OK  ]
Shutting down sm-client:                                   [  OK  ]
Starting sendmail:                                         [  OK  ]
Starting sm-client:                                        [  OK  ]

"Addr=127.0.0.1"을 삭제하지 않고 localhost만 smtp가 열렸을때는 아래와 같이 127.0.0.1의 주소에 대해서만 LISTEN 된다.
[root@localhost mail]# netstat -nat | grep LISTEN | grep 25
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN

"Addr=127.0.0.1"을 삭제하여 smtp가 완전히 열렸을때는 아래와 같이 모든주소(0.0.0.0)에 대해서 LISTEN 된다.
[root@localhost mail]# netstat -nat | grep LISTEN | grep 25
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN

위와 같이 smtp가 완전히 허용된 경우, 아웃룩등의 메일 클라이언트 프로그램을 이용해서 메일을 발송할 수 있게 된다.
그런데 위와 같이 smtp를 열어놓을 경우는 어디에서나 smtp를 이용할수 있게 되기 때문에 spam 메일이 릴레이가 될 가능성이 높다.
spam 릴레이를 방지하기 위해서 서버내에 존재하는 계정으로 인증을 거쳐서 메일을 발송하도록, auth-smtp설정을 하면 된다.
이 또한 간단하게 수정이 가능하다.
sendmail.cf 파일에서 MD5 가 들어가는줄을 찾아서 주석을 제거해 주면 서버내에 존재하는 계정으로 인증을 거쳐야만 메일을 발송할 수 있도록 설정된다.

3. auth-smtp 설정

#O AuthMechanisms=GSSAPI KERBEROS_V4 DIGEST-MD5 CRAM-MD5
---> O AuthMechanisms=GSSAPI KERBEROS_V4 DIGEST-MD5 CRAM-MD5

sendmail.cf를 수정했을 경우는 반드시 sendmail 데몬을 리스타트 해야 적용되게 된다. 마찬가지로, auth-smtp 설정을 했을때도 sendmail데몬을 리스타트 하면 적용되게 된다.
auth-smtp를 설정한 경우는 아웃룩을 사용할때, 보내는 서버의 "인증 필요" 부분을 체크하고 사용하면 된다.



* 보내는 메일 서버 설정시 sendmail.cf 파일을 수정하지 않고 /etc/mail/sendmail.mc 파일을 이용해서 sendmail.cf 파일을 새로 생성해서 사용할 수도 있다.  sendmail.cf 파일을 수정해서 sendmail을 재 구동했을때, 정상적으로 동작하지 않는다면 아래의 방법을 이용해 보기 바란다.

/etc/sendmail.cf 파일을 /etc/sendmail.cf.old로 변경해 놓고 작업을 시작한다.

1. /etc/mail/sendmail.mc에서 아래와 같이 수정한다.

  - auth-smtp 설정부분

 dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
 -> TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl    (앞의 dnl 삭제)

 dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
 -> define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl   (앞의 dnl 삭제)

 - mail 릴레이 설정 부분

 dnl # DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
 -> DAEMON_OPTIONS(`Port=smtp,Addr=0.0.0.0, Name=MTA')dnl      (주석 제거 및 Addr 부분 수정)


2. m4 명령으로 sendmail.cf 파일 다시 생성한다.

[root@localhost root]# m4 /etc/mail/sendmail.mc > /etc/sendmail.cf

3. sendmail 리스타트

[root@localhost root]# /etc/rc.d/init.d/sendmail restart
Shutting down sendmail:                                    [  OK  ]
Shutting down sm-client:                                   [  OK  ]
Starting sendmail:                                         [  OK  ]
Starting sm-client:                                        [  OK  ]

마지막으로 auth-smtp 설정을 했을때 saslauthd 데몬이 떠 있는지를 확인해 보아야 한다.
saslauthd 데몬이 떠 있지 않으면, SMTP 인증이 되지 않아 계속 인증 확인창이 뜨게된다.
ntsysv 명령을 실행시켜 saslauthd 항목을 찾아 자동시작 데몬으로 체크하고 saslauthd 데몬을 띄우면, 모든 작업이 완료되게 된다.
 


 

신고



댓글을 달아 주세요

Bonding for Linux

OS/Linux 2008.06.25 22:51 |

1. Bonding 이란?

 여러장의 이더넷 카드를 묶어 하나의 ip를 부여하여 그만큼 대역폭을 확보하는 방법 입니다. 물론 케이블 불량을 대비한 고장대비 방법이라고도 볼  수 있습니다.


- 개인적인 생각에서는 케이블 불량을 대비한 고장대비보다는 100메가 포트 2개를 이용한 높은

  대역폭을 얻기 위해서 본딩 구성을 하는 것이 아닐까라는 생각이 든다.



2. 준비운동.

 랜카드 2장 (난 100M 짜리 2장을 준비했습니다.. )

 커널에서 : Network device support 에서 Bonding driver support 가 채크되어야 합니다..(RedHat은 기본)


- redhat 계열이나, fedora core계열에서 kernel update에서 bonding 구성을 할 수 있다.


3. /etc/sysconfig/network 파일

echo 'NETWORKING=yes

HOSTNAME=fileserver

GATEWAY=192.168.0.1

GATEDEV=bond0

'>/etc/sysconfig/network



위와같이 그대로 입력하면 설정이 바뀝니다. 물론. 중간에"HOSTNAME=호스트이름" 으로 변경하시기 바랍니다. 그리고 "GATEWAY=게이트웨이아이피" 로설정하시기 바랍니다.

4.bond0 설정

echo 'DEVICE=bond0

ONBOOT=yes

BOOTPROTO=static

IPADDR=192.168.0.100

NETMASK=255.255.255.0

NETWORK=192.168.0.0

' >/etc/sysconfig/network-scripts/bond0

 이 부분은 서버의 ip를 셋팅합니다. "IPADDR=서버아이피"를 설정하시고, "NETWORK=네트웍아이피"를 설정하시기 바랍니다.

5. ifcfg-ethXX 설정

echo 'DEVICE=eth0

ONBOOT=yes

USERCTL=no

MASTER=bond0

SLAVE=yes

BOOTPROTO=none

'> /etc/sysconfig/network-scripts/ifcfg-eth0

이 부분은 묶일 물리적 장치를 정합니다. eth0 는 첫번째 랜카드입니다. 위와같이 설정합니다.

echo 'DEVICE=eth1

ONBOOT=yes

USERCTL=no

MASTER=bond0

SLAVE=yes

BOOTPROTO=none

'> /etc/sysconfig/network-scripts/ifcfg-eth1

eth1번 은 2번째 랜카드이며 위와같이 설정합니다.



강좌에서 사용된 이더넷카드는 2개 입니다. 하지만, 그 이상을 사용하시려면, 계속 추가 한 다음, eth2, eth3 계속 설정해 주면 끝납니다. 위와같이.

6. 모듈로 binding driver 을 올렸다면, eth0와 eth1 전에 모듈을 올려야 합니다..

alias bond0 bonding

alias eth0 8139too

alias eth1 8139too

  커널 2.4.XX 에서

 /etc/modules.conf

- 그런다음 insmod 로 모듈을 올려 준다.

insmod bonding

  커널 2.6.XX

 /etc/modprobe.conf

modprobe bonding

## 위와같이 모듈을 인식시켜 줍니다.

ifconfig eth0 up 0.0.0.0

 ifconfig eth1 up 0.0.0.0

## 위 방법은 안될때 하는 방법입니다. (생략했을때 문제 생기면 하시기 바랍니다.)



 ifenslave bond0 eth0

 ifenslave bond0 eth1

위왁같은 명령으로 bond0에 eth0와 eth1을 슬레이브로 등록시킵니다.

7. network 스크립트 재 시작.꼭 로컬에서


 

신고



댓글을 달아 주세요

리눅스 환경에서 PRO*C ( oracle pre compiler ) 설치 및 설정 방법에 대한 팁입니다.

설치하느라 몇시간 동안 인터넷 이곳 저곳을 찾아다니고, 설치후에도 에러 때문에 고생을 많이 했습니다.


oracle precompiler 를 설치하기 위해서는 기본적으로 오라클 클라이언트가 필요합니다. 오라클 클라이언트는 oracle enterprise 버전에 포함되어 있는 프로그램으로 universal Installer를 실행시키면 설치 옵션에서 선택하여 설치 할 수 있습니다.

리눅스는 윈도우용과 달리 사용하고자 하는 시스템에 오라클 클라이언트를 직접 설치 할 필요는 없고, 다른 시스템에 설치 되어 있는 오라클 클라이언트 프로그램을 복사해서 디렉토리를 생성해준 후에 설정파일만 수정 해주면 precompiler 를 사용할 수 있습니다.


1. oracle client를 설치 하거나 설치되어 있는 oracle client 디렉토리를 그대로 복사한다.

 : 디렉토리를 복사해준 다음에는 사용자 계정의 .bash_profile 파일에 오라클 홈디렉토리와 같은 설정을 해주어야 합니다.


### sample ###


umask 022
export ORACLE_TERM=vt100
export LD_ASSUME_KERNEL=2.2.5
export ORACLE_BASE=/home/oracle
export ORACLE_HOME=$ORACLE_BASE/product/8.1.7
export ORACLE_OWNER=oracle
export ORACLE_SID=ORA817
export TMP_DIR=$ORACLE_BASE/tmp
export PATH=.:$ORACLE_HOME/bin:/usr/local/java/bin:$PATH
export TNS_ADMIN=$ORACLE_HOME/network/admin
export NLS_LANG=American_America.KO16KSC5601
export ORA_NL33=$ORACLE_HOME/ocommon/nls/admin/data
export LD_LIBRARY_PATH=$ORACLE_HOME/lib:$LD_LIBRARY_PATH
export LANG=C



2. $ORACLE_HOME/network/admin/tnsnames.ora 파일에서 접속하려고 하는 오라클 DB 서버의 서비스를 설정(디렉토리를 복사 했을 경우)

 : 접속을 원하는 원격 오라클 서버에 대한 정보를 기입해 줍니다.


3. $ORACLE_HOME/precomp/admin/pcscfg.cfg 파일 설정(최초 설치시 비어있음)

 : 이 설정 파일은 오라클 클라이언트를 최초 설치 했을때 비어 있는 파일에 추가 해주어야 하는 내용입니다. 간단한 설명을 하자면 CODE=cpp 일 경우 pc파일(PRO*C 소스파일) 을 컴파일 하였을 때 생성되는 소스파일을 cpp파일로 하겠다는 의미이며, SYS_INCLUDE 와 INCLUDE 는 precompiler 를 위한 헤더파일이 있는 위치를 의미합니다. 기본적으로 아래와 같이 설정합니다.


### sample 1 ###

CODE=cpp

SYS_INCLUDE=($ORACLE_HOME/precomp/syshdr, /usr/include)

INCLUDE=$ORACLE_HOME/precomp/public

CPP_SUFFIX=cpp

DBMS=v8


### sample 2 ###

CODE=cpp
SYS_INCLUDE=($ORACLE_HOME/precomp/syshdr, /usr/include, /home/spike/TBS/include, /home/spike/TBS/TTS_daemon_seoul/include, /        usr/include/g++-3)

INCLUDE=$ORACLE_HOME/precomp/public
CPP_SUFFIX=cpp
DBMS=v8


두번째 샘플은 SYS_INCLUDE 에 path가 몇개 추가 되었는데 사용자의 프로그램 소스에 포함될 헤더파일의 경로와 특정 헤더 파일이 없다는 에러가 나오면 전체 디렉토리에서 해당 헤더 파일의 경로를 찾아서 추가 해야 합니다.

설치할때 stddef.h 나 stdarg.h 파일을 찾을 수 없다는 에러가 가장 많이 발생 하게 되죠...


해당 헤더 파일을 찾았지만 존재하지 않을 경우에는  gcc 를 2.9 이상의 버전으로 설치합니다.


다음과 같이 mySource.pc 파일을 컴파일 하면

spike@localhost>precomp mySource.pc

mySource.cpp 파일과 같은 C파일이 생성되며


컴파일이 끝나고,

오브젝트 파일 링크시

정의되지 않은 sqlctx( … ) 에러가 나올 경우

g++ -o filename.o -L$ORACLE_HOME/lib -lclntsh

와 같이 makefile 에 라이브러리 경로 옵션을 설정 하면 됩니다~~~

신고



댓글을 달아 주세요

----------------------------------------------------------

NFS server 구축

    1) NFS server 설정

    2) NFS client 설정

----------------------------------------------------------


1) NFS server 설정


NFS는 Network File System의 약어로 썬마이크로 systems에서 개발한 network상에서 file system을 공유하도록 설계된 file system의 한 종류이다. 다른 host에 있는 file system의 일부를 자신의 directory인 것처럼 사용할 수 있도록 해주는 것이 NFS(Network File System)이다. 즉, network상에 disk를 한 server 에서 집중 관리하고 나머지 system들은 그것을 공유하여 사용할 수 있게 해주는 것이다. 하지만 보안상의 문제로 인해 NFS server의 사용을 점점 제한해 가는 추세이다. NFS 설정은 file system을 share 하는 server의 설정과 server의 file system을 mount 해가는 client 설정으로 나누어 볼 수 있다.

레드햇 기반의 linux 배포판을 사용하는 경우 NFS server가 이미 설치되어 있다.


NFS service 데몬 프로세스들

   1. rpc.mountd  : NFS client가 mount를 요청하면 이 데몬 프로세스가 /etc/exports 파일 설정에 따라 mount 요청을 처리한다.

   2. rpc.nfsd : rpc.mountd에 의해 mount된 directory에 대해 읽고, 쓰는 작업들을 처리해주는 데몬 프로세스이다.

   3. rpc.rquotad : NFS file system을 mount한 local 사용자에 대해 quota를 처리한다.

   4. rpc.lockd : file잠금을 통해 여러 사용자가 한 파일을 수정하는 것을 방지한다.

   5. rpc.statd : rpc.lockd와 함께 사용되며 파일 잠금의 해제와 복구를 담당한다.


/etc/exports 파일설정예제

share-directory client1(options,,,) clients(options,,,)

share-directory : 공유할 directory명

client1 : share directory에 접근할 수 있도록 허용된 호스트들

options : 접근 권한 설정

             ro : client는 share directory에 대해 읽기만 가능하다.

             rw : client는 share directory에 대해 읽기/쓰기가 가능하다.

             no_root_squash : client의 root는 server의 root와 같은 권한을 가진다.

             no_subtree_check : 공유된 directory내에 있는 서브 directory들을 공유에서 제외시키는 경우 설정.


[root@apple /]# cat /etc/exports

/home/user01    *.gcc.go.kr(ro)

/export/ftp/pub   192.168.1.1/255.255.255.0(ro)

/                       banana(rw),kiwi(rw,no_root_squash)


NFS server 데몬 구동

#/etc/init.d/portmap start

#/etc/init.d/nfs start


#exportfs -v

현재 kernel에서 알고 있는 export list를 출력한다.

#exportfs -ar

/etc/export 파일이 kernel에 적용되도록 한다.

#nfsstat

NFS 상태 정보를 출력한다.


2) NFS client 설정


server 에서 공유하도록 설정되어 있는 directory를 자신의 directory에 mount한다.

mount는 root가 직접 작업할 수도 있고 system booting 시 자동으로 mount하도록 설정할 수도 있다. NFS client 데몬은 nfsd이다.


#/etc/init.d/nfslock start


수동으로 server의 file system을 mount하는 명령

[root@apple /]# mount -t nfs NFS-서버:/export/ftp/pub /usr/local/pub


mount실행시 사용할 수 있는 option들

-o timeo=10 : NFS server와 연결이 끊어진 경우 timeo에서 지정한시간(1/10초단위) 기다렸다가 경고 message를 발생

-o rsize=1024 wsize=1024 : 읽고/쓰기 버퍼의 크기를 설정한다. (1024KB=1M)

-o soft : remote mount를 실행할 때 성공하지 못하면 timeo까지만 retry 후 error message를 발생하고 종료

-o hard : remote mount 가 성공할 때 까지 무한 재시도한다.(default값이다.)

-o bg : 첫번째 mount 시도가 실패인 경우 back ground로 계속 mount를 재시도 한다.


system booting 시 자동으로 server의 file system을 mount하도록 설정

[root@apple /]# cat /etc/fstab

NFS-서버:/export/ftp/pub /usr/local/pub nfs defaults


 

신고



댓글을 달아 주세요

NFS 설정

OS/Linux 2008.06.25 22:47 |

4.1 NFS란?

Network File System (NFS)은 썬 마이크로 시스템(SUN)에서 네트워크를 통해 파일을 공유할 수 있도록 만든 프로토콜 이다. NFS는 하드웨어, 운영체제 또는 네트워크 구조가 달라도 파일을 공유 할 수 있도록 고안되었다. 파일 공유등을 비롯해 다른 부가 기능을 제공한다. 하지만 공유된 파일들에 대한 보안 문제가 생길 수도 있다. 사용하는 프로토콜은 Network Lock Manager (NLM)과 Network Status Monitor (NSM)이다.

기능상 삼바와 비슷하지만 가장 큰 차이는 커널에서 NFS를 지원한다는 점이다.

NFS는 리눅스머신에서 윈도우 파티션을 마운트하여 사용하듯 NFS서버의 특정 디렉토리를 클라이언트에서 마운트하여 자신의 영역인것처럼 사용한다.

그러나 위와 같은 편리한 점에도 불구하고 보안상 많은 취약점을 드러내고 있다. 가장 단적인 예로 클라이언트인양 속여서 서버에 접속하게 되면 특정 디렉토리를 마음대로 조작할 수 있는 단점이 있다.

NFS는 스토리지가 고가였던 시절 디스크가 없는 시스템을 지원하기 위하여 개발되었으나 스토리지 및 컴퓨터의 성능이 좋아지면서 파일 공유 및 파일 서버를 위한 방법으로 사용되고 있다.

 

4.2 NFS 선행조건

기본적으로 커널에서 지원을 해주어야 한다. 물론 최근에 나오는 리눅스 배포판들은 이미 지원이 되고 있으므로, 아무런 걱정없이 NFS를 사용할 수 있다.

portmap 설치역시 NFS를 사용하기 위해서 필수적인 프로그램이다. portmap은 포트요청이 있을 때 새로운 포트를 할당해주고 맵핑해주는 역할을 하게 된다. 즉, NFS에 접근한 시스템이 있으면 NFS 포트에서는 인증을 하고 파일을 주고 받는 포트는 새로운 포트를 할당을 하게 되는 것이다.

NFS는 웹서버나 FTP 서버와는 다르게 데몬 프로세스가 특정 네트워크 포트를 점유하면서 동작하여 접속을 대기하고 있는 것이 아니라 portmapper 라는 프로그램을 이용해서 네트워크 포트를 할당 받는다. portmapper는 111번 포트를 점유하면서 데몬 상태로 대기하고 있다가 NFS 서비스를 요구하는 접속이 들어오면 nfsd(또는 rpc.nfsd)에게 포트 번호를 바꾸어 접속을 연결시켜 준다.

 

4.3 NFS서버 구성

다음은 서버의 구성을 그림으로 나타내어 보면 다음과 같다.

 구분

 

서버

 

클라이언트

호스트명

mmx

ns

용도

NFS 서버

NFS 클라이언트

공유 디렉토리

/data

/nfs

Ip

192.168.0.2

192.168.0.4

mmx에서는 data라는 디렉토리를 공유시키고, ns에서는 nfs라는 이름으로 data 디렉토리를 마운트시킬 것이다. 그러면, 다음과 같은 구성을 하는데 있어 필요한 사항들에 대해 알아보도록 하자. 현재 mmx의 data 디렉토리에는 다음과 같은 파일이 있으며, /etc/exports에는 해당 디렉토리를 서비스하도록 설정되어 있다.

 

ex) [root@mmx /] cat /etc/exports

     

     /data 192.168.0.*(rw)

 



 

 

4.3.1 mountd

클라이언트로부터의 마운트 요청을 처리하는 데몬으로 /etc/exports의 내용을 읽어 어떤 호스트에게 마운트를 허가하고 어떤 제한을 주어야 하는지 판단하게 된다.

  [root@mmx /etc]# cat exports

/data 192.168.0.*(rw)

[root@mmx /etc]#    

exports파일은 마운트될 디렉토리와 허가 대상, 제한을 명시하며 또한 NFS클라이언트는 서버의 exports파일을 사용하기 이전에 명확하게 허가된 파일 또는 디렉토리를 마운트 해야 한다. 서버에서는 마운트를 허가해주기 이전에 인증을 거쳐 올바른 사용자인지를 판단하며 이를 masic cookie라고 합니다.

리눅스는 BSD와 비슷한 동작을 취하게 되는데, 그 동작은 mountd는 클라이언트의 요청이 있으면 /etc/exports의 내용을 읽어 호스트에 접속을 허가하고 디렉토리에 제한을 두게 되는 것이다.


 

4.3.2 /etc/exports의 설정

exports의 설정은 라인단위로 처리하게 됩니다. 즉 하나의 라인이 하나의 디렉토리 공유를 표시하게 됩니다. 다음은 각 필드별 설명이다.

첫 번째 필드 : 제공할 디렉토리의 절대 경로입니다. 위의 예제에서는 /data가 된다.

두 번째 필드 : 허가할 사용자 목록(속성)으로 위의 예제에서는 192.168.0.에 속해 있는 모든 호스트에게 허용하게 된다.

 

허가할 사용자 목록 형식은 다음과 같습니다.

호스트 네임 형식 : mmx ns2

도메인 네임 형식 : *.zero.com

주소 형식 : 192.168.1.*

 

마지막으로 ()에 묶여있는 속성이다.
속성에는 다양한 설정을 부여할 수 있으며, 보안에 매우 민감한 사항이므로 항상 유의하여야 한다.

 성

 능

Ro

읽기전용

Rw

읽기 / 쓰기 가능

Root=n

n으로 표시된 계정의 UID를 루트권한으로 사용 가능하게 한다.

Insecure

이 머신에서 인증 받지 않은 억세스를 허용한다.

Unix-rpc

이 머신에서 UNIX-도메인 RPC 인증절차를 요구한다. 이것은 단순히 예약된 인터넷 포트에서 일어나는 request를 필요로한다. (즉, 포트번호는 1024 아래여야 한다.) 이 옵션은 디폴트로 켜져있다.

secure-rpc

이 머신에서 secure RPC 인증절차를 요구한다. 이것은 아직 수행되지 않는다. Secure RPC에 관한 Sun의 문서를 보라.

Kerberos

이 머신에서의 억세스에 kerberos 인증절차를 요구한다. 이것 역시 아직 수행되지 않는다. Kerberos 인증 시스템에 관한 MIT의 문서를 보라.

root_squash

이것은 클라이언트 호스트의 uid 0에서의 request를 서버의 uid 65534(-2)로 매핑함으로써, 지정된 호스트의 슈퍼 유저의 억세스를 거부하는 보안기능이다. uid 65534는 유저 nobody의 것이다.

no_root_squash

uid 0으로부터의 request를 매핑하지 않는다. 이것은 디폴트로 켜져있다.

link_relative

절대 심볼릭 링크(링크의 내용이 슬래쉬로 시작하는)를, 링크를 포함하는 디렉토리에서 서버의 루트 디렉토리까지 필요한 수 만큼의 ../를 앞에 붙여 상대 링크로 변환한다. 이 옵션은 오직 호스트의 전체 파일 시스템을 마운트 할 때만 쓸만한 것이지, 그렇지 않을 경우 어떤 링크는 어느 곳도 지시하지 않을 수 있고, 심하면 가리키려 의도하지 않던 파일을 지시하는 수도 있다. 이 옵션은 디폴트로 켜져있다.

link_absolute

모든 심볼릭 링크를 그대로 놔둔다. (Sun에서 제공하는 NFS 서버에선 보통의 동작방식이다).

map_identity map_identity

클라이언트가 서버와 동일한 uid와 gid를 사용한다고 가정하라고 서버에게 말해준다. 이 옵션은 디폴트로 켜져 있다.

map_daemon

이 옵션은 NFS 서버에게 클라이언트와 서버가 동일한 uid/gid를 공유하지 않음을 가정하라고 말한다. 그러면 nfsd는 클라이언트의 ugidd 데몬에 쿼리하여 클라이언트와 서버간의 id를 매핑한 목록을 생성한다.

위의 예제에서는 (ro)속성만을 주었다.

여기까지 했다면, NFS서버에 해당 사항을 전달해주어야 한다.
그러한 명령어가 exportfs이며 반드시 실행해 주어야만 NFS가 제대로 동작한다.

만약 exports에 공유에 관한 설정이 존재하지 않느다면 NFS데몬은 정상적으로 설치되어있어도 동작하지 않는다.

리고 확실하게 하기 위해 NFS데몬을 재기동 한다.

 

ex) [root@mmx /root]# exportfs

/data                     192.168.0.*

[root@mmx /root]# /etc/rc.d/init.d/nfs restart 

done.rting NFS services: rpc.mountd                     [OK]

 

4.4 NFS 테스트

NFS테스트는 자기자신을 마운트해봄으로써 확인할 수 있다.

mount명령을 통해 마운트를 하였을 때 아무런 메시지가 표시되지 않는다면 성공한 것이다.

명령은 다음과 같다.

# mount   -t   nfs   호스트명(혹은 ip):/공유디렉토리  /마운트포인트

 

ex) [root@nmx /root]# mount -t nfs 192.168.0.0:/data  /root/nfs

 

일반적으로 성공하지 못하는 경우는 nfs에 관련된 데몬(portmap, nfsd, mountd)에 문제가 발생하였다고 볼 수 있다. 이 경우에는 각 데몬들이 제대로 동작하는지 먼저 체크해 보아야 합니다.

 

4.5 NFS 클라이언트

nfs 마운트 형식은 위의 형식을 그대로 사용해도 되며, 만일, 부팅시 마운트를 시키려고 한다면 /etc/fstab에 등록함으로써 가능하다. 일반적으로 하드디스크가 필요없는 시스템을 구축하는 경우에도 바로 파일시스템 자체를 NFS로 구성하는 것이 가능하다. 즉 부팅과 동시에 NFS데몬이 가동되면서 네트워크에 있는 하드디스크를 자신의 하드디스크 인것처럼  NFS를 사용해 공유하는 것이다.


 

 mount를 이용할 경우

mmx의 data디렉토리를 ns에서 /nfs라는 디렉토리로 마운트 시킬 경우 다음과 같은 명령으로 마운트시킬 수 있다.

 

ex) [root@ns /root]# mount -t nfs 192.168.0.2:/data/nfs

 

# mount -t nfs 192.168.0.2:/data /nfs

만일 부팅때부터 마운트되도록 하려면 /etc/fstab 파일을 수정해야 하는데 기본적인 내용을 살펴보면

다음과 같다.

  LABEL=/                 /                       ext2    defaults        1 1

/dev/cdrom              /mnt/cdrom              iso9660 noauto,owner,ro 0 0

/dev/fd0                /mnt/floppy             auto    noauto,owner    0 0

none                    /proc                   proc    defaults        0 0

none                    /dev/pts                devpts  gid=5,mode=620  0 0

/dev/hda5               swap                    swap    defaults        0 0

 


 

다음의 내용에 추가하면 되고, 추가하는 형식은 다음과 같다.

호스트명(ip주소):/공유디렉토리   /마운트포인트   nfs(파일시스템)   옵션   덤프   점검여부

 

실제적으로 적용시 내용은 다음과 같습니다.

192.168.0.2:/data       /nfs      nfs     bg,soft,rw      0 0

위의 내용은 192.168.0.2의 data디렉토리를 /nfs디렉토리로 마운트 하되 파일시스템은 nfs이며 백그라운드로, 소프트타입으로, 읽기쓰기가 가능하도록하며 부팅시 파일시스템 점검은 하지않도록 설정한 것이다.

 

마운트 옵션을 살펴보면 다음과 같다.

 션

 능

suid, nosuid

보안상 원격파일 시스템에서 suid모드보다는 nosuid모드가 권장된다.

Bg

nfs 마운트가 처음에 실패할 경우 백그라운드 상태에서 계속 시도하게 되는 것으로 원격파일시스템이 허용되지 않을 경우 부트 시간을 단축시킨다.

Retry=n

포기할 때가지의 마운트 시도횟수로 기본은 100000이다.

timeo=n

타임아웃 시간을 설정한다.

retrans=n

n번 요구를 재전송하는 것으로 기본은 3번이다.

soft,hard

재시도 횟수가 끝이 났을 때 연결을 계속할지 말지를 결정한다.  읽기전용으로 마운트될 경우엔 soft가, 읽기/쓰기가 가능하도록 마운트될 경우엔 hard가 적합하다. soft로 마운트된 파일시스템은 프로세스가 멈추어지는 문제를 피할 수도 있다.

Intr

정지 프로세서를 죽이기 위한 인터럽트를 허용한다. 터미널에 대해 CTRL-C를 누르고 백그라운드 프로세스인 경우 INT(2) 혹은 QUIT(3) 신호를 보내면 다시 동작된다.

resize=n

nfs서버에 있는 읽기 버퍼의 크기(바이트단위)

wsize=n

nfs서버에 있는 쓰기 버퍼의 크기(바이트단위)

 

4.6 마운트정보

마운트 정보를 보기 위해서는 다음과 같이 showmount로 확인할 수 있습니다.

  [root@ns /root]# showmount 192.168.0.2

Hosts on 192.168.0.2:

192.168.0.2

192.168.0.4

[root@ns /root]#

현재 192.168.0.2에 NFS로 접속한 호스트는 자기 자신과 192.168.0.4번이라는 것을 확인할 수 있다.

 

4.7 마운트의 해제

마운트의 해제는 umount로 해당 마운트 포인트를 지정함으로써 해제할 수 있다.

 

신고



댓글을 달아 주세요

티스토리 툴바