Oracle Linux Tips

oracle-linux

A modest collection of Linux commands, procedures and shortcuts useful for Oracle DBAs.

Applicable to the Oracle Linux version as noted.

 

Quick links to all the tips:

Boot Kernel Order – Change:

There are a number of different kernels installed when you install and update an Oracle Linux installation. Sometimes the default kernel is not the one you want to boot from. You can select a different one from the boot menu (if you’re quick) or you can change the default boot kernel.

For Oracle Linux 7:

To find out the name of the current default boot kernel:

[root@orasvr02 ~]# grubby --default-kernel
/boot/vmlinuz-4.14.35-1902.6.6.el7uek.x86_64

To see all the currently installed kernels:

[root@orasvr02 ~]# grubby --info=ALL | grep "kernel="
kernel=/boot/vmlinuz-4.14.35-1902.6.6.el7uek.x86_64
kernel=/boot/vmlinuz-3.10.0-1062.4.1.el7.x86_64
kernel=/boot/vmlinuz-4.14.35-1902.2.0.el7uek.x86_64
kernel=/boot/vmlinuz-4.14.35-1818.3.3.el7uek.x86_64
kernel=/boot/vmlinuz-3.10.0-957.21.3.el7.x86_64
kernel=/boot/vmlinuz-3.10.0-957.el7.x86_64
kernel=/boot/vmlinuz-0-rescue-63baed2ed4f048d39b33bfef94a1602f

To set a new default boot kernel, then check it is the new default:

[root@orasvr02 ~]# grubby --set-default /boot/vmlinuz-3.10.0-1062.4.1.el7.x86_64

[root@orasvr02 ~]# grubby --default-kernel
/boot/vmlinuz-3.10.0-1062.4.1.el7.x86_64

Loopback Mount for an ISO File – Create:

# mount -o loop /path_to_file.iso /mount_point_dir

Mount a CD/DVD:

You need to know the device path. Sometimes it’s /dev/cdrom. Sometimes it’s /dev/sr0.

# mount -t iso9660 /device_path /mount_point_dir

Public Oracle yum Repository – Create:

For Oracle Linux 6:

# cd /etc/yum.repos.d 
# wget http://public-yum.oracle.com/public-yum-ol6.repo

X Windows Client Programs – Install:

# yum install xterm

Oracle Database Preinstall rpm – Install:

For Oracle Database 12c Release 1:

# yum install oracle-rdbms-server-12cR1-preinstall.x86_64

For Oracle Database 12c Release 2:

# yum install oracle-database-server-12cR2-preinstall

For Oracle Database 18c:

# yum install oracle-database-preinstall-18c

For Oracle Database 19c:

# yum install oracle-database-preinstall-19c

Ethernet Port Down/Non-operational – Start:

# ifconfig eth2 up     (where eth2 is the port name)

File System with Minimal Superuser Overhead – Create:

# mkfs -t ext4 -m 0 /dev/xvdc1 (where /dev/xvdc1 is the partition name)

Network Interface Configuration Issues – Diagnose:

Sometimes the installation of Grid Infrastructure (GI) does not show all the network interfaces. This can be down to not having configured an interface during the Linux install. All seems OK when you run the “ifconfig -a” command, but under the covers, all might not be well.

Each interface has an interface configuration file called ifcfg-eth*. They are located in:

/etc/sysconfig/network-scripts

It is possible the interface not being listed during the GI install does not have a configuration file. Using the system-config-network utility won’t create it either and returns an error when trying to configure the interface.

A new interface configuration file can be created by copying an existing one and renaming it for the interface you’re trying to configure. You will need to edit some of the entries to make it specific to the interface you’re working on. Here’s a typical configuration file:

DEVICE=eth1 <-- this needs changing
TYPE=Ethernet
UUID=e8347ba9-9e19-4484-9191-95fdc9fc2a4c <-- this needs changing
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=yes
IPV6INIT=no
HWADDR=00:21:f6:0c:04:19 <-- this needs changing
IPADDR=200.200.10.11 <-- this needs changing
PREFIX=24
NETMASK=255.255.255.0
USERCTL=no

The trick is to generate a UUID for the network interface. This is done with the uuidgen command:

# uuidgen eth1  (where eth1 is the name of the port you're interested in)

Linux Firewall – Turn Off:

For Oracle Linux 6:

The Linux firewall still being up and running can cause a variety of errors when installing and configuring Oracle Grid Infrastructure. Again, when working on the Specify Network Interface Usage screen of the GI installation, an active firewall can cause this error:

[INS-41112] Specified network interface doesn’t maintain connectivity across cluster nodes

Running this pre-check can also generate all sorts of unpleasant output:

[grid@racnode1 grid]$ ./runcluvfy.sh comp nodecon -n racnode1,racnode2 -verbose

To verify the Linux firewall is still active and to shut it down, run these commands:

# service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num  target     prot opt source      destination         
1    ACCEPT     all  --  0.0.0.0/0   0.0.0.0/0    state RELATED,ESTABLISHED
2    ACCEPT     icmp --  0.0.0.0/0   0.0.0.0/0           
3    ACCEPT     all  --  0.0.0.0/0   0.0.0.0/0           
4    ACCEPT     tcp  --  0.0.0.0/0   0.0.0.0/0    state NEW tcp dpt:22
5    REJECT     all  --  0.0.0.0/0   0.0.0.0/0    reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
num  target     prot opt source      destination         
1    REJECT     all  --  0.0.0.0/0   0.0.0.0/0    reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source      destination
# service iptables stop
iptables: Setting chains to policy ACCEPT: filter          [  OK  ]
iptables: Flushing firewall rules:                         [  OK  ]
iptables: Unloading modules:                               [  OK  ]

# chkconfig iptables off

For Oracle Linux 7:First, verify the status of the firewall:

[root@orasvr01 ~]# systemctl status firewalld
 ● firewalld.service - firewalld - dynamic firewall daemon
    Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
    Active: active (running) since Sat 2019-06-29 12:33:58 CDT; 1 day 22h ago
      Docs: man:firewalld(1)
  Main PID: 4166 (firewalld)
    CGroup: /system.slice/firewalld.service
            └─4166 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid
 Jun 29 12:33:57 orasvr01.mynet.com systemd[1]: Starting firewalld - dynamic firewall daemon…
 Jun 29 12:33:58 orasvr01.mynet.com systemd[1]: Started firewalld - dynamic firewall daemon.

This output shows the firewall us up and running. To stop the firewall and keep it stopped, use these commands:

[root@orasvr01 ~]# systemctl stop firewalld.service
[root@orasvr01 ~]# systemctl disable firewalld.service
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.

Re-check the firewall status:

[root@orasvr01 ~]# systemctl status firewalld
 ● firewalld.service - firewalld - dynamic firewall daemon
    Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
    Active: inactive (dead)
      Docs: man:firewalld(1)
 Jul 01 11:48:19 orasvr01.mynet.com systemd[1]: Starting firewalld - dynamic firewall daemon…
 Jul 01 11:48:20 orasvr01.mynet.com systemd[1]: Started firewalld - dynamic firewall daemon.
 Jul 01 12:01:28 orasvr01.mynet.com systemd[1]: Stopping firewalld - dynamic firewall daemon…
 Jul 01 12:01:29 orasvr01.mynet.com systemd[1]: Stopped firewalld - dynamic firewall daemon.

Reboot then check again:

[root@orasvr01 ~]# systemctl status firewalld
 ● firewalld.service - firewalld - dynamic firewall daemon
    Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
    Active: inactive (dead)
      Docs: man:firewalld(1)

Hostname – Change:

The hostname of the server is stored in this file:

/etc/sysconfig/network

The relevant line is:

HOSTNAME=<current_value>

Changing it here will not make it permanent. To do that, run this command then reboot:

# sysctl kernel.hostname=<hostname.domain>

SE Linux – Disable:

To check if SE Linux is enabled, there are a couple of tests you can perform. First, try running the id command:

[root@racnode1 ~]# id
uid=0(root) gid=0(root) groups=0(root) 
context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

If the output contains the line, “context=…”, then SE Linux is enabled. You can also run the getenforce command:

[root@racnode1 ~]# getenforce
Enforcing

If the command returns “Enforcing” then SE Linux is enabled. Good news, this is easy to fix. Simply edit the /etc/selinux/config file.

[root@racnode1 ~]# vi /etc/selinux/config

Change this line:

SELINUX=enforcing

To this:

SELINUX=disabled

After you save the file, reboot for the change to take effect.

Network Manager – Disable:

The Linux Network Manager has an annoying habit of overwriting the /etc/resolv.conf file each time the network service is started. If you make some custom changes to this file, you don’t want this file overwritten. The simplest and most effective way to stop this from happening is to convince the Network Manager to stay dead.

First, check if the Network Manager service is up and running:

[root@racnode1 ~]# service NetworkManager status
NetworkManager (pid 1902) is running...

If it’s running, stop it and keep it stopped with these commands:

[root@racnode1 ~]# service NetworkManager stop
Stopping NetworkManager daemon:                            [OK]

[root@racnode1 ~]# chkconfig NetworkManager off

Finally, lock down the /etc/resolv.conf file by making it read-only:

[root@racnode1 ~]# chattr +i /etc/resolv.conf

Note: To reverse the chattr command, use this command:

[root@racnode1 ~]# chattr -i /etc/resolv.conf

Wipe Data on Disk Using dd:

The dd command is a useful way to wipe (overwrite with zeros) data on disk. This can be especially useful when you need to overwrite ASM disk headers:

if : input file (/dev/zero)

of : output file (the file which needs to be wiped)

bs: read and write this number of bytes at a time

count : copy this number of input blocks

[root@racnode1 ~]# dd if=/dev/zero of=/dev/iscsi/asm-disk01 bs=100 count=1000

TCP and UDP Ports In Use – Show:

Sometimes you need to know which ports are being used on a Linux server.

[root@oraemcc ~]# netstat -antu

The Local Address column shows IP Address:PORT

Swap File – Add:

A quick and easy way to increase the swap space on a Linux server is to add a swap file.

First, find out how much swap you have:

[root@racnode1 /]# swapon -s
Filename                                Type            Size    Used    Priority
/dev/dm-1                               partition       4194300 0       -1

[root@racnode1 /]# swapon --show
Filename                                Type            Size    Used    Priority
/dev/dm-1                               partition         4G      0B    -1 

Then create an empty file of the desired size using the dd command. The bs (Block Size) parameter multiplied by the count parameter gives you the size the file will be in bytes.

For example, 1024 x 1048576 = 1073741824 bytes (or 1 GB):

[root@racnode1 /]# dd if=/dev/zero of=/swapfile count=1024 bs=1048576
1024+0 records in
1024+0 records out
1073741824 bytes (1.1 GB) copied, 2.89133 s, 371 MB/s

[root@racnode1 /]# ls -l /swapfile
-rw-r--r-- 1 root root 1073741824 Feb  3 12:30 /swapfile

Next, tell Linux this file is a swap file using the mkswap command:

[root@racnode1 /]# mkswap -c /swapfile
mkswap: /swapfile: warning: don't erase bootbits sectors
        on whole disk. Use -f to force.
Setting up swapspace version 1, size = 1048572 KiB
no label, UUID=58babb34-0057-407d-a149-1530f7a8b3b3

Then add the swap file to the system swap:

[root@racnode1 /]# swapon /swapfile

Check the new swap file is part of the system swap:

[root@racnode1 /]# swapon -s
Filename                                Type            Size    Used    Priority
/dev/dm-1                               partition       4194300 340556  -1
/swapfile                               file            1048572 0       -2

Finally, add the swap file to the /etc/fstab file so it comes back after system re-starts:

/swapfile       swap    swap   defaults     0 0

Disk Usage Sorted by Size:

Sometimes we need to reclaim disk space. The best place to look for things to delete is in the directory using the most disk. This command will list the required number of sub-directories (–max-depth) in descending MB (-m) order:

[oracle@racnode1 oracle]$ du -m --max-depth 2 | sort -rn

IPv6 Addressing – Remove:

You can confirm the presence of IPv6 addressing by checking the output of the ifconfig command. For example:

[root@racnode1 ~]# ifconfig eth0
eth0     Link encap:Ethernet HWaddr 00:21:F6:04:42:98
         inet addr:200.200.10.11 Bcast:200.200.10.255 Mask:255.255.255.0
         inet6 addr: fe80::221:f6ff:fe04:4298/64 Scope:Link
         inet6 addr: 2002:4b49:1933:0:221:f6ff:fe04:4298/64 Scope:Global
         UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
         RX packets:529808 errors:0 dropped:46361 overruns:0 frame:0
         TX packets:43797 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:1000
         RX bytes:79241367 (75.5 MiB) TX bytes:18208947 (17.3 MiB)

The clues are the lines beginning with “inet6”. To disable IPv6 across the board, add the following line to the /etc/sysctl.conf file:

[root@racnode1 ~]# vi /etc/sysctl.conf

# disable IPv6 support on all network interfaces:
net.ipv6.conf.all.disable_ipv6 = 1

If you only wanted to disable IPv6 support for a specific interface, for example eth0, then the entry in /etc/sysctl.conf would look like this:

# disable IPv6 support on the eth0 network interfaces:
net.ipv6.conf.eth0.disable_ipv6 = 1

To have this change take effect, either reboot or run this command:

[root@racnode1 ~]# sysctl -p /etc/sysctl.conf

To confirm the change has taken effect, re-run the ipconfig command:

[root@racnode1 ~]# ifconfig eth0
eth0     Link encap:Ethernet HWaddr 00:21:F6:04:42:98
         inet addr:200.200.10.11 Bcast:200.200.10.255 Mask:255.255.255.0
         UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
         RX packets:6481 errors:0 dropped:456 overruns:0 frame:0
         TX packets:464 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:1000
         RX bytes:1277621 (1.2 MiB) TX bytes:92893 (90.7 KiB)

Hardware Information – Display:

We often need to determine the size of the server hardware we’re dealing with. That really boils down to the manufacturer make and model, CPU configuration and installed RAM.

Manufacturer Make & Model:

As the root user, run this command:

[root@racnode1 ~]# dmidecode | grep -A3 '^System Information'

On physical hardware, the output will look something like this:

System Information
    Manufacturer: HP
    Product Name: ProLiant DL380 G7

On virtual hardware like Oracle VM, the output will look something like this:

System Information
    Manufacturer: Xen
    Product Name: HVM domU
    Version: 4.3.1OVM

CPU Configuration:

Save these commands to a script and run it as root:

#!/bin/sh

SOCKETS=`cat /proc/cpuinfo | grep "physical id" | sort | uniq | wc -l` 
CORES=`cat /proc/cpuinfo | grep "cpu cores" | uniq | awk '{ print $4; }'` 
HYPTHREAD=`cat /proc/cpuinfo | grep "^processor" | wc -l` 
 
#echo $SOCKETS 
#echo $CORES 
#echo $HYPTHREAD 
echo This system has $SOCKETS Sockets, $CORES cores per socket, for a total of $HYPTHREAD cpu threads

Installed RAM:

There are a number of ways to determine the amount of RAM installed. Some include:

[root@racnode1 ~]# free -m

             total used free shared buffers cached
Mem:          5968 5738  229   2234     257   3082
-/+ buffers/cache: 2399 3569 
Swap: 4095 4 4091
[root@racnode1 ~]# cat /proc/meminfo

MemTotal:        6111812 kB
MemFree:          179764 kB
...
[root@racnode1 ~]# top

top - 12:48:54 up 4 days, 15 min, 1 user, load average: 1.53, 1.75, 1.84
Tasks: 339 total, 1 running, 338 sleeping, 0 stopped, 0 zombie
Cpu(s): 73.5%us, 10.7%sy, 0.0%ni, 14.1%id, 0.0%wa, 0.0%hi, 0.3%si, 1.3%st
Mem:  6111812k total, 5917664k used, 194148k free, 263668k buffers
Swap: 4194300k total, 4512k used, 4189788k free, 3156768k cached

Note, on a Windows Server the equivalent information can be obtained by running the command MSINFO32 at a Command Prompt. This will open up a System Information window which will show all the relevant details about the hardware and operating system.

sudo – Configuring for oracle.

The oracle user needs to run certain commands/scripts as the root user. The simplest way to achieve that without having access to the root password is to configure sudo for the oracle user. To do that, you need to edit the /etc/sudoers file. You can edit this file directly or to have your changes verified, use this instead:

[root@orasvr01 ~]# visudo

Scroll down to the section which contains this entry:

## The COMMANDS section may have other options added to it.
##
## Allow root to run any commands anywhere
root    ALL=(ALL)       ALL

Add this line to the file, then save it:

oracle  ALL=(root)      ALL

This has the effect of allowing the oracle user to assume the identity of the root user [ALL=(root)] and execute any command as root [ALL]. The oracle user can then become the root user or run commands as the root user. For example:

[oracle@orasvr01 ~]$ sudo -u root -s

[root@orasvr01 oracle]# id
uid=0(root) gid=0(root) groups=0(root)

[oracle@orasvr01 ~]$ sudo useradd -u 1002 -g oinstall -G dba,backupdba,dgdba,kmdba,racdba,asmdba,oper sean

[oracle@orasvr01 ~]$ fgrep sean /etc/passwd
sean:x:1002:1000::/home/sean:/bin/bash

Note, the first time the oracle user attempts to use sudo, the system will prompt for the oracle password. After that, you should be fine.