oas-console


oas-console
Originally uploaded by laurentschneider.

I installed OAS 10.1.3 on my notebook. Why? well, just to test if it is installable… and to justify my need of 2Gb of memory to my boss ;-)

Ok, SLES10 is not certified yet, Not even planned yet on metalink. But it will definitely be certified one day.

The first step is to install the necessary packages

1) db1 : Berkeley DB Database Library Version 1.85
this package is needed, in order to avoid :

httpd: error while loading shared libraries: libdb.so.2: 
cannot open shared object file: No such file or directory

2) openmotif21-libs, sysstat
as listed in the quick installation guide for SLES9

3) libgnome and libgnome-devel
replace the old gnome-libs and gnome-libs-devel

4) pdksh
ksh-93r seems to be suffisant

5) glibc 2.3 and gcc 3.3
no problem until yet by using glibc 2.4 and gcc 4.1

The second and last step is to launch the installer, with -ignoreSysPrereqs or with an updated install/oraparam.ini

That’s all. I did get some warning about memory and requirements, but it seems that it works.

Oracle Password Repository

I checked this tool today :
http://sourceforge.net/projects/opr

This tool provide a simple way of not hardcoding passwords in shell scripts. Hardcoding passwords in shell scripts is a bad practice. The source code may be shared by many developers, may resides on unsecure servers (CVS), may be printed, etc… The passwords may change often too.

This tool uses a simple file to stores the passwords encrypted. Well, I urge you to secure this file to make it non-accessible for others.

I am not going to decode nor rate the encryption algorythm, the fact is, you do not have clear text passwords. It could be also possible to have clear text password in a separate text file, which would not be that less secure, but it is ugly.

To make it clear (I hope), it is a 2-ways encryption, so if you have access to the file and the source code of the algorythm, you can crack the password. Sounds weak? Well, Oracle Proxy Users with Internet Directory, Application Server, Portal and all those products are not much different. The only 100% passwordless solution I am aware of is the external OS identification.

Well, that said, let’s look how it works.

# ./configure
# make
# make install

let’s create the repository

 
$ export OPRREPOS=$ORACLE_HOME/dbs/oprrepos
$ opr -c

store the password for scott on LSC01

$ opr -a LSC01 SCOTT lsc
please enter the password :
please re-enter the password :
entry (LSC01, scott, lsc) added.

let’s test

$ sqlplus scott/$(opr -r LSC01 SCOTT)@LSC01

SQL*Plus: Release 10.2.0.2.0 - Production on Tue Jul 25 13:51:48 2006

Copyright (c) 1982, 2005, Oracle.  All Rights Reserved.

Connected to:
Oracle Database 10g Enterprise Edition Release 10.2.0.2.0 - Production
With the Partitioning, OLAP and Data Mining options

This is quite convenient. I will use this to store the RMAN password to connect to the RMAN repository in my backup scripts

Installation Oracle on Suse Linux Enterprise 10

How neat is Suse!

I downloaded the DVD SLES10 on Novell.com. At the installation time, appart from Gnome, Development, X Window, there are a few new categories. One of them is called Oracle Database, and guess what, it installs all what I needed for Oracle. It creates an oracle account, with oinstall as primary group and dba as secondary group, it sets usefull things like ORACLE_HOME.

Ok, let’s unlock the account

chltlxlsc1:~ # usermod -s /bin/bash oracle
chltlxlsc1:~ # passwd oracle
Changing password for oracle.
New Password:
Reenter New Password:
Password changed.

Ok, let’s install. SLES10 is not recognized as a certified OS yet. The DISPLAY thing has to be manually set too.

oracle@chltlxlsc1:~> ./runInstaller  -ignoreSysPrereqs
Starting Oracle Universal Installer...

Checking installer requirements...

Checking operating system version: must be redhat-3, SuSE-9, 
redhat-4, UnitedLinux-1.0, asianux-1 or asianux-2
                                      Failed <<<<

>>> Ignoring required pre-requisite failures. Continuing...

this is one of the friendliest installation I have ever made…

indian readers

I am aware indian and pakistan ISP did block access to blogspot blogs. There are some workaround available on google, for example to access my site from Pakistan, you may be able to use pkblogs

http://www.pkblogs.com/laurentschneider

I am quite sad about this, I used to have a lot of access from India in the past (according to statcounter.com), and this is quite a limiting move for the indian Internet community.

Update: only relevant to my old blogger blog