Oracle9i Post-Installation
Configuration Tasks to Perform as the root User
Create Additional UNIX Accounts
If necessary, create additional UNIX accounts. Each DBA user on the system must be a member of the OSDBA group.
Verify Database File Security
If you configure Oracle9i in a way similar to the United States NCSC C2 or European ITSEC E3 security evaluation configuration, verify database file security to ensure the integrity of the Oracle software installation. This task is optional if security is not an issue.
To prevent unauthorized access to secure data, protect your files. The file privileges and recommended ownership are as follows:
- The oracle account should have read, write, and execute privileges for all files and directories in the Oracle9i installation.
- The ORAINVENTORY group should have read, write, and execute privileges on the oraInventory directory, but should not have write permissions on anything else.
- No user other than the oracle user or the ORAINVENTORY group should have write access on any files or directories in the Oracle9i installation.
These permissions are the default values and should not be changed.
Access Permissions on Oracle Directories and Files
Directories/Files Permissions Comments All database, redo log, and control files (extensions for these files are typically.dbf,.log, and.ctl) 640 rw-r----
The oracle user and ORAINVENTORY group are the only users that should have read privileges for all databases, redo logs, and control files to maintain discretionary access to data. $ORACLE_HOME/bin/ 751 rwxr-x--x
The oracle user should have read, write and execute privileges and all users should have execute privileges to this directory. The oracle executable, and the following network executables:
$ORACLE_HOME/bin/dbsnmp6751 rws-r-s--x
The 6 sets the setuid bit and the setgid bit so the executables run as the oracle user and OSDBA group, regardless of who executes them. All other executables 751 rwxr-x--x
The oracle user should have read, write and execute privileges and all users should have execute privileges to this directory. $ORACLE_HOME/lib/ 755 rwxr-xr-x
The oracle user should have read, write and execute privileges and all other users should have read and execute privileges to this directory. All files under
$ORACLE_HOME/lib/755 rwxr-xr-x
The oracle user should have read, write and execute privileges and the other users should have read-only privileges to these files. $ORACLE_HOME/rdbms/log 751 rwxr-x--x
The oracle user and ORAINVENTORY group have restricted access to files in the directory. The other users have execute privileges. Product subdirectories such as $ORACLE_HOME/sqlplus
or
$ORACLE_HOME/rdbms751 rwxr-x--x
The oracle user and ORAINVENTORY group have restricted access to log files.The other users have execute privileges. Files in
$ORACLE_HOME/sqlplus
or
$ORACLE_HOME/rdbms644 rw-r--r--
The oracle user should have read and write privileges and the other users should have read-only privileges to these files. $ORACLE_HOME/network \
/trace777 rwxrwxrwx
or
730
rwx-wx---
The oracle user and members of the ORAINVENTORY group have access to trace files when 730 is used in the production environment.777 allows broad access to view and create trace files during development. All files under product admin directories, like
$ORACLE_HOME/rdbms \
/admin and
$ORACLE_HOME/sqlplus \
/admin644 -rw-r--r--
SQL scripts should typically be run as the SYS user.
Change Group Membership of the Apache User
After installing Oracle9i, the APACHE account access to the oraInventory directory needs to be removed in order to ensure database security. Perform the following tasks:
- Create a new group to which no other group or user has access.
- Assign ownership of this group to Apache.
- Change the APACHE account primary group identifier (GID) from the one that has ownership of the oraInventory directory (typically ORAINVENTORY) to the new group name.
Automate Database Startup and Shutdown for HP, Linux and Solaris (Optional)
Oracle Corporation recommends that you configure your system to automatically start Oracle databases when your system starts up, and to shut down Oracle databases when your system shuts down. Automatic database startup and shutdown protects against improper shutdown of the database.
The dbstart and dbshut scripts are located in the $ORACLE_HOME/bin directory and can be used to automate database startup and shutdown. The dbstart and dbshut scripts reference the same entries in the oratab file, so the scripts must apply to the same set of databases. For example, you cannot have the dbstart script automatically start up databases sid1, sid2, and sid3, and the dbshut script shut down only databases sid1 and sid2. You can, however, specify that the dbshut script shut down a set of databases while the dbstart script is not used at all. To do this, include a dbshut entry in the shutdown file but omit the dbstart entry from the system startup files.
Perform the following tasks to set up the dbstart and dbshut scripts so that they are called at system startup. This process must be completed for every new database that you want to configure for automated startup and shutdown.
- Edit the /var/opt/oracle/oratab file for Solaris and Linux and /etc/oratab file for AIX, HP and Tru64.
Database entries in the oratab file appear in the following format:
ORACLE_SID:ORACLE_HOME:{Y|N}In the preceding command, Y or N specifies whether you want the dbstart and dbshut scripts to start up and shut down the database. For each database that you want to start up, find the ORACLE_SID entry identified by the sid in the first field. Change the last field for each to Y.
- In the /etc/init.d directory, create a dbora script similar to the following, if it does not already exist. Be sure to give the full path of the dbstart utility.
#!/bin/sh # Set ORA_HOME to be equivalent to the $ORACLE_HOME # from which you wish to execute dbstart and dbshut; # # Set ORA_OWNER to the user id of the owner of the # Oracle database in ORA_HOME. ORA_HOME=/u01/app/oracle/product/9.0.1 ORA_OWNER=oracle if [! -f $ORA_HOME/bin/dbstart] then echo "Oracle startup: cannot start" exit fi case "$1" in 'start') # Start the Oracle databases: # The following command assumes that the oracle login # will not prompt the user for any values su - $ORA_OWNER -c $ORA_HOME/bin/dbstart & ;; 'stop') # Stop the Oracle databases: # The following command assumes that the oracle login # will not prompt the user for any values su - $ORA_OWNER -c $ORA_HOME/bin/dbshut & ;; esacCreate symbolic links to the dbora script in the appropriate run-level script directories, as follows:
# ln -s /etc/init.d/dbora /etc/rc0.d/K10dbora # ln -s /etc/init.d/dbora /etc/rc3.d/S99dbora
Automate Database Startup and Shutdown for AIX (Optional)
Oracle Corporation recommends that you configure your system to automatically start Oracle databases when your system starts up, and to shut down Oracle databases when your system shuts down. Automatic database startup and shutdown protects against improper shutdown of the database.
- Automating Database Startup
Perform the following tasks to set up the dbstart and dbshut scripts so that they are called at system startup. This process must be completed for every new database that you want to configure for automated startup:
- Edit the /etc/oratab file.
Database entries in the oratab file appear in the following format:
ORACLE_SID:ORACLE_HOME: {Y|N}In the preceding command, Y or N specifies whether you want the dbstart and dbshut scripts to start up and shut down the database.
- For each database that you want to start up, find the ORACLE_SID entry identified by the sid in the first field. Change the last field for each to Y.
- Add the dbstart script to the /etc/inittab file:
# mkitab "oradb:2:wait:/bin/su oradb -c|/$ORACLE_HOMES/bin/dbstart"In the preceding command, oradb is the identifier of the oracle user for which you want to start the database.
- Automating Database Shutdown
Automate database and system shutdown by creating a script, shut, to start dbshut and the system executable /etc/shutdown. Complete the following steps to create the script:
- If you have not already done so, edit the database entries of your /etc/oratab file to enable dbstart and dbshut, as described in step 1 of the dbstart instructions.
- As root, create the shut shell script:
# cd /etc cat > shut << EOF ? su oracle_owner -c /usr/oracle/bin/dbshut ? /etc/shutdown $* \ ? [Ctrl-D] # chmod u+x shut- Execute the following command to run the shut script and shut down the database:
# /etc/shut -h nowThis closes Oracle databases and shuts down the system with the specified options.
Automate Database Startup and Shutdown for Tru64 (Optional)
This process must be completed for every new database that you want to configure for automated startup and shutdown. Perform the following tasks to startup and shutdown listeners and set up the dbstart and dbshut scripts so that they are called at system startup:
- Log in as root user.
- Edit the /etc/oratab file.
Database entries in the /etc/oratab file appear in the following format:
ORACLE_SID:ORACLE_HOME: {Y|N}In the preceding command, Y or N specifies whether you want the dbstart and dbshut scripts to start up and shut down the database.
- For each database that you want to start up, find the ORACLE_SID entry identified by the sid in the first field. Change the last field for each to Y.
- Change directories to /sbin/init.d.
- Create a file named oracle, and use chmod to set the privileges to 750.
This script assumes that a password is not set for the listener. If a password is set, the listener will not be stopped.
The ORACLE_HOME and ORACLE variables are for example only. Use information as appropriate for your installation.
Add the following contents to the /sbin/init.d/oracle file:
#!/bin/sh # # change the value of ORACLE_HOME to be correct for your # installation ORACLE_HOME=/opt/oracle/product/9.0.1 PATH=${PATH}:$ORACLE_HOME/bin HOST=`hostname` # # change the value of ORACLE to the login name of the # oracle owner at your site # ORACLE=oracle export ORACLE_HOME PATH # if [ ! "$2" = "ORA_DB" ] ; then rsh $HOST -l $ORACLE /sbin/init.d/oracle $1 ORA_DB exit fi # LOG=$ORACLE_HOME/startup.log touch $LOG chmod a+r $LOG # case $1 in 'start') echo "$0: starting up" >> $LOG date >> $LOG # Start Oracle Net if [ -f $ORACLE_HOME/bin/tnslsnr ] ; then echo "starting Oracle Net listener" $ORACLE_HOME/bin/lsnrctl start >> $LOG 2>&1 & fi echo "starting Oracle databases" $ORACLE_HOME/bin/dbstart >> $LOG 2>&1 ;; 'stop') echo "$0: shutting down" >> $LOG date >> $LOG # Stop Oracle Net if [ -f $ORACLE_HOME/bin/tnslsnr ] ; then echo "stopping Oracle Net listener" $ORACLE_HOME/bin/lsnrctl stop >> $LOG 2>&1 fi echo "stopping Oracle databases" $ORACLE_HOME/bin/dbshut >> $LOG 2>&1 ;; *) echo "usage: $0 {start|stop}" exit ;; esac # exit- Change the .rhosts file in the oracle user login home directory to allow root login access to the account.
your_host_name root
- Link files into the startup and shutdown directories by using the `ln -s' command.
# ln -s /sbin/init.d/oracle /sbin/rc3.d/S99oracle # ln -s /sbin/init.d/oracle /sbin/rc0.d/K01oracleThis file automatically starts and stops Oracle9i when the system is started or stopped.
Configuration Tasks to Perform as the oracle User
Perform the following tasks as the oracle user.
Update UNIX Account Startup Files
Update the startup files of the oracle user and the UNIX accounts of oracle users.
Set Environment Variables
Set the following environment variables in the.profile or.login file of the oracle user before using Oracle9i products. The settings that you use here should correspond to the settings used during installation as described in "Set Environment Variables". The syntax for setting environment variables is as follows.
For the Bourne or Korn shell:
variable_name=value; export variable_nameFor the C shell:
setenv variable_name value
Do not define environment variables with names that are identical to those used for Oracle processes such as CKPT, PMON, and DBWR.
Environment Variable Settings
Environment Variable Recommended Setting CLASSPATH Set the CLASSPATH variable to ensure for Java functionality. The CLASSPATH variable is different for various products. CLASSPATH must include the following:
JRE_Location/lib: $ORACLE_HOME/JRE/lib/rt.jar:$ORACLE_ HOME/jlib/<product jar file>:$ORACLE_ HOME/product/jlib/product jar \ fileThe JRE_Location variable is defined as $ORACLE_HOME/JRE
LD_LIBRARY_PATH Set the LD_LIBRARY_PATH variable to include $ORACLE_HOME/lib. ORACLE_HOME Set the ORACLE_HOME variable to specify the directory containing the Oracle software for a particular release. The OFA recommended value is: $ORACLE_BASE/product/release
For example, if the ORACLE_BASE variable is /u01/app/oracle, then the ORACLE_HOME variable would be: /u01/app/oracle/product/9.0.1ORACLE_SID Set the ORACLE_SID variable to specify the name of the Oracle Server instance name. Oracle Corporation recommends restricting it to no more than four characters to avoid filename problems on different operating systems because the sid is incorporated in many files. If you do not remember the value you entered when you were prompted by the Oracle Universal Installer, you can find it listed in the installActions.log file located in the
oraInventory_location/logs directory.The oraInventory_location directory is defined in the /var/opt/oracle/oraInst.loc file in HP, Linux, Solaris and Tru64 and /etc/oraInst.loc file in AIX.
PATH Make sure the new $ORACLE_HOME/bin directory is included in the PATH setting. AIX Path is: $ORACLE_HOME/bin,/usr/bin,/etc, /usr/lbin,/usr/bin/X11 and /usr/local/bin, if it exists
HP Path is: $ORACLE_HOME/bin,/usr/ccs/bin, /usr/bin,/etc, /usr/bin/X11 and /usr/local/bin, if it exists
Linux Path is: $ORACLE_HOME/bin,/usr/bin,/bin, /usr/bin/X11 and /usr/local/bin,if it exists
Solaris Path is: $ORACLE_HOME/bin,/usr/ccs/bin,/usr/bin,/etc, /usr/openwin/bin and /usr/local/bin, if it exists
Tru64 Path is: $ORACLE_HOME/bin,/usr/bin,/etc,/usr/bin/X11 and /usr/local/bin,if it existsSee Chapter 2, "Pre-Installation Requirements" for other PATH requirements.
TNS_ADMIN Set the TNS_ADMIN variable to the location of the Oracle Net configuration files. This variable only needs to be set if Oracle Net configuration files are not located in the default /var/opt/oracle or $ORACLE_HOME/network/admin directory for Solaris and /etc directory for AIX, HP, Linux and Tru64. For example, if tnsnames.ora is located in the /tns directory, set TNS_ADMIN variable to /tns.
Oracle products look for the tnsnames.ora file in the following order:
- tnsnames.ora file in the current user's home directory.
- TNS_ADMIN/tnsnames.ora
- /var/opt/oracle/ for Solaris and /etc for AIX, HP, Linux and Tru64.
- $ORACLE_HOME/network/admin/
Check that the tnsnames.ora file exists in one of these locations; otherwise, you might not be able to connect to a database through Oracle Net using local naming.
TWO_TASK Set the TWO_TASK variable to the Oracle Net connect string alias defined in the tnsnames.ora file that client software will use by default to connect to a server. For more information on net service names, refer to the Oracle9i Net Services Administrator's Reference and the Oracle9i Administrator's Reference Release 1 (9.0.1) for UNIX Systems.
Initialize the oraenv Script
You can use the oraenv script to set a common environment for Oracle software users.
Single-Instance Machine
On a single-instance machine, set the ORACLE_SID environment variable in the .profile or .login file of the oracle user account. Enter the following commands to initialize the oraenv file at login.
For the Bourne or Korn shell:
ORAENV_ASK=NO
. /usr/local/bin/oraenvFor the C shell:
set ORAENV_ASK = NO
source /usr/local/bin/coraenv
unset ORAENV_ASK
The C shell uses the coraenv command instead of the oraenv command.
Multiple-Instance Machine
On a multiple-instance machine, include a list of instance names and commands necessary to initialize the oraenv file at the end of the startup file of the oracle user account.
Bourne or Korn shell for UNIX platforms
Platforms Bourne or Korn Shell Solaris #!/usr/bin/sh echo "The SIDs on this machine are:" cat /var/opt/oracle/oratab | awk -F: '{print $1}' |\ grep -v "#" ORAENV_ASK="YES" . /usr/local/bin/oraenvAIX, HP, Linux and Tru64 #!/usr/bin/sh echo "The SIDs on this machine are:" cat /etc/oratab | awk -F: '{print $1}' | grep -v "#" ORAENV_ASK="YES" . /usr/local/bin/oraenv
C shell for UNIX platforms
Platforms C shell Solaris #!/usr/bin/csh" echo "The SIDs on this machine are:" cat /var/opt/oracle/oratab | awk -F: '{print $1}' |\ grep -v "#" set ORAENV_ASK="YES" source /usr/local/bin/coraenvAIX, HP, Linux and Tru64 #!/usr/bin/csh" echo "The SIDs on this machine are:" cat /etc/oratab | awk -F: '{print $1}' | grep -v "#" set ORAENV_ASK="YES" source /usr/local/bin/coraenv
Other Oracle User Startup Files
To create the same environment for all Oracle software user accounts, modify each oracle user startup file to include the following addition at the end of the file:
- For .profile files used by the Bourne or Korn shells, add:
. /usr/local/bin/oraenv- For .login files used by the C shell, add:
source /usr/local/bin/coraenv- The ORACLE_HOME and PATH environment variables are described in "Setting Environment Variables".
Update the oratab File
If you have created a database manually instead of using Oracle Database Configuration Assistant, ensure the system configuration is reflected in the oratab file. The oratab file is located in the /var/opt/oracle directory on Solaris and in the /etc directory on AIX, HP, Linux and Tru64.
Add an entry for each server instance on the system in the following format:
ORACLE_SID:ORACLE_HOME:{Y|N}In the preceding command, Y or N indicates whether you want to activate the dbstart and dbshut scripts. Oracle Database Configuration Assistant automatically adds an entry for each database it creates.
Apply Any Required Oracle Patches
The Oracle9i release 1 (9.0.1) software includes patches that must be applied to Oracle9i or other products. Patches are available on the Oracle9i CD-ROM in the cd_rom_mount_point/patch directory. Review the README file included with each patch for installation instructions.
Back Up the root.sh Script
Oracle Corporation recommends that you back up the root.sh script after a successful product installation. If you install another product category later into the same Oracle home directory, then the Oracle Universal Installer replaces the contents of the existing root.sh script during the installation. If after a later installation you require information from the original root.sh script, then you can recover it from the backed up root.sh file.
For example, if you install Oracle9i Management Infrastructure into the same Oracle home directory as a successful Oracle9i Server installation, then the Oracle Universal Installer replaces the contents of the existing root.sh script during the installation. Backing up the root.sh file after each product installation insures that you have all root.sh files available for reference if necessary.
Set Initialization Parameters
When you create a typical startup database using Oracle Database Configuration Assistant, the initsid.ora parameters are automatically set. Change initialization parameters to configure and tune the system for optimal performance. The default initsid.ora file shipped with the distribution is located in the $ORACLE_BASE/admin/sid/pfile directory. A template init.ora file is also in the $ORACLE_HOME/dbs directory. The file contains settings for small, medium, and large databases, with the settings for medium and large databases commented out in the file. The size settings are relative to each other, but do not represent an empirical size of the database.
Manually modify the initialization parameters in the initsid.ora file with a UNIX text editor. To activate the modified initsid.ora file, shut down and restart the database.
Oracle Corporation recommends that you not use symbolic character representations such as question marks (?) for the ORACLE_HOME environment variable in parameter files, as they might lead to startup errors.
To bring rollback segments online automatically with database startup, uncomment the rollback_segments command in the initsid.ora file.
For example, change:
# rollback_segments = (r0, r1, r2, r3)to:
rollback_segments = (r0, r1, r2, r3)
Post-Installation for Installed Oracle Products
Perform the following required post-installation steps as necessary for your installation. Not all products require post-installation steps.
Configure Shared Server Parameters
Oracle servers configured with Shared Server require a higher setting for the SHARED_POOL_SIZE initialization parameter, or a custom configuration that uses the LARGE_POOL_SIZE initialization parameter. If you installed your server with Oracle Universal Installer, then the value of the SHARED_POOL_SIZE parameter is set automatically by Oracle Database Configuration Assistant. However, if you created a database manually, increase the SHARED_POOL_SIZE parameter in the initsid.ora file. Typically, you should add 1 KB for each concurrent user.
Configure Oracle Internet Directory
If you upgrade an existing version of Oracle Internet directory, then perform the following post-upgrade task.
Enter the following command:
ldapmodify -a -c -D superDN -w superPwd -h host -p port -v -f \ $ORACLE_HOME/ldap/admin/odi.ldifIn the preceding command, superDN is the OID superuser distinguished name superPwd is the password of the OID superuser, host is the host name of the OID server, and port is the port number on which the OID server is running.
Configure Oracle Net
Basic configuration of Oracle Net is done by Oracle Net Configuration Assistant when it is started by Oracle Universal Installer during installation.
Verify and complete your initial configuration with the following steps:
- Log in as root and reserve a port for the Oracle Net listener by making the following entry in the /etc/services file:
listener_name 1521/tcp #Oracle Net listenerIn the preceding command, 1521 is the default port number. If you chose a different port when you configured the Oracle Net listener, specify that port in the /etc/services file.
- Check the status of the listener following installation using the following command:
$ lsnrctl status listener_nameThe listener_name field is required if the listener has a name other than the default listener.
- If the listener is not running, start it by using the following command:
$ lsnrctl start listener_name- Install and configure Oracle client software on a remote system, if necessary, then start SQL*Plus to test the connection to the server.
$ sqlplus username/password@net_service_nameIf you can successfully connect to the server with SQL*Plus, you have established network connectivity over TCP/IP.
Additional Oracle Product Installation and Configuration
This section provides further information on installing additional Oracle products to your initial installation and on using Oracle Configuration Assistants.
- Running Oracle Configuration Assistants
- Configuring the Database for Additional Oracle Products
- Configuring Oracle Real Application Clusters
- Configuring Oracle Label Security
- Configuring Oracle Precompilers
- Configuring Oracle Workflow
- Creating a Recovery Catalog for Recovery Manager
- Configuring Secure Sockets Layer
Run Oracle Configuration Assistants
Configuration Assistants are usually run during an installation session, but can also be run in stand-alone mode. As with Oracle Universal Installer, each of these assistants can also be run non-interactively using a response file. The following Oracle configuration assistants are described in this section:
- Using Oracle Net Configuration Assistant
- Using Oracle Data Migration Assistant
- Using Oracle Database Configuration Assistant
- Configuring New or Upgraded Databases
- Using Oracle Enterprise Manager Configuration Assistant As a Stand-Alone Tool
Using Oracle Net Configuration Assistant
When Oracle Net Server or Oracle Net Client is installed, Oracle Universal Installer automatically launches Oracle Net Configuration Assistant.
If you create a database using the Oracle Database Configuration Assistant during or after installation, then it will automatically update the Oracle Net configuration with any configuration information necessary for the new database. Oracle Database Configuration Assistant does one of the following:
- It registers the database in a supported directory service so that clients can use the directory to connect to the database.
or
- It creates an entry in the local naming file, tnsnames.ora that can be distributed to client computers to connect to the database.
If you choose to do a separate Oracle9i Client installation, then Oracle Net Configuration Assistant will automatically create a profile that is consistent with selections made during the installation. The Installer will automatically run the Oracle Net Configuration Assistant to set up a net service name in the local naming file found in the $ORACLE_HOME/network/admin directory of the client installation.
After installation is complete, a more detailed configuration can be accomplished using the Oracle Net Configuration Assistant by using the following command:
$ netca
Using Oracle Data Migration Assistant
If you installed Oracle9i software to use an existing database from a prior software version and chose not to migrate the database during the installation, then migrate the database before mounting it.
Using Oracle Database Configuration Assistant
Oracle Database Configuration Assistant can create a default or customized database, configure an existing database to use Oracle products, or present a set of shell and SQL scripts that you can inspect, modify, and run at a later time.
Start Oracle Database Configuration Assistant by using the dbca command located in the $ORACLE_HOME/bin directory:
$ dbcaFor help with the Oracle Database Configuration Assistant, use the -help or -h command line parameters with dbca.
$ dbca -help
Configuring New or Upgraded Databases
Oracle Corporation recommends running the utlrp.sql script after creating, upgrading, or migrating a database. This script recompiles all PL/SQL modules that may be in an INVALID state, including packages, procedures, and types. This step is optional, but recommended so that the cost of recompilation is incurred during the installation rather than at a later time.
- Start SQL*Plus by using the following command:
$ SQLPLUS /NOLOG- Connect to the database with the SYS account by using the following command:
SQL> CONNECT SYS/PASSWORD AS SYSDBAIn the preceding command, the initial default for PASSWORD is CHANGE_ON_INSTALL. This password must be changed before using the database.
- Start the database (if necessary) by using the following command:
SQL> STARTUP- Run the utlrp.sql script by using the following command:
SQL> @$ORACLE_HOME/rdbms/admin/utlrp.sql
Using Oracle Enterprise Manager Configuration Assistant As a Stand-Alone Tool
Oracle Enterprise Manager Configuration Assistant enables you to create, use, upgrade or delete the Oracle Enterprise Manager repository.
If you installed Oracle Enterprise Manager Server using the Oracle9i Management Infrastructure, Custom installation, or Custom Management Infrastructure types, Oracle Enterprise Manager Configuration Assistant automatically starts at the end of the installation to guide you through configuration. If you installed Oracle Enterprise Manager through any other installation types, Oracle Enterprise Manager Configuration Assistant must be started manually at the end of the installation.
Start Oracle Enterprise Manager Configuration Assistant after installation to configure a Management Server to create a new repository, and to use, upgrade and delete an existing repository.
Configure the Database for Additional Oracle Products
If you install additional Oracle products after the initial installation, use the Oracle Database Configuration Assistant to configure your database for the new products. The database must be running.
- Start up the Oracle Database Configuration Assistant by using the dbca command located in the $ORACLE_HOME/bin/ directory:
$ dbca- Select Modify Database.
- Select the appropriate database SID from the list of those detected by the Oracle Database Configuration Assistant.
- Choose the products you wish to enable from the list and click Finish.
Execute privileges will be granted to PUBLIC for all of the products and packages.
Adding Oracle Text to Your Installation
If you intend to install Oracle Text after your initial installation, ensure that you have at least 10 MB of disk space for the data dictionary and include the
$ORACLE_HOME/ctx/lib directory in the LD_LIBRARY_PATH environment variable.Your database must include tablespaces specific to Oracle Text data. Verify that tablespaces exist to serve as default and temporary tablespaces for Oracle Text. Oracle Text uses the DRSYS tablespace for its default and temporary tablespaces. If tablespaces for Oracle Text do not exist or you do not want to use the default DRSYS tablespace, then create additional tablespaces before installation. Verify that tablespaces exist to serve as default and temporary tablespaces for Oracle Text.
Managing Oracle Real Application Clusters
To start the Oracle Real Application Clusters communication daemon automatically when the computer is restarted, log in as the root user and add a line similar to the following in the /etc/init.d/dbora system startup file:
su - oracle -c "gsd"
Re-installing Oracle Real Application Clusters
If the installation fails before completion and you have to reinstall, click Yes on all Installer windows that ask "Do you want to reinstall name of a product?" The remote copy operation to the other nodes ignores the products for which you declined the reinstall.
Inspecting Oracle Real Application Clusters Configuration for Linux
This section describes how to inspect the kernel configuration for Oracle Real Application Clusters. Configurations do not work if you fail to configure the Watchdog Timer device and the raw device.
Inspecting the Watchdog Timer Device
For the Watchdog Timer device, the typical causes of failures are:
- The Watchdog Timer device driver is not configured.
- The Watchdog Timer device driver is not loaded to the kernel.
- The margin time is incorrect.
- The CONFIG_WATCHDOG_NOWAYOUT parameter is not set.
- If you configured the Watchdog Timer device as a module, load the Watchdog Timer device driver to the kernel. This is required after every boot. For example, enter:
# /sbin/insmod softdog soft_margin=60- Add the imsmod command lines in the Linux startup script (for example, /etc/rc.d/rc.local) to prevent losing the module after restarting the system.
- Run the wdttest1 command to check the first three possible configuration failures. If the configuration is correct, it reboots the system after the margin time has passed. For example, enter:
# wdttest1 passed: 1 sec passed: 2 sec . . . passed: 60 sec . . . Reboot occured- Run the wdttest2 command to check the CONFIG_WATCHDOG_NOWAYOUT parameter. If the configuration is correct, it reboots the system after the margin time has passed. For example:
# wdttest2 passed: 1 sec passed: 2 sec . . . passed: 60 sec . . . Reboot occured
Inspecting RSH/RCP Equivalence
Configure the Linux system so that the users can issue the rsh and rcp commands from one node to another node in the cluster. For example, for node1 and node2, enter:
$ hostname node1 $ rsh node2 hostname node2 $ rcp node2:/tmp/sample /tmpAn example of unsuccessfully issuing the rsh and rcp commands from node1 and node2 is:
$ hostname node1 $ rsh node2 hostname Permission denied. $ rcp node2:/tmp/sample /tmp Permission denied.Configuring the Linux system for issuing rsh and rcp commands varies depending on your system configuration. See the documentation for your Linux distribution for more information. In a typical case, you list the host names from which the host accepts rsh and rcp commands in the /etc/hosts.equiv file.Oracle Corporation refers to this configuration as RSH/RCP equivalence.
Perform the following steps to inspect the raw device:
- Establish RSH/RCP equivalence among the nodes for the test command rservername. Create the rservername configuration file. The configuration file contains entries for each node. The format of the entry is hostname:device_file_name. For example:
node1:/dev/raw/raw1 node2:/dev/raw/raw1 node3:/dev/raw/raw1 node4:/dev/raw/raw1- Run the rservername command. For example:
# vi rservername.conf . . . # cat rservername.conf node1:/dev/raw/raw1 node2:/dev/raw/raw1 node3:/dev/raw/raw1 node4:/dev/raw/raw1 # rservername rservername.confOK
Configure Oracle Label Security
If Oracle9i software is already installed and a database is created, then verify that the COMPATIBLE initialization parameter is set to 9.0.1 or higher.
Configure Oracle Precompilers
You cannot use Oracle Precompilers independently of Oracle9i to convert embedded PL/SQL.
Oracle Precompilers
Precompilers Configuration Files See Also Pro*C/C++ pcscfg.cfgThis file installs without content and can be configured with any text editor according to the site-specific requirements.
For more information on configuring the pcscfg.cfg file, refer to the Programmer's Guide to the Pro*C/C++ Precompiler. Pro*COBOL pcbcfg.cfgThis file installs without content and can be configured with any text editor according to the site-specific requirements.
For more information on configuring the pcbcfg.cfg file, refer to the Pro*COBOL Programmer's Guide.
Pro*FORTRAN pccfor.cfgThis file installs without content and can be configured with any text editor according to the site-specific requirements.
For more information on configuring the pccfor.cfg file, refer to the FORTRAN77 documentation. SQL*Modula Ada pmscfg.cfgThis file installs without content and can be configured with any text editor according to the site-specific requirements.
For more information on configuring the pmscfg.cfg file, refer to the SQL*Module for Ada Programmer's Guide.
Configure Oracle Workflow
You must perform a number of configuration procedures for Oracle Workflow. These include the following:
- Edit the init.ora parameter file
- Install and configure a web server
- Verify your base URL
- Set up the Oracle Workflow Monitor and HTML help
See Also:For more information on these procedures, refer to the Oracle Workflow Server Installation Notes, Oracle Workflow Client Installation Notes, and Oracle Workflow Guide.
Create a Recovery Catalog for Recovery Manager
Recovery Manager is an automated recovery utility that is installed as part of Oracle9i. It stores information in a recovery catalog in a separate Oracle9i database. This second Oracle9i database should be installed on a separate computer to provide maximum fault resistance.
If the installation and maintenance of a second Oracle9i database is impractical, then you can use Recovery Manager in a restricted mode without a recovery catalog.
To create a recovery catalog, perform the following steps:
- Install Oracle9i on a separate computer from any other Oracle9i system and create a database for the recovery catalog.
Create a typical, preconfigured database with Oracle Database Configuration Assistant. The default database is adequate for the recovery catalog.
- Create a user in the recovery catalog database to be the
RECOVERY_CATALOG_OWNER.
- As the RECOVERY_CATALOG_OWNER user, run the createCatalog command at the Oracle Recovery Manager prompt.
Configure Secure Sockets Layer
After Secure Sockets Layer is installed, run Oracle Net Configuration Assistant to configure it properly for your system.
Unlocke and Reset User Passwords
Passwords for all Oracle system administration roles and privileges except SYS, SYSTEM and SCOTT are expired upon installation. You are required to unlock user names and reset passwords for all other administrative user names before using them. You can do this through Database Configuration Assistant.
Unlocking and Resetting Passwords Automatically
During installation, click the Password Management button from the Database Configuration Assistant window to change passwords immediately after installation.
There is another alternative method to reset your passwords. If you unlock the password but do not specify a new password, then the database user's account will be unlocked and the password will remain expired until the next time when you login as that user. SQL*Plus will then prompt you for a new password.
Unlocking and Resetting Passwords Manually
To change a password and unlock an account manually, review the list of default administrative user names, passwords and functions in table below. Select a user, and unlock and reset the password by using the following commands:
- Start SQL*Plus and log in as SYSDBA by using the following commands:
$ sqlplus /nolog SQL> connect / as sysdba- Change the password by using the following command:
SQL> ALTER USER USERNAME IDENTIFIED BY PASSWORD ACCOUNT UNLOCKThe alter statement will both reset the password and unlock the account.
Review User Names and Passwords
All databases created by Oracle Database Configuration Assistant include the SYS, SYSTEM, and DBSNMP user names and passwords. In addition, Oracle Corporation provides several other administrative users. Unlock users and reset passwords before using these administrative accounts.
To unlock administrative user passwords after installation, click the Password Management button in the Database Assistant window.
Administrative User Names and Passwords
User Name Password Description See Also CTXSYS CTXSYS CTXSYS is the Oracle Text user name with CONNECT, DBA, and RESOURCE database roles. Oracle9i Oracle Text Reference DBSNMP DBSNMP DBSNMP includes the CONNECT, RESOURCE, and SNMPAGENT database roles. Run catnsnmp.sql if you want to delete this role and user. Oracle Intelligent Agent User's Guide LBACSYS LBACSYS LBACSYS is the Oracle Label Security administrator user name. Oracle Label Security Administrator's Guide MDSYS MDSYS
MDSYS is the Oracle Spatial and Oracle Locator administrator user name. Oracle Spatial User's Guide and Reference MTSSYS MTSSYS MTSSYS is the Oracle Service for Microsoft Transaction Server (MTS) user name. Using Microsoft Transaction Server With Oracle9i OLAPDBA OLAPDBA OLAPDBA is the identity that OLAP Services uses to authenticate user credentials. When you change the password for OLAPDBA in the database, make the same change to the User Password configuration setting for OLAP Services.
OLAPDBA includes the OLAP_DBA database role.
Oracle9i OLAP Services Concepts and Administration Guide OLAP Services Instance Manager Help
OLAPSVR INSTANCE OLAPSVR is the proxy identification used by all OLAP Services connections. When you change the password for OLAPSVR in the database, make the same change to the OlapProxyPwd configuration setting for OLAP Services.
OLAPSVR includes the OLAP_DBA, CONNECT, RESOURCE, and SELECT_CATALOG_ROLE database roles.
Oracle9i OLAP Services Concepts and Administration Guide OLAP Services Instance Manager Help
OLAPSYS MANAGER OLAPSYS is the identity used to create OLAP metadata structures. OLAPSYS includes the OLAP_DBA, RESOURCE, and CONNECT database roles
Oracle9i OLAP Services Concepts and Administration Guide ORDPLUGINS
ORDPLUGINS ORDPLUGINS is the Oracle interMedia Audio and Video user name with the CONNECT and RESOURCE roles. ORDPLUGINS allows non-native plug-in formats. Oracle9i interMedia User's Guide and Reference ORDSYS ORDSYS ORDSYS is the Oracle interMedia Audio, Video, and Image user name administrator user name with CONNECT, JAVAUSERPRIV, and RESOURCE database roles. Oracle9i interMedia User's Guide and Reference OUTLN OUTLN OUTLN includes the CONNECT and RESOURCE database roles, and supports plan stability. Plan stability allows you to maintain the same execution plans for the same SQL statements. OUTLN acts as a role to centrally manage metadata associated with stored outlines. Oracle9i Database Concepts Oracle9i Database Performance Guide and Reference
SYS CHANGE_ON_INSTALL SYS is used for performing database administration tasks. SYS includes the following database roles:
AQ_ADMINISTRATOR_ROLE
AQ_USER_ROLE
CONNECT
CTXAPP
DBA
DELETE_CATALOG_ROLE
EXECUTE_CATALOG_ROLE
EXP_FULL_DATABASE
HS_ADMIN_ROLE
IMP_FULL_DATABASE
JAVA_ADMIN
JAVADEBUGPRIV
JAVAIDPRIV
JAVAUSERPRIV
OEM_MONITOR
RECOVERY_CATALOG_OWNER
RESOURCE
SELECT_CATALOG_ROLE
SNMPAGENT
TIMESERIES_DBA
TIMESERIES_DEVELOPEROracle9i Database Administrator's Guide SYSTEM MANAGER You can use SYSTEM to perform database administration tasks. SYSTEM includes the AQ_ADMINISTRATOR_ROLE and DBA database roles. Oracle9i Database Administrator's Guide SCOTT TIGER SCOTT includes the CONNECT and RESOURCE database roles. Oracle9i Database Administrator's Guide
Any database user can be granted limited SYS role database privileges to use the Oracle Enterprise Manager Diagnostics Pack. Grant users access to these necessary SYS privileges by granting them the OEM_MONITOR role. This role is created when the database is installed and is defined in the following SQL script:
/$ORACLE_HOME/rdbms/admin/catsnmp.sqlIn addition to being granted the OEM_MONITOR role, users must have sufficient default tablespace quota within the monitored database for OEM to run and evaluate some advanced events. Failure to allocate sufficient tablespace to users that are granted the OEM_MONITOR role will result in an insufficient privilege message.
The passwords are necessary only when the user resets and unlocks the passwords manually and are not required when it is done automatically.
Identify Databases
The Oracle9i software identifies a database by its global database name. A global database name consists of the database name and network domain. The global database name uniquely distinguishes a database from any other database in the same network domain. Create a global database name when prompted in the Database Identification window during Oracle9i database installation.
Example 4-1 Example of a Global Database Name
sales.us.acme.com
In the preceding example, sales is the name of the database. The database name portion is a string of no more than 8 characters that can contain alpha, numeric, and additional characters. The database name is also assigned to the DB_NAME parameter in the init.ora file.
us.acme.com is the network domain in which the database is located. Together, the database name and the network domain make the global database name unique. The domain portion is a string of no more than 128 characters that can contain alpha, numeric, period (.), and additional characters. The domain name is also assigned to the DB_DOMAIN parameter in the init.ora file.
The DB_NAME parameter and the DB_DOMAIN name parameter combine to create the global database name value assigned to the SERVICE_NAMES parameter in the init.ora file.
The System Identifier (SID) identifies a specific Oracle9i instance reference to the database. The SID uniquely distinguishes a database from any other database on the same computer. Multiple Oracle home directories enable you to have multiple, active Oracle databases on a single computer. Each database requires a unique SID and database name.
The SID name comes from the value entered for the database name in the Database Identification window. The SID can be up to 64 alpha and numeric characters in length.
For example, if the SID and database name for an Oracle database are ORCL, each database file is in the $ORACLE_BASE/oradata/ORCL directory and the initialization parameter file is in the $ORACLE_BASE/admin/ORCL/pfile directory. The ORCL directory is named after the DB_NAME parameter value.
Tablespaces and Data Files
An Oracle9i database is divided into smaller logical areas of space known as tablespaces. Each tablespace corresponds to one or more physical data files. Data files contain the contents of logical database structures such as tables and indexes. You can associate each data file with only one tablespace and database.
Unless you specify different names with Oracle Database Configuration Assistant, the tablespaces and data files described in the following table are automatically included in the Custom database.
Tablespaces and Data Files
Tablespace Data File Contains... CWMLITE cwmlite.dbf OLAP tablespace DEMO demo01.dbf Demo Schema DRSYS dr01.dbf Oracle Text-related schema objects INDX indx01.dbf Indexes associated with the data in the USERS tablespace RBS rbs01.dbf Rolled back transactions that failed to complete normally You might need to expand this tablespace if you have long-running or high-data-volume transactions.
SYSTEM system01.dbf The data dictionary. This includes definitions of tables, views, and stored procedures needed by the Oracle database. The database maintains information in this area automatically. The SYSTEM tablespace is present in all Oracle databases.
TEMP temp01.dbf Temporary tables and/or indexes created during the processing of your SQL statement You might need to expand this tablespace if you are executing a SQL statement that involves a lot of sorting, such as ANALYZE COMPUTE STATISTICS on a very large table, or the constructs GROUP BY, ORDER BY, or DISTINCT.
TOOLS tools01.dbf The Installer creates this data file when the user wants to install any third-party or Oracle tools/products. USERS users01.dbf As you generate and enter data into tables, you fill this space with your data.
If you choose to create a new repository and accept the default settings when running Oracle Enterprise Manager Configuration Assistant, you create a tablespace named OEM_REPOSITORY and a data file named oem_repository.ora will be created.
Locate the Initialization Parameter File
The starter database contains the init.ora database initialization parameter file. It is a text file that contains a list of preconfigured instance configuration parameters. The file is located in the ORACLE_BASE/admin/db_name/pfile directory, and must exist for an instance to start. No edits are required to this file in order to use the starter database.
Locate Redo Log Files
The starter database and the custom database each contain three redo log files located in the $ORACLE_BASE/oradata/db_name directory.
Redo Log files
Database Files Disk Size Description redo01.log redo02.log
redo03.log
1 MB 1 MB
1 MB
Redo log files hold a record of all changes made to data in the database buffer cache. If an instance failure occurs, then Oracle9i uses the redo log files to recover the modified data in memory. Oracle9i uses redo log files in a cyclical fashion. For example, if three files constitute the online redo log, Oracle9i fills the first file, then the second file, and then the third file. In the next cycle, it reuses and fills the first file, the second file, and so on.
Locate Control Files
The starter database contains three control files located in the $ORACLE_BASE/oradata/db_name directory. The files control01.ctl, control02.ctl, and control03.ctl are automatically included in the Custom database. Oracle Corporation recommends that you keep at least three control files (on separate physical drives) for each database and set the CONTROL_FILES initialization parameter to list each control file.
Database Control Files
Control Files Description control01.ctl control02.ctl
control03.ctl
A control file is an administrative file. Oracle9i requires a control file to start and run the database. The control file records the physical structure of the database. For example, a control file contains the database name, and the names and locations of the database data files and redo log files.
Use Rollback Segments
Rollback segments record the old values of data changed by each transaction whether or not the transaction has been committed. Every database contains one or more rollback segments. Use rollback segments to provide read consistency, roll back transactions, and recover the database.
Rollback Segments
Rollback Segment Contained in this Tablespace... Used by SYSTEM SYSTEM SYS RB_TEMP SYSTEM (private) SYS RB1 through RB16 are a pool of rollback segments that any instance, requiring a rollback segment, can use. RBS PUBLIC
Use the Data Dictionary
The data dictionary is a protected collection of tables and views containing reference information on the database, its structure, and its users. The data stored in the dictionary includes the following:
- Names of the Oracle database users
- Privileges and roles granted to each user
- Names and definitions of schema objects including tables, views, snapshots, indexes, clusters, synonyms, sequences, procedures, functions, and packages
- Integrity constraints
- Space allocation for database objects
- Auditing information, such as who accessed or updated various objects
Oracle Software Removal
A complete removal of Oracle software requires you to remove any installed databases with the Oracle Database Configuration Assistant and deconfigure Oracle Net with the Oracle Net Configuration Assistant. Removal requires that you:
- Run Oracle Database Configuration Assistant and Oracle Net Configuration Assistant before you use the Installer to remove the Oracle software
- Stop Oracle Internet Directory Control Utility and Oracle Internet Directory Monitor
- Change APACHE account primary GID to the group that owns the oraInventory directory
A partial removal of Oracle software does not necessarily require you to run either Oracle Database Configuration Assistant or Oracle Net Configuration Assistant.
You cannot remove Oracle9i JVM separately from other products installed with Oracle9i. Removing Oracle9i JVM causes Oracle Universal Installer to remove Oracle9i and other products dependent on Oracle9i JVM from your system.
Remove an Oracle Database with Oracle Database Configuration Assistant
- Start the Oracle Database Configuration Assistant by using the dbca command located in the $ORACLE_HOME/bin/ directory:
$ dbca- From the initial screen, select Delete a Database.
- Click Next.
- Select the instance for the database that you want to delete.
- Click Finish. Verify that you want to delete the database in the window that appears.
Because you can only delete one database at a time, repeat these steps for each database that you want to delete.
After you have run the Oracle Database Configuration Assistant, run the Oracle Net Configuration Assistant in remove mode by starting the assistant from the command line with the /deinst parameter:
$ netca /deinst
Remove Oracle Internet Directory
To remove Oracle Internet Directory Services:
- Stop the Oracle Internet Directory Server by using the following command:
$ oidctl connect=net_service_name server=oidldapd \
instance=server_instance_number stopIn the preceding command, net_service_name parameter is the network connection to the Oracle Internet Directory Server and server_instance_number is the instance number which appears in the Server List tab of Oracle Directory Manager.
- Stop the Oracle Internet Directory Monitor by using the following command:
$ oidmon connect=net_service_name stop
Follow the procedures in "Removing an Oracle Database with Oracle Database Configuration Assistant" to remove the Oracle9i database configured with Oracle Internet Directory.
Change the APACHE Account GID for Removal
- Log in as root user.
- Change the APACHE account primary GID group to the group that has ownership of the oraInventory directory. Typically, this is the ORAINVENTORY group.
- Log out as root user.
Remove of Oracle Label Security
Perform the following steps to remove Oracle Label Security. Do not perform a DROP USER CASCADE on the LBACSYS account to remove Oracle Label Security.
- Connect as SYSDBA.
- Execute the $ORACLE_HOME/lbac/admin/droplbasys.sql script to delete the LBACSYS account.
- Use the Oracle Universal Installer to remove Oracle Label Security.
Remove Oracle Software with Oracle Universal Installer
- Start the Installer as described in "Oracle Universal Installer".
- Click on the Deinstall Products button on the Welcome window or the Installed Products... button available on any Installer window. The Inventory window appears, listing the installed products.
- In the Inventory window, select any product(s) to remove.
- Click on the Remove button.
Clean Up After a Failed Installation
If an installation fails, remove files that the Installer created during the attempted installation. Perform the following steps to remove the files:
- Start the Installer as described in "Oracle Universal Installer".
- Click on the Deinstall Products button on the Welcome window or the Installed Products... button available on any Installer window. The Inventory window appears, listing installed products.
- In the Inventory window, select any product(s) to remove.
- Click on the Remove button.
To complete the cleanup, manually remove the Oracle home directory. This is necessary because the Oracle Universal Installer might copy files to your system but fail to register them during the unsuccessful installation. This step is not necessary if removal deletes all files from the Oracle home directory.