Red Hat 6 and Oracle, status of certification

By | August 24th, 2011|Categories: Database|Tags: , , |

Red Hat 6 has been there a while, so what about certification with Oracle? Nothing on the Oracle support site, no press releases (maybe I missed one..). But Red Hat finally gave the answer in her Red Hat news - blog

My RAC project with Openfiler, part I – Openfiler

By | January 17th, 2011|Categories: Database, RAC|Tags: , , , |

My current job doesn’t offer me at the moment the opportunity to play with RAC or other stuff, so I decided to build my own RAC on my Windows7-desktop (64-bits, 8GB RAM), using 3 VM’s (VM-workstation , 7.1.3 build-324285) : * 2 VM’s for two RAC-nodes, based on OEL 5.5, for infra, and database. * 1 VM as my own SAN, based on Openfiler 2.3, for ASM.

Database security: personalized accounts at O.S.-level

By | July 12th, 2009|Categories: Database|Tags: , , |

Attended a workshop about “Oracle database security” (by Frits Hoogland), though the subject  could also be named  like “O.S.-security of an Oracle Database”.  Most of the times the database will be installed by an ‘oracle’ account, and all the DBA’s are using this account for administrative purpose.
Nothing wrong with that, but logging/auditing of this oracle account is modifyable (=useless) and who did what on this machine?
So it’s quite understandable that an organization will choose for personalized, controlled accounts for DBA’s. Quite scary for a DBA by the way, his kingdom and freedom is vanishing…

What follows is a template to setup such personalized account.
Root – create users and groups
# groupadd -g 54321 oracle
# groupadd -g 54322 oinstall
# groupadd -g 54323 dba
# groupadd -g 54324 oper
# groupadd -g 54325 asm
# useradd -d /home/oracle -m -g oracle -G dba,asm,users,oinstall -s /bin/bash \
-u 54321 -c “Oracle software owner” oracle

For X-windows:
grep the X-cookie, from server console:
# env |grep XAUT
Make this cookie accessable for other users:
# chmod 644 $XAUTHORITY

Become ‘oracle’
# su – oracle
$ export XAUTHORITY=/tmp/.gdmXXXXXX