Oracle UNIX System Administration Architecture Oracle UNIX/Linux Tips by Burleson Consulting

Introduction to the UNIX architecture

At its most basic level, an operating system (OS) is the software program that allows a computer's hardware and software to work together.  The OS is responsible for managing the interaction of processes to external devices such as the keyboard, data files, and terminal screen. When an Oracle database runs on a UNIX server, the database software interfaces with UNIX in order to manage the interaction between the database and the data files on disk.  In addition, Oracle has numerous UNIX structures for holding message logs, trace files and other housekeeping (Figure 1-1).

Figure 1: Oracle interacts with the UNIX environment

We will be exploring the details of the UNIX operating system in Chapter 2, but for now we will just cover the major features of UNIX and how Oracle interacts with UNIX.

Dialects of UNIX

Through the 1990s, UNIX continued to evolve and gain popularity as UNIX servers moved into mainstream data processing.  UNIX developed unique dialects, each unique to each UNIX vendor, and today?s Oracle professional must be fluent in many different dialects of UNIX.

One of the biggest problems for the Oracle DBA is that it has never been a single, unified UNIX product with total compatibility from one system to another. Most differences have arisen from different versions developed by three major early UNIX dialects, AT&T UNIX, the Berkeley BSD UNIX and Microsoft?s XENIX product.

Today, the most popular dialects of UNIX include Hewlett-Packard UNIX (HP/UX), IBM?s UNIX (AIX), Sun UNIX (Solaris), and the popular Linux dialects (Red Hat Linux, SuSe Linux. This book is geared toward all versions of Oracle7, Oracle8, Oracle8i and Oracle9i, and we include dialects of UNIX including HP/UX, IBM?s AIX, Sun?s Solaris, Linux, and we will also show some commands in IRIX, DEC-UNIX and UNIXWARE. 

System Administration in UNIX

Just as the Oracle database is controlled by the values of an initialization file, the UNIX operating system is controlled by several initialization files.  These files control the configuration of the Oracle server and the amount of available resources for all tasks that run on the server.  The UNIX initialization files control every aspect of the OS environment, and especially those that are related to Oracle performance.

1. The setting for the number of semaphores (2x Oracle processes)

2. The amount of swap disk (at least 2x Ram memory)

3. The configuration of the mount points for the disks

4. The amount of available RAM memory

Most of the UNIX control facilities are beyond the scope of this text, but it is noteworthy that many of the UNIX system parameters have a direct impact on the performance of the Oracle database. Let?s take a closer look at those UNIX control files that impact Oracle.

The UNIX /etc/system file

The /etc/system file control the setting for numerous UNIX kernel parameters.  These parameters have a direct impact on the performance of the Oracle database.  At Oracle installation time, the OS-specific installation manual directs the Oracle DBA to the appropriate settings for many of the kernel parameters.  Here is a typical /etc/system file for an Oracle server:

root> cat /etc/system
set shmsys:shminfo_shmmax=4294967295
set shmsys:shminfo_shmmin=1
set shmsys:shminfo_shmseg=10
set semsys:seminfo_semmni=24000
set semsys:seminfo_semmsl=100
set semsys:seminfo_semmns=24000
set semsys:seminfo_semopm=100
set semsys:seminfo_semvmx=32767
set tcp:tcp_conn_hash_size=4096

UNIX access control management

In UNIX, a user named oracle is generally created to become the owner of the Oracle software on the UNIX server.  In addition to the oracle user, other UNIX users may be created and granted access to certain oracle files on the server. Let?s begin by understanding how UNIX manages user IDs and groups. 

UNIX group management

We begin by looking a special file called /etc/group.  Each line of the /etc/group file contains group data separated by a colon ?:?. This file defines each group and contains the following values:

group name   :  group_nbr  : members of the group

root> cat /etc/group
root::0:root
bin::2:root,bin,daemon
mail::6:root
tty::7:root,tty,adm
lp::8:root,lp,adm
nuucp::9:root,nuucp
daemon::12:root,daemon
dba::102:oracle,oradev
mysql::104:

Next, let?s see how user information is stored inside UNIX.

UNIX user management

UNIX users are controlled by a special file called /etc/passwd.  This file contains a series of strings separated by colons ?:?.  The values are:

username  :  password  :  user_nbr : group_nbr :  default shell
root> cat /etc/passwd

oracle:x:108:102::/export/home/oracle:/bin/ksh
oradev:x:109:102::/export/home/oradev:/bin/ksh

From the above listing we can determine that the oracle user has a encrypted password in /etc/shadow, that they are user 108, and they are in group 102.  The oracle user has /export/home/oracle for a home directory, and they are using the Korn shell as a default shell.

UNIX passwords on Oracle servers

UNIX passwords are notoriously vulnerable to hacking.  In UNIX, users can change their passwords by invoking the passwd command.  Note that the listing of /etc/passwd above does not contain the encrypted passwords for the user IDs, and the password column is denoted with an ?x?.  This indicates that the system administrator is storing the passwords in another special file called /etc/shadow.

Unfortunately, protecting passwords in a /etc/shadow file is not always enough to ensure security.  Several tools such as John the Ripper can be used to easily crack into these UNIX files, stealing access to the Oracle server, and all database data.  To learn how to protect yourself from UNIX password hacking, see the UNIX password cracker at  http://www.openwall.com/john/.

The power of root

In UNIX, the ?super user? is always called root.  The root user may sign-on as any UNIX user without supplying a password by using the super user (su) command.  For example, the root user can sign-on as the oracle user by entering su ? oracle.  The root user may also change any password in the system by entering passwd command followed by the userid.  For example, the root user could change in oracle password by entering passwd oracle.

UNIX connectivity for Oracle

When the Oracle DBA creates their tnsnames.ora file to define remote databases they often specify the host name of the foreign server that contains the remote Oracle database.  For example, a entry in the tnsnames.ora file for a remote database might look like this:

berlin =
   (DESCRIPTION =
     (ADDRESS_LIST =
         (ADDRESS =
           (COMMUNITY = TCP)
           (PROTOCOL = TCP)
          (HOST = hun)
           (PORT = 1521)
          )
      )
     (CONNECT_DATA = (SID = kraut))
    )

Here we see a TNS service name of berlin, which defines a connection to a remote server named hun that contains an Oracle database named kraut. When a remote connection request is made from the UNIX server, the /etc/host file is accessed to get the IP address for the hum server.  From the listing below, we see that the hun server is located at 192.133.13.12.  In sum, the /etc/host file is used to isolate the IP address from the tnsnames.ora file.  If the IP address should ever change, the UNIX systems administrator only needs to change the IP address in one place.

root> cat /etc/hosts
192.133.13.22  hun    hun.com
192.144.13.22  dopey  dopey.com

Next, let?s start looking at UNIX commands and begin by exploring their similarity to MS-DOS commands for the PC.

UNIX and DOS commands

Back in the days before Microsoft Windows dominated the PC market, operating system were controlled by commands.  PC users were required to learn these commands in order to perform tasks.  During the 1980s, Microsoft DOS dominated the PC market while the early UNIX command systems were used on larger multi-processing servers.  The main difference between UNIX and DOS is that DOS was originally designed for single-user systems, while UNIX was designed for systems with many users.

While PC?s have evolved into GUI interfaces such as Windows, UNIX systems have never evolved into GUI environments.  Hence, The Oracle professional must master a bewildering number of cryptic UNIX commands in order to manage their Oracle databases.

One of the most confounding issues for the UNIX neophyte is being confronted with a complex UNIX command.  The cryptic nature of UNIX is such that even the most seasoned UNIX professional may have trouble deciphering the purpose of the command.

We will begin by examining a cryptic UNIX command and then see how the command is deciphered by applying a simple set of rules.

Because UNIX and MS-DOS were developed at the same time they share some common syntax, and the UNIX neophyte will be happy to find many common commands and concepts.  Table 1-1 shows some of the commonality between UNIX and MS-DOS commands:

UNIX	MS-DOS	Command Function
--	cd -	Switch between current and last directory
cat	type	Displays the contents of a file
cd	cd	Moves from one directory to another
cd /u01/test	cd c:\u01\test	Change directory paths
cd ..	cd..	Go up in directory
chmod	attrib	Sets file permissions
clear	cls	Clear the screen
cp	copy	Copies a file (or a group of files)
diff	fc	Compare two files
cpio	xcopy	Backs up and recovers files
date	date	Display the system date
doskey	<ctl> k (3)	Display command history
export PS1=?xx?	prompt	Change the command prompt text
find	grep	Find a character string in a file
gzip	dblspace	Compress a data file
ln	--	Forms a link to a file
lp	print	Queues a file for printing
lpstat	print	Displays the printing queue
ls -al	dir	Displays the contents of a directory
mem	lsdev (2)	Display RAM memory
mkdir	md	Creates a new subdirectory
move	cp  (4)	Move a file to another directory
mv	rename	Renames a file
rm	del	Deletes a file (or group of files)
rmdir	rd	Deletes an existing directory
setenv  (1)	set	Set an environment variable
sort	sort	Sorts lines in a file
ver	uname -a	Display OS version
vi	edit	Creates and edits text

Table 1: UNIX and MD-DOS commands

(1) C-Shell command

(2) Solaris command

(3) With ?set ?o vi? command

(4) No direct UNIX equivalent

As we can see, being productive with UNIX involves learning many commands and combinations of commands.  Rather than attempting to teach you every possible UNIX command, this chapter will focus on those UNIX commands that you will be using to perform basic Oracle database management commands.

Let?s begin by giving you some tips that will direct you through the labyrinthine maze of UNIX commands.

 

If you like Oracle tuning, see the book "Oracle Tuning: The Definitive Reference", with 950 pages of tuning tips and scripts.  You can buy it direct from the publisher for 30%-off and get instant access to the code depot of Oracle tuning scripts.