Sunteți pe pagina 1din 3

Page No 86: /etc/passwd /etc/security/.profile /etc/security/limits /etc/security/passwd /etc/security/user /usr/lib/security/mkuser.default Edit the kernel parameters.

In /etc/tunables/nextboot IdentifyinganexistingOraclehomedirectory Enterthefollowingcommandtodisplaythecontentsoftheoratab file:


# more /etc/oratab

Verifying UDP and TCP Kernel Parameters Use NDD to ensure that the kernel TCP/IP ephemeral port range is broad enough to provide enough ephemeral ports for the anticipated server workload. Ensure that the lower range is set to at least 9000 or higher, to avoid Well Known ports, and to avoid ports in the Registered Ports range commonly used by Oracle and other server ports. Set the port range high enough to avoid reserved ports for any applications you may intend to use. If the lower value of the range you have is greater than 9000, and the range is large enough for your anticipated workload, then you can ignore OUI warnings regarding the ephemeral port range. Use the following command to check your current range for ephemeral ports: # /usr/sbin/no -a | fgrep ephemeral tcp_ephemeral_low = 32768 tcp_ephemeral_high = 65535 udp_ephemeral_low = 32768 udp_ephemeral_high = 65535 In the preceding example, the TCP and UDP ephemeral ports are set to the default range (3276865536). If you expect your workload to require a high number of ephemeral ports, such as high node counts or heavy use of Parallel Query, then update the UDP and TCP ephemeral port range to a broader range. For example: # /usr/sbin/no -p -o tcp_ephemeral_low=9000 -o tcp_ephemeral_high=65500 # /usr/sbin/no -p -o udp_ephemeral_low=9000 -o udp_ephemeral_high=65500 Setting the ORACLE_HOSTNAME Environment Variable Use the following procedure to set the ORACLE_HOSTNAME environment variable. For example, if the fully qualified host name is somehost.us.example.com, then enter one of the following commands: In Bourne, Bash, or Korn shell: $ ORACLE_HOSTNAME=somehost.us.example.com $ export ORACLE_HOSTNAME In C shell: % setenv ORACLE_HOSTNAME somehost.us.example.com Determining if the Oracle Inventory Group Exists An oraInst.loc file has content similar to the following: inventory_loc=central_inventory_location inst_group=group In the preceding example, central_inventory_location is the location of the Oracle Central Inventory,

and group is the name of the group that has permissions to write to the central inventory. If you have an existing Oracle Inventory, then ensure that you use the same Oracle Inventory for all Oracle software installations, and ensure that all Oracle software users you intend to use for installation have permissions to write to this directory. To determine if the Oracle Inventory group exist, enter the following command: # grep oinstall /etc/group To determine if the oraInst.loc file exists, enter the following command: # more /etc/oraInst.loc Creating Required Operating System Groups and Users 2-18 Oracle Database Installation Guide If the oraInst.loc file exists, then the output from this command is similar to the following: inventory_loc=/u01/app/oraInventory inst_group=oinstall In the previous output example: The inventory_loc group shows the location of the Oracle Inventory The inst_group parameter shows the name of the Oracle Inventory group (in this example, oinstall). Creating the Oracle Inventory Group If the oraInst.loc file does not exist, then create the Oracle Inventory group using the following procedure: 1.Enter the following command: # smit security 2.Choose the appropriate menu items to create the Oracle Inventory (oinstall) group. 3.Press F10 to exit. Creating the OSDBA Group for Database Installations You must create an OSDBA group in the following circumstances: An OSDBA group does not exist, for example, if this is the first installation of Oracle Database software on the system An OSDBA group exists, but you want to give a different group of operating system users database administrative privileges for a new Oracle Database installation If the OSDBA group does not exist or if you require a new OSDBA group, then create it as follows. In the following procedure, use the group name dba unless a group with that name exists: 1.Enter the following command: # smit security 2.Choose the appropriate menu items to create the dba group. 3.Press F10 to exit. Creating an OSOPER Group for Database Installations Create an OSOPER group only to identify a group of operating system users with a limited set of database administrative privileges (SYSOPER operator privileges). For most installations, it is sufficient to create only the OSDBA group. If you want to use an OSOPER group, then you must create it in the following circumstances: If an OSOPER group does not exist; for example, if this is the first installation of Oracle Database software on the system If an OSOPER group exists, but you want to give a different group of operating system users database operator privileges in a new Oracle installation If you require a new OSOPER group (typically, oper), then create it as follows. In the following, use the group name oper unless a group with that name exists: Creating Required Operating System Groups and Users Oracle Database Preinstallation Requirements 2-19 1.Enter the following command: # smit security 2.Choose the appropriate menu items to create the oper group. 3.Press F10 to exit. Creating the OSASM Group for Oracle Automatic Storage Management If the OSASM group does not exist or if you require a new OSASM group, then create it as follows. In the following procedure, use the group name asmadmin unless a group with that name exists:

1.Enter the following command: # smit security 2.Choose the appropriate menu items to create the asmadmin group. 3.Press F10 to exit. Creating the OSDBA Group for Oracle Automatic Storage Management If you require a new OSDBA group for Oracle ASM, then create it as follows. In the following procedure, use the group name asmdba unless a group with that name exists: 1.Enter the following command: # smit security 2.Choose the appropriate menu items to create the asmdba group. 3.Press F10 to exit. Creating the OSOPER Group for Oracle Automatic Storage Management If you require an OSOPER group, then create it as follows. In the following procedure, use the group name asmoper unless a group with that name exists: 1.Enter the following command: # smit security 2.Choose the appropriate menu items to create the asmoper group. 3.Press F10 to exit. Creating the Oracle Software Owner User You must create an Oracle software owner user in the following circumstances: If an Oracle software owner user does not exist; for example, if this is the first installation of Oracle software on the system. If an Oracle software owner user exists, but you want to use a different operating system user, with different group membership, to give database administrative privileges to those groups in a new Oracle Database installation. If you have created an Oracle software owner for Oracle Grid Infrastructure, such as grid, and you want to create a separate Oracle software owner for Oracle Database software, such as oracle. Determining if an Oracle Software Owner User Exists To determine if an Oracle software owner user named oracle, or grid exists, enter a command similar to the following: Creating Required Operating System Groups and Users 2-20 Oracle Database Installation Guide # id oracle # id grid If the oracle user exists, then the output from this command is similar to the following: uid=501(oracle) gid=501(oinstall) groups=502(dba),503(oper) If the grid user exists, then the output from this command is similar to the following: uid=8001(oracle) gid=8001(oinstall) groups=8001(oinstall),8002(asmadmin),8003(asmdba),8006(dba) Determine whether you want to use the existing user or create another user. If you want to use the existing user, then ensure that the user's primary group is the Oracle Inventory group (oinstall) and that it is a member of the appropriate OSDBA and # ulimit -a mkgroup -'A' id='500' adms='root' oinstall mkgroup -'A' id='502' adms='root' dba mkgroup -'A' id='503' adms='root' oper mkuser id='500' pgrp='oinstall' groups='dba,oper'home='/home/oracle' oracle chown -R oracle:oinstall /oracle chmod 1. Unzip the file: gunzip <filename> 2. Extract the file: cpio -idcmv < <filename>