Oracle软件权限修复
1.1 权限修复
1.1.1 如果$GRID_HOME下的权限被人为修改过,那么如何来修复该权限问题?
参考连接:http://blog.itpub.net/26736162/viewspace-2121470/
使用chown -R误操作将整个$GRID_BASE或$GRID_HOME的权限修改了,或者删除了$GRID_HOME/log文件夹下的所有内容,导致集群不能启动。在这种情况下可以根据MOS文档:Tips for checking file permissions on GRID environment(ID 1931142.1)来修复该问题。
该文档中描述到,在$GRID_HOME/crs/utl(Oracle 11.2及12.1.0.1)或<GRID_HOME>/crs/utl/<hostname>(Oracle 12.1.0.2)下面的crsconfig_dirs和crsconfig_fileperms文件中记录了整个$GRID_HOME下面的文件和目录的相关权限。
Check the permissions from the following 2 files which are created during Grid Infrastructure installation.
In $GRID_HOME/crs/utl (for 11.2 and 12.1.0.1) and <GRID_HOME>/crs/utl/<hostname> (for 12.1.0.2) directory:
crsconfig_dirs :which has all directories listed in and their permissions
crsconfig_fileperms :which has list of files and their permissions and locations in .
[root@raclhr-11gR2-N1 utl]# ll $ORACLE_HOME/crs/utl/crsconfig_*
-rw-r--r-- 1 root root 8554 May 17 13:31 /u01/app/11.2.0/grid/crs/utl/crsconfig_dirs
-rw-r--r-- 1 root root 12619 May 17 13:31 /u01/app/11.2.0/grid/crs/utl/crsconfig_fileperms
-rw-r--r-- 1 root root 11218 May 17 13:31 /u01/app/11.2.0/grid/crs/utl/crsconfig_files
误操作:
chown -R oracle.oinstall $ORACLE_HOME
ps -ef |grep d.bin|grep -v grep|awk '{print $2}' | xargs kill -9
可以通过命令“cluvfy comp software -n all -verbose”来校验集群的权限是否正确。
所以要解决这个问题其实并不难,大致可以通过如下几种方法来解决:
1、根据MOS文档1931142.1提供的建议通过$GRID_HOME/crs/install/rootcrs.pl -init或roothas.pl -init进行解决。该方法可以用来解决删除了$GRID_HOME/log文件夹下的所有内容,导致集群不能启动的情况,但是对于chown -R误操作将整个$GRID_HOME的权限修改了的情况不一定能恢复。
For 11.2:
For clustered Grid Infrastructure, as root user
# cd <GRID_HOME>/crs/install/
# ./rootcrs.pl -init
For Standalone Grid Infrastructure, as root user
# cd <GRID_HOME>/crs/install/
# ./roothas.pl -init
For 12c:
For clustered Grid Infrastructure, as root user
# cd <GRID_HOME>/crs/install/
# ./rootcrs.sh -init
For Standalone Grid Infrastructure, as root user
# cd <GRID_HOME>/crs/install/
# ./roothas.sh -init
rootcrs.pl –init是在PSU>11.2.0.3.6下执行的,如果PSU<11.2.0.3.6可以执行如下两条命令来实现同样的效果。
<GRID_HOME>/crs/install/rootcrs.pl -unlock
<GRID_HOME>/crs/install/rootcrs.pl -patch
2、采用MOS文档1515018.1上提供的脚本permission.pl在权限正常节点上生成修复脚本,然后将生成的修复脚本在异常节点上执行来修复权限问题。可以用来修复chown -R误操作将整个$GRID_HOME的权限修改了的情况。
注意,该脚本会产生2个文件:
a. permission-<time stamp> - This contains file permission in octal value, owner and group information of the files captured
b. restore-perm-<time stamp>.cmd - This contains command to change the permission, owner, and group of the captured files
修复时只需要执行restore-perm-<time stamp>.cmd文件即可。在执行脚本之前,需要将脚本中的节点名称替换成异常节点名。vi下的替换命令为:
:%s/raclhr-11gr2-n2/raclhr-11gr2-n1/g 替换每一行中所有 raclhr-11gr2-n2 为 raclhr-11gr2-n1
3、Oracle 11gR2可以deconfig crs的配置,然后重新运行root.sh即可。如果OCR和数据库不再同一个磁盘组里,那么重新运行root.sh脚本并不影响数据库,所以无需担心。可以用来修复OCR、OLR或表决磁盘损坏的情况,或ASM节点号和主机节点号不一致的情况。
$GRID_HOME/crs/install/rootcrs.pl -deconfig -force -verbose
dd if=/dev/zero of=/dev/rhdiskN bs=1024k count=1024 --清理磁盘头
$GRID_HOME/root.sh
在root.sh脚本执行完毕后,需要再次将数据库、监听和SERVICE等其它资源添加进集群中:
srvctl add db -d lhrrac1 -r PRIMARY -o $ORACLE_HOME
srvctl add instance -d lhrrac1 -i lhrrac11 -n raclhr-11gR2-N1
srvctl add instance -d lhrrac1 -i lhrrac12 -n raclhr-11gR2-N2
srvctl add listener -l LISTENER -o $ORACLE_HOME
1.1.2 $ORACLE_HOME/bin/oracle文件的权限修复
在安装有GI的环境下,权限、属主是严格被设定的,任何对于它们的错误修改容易引发一系列的问题,而且这些问题往往都很诡异很难按照常规的思路去诊断。一旦出现权限的问题,个人建议第1和第3种方式来修改。
如果可执行文件$ORACLE_HOME/bin/oracle的属主或权限设定出了问题,那么可能会造成很多问题。例如:无法登陆到数据库、ora-600错误、“TNS-12518: TNS:listener could not hand off client connection”、“Linux Error: 32: Broken pipe”、“ORA-12537: TNS:connection closed”、访问ASM磁盘出错等。解决办法很简单,可以在grid用户下运行setasmgidwrap命令重新配置$ORACLE_HOME/bin/oracle可执行文件的权限和属主或者直接将oracle文件的权限修改为6751。$ORACLE_HOME/bin/oracle可执行文件正确属主应该是oracle:asmadmin,并且权限必须有s才可以,如下所示:
[root@orclalhr ~]$ which setasmgidwrap
/u01/app/11.2.0/grid/bin/setasmgidwrap
[root@orclalhr ~]$ setasmgidwrap -o /u01/app/oracle/product/11.2.0/dbhome_1/bin/oracle
[root@orclalhr ~]$ ll /u01/app/oracle/product/11.2.0/dbhome_1/bin/oracle
-rwsr-s--x 1 oracle asmadmin 232399083 Apr 21 2015 /u01/app/oracle/product/11.2.0/dbhome_1/bin/oracle
[root@orclalhr ~]# ll /u01/app/11.2.0/grid/bin/oracle
-rwsr-s--x. 1 grid oinstall 203972117 Jan 5 2015 /u01/app/11.2.0/grid/bin/oracle
[root@orclalhr ~]# chmod 6751 /u01/app/oracle/product/11.2.0/dbhome_1/bin/oracle
[root@orclalhr ~]# ll /u01/app/oracle/product/11.2.0/dbhome_1/bin/oracle
-rwsr-s--x 1 oracle asmadmin 232399083 Apr 21 2015 /u01/app/oracle/product/11.2.0/dbhome_1/bin/oracle
[root@orclalhr bin]# cd /u01/app/oracle/product/11.2.0/dbhome_1/bin/
[root@orclalhr bin]# which stat
/usr/bin/stat
[root@orclalhr bin]# stat oracle
File: `oracle'
Size: 210823844 Blocks: 411776 IO Block: 4096 regular file
Device: 802h/2050d Inode: 1717737 Links: 1
Access: (6751/-rwsr-s--x) Uid: ( 501/ oracle) Gid: ( 504/asmadmin)
Access: 2017-03-16 12:33:44.809363974 +0800
Modify: 2014-05-18 17:09:50.508549983 +0800
Change: 2017-03-16 11:05:15.733816820 +0800
& 说明:
有关修复权限的更多内容可以参考我的BLOG:http://blog.itpub.net/26736162/viewspace-2121470/
How to check and fix file permissions on Grid Infrastructure environment (文档 ID 1931142.1)
In this Document
| Goal |
| Solution |
APPLIES TO:
Oracle Database - Enterprise Edition - Version 11.2.0.3 and laterOracle Database - Standard Edition - Version 12.1.0.1 to 12.1.0.1 [Release 12.1]
Information in this document applies to any platform.
GOAL
To provide ways how to check, find and correct permissions for Grid Infrastructure (GI) $ORACLE_HOME or <GRID_HOME> .
SOLUTION
1. Validate the <GRID_HOME> by using cluvfy tool.
This though only validates the binary files and theirs permissions. This is mentioned in unpublished bug 18407533 (closed as not a bug).
2. Check the permissions from the following 2 files which are created during Grid Infrastructure installation.
In $GRID_HOME/crs/utl (for 11.2 and 12.1.0.1) and <GRID_HOME>/crs/utl/<hostname> (for 12.1.0.2) directory:
- crsconfig_dirs which has all directories listed in <GRID_HOME> and their permissions
- crsconfig_fileperms which has list of files and their permissions and locations in <GRID_HOME>.
3. The permissions can be reverted back to original values with rootcrs.pl or roothas.pl. For versions 11.2.0.3.6 and higher, there is an option -init:
Reset the permissions of all files and directories under Oracle <GRID_HOME>. Please ensure CRS is not running while performing the followings:
For 11.2:
For clustered Grid Infrastructure, as root user
# ./rootcrs.pl -init
For Standalone Grid Infrastructure, as root user
# ./roothas.pl -init
For 12c:
For clustered Grid Infrastructure, as root user
# ./rootcrs.sh -init
For Standalone Grid Infrastructure, as root user
# ./roothas.sh -init
4. If that does not work then permissions can be altered manually with information found from crsconfig_fileperms and crsconfig_dirs files.
Please note that changing the permissions manually is the last resort and shouldn't be used unless recommended by Oracle support or development.
Script to capture and restore file permission in a directory (for eg. ORACLE_HOME) (文档 ID 1515018.1)
In this Document
| Main Content |
| Purpose |
| Requirements |
| Configuring |
| Instructions |
| Caution |
| Script |
APPLIES TO:
Oracle Database - Enterprise EditionGeneric UNIX
Generic Linux
MAIN CONTENT
PURPOSE
This script is intended to capture and restore the file permission of a given directory example - ORACLE_HOME. The script will create a output file called permission_<timestamp> and permission_<timestamp>.cmd
REQUIREMENTS
The script needs to be run on command prompt of Unix platform .
Perl is required to execute this script
Shell is required to run the shell script .
CONFIGURING
Download and save the script on your server as permission.pl
Provide the execute permission on the script
INSTRUCTIONS
Run the script from the location where you have downloaded and saved it
CAUTION
Proofread this sample code before using it! Due to the differences in the way text editors, e-mail packages and operating systems handle text formatting (spaces, tabs and carriage returns), this sample code may not be in an executable state when you first receive it. Check over the sample code to ensure that errors of this type are corrected.
Note : This script can restore permission back to the point at which it was captured. It is not intended to reset the permission.
SCRIPT
Execute the script from the dollar ($) prompt
Steps to capture permission of a directory
1. Download the script from here
2. Log in as "oracle" user
3. copy the file to a location say /home/oracle/scripts
4. Give execute permission
5. Execute the script to capture permission
$ ./permission.pl <Path name to capture permission>
Script generates two files
a. permission-<time stamp> - This contains file permission in octal value, owner and group information of the files captured
b. restore-perm-<time stamp>.cmd - This contains command to change the permission, owner, and group of the captured files
Steps to restore captured permission of the directory
1. Give execute permission to file generated during capture
2. execute .cmd file to restore the permission and the ownership
Sample output of the script
permission-<time stamp>
750 oracle oinstall /u03/app/oracle/OraHome_11202g/root.sh
644 oracle oinstall /u03/app/oracle/OraHome_11202g/install.platform
640 oracle oinstall /u03/app/oracle/OraHome_11202g/oraInst.loc
644 oracle oinstall /u03/app/oracle/OraHome_11202g/afiedt.buf
644 oracle oinstall /u03/app/oracle/OraHome_11202g/a.out
6755 root root /u03/app/oracle/OraHome_11202g/tsh.sh
644 oracle oinstall /u03/app/oracle/OraHome_11202g/Readme.txt
640 oracle oinstall /u03/app/oracle/OraHome_11202g/oraorcl1122
644 oracle oinstall /u03/app/oracle/OraHome_11202g/SQLtraining_day1.lst
751 oracle oinstall /u03/app/oracle/OraHome_11202g/bin/hsots
751 oracle oinstall /u03/app/oracle/OraHome_11202g/bin/nid
6751 oracle oinstall /u03/app/oracle/OraHome_11202g/bin/oracle
751 oracle oinstall /u03/app/oracle/OraHome_11202g/bin/orapwd
751 oracle oinstall /u03/app/oracle/OraHome_11202g/bin/wrap
750 oracle oinstall /u03/app/oracle/OraHome_11202g/bin/grdcscan
restore-perm-<time stamp>.cmd
chmod 755 /u03/app/oracle/OraHome_11202g
chown oracle:oinstall /u03/app/oracle/OraHome_11202g/root.sh
chmod 750 /u03/app/oracle/OraHome_11202g/root.sh
chown oracle:oinstall /u03/app/oracle/OraHome_11202g/install.platform
chmod 644 /u03/app/oracle/OraHome_11202g/install.platform
chown oracle:oinstall /u03/app/oracle/OraHome_11202g/oraInst.loc
chmod 640 /u03/app/oracle/OraHome_11202g/oraInst.loc
chown oracle:oinstall /u03/app/oracle/OraHome_11202g/afiedt.buf
chmod 644 /u03/app/oracle/OraHome_11202g/afiedt.buf
chown oracle:oinstall /u03/app/oracle/OraHome_11202g/a.out
chmod 644 /u03/app/oracle/OraHome_11202g/a.out
chown root:root /u03/app/oracle/OraHome_11202g/tsh.sh
chmod 6755 /u03/app/oracle/OraHome_11202g/tsh.sh
chown oracle:oinstall /u03/app/oracle/OraHome_11202g/Readme.txt
chmod 644 /u03/app/oracle/OraHome_11202g/Readme.txt
chown oracle:oinstall /u03/app/oracle/OraHome_11202g/oraorcl1122
chmod 640 /u03/app/oracle/OraHome_11202g/oraorcl1122
chown oracle:oinstall /u03/app/oracle/OraHome_11202g/SQLtraining_day1.lst
chmod 644 /u03/app/oracle/OraHome_11202g/SQLtraining_day1.lst
chown oracle:oinstall /u03/app/oracle/OraHome_11202g/bin/nid
chmod 751 /u03/app/oracle/OraHome_11202g/bin/nid
chown oracle:oinstall /u03/app/oracle/OraHome_11202g/bin/oracle
chmod 6751 /u03/app/oracle/OraHome_11202g/bin/oracle
chown oracle:oinstall /u03/app/oracle/OraHome_11202g/bin/orapwd
chmod 751 /u03/app/oracle/OraHome_11202g/bin/orapwd
chown oracle:oinstall /u03/app/oracle/OraHome_11202g/bin/wrap
chmod 751 /u03/app/oracle/OraHome_11202g/bin/wrap
chown oracle:oinstall /u03/app/oracle/OraHome_11202g/bin/grdcscan
chmod 750 /u03/app/oracle/OraHome_11202g/bin/grdcscan
小麦苗课程
小麦苗课堂开课啦,如下是现有的课程,欢迎咨询小麦苗:
| 课程名称 | 课时 | 上课时间 | 价格 |
| OCP(从入门到专家) | 每年1期,35课时左右/期 | 20:00-22:00 | 1588(可优惠) |
| OCM认证 | 每年N期,9课时/期 | 20:00-22:00 | 22888 |
| 高可用课程(rac+dg+ogg) | 每年1期,20课时左右/期 | 20:00-22:00 | 1888(可优惠) |
| Oracle初级入门 | 每年1期,15课时左右/期 | 20:00-22:00 | 800 |
| Oracle健康检查脚本 | 可微信或微店购买。 | 88 | |
| Oracle数据库技能直通车 | 包含如下3个课程: ①《11g OCP网络课程培训》(面向零基础) 价值1600元 ②《11g OCM网络班课程培训》(Oracle技能合集)价值10000+元 ③《RAC + DG + OGG 高可用网络班课程》 价值2000元 以上3个课程全部打包只要5888,只要5888所有课程带回家,终身指导!所有课程都是在线讲课,不是播放视频,课件全部赠送! 注意:以上OCP和OCM课程只包括培训课程,不包括考试费用。OCM提供培训+视频,但是不提供练习环境和资料。报名一次,OCP和高可用的课程可以免费终身循环听课。 | 5888 | |
| OCP+高可用(rac+dg+ogg) | 报名OCP+高可用课程,可以优惠300元,优惠后的价格为3188. | 3188(可优惠) | |
注意:
1、每次上课前30分钟答疑。
2、OCM实时答疑,提供和考试一样的练习模拟环境,只要按照老师讲的方式来练习,可以保证100%通过。
3、授课方式:YY语音网络直播讲课(非视频) + QQ互动答疑 + 视频复习。
4、OCP课时可以根据大家学习情况进行增加或缩减。
5、以上所有课程均可循环听课。
6、12c OCM课程私聊。
7、Oracle初级入门课程,只教大家最实用+最常用的Oracle操作维护知识。
8、以上所有课程,可以加小麦苗微信(lhrbestxh)或QQ(646634621)详聊,优惠多多。
| 培训项目 | 连接地址 |
| DB笔试面试历史连接 | |
| OCP培训说明连接 | |
| OCM培训说明连接 | |
| 高可用(RAC+DG+OGG)培训说明连接 | |
| OCP最新题库解析历史连接(052) | |
| 微店地址 |
About Me
.............................................................................................................................................
● 本文作者:小麦苗,部分内容整理自网络,若有侵权请联系小麦苗删除
● 本文在itpub(http://blog.itpub.net/26736162/abstract/1/)、博客园(http://www.cnblogs.com/lhrbest)和个人微信公众号(xiaomaimiaolhr)上有同步更新
● 本文itpub地址:http://blog.itpub.net/26736162/abstract/1/
● 本文博客园地址:http://www.cnblogs.com/lhrbest
● 本文pdf版、个人简介及小麦苗云盘地址:http://blog.itpub.net/26736162/viewspace-1624453/
● 数据库笔试面试题库及解答:http://blog.itpub.net/26736162/viewspace-2134706/
● DBA宝典今日头条号地址:http://www.toutiao.com/c/user/6401772890/#mid=1564638659405826
.............................................................................................................................................
● QQ群号:230161599(满)、618766405
● 微信群:可加我微信,我拉大家进群,非诚勿扰
● 联系我请加QQ好友(646634621),注明添加缘由
● 于 2018-07-01 06:00 ~ 2018-07-31 24:00 在魔都完成
● 最新修改时间:2018-07-01 06:00 ~ 2018-07-31 24:00
● 文章内容来源于小麦苗的学习笔记,部分整理自网络,若有侵权或不当之处还请谅解
● 版权所有,欢迎分享本文,转载请保留出处
.............................................................................................................................................
● 小麦苗的微店:https://weidian.com/s/793741433?wfr=c&ifr=shopdetail
● 小麦苗出版的数据库类丛书:http://blog.itpub.net/26736162/viewspace-2142121/
● 小麦苗OCP、OCM、高可用网络班:http://blog.itpub.net/26736162/viewspace-2148098/
.............................................................................................................................................
使用微信客户端扫描下面的二维码来关注小麦苗的微信公众号(xiaomaimiaolhr)及QQ群(DBA宝典)、添加小麦苗微信,学习最实用的数据库技术。
小麦苗的微信公众号 小麦苗的DBA宝典QQ群2 小麦苗的微信二维码 小麦苗的微店
.............................................................................................................................................
来自 “ ITPUB博客 ” ,链接:http://blog.itpub.net/26736162/viewspace-2157665/,如需转载,请注明出处,否则将追究法律责任。
1395
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
