本文详细解析了Oracle安装过程中root.sh脚本的作用,包括权限变更、SUID需求、系统文件修改、目录创建、文件移动等关键步骤。此外,还介绍了如何检查和设置脚本执行所需的root权限,以及在不同操作系统环境下执行的差异。
The root.sh will do different things with different products and product versions. But in general:
- if there are any permissions or ownerships to be changed, these are done by root.sh as not all OSs allow regular userids to chmod or chown;
- if there are any suid requirements (for example. $ORACLE_HOME/bin/oracle is suid/sgid 'oracle')
- if there are any changes to the OS and root-protected files (crs and inittab)
- if there are new directories (/var, /opt, especially for temp and logs) in root-only accessible parent dirs
- if there are new files (/usr/local/bin/oraenv) in root-only accessible parent dirs
- if there are special processes that need to be initiated
当然我们也可以自己查看该脚本信息:
#!/bin/sh
#
# $Id: root.sbs 12-apr-2005.04:43:03 bktripat Exp $
# Copyright (c) 2004, 2005, Oracle. All rights reserved.
#
# root.sh
#
# This script. is intended to be run by root. The script. contains
# all the product installation actions that require root privileges.
#
# IMPORTANT NOTES - READ BEFORE RUNNING SCRIPT
#
# (1) ORACLE_HOME and ORACLE_OWNER can be defined in user's
# environment to override default values defined in this script.
#
# (2) The environment variable LBIN (defined within the script) points to
# the default local bin area. Three executables will be moved there as
# part of this script. execution.
#
# (3) Define (if desired) LOG variable to name of log file.
#
AWK=/bin/awk
CAT=/bin/cat
CHGRP=/bin/chgrp
CHOWN=/bin/chown
CHMOD=/bin/chmod
CP=/bin/cp
ECHO=/bin/echo
GREP=/bin/grep
LBIN=/usr/local/bin
MKDIR=/bin/mkdir
ORATABLOC=/etc
ORATAB=${ORATABLOC}/oratab
RM=/bin/rm
SED=/bin/sed
TEE=/usr/bin/tee
TMPORATB=/var/tmp/oratab$$
# Variable based on installation
OUI_SILENT=%s_silent%
#
# Parse argument
#
while [ $# -gt 0 ]
do
case $1 in
-silent) SILENT_F=1;; # silent is set to true
-crshome) shift; CRSHOME=$1;; # CRSHOME is set
esac;
shift
done
#
# Silent variable is set based on :
# if OUI_SILENT is true or if SILENT_F is 1
#
if [ "${OUI_SILENT}" = "true" -o "$SILENT_F" ]
then
SILENT=1
else
SILENT=0
fi
#
# If Silent, throw output away (log, if set, will still be available)
#
if [ $SILENT -eq 1 ]
then
exec > /dev/null 2>&1
fi
#
# If LOG is not set, then send output to /dev/null
#
if [ "x${LOG}" = "x" -o "${LOG}" = "" ];then
LOG=/dev/null
else
$CP $LOG ${LOG}0 2>/dev/null
$ECHO "" > $LOG
fi
#
# Display abort message on interrupt.
#
trap '$ECHO "Oracle10 root.sh execution aborted!"| $TEE -a $LOG;exit' 1 2 3 15
#
# Enter log message
#
$ECHO "Running Oracle10 root.sh script..."| $TEE -a $LOG
#
# Default values set by Installer
#
ORACLE_HOME=/u01/db/app/oracledb
ORACLE_OWNER=oracle
#
# check for root
#
RUID=`/usr/bin/id|$AWK -F\( '{print $2}'|$AWK -F\) '{print $1}'`
if [ ${RUID} != "root" ];then
$ECHO "You must be logged in as root to run root.sh."| $TEE -a $LOG
$ECHO "Log in as root and restart root.sh execution."| $TEE -a $LOG
exit 1
fi
#
# check for valid crshome
#
if [ "$CRSHOME" -a ! -d "$CRSHOME" ];
then
$ECHO "ERROR: CRS home $CRSHOME is not a valid directory." | $TEE -a $LOG
exit 1
fi
#
# Determine how to suppress newline with $ECHO command.
#
case ${N}$C in
"") if $ECHO "\c"| $GREP c >/dev/null 2>&1;then
N='-n'
else
C='\c'
fi;;
esac
#
$ECHO
$ECHO "The following environment variables are set as:"| $TEE -a $LOG
$ECHO " ORACLE_OWNER= $ORACLE_OWNER"| $TEE -a $LOG
$ECHO " ORACLE_HOME= $ORACLE_HOME"| $TEE -a $LOG
#
# Get name of local bin directory
#
if [ $SILENT -eq 0 ]
then
$ECHO ""
$ECHO $N "Enter the full pathname of the local bin directory: $C"
DEFLT=${LBIN}; . $ORACLE_HOME/install/utl/read.sh; LBIN=$RDVAR
fi
if [ ! -d $LBIN ];then
$ECHO "Creating ${LBIN} directory..."| $TEE -a $LOG
$MKDIR -p ${LBIN} 2>&1| $TEE -a $LOG
$CHMOD 755 ${LBIN} 2>&1| $TEE -a $LOG
fi
#
# Move files to LBIN, and set permissions
#
DBHOME=$ORACLE_HOME/bin/dbhome
ORAENV=$ORACLE_HOME/bin/oraenv
CORAENV=$ORACLE_HOME/bin/coraenv
FILES="$DBHOME $ORAENV $CORAENV"
for f in $FILES ; do
if [ -f $f ] ; then
$CHMOD 755 $f 2>&1 2>> $LOG
short_f=`$ECHO $f | $SED 's;.*/;;'`
lbin_f=$LBIN/$short_f
if [ -f $lbin_f -a $SILENT -eq 0 ] ; then
$ECHO $n "The file \"$short_f\" already exists in $LBIN. Overwrite it? (y/n) $C"
DEFLT='n'; . $ORACLE_HOME/install/utl/read.sh; VERWRITE=$RDVAR
else
VERWRITE='y';
fi
if [ "$OVERWRITE" = "y" -o "$OVERWRITE" = "Y" ] ; then
$CP $f $LBIN 2>&1 2>> $LOG
$CHOWN $ORACLE_OWNER $LBIN/`$ECHO $f | $AWK -F/ '{print $NF}'` 2>&1 2>> $LOG
$ECHO " Copying $short_f to $LBIN ..."
fi
fi
done
$ECHO ""
#
# Make sure an oratab file exists on this system
#
if [ ! -s ${ORATAB} ];then
$ECHO
$ECHO "Creating ${ORATAB} file..."| $TEE -a $LOG
if [ ! -d ${ORATABLOC} ];then
$MKDIR -p ${ORATABLOC}
fi
$CAT <> ${ORATAB}
#
# This file is used by ORACLE utilities. It is created by root.sh
# and updated by the Database Configuration Assistant when creating
# a database.
# A colon, ':', is used as the field terminator. A new line terminates
# the entry. Lines beginning with a pound sign, '#', are comments.
#
# Entries are of the form.:
# \$ORACLE_SID:\$ORACLE_HOME::
#
# The first and second fields are the system identifier and home
# directory of the database respectively. The third filed indicates
# to the dbstart utility that the database should , "Y", or should not,
# "N", be brought up at system boot time.
#
# Multiple entries with the same \$ORACLE_SID are not allowed.
#
#
!
fi
$CHOWN $ORACLE_OWNER ${ORATAB}
$CHMOD 664 ${ORATAB}
#
# If there is an old entry with no sid and same oracle home,
# that entry will be marked as a comment.
#
FOUND_OLD=`$GREP "^*:${ORACLE_HOME}:" ${ORATAB}`
if [ -n "${FOUND_OLD}" ];then
$SED -e "s?^*:$ORACLE_HOME:?# *:$ORACLE_HOME:?" $ORATAB > $TMPORATB
$CAT $TMPORATB > $ORATAB
$RM -f $TMPORATB 2>/dev/null
fi
#
# Add generic *:$ORACLE_HOME:N to oratab
#
$ECHO "Entries will be added to the ${ORATAB} file as needed by"| $TEE -a $LOG
$ECHO "Database Configuration Assistant when a database is created"| $TEE -a $LOG
#
# Append the dbca temporary oratab entry to oratab
# In the case of ASM and RAC install, oratab is not yet created when root.sh
# is run, so we need to check for its existence before attempting to append it.
#
if [ -f $ORACLE_HOME/install/oratab ]
then
$CAT $ORACLE_HOME/install/oratab >> $ORATAB
fi
#
#
# Change mode to remove group write permission on Oracle home
#
$CHMOD -R g-w $ORACLE_HOME
$ECHO "Finished running generic part of root.sh script."| $TEE -a $LOG
$ECHO "Now product-specific root actions will be performed."| $TEE -a $LOG
#!/bin/sh
#!/usr/bin/sh
ORACLE_HOME=/u01/db/app/oracledb
# the following commands need to run as root after installing
# the OEM Daemon
AWK=/usr/bin/awk
CAT=/usr/bin/cat
CHOWN="/usr/bin/chown"
CHMOD="/usr/bin/chmod"
CHMODR="/usr/bin/chmod -R"
CP=/usr/bin/cp
ECHO=/usr/bin/echo
MKDIR=/usr/bin/mkdir
TEE=/usr/bin/tee
RM=/bin/rm
MV=/bin/mv
GREP=/usr/bin/grep
CUT=/bin/cut
SED=/usr/bin/sed
PLATFORM=`uname`
if [ ${PLATFORM} = "Linux" ] ; then
CAT=/bin/cat
CHOWN=/bin/chown
CHMOD=/bin/chmod
CHMODR="/bin/chmod -R"
CP=/bin/cp
ECHO=/bin/echo
MKDIR=/bin/mkdir
GREP=/bin/grep
if [ ! -f $CUT ] ; then
CUT=/usr/bin/cut
fi
SED=/bin/sed
fi
#
# If LOG is not set, then send output to /dev/null
#
if [ "x${LOG}" = "x" -o "${LOG}" = "" ];then
LOG=/dev/null
else
$CP $LOG ${LOG}0 2>/dev/null
$ECHO "" > $LOG
fi
# Check to make certain this is being called as root
RUID=`/usr/bin/id|$AWK -F\( '{print $2}'|$AWK -F\) '{print $1}'`
if [ ${RUID} != "root" ];then
$ECHO "You must be logged in as root to run root.sh."| $TEE -a $LOG
$ECHO "Log in as root and restart root.sh execution."| $TEE -a $LOG
exit 1
fi
# change owner and permissions of the remote operations executible
$CHOWN root $ORACLE_HOME/bin/nmo
$CHMOD 6750 $ORACLE_HOME/bin/nmo
# change owner and permissions of the program that does memory computations
$CHOWN root $ORACLE_HOME/bin/nmb
$CHMOD 6750 $ORACLE_HOME/bin/nmb
# remove backup copies if they exist
if [ -f $ORACLE_HOME/bin/nmo.bak ]; then
$RM $ORACLE_HOME/bin/nmo.bak
fi
if [ -f $ORACLE_HOME/bin/nmb.bak ]; then
$RM $ORACLE_HOME/bin/nmb.bak
fi
#change permissions on emdctl and emagent
$CHMOD 700 $ORACLE_HOME/bin/emagent
$CHMOD 700 $ORACLE_HOME/bin/emdctl
#
# Following changes to system executables are needed for getting
# host inventory metrics on HP-UX
#
if [ ${PLATFORM} = "HP-UX" ] ; then
$CHMOD 555 /usr/sbin/swapinfo
$CHMOD +r /dev/rdsk/*
fi
#!/bin/sh
#
# root specific configuration task for RAC homes
# This script. updates the dba group of Oracle RAC homes with Oracle EVM
#
SILENT=%s_silent%
RAC_ORA_CRS_HOME=/u01/db/crs/OraHome_1
RAC_DBA_GROUP=dba
if [ -z "$ECHO" ]; then ECHO=/bin/echo; fi
if [ -z "$AWK" ]; then AWK=/bin/awk; fi
if [ -z "$CP" ]; then CP=/bin/cp; fi
if [ -z "$RMF" ]; then RMF="/bin/rm -f"; fi
if [ -z "$GREP" ]; then GREP=/bin/grep; fi
if [ -z "$ID" ]; then ID=/usr/bin/id; fi
usage()
{
printf "Usage:"
printf "$0 [-silent]"
printf " [-crshome ]"
printf " [-dbagroup ]"
}
validateInput()
{
##validates if any value is assigned to the script. variables
valid=`$ECHO $1 | $AWK '/^%/ { print "false"; }'`
if [ "$valid" = "false" ];
then
$ECHO "No value set for the CRS parameter $2. Use parameter file to set values";
usage;
return 1;
fi
return 0;
}
# This script. is intended to be run by root.
RUID=`$ID|$AWK -F\( '{print $2}'|$AWK -F\) '{print $1}'`
if [ ${RUID} != "root" ];then
$ECHO "You must be logged in as root to run $0."
$ECHO "Log in as root and restart $0 execution."
exit 1
fi
USER_ARGS=$*
while [ $# -gt 0 ];
do
if [ $1 = "-silent" ]; then
SILENT=1;
elif [ $1 = "-crshome" ]; then
if [ $# -ge 2 ]; then
RAC_ORA_CRS_HOME=$2;
shift;
else
usage;
exit 2
fi
elif [ $1 = "-dbagroup" ]; then
if [ $# -ge 2 ]; then
RAC_DBA_GROUP=$2;
shift;
else
usage;
exit 2
fi
else
usage;
exit 2
fi
shift;
done
validateInput $RAC_ORA_CRS_HOME "RAC_ORA_CRS_HOME" || { $ECHO $?; exit 1; }
validateInput $RAC_DBA_GROUP "RAC_DBA_GROUP" || { $ECHO $?; exit 1; }
CRS_HOME=$RAC_ORA_CRS_HOME
export CRS_HOME
CH=$ORA_CRS_HOME
EVM_CONF_DIR=$CRS_HOME/evm/admin/conf
if $CAT $EVM_CONF_DIR/evm.auth | $AWK '/group=/ {print}' | $GREP $RAC_DBA_GROUP > /dev/null 2>&1;
then
$ECHO ""
else
$CAT $EVM_CONF_DIR/evm.auth | $AWK '/group=/ {
len=length();
str=$0;
grpind=index(str, "group");
substr1=substr(str, 1, grpind-1);
substr2=substr(str, grpind, len-grpind+1);
printf("%s%s, %s\n", substr1, "group=dba", substr2);
next;
}
{ print; }' > $EVM_CONF_DIR/evm.auth.$$
status=$?
if [ $status ];
then
$CP $EVM_CONF_DIR/evm.auth.$$ $EVM_CONF_DIR/evm.auth
fi
$RMF $EVM_CONF_DIR/evm.auth.$$
if [ $status ];
then
$CRS_HOME/bin/evmreload
fi
fi
#
# Root Actions related to network
#
:
if [ ! -d /var/tmp/.oracle ]
then
$MKDIR -p /var/tmp/.oracle;
fi
$CHMOD 01777 /var/tmp/.oracle
$CHOWN root /var/tmp/.oracle
if [ ! -d /tmp/.oracle ]
then
$MKDIR -p /tmp/.oracle;
fi
$CHMOD 01777 /tmp/.oracle
$CHOWN root /tmp/.oracle
if [ -f $ORACLE_HOME/bin/oradism ]; then
$CHOWN root $ORACLE_HOME/bin/oradism
$CHMOD 06550 $ORACLE_HOME/bin/oradism
fi
# remove backup copy
if [ -f $ORACLE_HOME/bin/oradism.old ]; then
$RM -f $ORACLE_HOME/bin/oradism.old
fi
if [ -f $ORACLE_HOME/bin/extjob ]; then
$CHOWN nobody $ORACLE_HOME/bin/extjob
$CHGRP nobody $ORACLE_HOME/bin/extjob
$CHMOD 6555 $ORACLE_HOME/bin/extjob
fi
# The filemap binaries need to exist under /opt/ORCLfmap/prot1_X where
# X is either 32 for 32-bit Solaris machines and 64 for 64-bit Solaris
# machines.
#
# Other UNIX platforms will have to do something similar
RM=rm
ORCLFMAPLOC=/opt/ORCLfmap
FILEMAPLOC=$ORCLFMAPLOC/prot1_32 # needs to be prot1_64 for 64 bit platforms
if [ ! -d $ORCLFMAPLOC ];then
$MKDIR $ORCLFMAPLOC
fi
if [ ! -d $FILEMAPLOC ];then
$MKDIR $FILEMAPLOC
fi
if [ ! -d $FILEMAPLOC/bin ];then
$MKDIR $FILEMAPLOC/bin
fi
if [ ! -d $FILEMAPLOC/etc ];then
$MKDIR $FILEMAPLOC/etc
fi
if [ ! -d $FILEMAPLOC/log ];then
$MKDIR $FILEMAPLOC/log
fi
$CP $ORACLE_HOME/bin/fmputl $FILEMAPLOC/bin
$CP $ORACLE_HOME/bin/fmputlhp $FILEMAPLOC/bin
$CHMOD 550 $FILEMAPLOC/bin/fmputl
$CHMOD 4555 $FILEMAPLOC/bin/fmputlhp
if [ ! -f $FILEMAPLOC/etc/filemap.ora ];then
$CP $ORACLE_HOME/rdbms/install/filemap.ora $FILEMAPLOC/etc
fi
#!/bin/sh
#!/usr/bin/sh
ORACLE_HOME=/u01/db/app/oracledb
# the following commands need to run as root after installing
# the OEM Daemon
AWK=/usr/bin/awk
CAT=/usr/bin/cat
CHOWN="/usr/bin/chown"
CHMOD="/usr/bin/chmod"
CHMODR="/usr/bin/chmod -R"
CP=/usr/bin/cp
ECHO=/usr/bin/echo
MKDIR=/usr/bin/mkdir
TEE=/usr/bin/tee
RM=/bin/rm
MV=/bin/mv
GREP=/usr/bin/grep
CUT=/bin/cut
SED=/usr/bin/sed
PLATFORM=`uname`
if [ ${PLATFORM} = "Linux" ] ; then
CAT=/bin/cat
CHOWN=/bin/chown
CHMOD=/bin/chmod
CHMODR="/bin/chmod -R"
CP=/bin/cp
ECHO=/bin/echo
MKDIR=/bin/mkdir
GREP=/bin/grep
if [ ! -f $CUT ] ; then
CUT=/usr/bin/cut
fi
SED=/bin/sed
fi
#
# If LOG is not set, then send output to /dev/null
#
if [ "x${LOG}" = "x" -o "${LOG}" = "" ];then
LOG=/dev/null
else
$CP $LOG ${LOG}0 2>/dev/null
$ECHO "" > $LOG
fi
# Check to make certain this is being called as root
RUID=`/usr/bin/id|$AWK -F\( '{print $2}'|$AWK -F\) '{print $1}'`
if [ ${RUID} != "root" ];then
$ECHO "You must be logged in as root to run root.sh."| $TEE -a $LOG
$ECHO "Log in as root and restart root.sh execution."| $TEE -a $LOG
exit 1
fi
# change owner and permissions of the remote operations executible
$CHOWN root $ORACLE_HOME/bin/nmo
$CHMOD 6750 $ORACLE_HOME/bin/nmo
# change owner and permissions of the program that does memory computations
$CHOWN root $ORACLE_HOME/bin/nmb
$CHMOD 6750 $ORACLE_HOME/bin/nmb
# remove backup copies if they exist
if [ -f $ORACLE_HOME/bin/nmo.bak ]; then
$RM $ORACLE_HOME/bin/nmo.bak
fi
if [ -f $ORACLE_HOME/bin/nmb.bak ]; then
$RM $ORACLE_HOME/bin/nmb.bak
fi
#change permissions on emdctl and emagent
$CHMOD 700 $ORACLE_HOME/bin/emagent
$CHMOD 700 $ORACLE_HOME/bin/emdctl
#
# Following changes to system executables are needed for getting
# host inventory metrics on HP-UX
#
if [ ${PLATFORM} = "HP-UX" ] ; then
$CHMOD 555 /usr/sbin/swapinfo
$CHMOD +r /dev/rdsk/*
fi
/u01/db/app/oracledb/rdbms/install/rootadd.sh
5813
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
