Welcome, connect your terminal

NFSv4 on Oracle Exadata

Jul-9-2015 By dodger

I suppose that this document will match more NFS clients, not only Oracle Exadata.
I’m using the Exadata name case in all the document’s I found on support, the information is WRONG:

      Oracle ZFS Storage: FAQ: Exadata RMAN Backup with The Oracle ZFS Storage Appliance(Doc ID 1354980.1)
      Sun ZFS Storage Appliance: Oracle Database 11g R2 NFS Mount Point Recommendations (Doc ID 1567137.1)
      Step by Step – Configure Direct NFS Client (DNFS) on Linux (11g) (Doc ID 762374.1)

All this documents has the following ops when mounting a NFS share:

1
<myIP>:/export/myshare /myshare nfs rw,bg,hard,nointr,rsize=1048576,wsize=1048576,tcp,vers=3,actimeo=0,timeo=600 0 0

I found that trying to mount with this options on the Exadata (RH6.6) will show you the wonderful message:

1
2
3
mount.nfs: rpc.statd is not running but is required for remote locking.
mount.nfs: Either use '-o nolock' to keep locks local, or start statd.
mount.nfs: an incorrect mount option was specified

As you can see in Doc ID 1354980.1, their instructions for mounting NFSv3 or NFSv3 are:

1
2
3
4
5
6
7
8
# dcli -l root -g /home/oracle/dbs_group chmod 644 /etc/hosts.allow
# dcli -l root -g /home/oracle/dbs_group chmod 644 /etc/hosts.deny
# dcli -l root -g /home/oracle/dbs_group chkconfig rpcbind on
# dcli -l root -g /home/oracle/dbs_group service rpcbind start
# dcli -l root -g /home/oracle/dbs_group chkconfig nfslock on
# dcli -l root -g /home/oracle/dbs_group service nfslock start
# dcli -l root -g /home/oracle/dbs_group chkconfig nfs on
# dcli -l root -g /home/oracle/dbs_group service nfs start

Which will show an error like:

1
2
3
4
5
6
7
8
9
# service nfs start
Starting NFS services:                                     [  OK  ]
Starting NFS quotas: Cannot register service: RPC: Authentication error; why = Client credential too weak
rpc.rquotad: unable to register (RQUOTAPROG, RQUOTAVERS, udp).
                                                           [FAILED]
Starting NFS mountd:                                       [  OK  ]
Starting NFS daemon: rpc.nfsd: writing fd to kernel failed: errno 13 (Permission denied)
rpc.nfsd: unable to set any sockets for nfsd
                                                           [FAILED]

So why don’t use NFSv4 which has portmapping IN the protocol?

1
<myIP>:/export/myshare /myshare nfs rw,bg,hard,nointr,rsize=1048576,wsize=1048576,tcp,vers=4,actimeo=0,timeo=600 0 0

That’s all, Enjoy!!!

HOWTO Debug Windows

Apr-2-2015 By dodger

I’ve been out xD
Nop, seriously, I’ve been working hard past months (and I’ll continue a bit more).

But I want to share a new doc I’ve just cooked on the wiki.

As I’ve been 3 days working on trying to find an error on Windows (my actual project deadline is near…) and our Windows “Sysadmins” are not able to help me, I decided to go harder and read M$ documentation about how to debug their “Operating System” (they like the “metaforas” saying that this is a real OS).

At the end? I think I will add “Windows Debugging” as a new skill on my CV.
Talking with my linux workmate, We doubt many of windows sysadmins know all this tools (maybe the most famous one, systernals):

  • Systernals
  • Windbg
  • Debug Diagnostics

Have a look at the wiki post:
http://wiki.ciberterminal.net/doku.php?id=debugging_windows

There are some android distro’s that comes natively with busybox inside but NOT the symlinks necessaries to have all the set of commands that busybox provides.

I noticed that botbrew crash in its installation due that.
So instead of installing a new busybox, I simply create the links:

1
2
3
4
5
6
7
8
9
10
adb root
adb shell
echo "saving command list for later usage (remove)"
for i in $(busybox --list | busybox egrep "[[:alnum:]]") ; do echo "${i}" ; done >> /sdcard/busybox_complete_cmd.txt
mount -o remount,rw /system
cd /system/xbin
for i in $(cat /sdcard/busybox_complete_cmd.txt) ; do ln -s busybox ${i} ; done
cd /
mount -o remount,ro /system
reboot

That’s all folks.

In the future if you want to remove the symlinks, you can use the same file you’ve generated and something like this:

1
2
3
4
5
6
7
8
adb root
adb shell
mount -o remount,rw /system
cd /system/xbin
for i in $(cat /sdcard/busybox_complete_cmd.txt) ; do unlink ${i} ; done
cd /
mount -o remount,ro /system
reboot

Oracle: object user grants

Mar-21-2014 By dodger

Oracle is Oracle… It has good and bad things.
The bad of course… it’s closed and you’ll be crazy before getting info about how to do things.
And the good is that everythings is inside!! just at 1 query distance ;-)

Some days ago I was trying to look for grants given to a user by another user (WITH ADMIN OPTION).
I was logged with sys and I used “my” 2 wonderful querys for obtaining that info (copy/pasted from the internet),

  • Direct grants:
  • 1
    2
    3
    4
    SELECT owner, TABLE_NAME, select_priv, insert_priv, delete_priv, update_priv, references_priv, alter_priv, index_priv
      FROM table_privileges
     WHERE grantee = '&theUser'
     ORDER BY owner, TABLE_NAME;
  • INdirect grants:
  • 1
    2
    3
    4
    SELECT DISTINCT owner, table_name, PRIVILEGE
      FROM dba_role_privs rp JOIN role_tab_privs rtp ON (rp.granted_role = rtp.role)
     WHERE rp.grantee = '&theUser'
     ORDER BY owner, table_name;

Ressult? 0 rows! WTF!
I know there’s a plenty of it!!!

Read the rest of this entry »

Problems after upgrade mariadb

Mar-7-2014 By dodger

As you should know, there’s an important bug on TLS libs on every linux OS.
So upgrade is mandatory.
There’s also another little update in mariadb if you’re using it instead of mysql.
The problem is there, but not the indicator.

The problem in my case comes from the smtp server, I got the error:

1
535 5.7.8 Error: authentication failed: authentication failure

While tring to send an email (only sending, receiving works fine).
Looking in mail.log:

1
2
Mar  6 10:49:06 ciberterminal postfix/smtpd[29949]: warning: SASL authentication failure: Password verification failed
Mar  6 10:49:06 ciberterminal postfix/smtpd[29949]: warning: localhost.localdomain[127.0.0.1]: SASL authentication failed: authentication failure

Auth failed from SASL? WTF!
So i began debuging it:

1
/usr/sbin/saslauthd -a pam -c -m /var/spool/postfix/saslauthd -r -n 1 -d -VVVVVVVVVV

But it only shows:

1
do_auth: auth failure: [user=dodger@ciberterminal.net] [service=smtp] [realm=ciberterminal.net] [mech=pam] [reason=PAM auth error]

Anything else.
Searching internet, I saw that post, I forgot to look for errors on auth.log!
Here it is:

1
2
3
4
Mar  7 10:48:41 ciberterminal saslauthd[4552]: PAM unable to dlopen(pam_mysql.so): /lib/security/pam_mysql.so: symbol make_scrambled_password, version libmysqlclient_18 not defined in file libmysqlclient.so.18 with link time reference
Mar  7 10:48:41 ciberterminal saslauthd[4552]: PAM adding faulty module: pam_mysql.so
Mar  7 10:48:41 ciberterminal saslauthd[4552]: DEBUG: auth_pam: pam_authenticate failed: Module is unknown
Mar  7 10:48:41 ciberterminal saslauthd[4552]: do_auth         : auth failure: [user=trian@ciberterminal.net] [service=smtp] [realm=ciberterminal.net] [mech=pam] [reason=PAM auth error]

Read the rest of this entry »

For all of you that are not the lucky owner of an Enterprise Manager license or you simply want to use nagios or another monitoring engine to get status and graphs of oracle, probably you’ll be using the “check_remote_oracle” plugin.

If you’re a scripter/developer maybe you’ll understand me when you open an script and see an COMPLETELY UNREADABLE code, with no functions, no indentation… etc
And then you’ll have to change anything stupid inside the script and then f**k it does not work!

This is the story of that script, I installed it, then I have to do some changes… and then I decided to rewrite it completely…
I’m not the best scripter of the world, but I know how to use functions, indentation and that useless shit :-P

You can read the whole documentation on its wiki page.

Enjoy!

PS: updated the instructions, I forgot the information about the unprivileged user for connecting to Oracle instance.
PS2: Updated again, new control!