Welcome, connect your terminal

NFSv4 on Oracle Exadata

Jul-9-2015 By dodger

I suppose that this document will match more NFS clients, not only Oracle Exadata.
I’m using the Exadata name case in all the document’s I found on support, the information is WRONG:

      Oracle ZFS Storage: FAQ: Exadata RMAN Backup with The Oracle ZFS Storage Appliance(Doc ID 1354980.1)
      Sun ZFS Storage Appliance: Oracle Database 11g R2 NFS Mount Point Recommendations (Doc ID 1567137.1)
      Step by Step – Configure Direct NFS Client (DNFS) on Linux (11g) (Doc ID 762374.1)

All this documents has the following ops when mounting a NFS share:
[code]<myIP>:/export/myshare /myshare nfs rw,bg,hard,nointr,rsize=1048576,wsize=1048576,tcp,vers=3,actimeo=0,timeo=600 0 0[/code]

I found that trying to mount with this options on the Exadata (RH6.6) will show you the wonderful message:
[code]mount.nfs: rpc.statd is not running but is required for remote locking.
mount.nfs: Either use ‘-o nolock’ to keep locks local, or start statd.
mount.nfs: an incorrect mount option was specified[/code]

As you can see in Doc ID 1354980.1, their instructions for mounting NFSv3 or NFSv3 are:
[code lang=”bash”]dcli -l root -g /home/oracle/dbs_group chmod 644 /etc/hosts.allow
dcli -l root -g /home/oracle/dbs_group chmod 644 /etc/hosts.deny
dcli -l root -g /home/oracle/dbs_group chkconfig rpcbind on
dcli -l root -g /home/oracle/dbs_group service rpcbind start
dcli -l root -g /home/oracle/dbs_group chkconfig nfslock on
dcli -l root -g /home/oracle/dbs_group service nfslock start
dcli -l root -g /home/oracle/dbs_group chkconfig nfs on
dcli -l root -g /home/oracle/dbs_group service nfs start[/code]

Which will show an error like:
[code lang=”bash”]~ # service nfs start
Starting NFS services: [ OK ]
Starting NFS quotas: Cannot register service: RPC: Authentication error; why = Client credential too weak
rpc.rquotad: unable to register (RQUOTAPROG, RQUOTAVERS, udp).
Starting NFS mountd: [ OK ]
Starting NFS daemon: rpc.nfsd: writing fd to kernel failed: errno 13 (Permission denied)
rpc.nfsd: unable to set any sockets for nfsd

So why don’t use NFSv4 which has portmapping IN the protocol?

[code]<myIP>:/export/myshare /myshare nfs rw,bg,hard,nointr,rsize=1048576,wsize=1048576,tcp,vers=4,actimeo=0,timeo=600 0 0[/code]

That’s all, Enjoy!!!

HOWTO Debug Windows

Apr-2-2015 By dodger

I’ve been out xD
Nop, seriously, I’ve been working hard past months (and I’ll continue a bit more).

But I want to share a new doc I’ve just cooked on the wiki.

As I’ve been 3 days working on trying to find an error on Windows (my actual project deadline is near…) and our Windows “Sysadmins” are not able to help me, I decided to go harder and read M$ documentation about how to debug their “Operating System” (they like the “metaforas” saying that this is a real OS).

At the end? I think I will add “Windows Debugging” as a new skill on my CV.
Talking with my linux workmate, We doubt many of windows sysadmins know all this tools (maybe the most famous one, systernals):

  • Systernals
  • Windbg
  • Debug Diagnostics

Have a look at the wiki post:

There are some android distro’s that comes natively with busybox inside but NOT the symlinks necessaries to have all the set of commands that busybox provides.

I noticed that botbrew crash in its installation due that.
So instead of installing a new busybox, I simply create the links:
[code lang=”bash”]
adb root
adb shell
echo "saving command list for later usage (remove)"
for i in $(busybox –list | busybox egrep "[[:alnum:]]") ; do echo "${i}" ; done >> /sdcard/busybox_complete_cmd.txt
mount -o remount,rw /system
cd /system/xbin
for i in $(cat /sdcard/busybox_complete_cmd.txt) ; do ln -s busybox ${i} ; done
cd /
mount -o remount,ro /system
That’s all folks.

In the future if you want to remove the symlinks, you can use the same file you’ve generated and something like this:
[code lang=”bash”]
adb root
adb shell
mount -o remount,rw /system
cd /system/xbin
for i in $(cat /sdcard/busybox_complete_cmd.txt) ; do unlink ${i} ; done
cd /
mount -o remount,ro /system

Oracle: object user grants

Mar-21-2014 By dodger

Oracle is Oracle… It has good and bad things.
The bad of course… it’s closed and you’ll be crazy before getting info about how to do things.
And the good is that everythings is inside!! just at 1 query distance ;-)

Some days ago I was trying to look for grants given to a user by another user (WITH ADMIN OPTION).
I was logged with sys and I used “my” 2 wonderful querys for obtaining that info (copy/pasted from the internet),

  • Direct grants:
  • [code lang=”sql”]
    SELECT owner, table_name, select_priv, insert_priv, delete_priv, update_priv, references_priv, alter_priv, index_priv
    FROM table_privileges
    WHERE grantee = ‘&theUser’
    ORDER BY owner, table_name;

  • INdirect grants:
  • [code lang=”sql”]
    SELECT DISTINCT owner, table_name, PRIVILEGE
    FROM dba_role_privs rp JOIN role_tab_privs rtp ON (rp.granted_role = rtp.role)
    WHERE rp.grantee = ‘&theUser’
    ORDER BY owner, table_name;

Ressult? 0 rows! WTF!
I know there’s a plenty of it!!!

Read the rest of this entry »

Problems after upgrade mariadb

Mar-7-2014 By dodger

As you should know, there’s an important bug on TLS libs on every linux OS.
So upgrade is mandatory.
There’s also another little update in mariadb if you’re using it instead of mysql.
The problem is there, but not the indicator.

The problem in my case comes from the smtp server, I got the error:
[code lang=”bash”]
535 5.7.8 Error: authentication failed: authentication failure
While tring to send an email (only sending, receiving works fine).
Looking in mail.log:
[code lang=”bash”]
Mar 6 10:49:06 ciberterminal postfix/smtpd[29949]: warning: SASL authentication failure: Password verification failed
Mar 6 10:49:06 ciberterminal postfix/smtpd[29949]: warning: localhost.localdomain[]: SASL authentication failed: authentication failure
Auth failed from SASL? WTF!
So i began debuging it:
[code lang=”bash”]
/usr/sbin/saslauthd -a pam -c -m /var/spool/postfix/saslauthd -r -n 1 -d -VVVVVVVVVV
But it only shows:
[code lang=”bash”]
do_auth: auth failure: [user=dodger@ciberterminal.net] [service=smtp] [realm=ciberterminal.net] [mech=pam] [reason=PAM auth error]
Anything else.
Searching internet, I saw that post, I forgot to look for errors on auth.log!
Here it is:
[code lang=”bash”]
Mar 7 10:48:41 ciberterminal saslauthd[4552]: PAM unable to dlopen(pam_mysql.so): /lib/security/pam_mysql.so: symbol make_scrambled_password, version libmysqlclient_18 not defined in file libmysqlclient.so.18 with link time reference
Mar 7 10:48:41 ciberterminal saslauthd[4552]: PAM adding faulty module: pam_mysql.so
Mar 7 10:48:41 ciberterminal saslauthd[4552]: DEBUG: auth_pam: pam_authenticate failed: Module is unknown
Mar 7 10:48:41 ciberterminal saslauthd[4552]: do_auth : auth failure: [user=trian@ciberterminal.net] [service=smtp] [realm=ciberterminal.net] [mech=pam] [reason=PAM auth error]
Read the rest of this entry »

For all of you that are not the lucky owner of an Enterprise Manager license or you simply want to use nagios or another monitoring engine to get status and graphs of oracle, probably you’ll be using the “check_remote_oracle” plugin.

If you’re a scripter/developer maybe you’ll understand me when you open an script and see an COMPLETELY UNREADABLE code, with no functions, no indentation… etc
And then you’ll have to change anything stupid inside the script and then f**k it does not work!

This is the story of that script, I installed it, then I have to do some changes… and then I decided to rewrite it completely…
I’m not the best scripter of the world, but I know how to use functions, indentation and that useless shit :-P

You can read the whole documentation on its wiki page.


PS: updated the instructions, I forgot the information about the unprivileged user for connecting to Oracle instance.
PS2: Updated again, new control!