2009 496 Sengupta Unix Tips

1

Unix tips and tricks for the Advanced Developers and DBAs

Sumit Sengupta

EDS, an HP Company

2

Introduction

� Tips for Unix – common flavors

� Does not require root privilege

� A few scripts discussed

� Often more than one way

� Create a toolset for yourself

3

Find Out Sever Information - 1

� Operating System, patchlevel and Machine architecture

� Uname –a ( OS version /kernel level ) 1. SunOS usplvwhro019 5.10 Generic_137111-

07 sun4v sparc SUNW,SPARC-Enterprise-T5220

2. Linux bubunel0 2.6.18-92.el5 #1 SMP Fri May 23 22:17:30 EDT 2008 i686 i686 i386 GNU/Linux

3. AIX aixdev1 3 5 0024B7FA4C00 ( Aix )

4. HP-UX sacsadba B.11.00 A 9000/800 1191450531 two-user license

4

Server Information -Solaris

� prtconf –v ( memory, number and type of cpus, )

� /usr/platform/$(uname –i)/sbin/prtdiag� Prints cpu core, memory, IO configuration

– motherboard sensors ! � Everything except network status

5

Server Information – AIX, HP-UX, Linux

� Aix – prtconf – CPU, Memory, Storage (including LVM), Network.

� Aix – genkex | grep 64 ( 64 bit kernel )� Linux – under /proc directory: cpuinfo,

meminfo, partitions, filesystems� Linux – lshw, lspci, lssci, lsusb� HP-UX – print_manifest (requires root!)

6

Who is holding on the listener port – Linux

� lsof –i :1521 shows Listener PID 6008COMMAND PID USER FD TYPE DEVICE

SIZE NODE NAME

tnslsnr 6008 oracle 8u IPv4 15091

TCP bubunel0:ncube-lm (LISTEN)

� # netstat -alnp | more Proto Recv-Q Send-Q Local Address

Foreign Address State PID/Program

tcp 0 0 192.168.15.110:1521

0.0.0.0:* LISTEN 6008 /tnslsnr

7

Who is holding on the listener port – Aix/ Solaris (8,9)

� lsof -i :1525COMMAND PID USER FD TYPE

DEVICE SIZE/OFF NODE NAME

tnslsnr 89542 rcoratst 8u IPv4

0x7336de10 0t0 TCP

aixdev1m:prospero-np (LISTEN)

� netstat -an | grep 1525 (shows no PID)

tcp4 0 0 192.168.197.34.1525 *.* LISTEN

8

Who is holding on the listener port – Solaris script

pfiles $f | grep - "port: $ans“

(Solaris 10)Run it for every process

$ port_scan.kshWhen you run it

$ Enter port you would like to know pid for: 1521---------------------------------------------Port: 1521 is being used by PID:21070 ora_pmon_RTBAPCIS3

$ cat port_scan.ksh

9

Port_Scan script

#!/bin/kshline='---------------------------------------------'pids=$(/usr/bin/ps -ef | sed 1d | awk '{print $2}')if [ $# -eq 0 ]; then

read ans?"Enter port you would like to know pid for: "else

ans=$1fifor f in $pidsdo

/usr/proc/bin/pfiles $f 2>/dev/null | /usr/xpg4/bin/grep -q "port: $ans"if [ $? -eq 0 ]; then

echo $lineecho "Port: $ans is being used by PID:\c"/usr/bin/ps -ef -o pid -o args | egrep -v "grep|pfiles" | grep $f

fidone

10

Cannot Unmount a Filesystem – Linux

# lsof /optCOMMAND PID USER FD TYPE DEVICE

SIZE NODE NAME

nmz 6013 oracle txt REG 22,5

678947 2458262

/opt/oracle/product/11.1.0/db_1/ccr/bin/nmz

• Node ���� File Inode Number

• Size ���� File Size

• Device ���� Filesystem maj/min device number

11

List of Open Files –Solaris…1

� $ pfiles 19772 ( Solaris, for Aix � procfiles –n ) 19772: /u01/app/oracle/product/9.2.0/db_1/bin/tnslsnr LISTENER -inherit

Current rlimit: 1024 file descriptors… (lines snipped )…

3: S_IFREG mode:0644 dev:85,102ino:126027 uid:201 gid:101 size:81324417|O_CREAT|O_LARGEFILE FD_CLOEXEC

/u01/app/oracle/product/9.2.0/db_1/network/log/listener.log

12

List of Open Files Solaris..2

• ino:126027 file inode number 85,102 device no.• $ ls –i listener.log

126027d listener.log

Filesystem where the log resides:/u01/app/oracle/product/9.2.0/db_1/network/log/listener.

log

/dev/md/dsk/d102 25G 6.9G 18G 29% /u01/app/oracle

/dev/md/dsk/d102->../../../devices/pseudo/md@0:0,102,blk

$ ls -l /devices/pseudo |awk '$5 ~ /85/' |grep 102

brw-r----- 1 root sys 85,102 Nov 21 21:40 md@0:0,102,blk

crw-r----- 1 root sys 85,102 Nov 22 10:20 md@0:0,102,raw

Process Hierarchy –Solaris

• Shows Process Tree Hierarchy$ ptree -a 154601 /sbin/init14758 /usr/openwin/bin/xterm -title …14760 -ksh15460 sqlplus /nolog15468 oracleRBSTRPD1

(DESCRIPTION=(LOCAL=YES)(ADDRESS=(PROTOCOL=beq)))

14

Watch Load on Title Bar

� Perl script runs in the background� Read /proc/loadavg ( on Linux ) � Use uptime for other Unix Flavors

The scrip to watch load

#!/usr/bin/perl -w

use strict;

$|++;

my $host=`/bin/hostname`;

chomp $host;

while (1)

{

open (LOAD,"/proc/loadavg") || die "Could not open /proc/loadavg \n";

my @load=split(/ /,<LOAD>);

close (LOAD);

print "\033]0;";

print "$host: $load[0] $load[1] $load[2] at ", scalar(localtime) ;

print "\007" ;

sleep 2;

}

16

List Shared Memory -Solaris

� ipcs -a ( Solaris, shm and sem ) T ID KEY MODE OWNER GROUP CREATOR CGROUP NATTCH SEGSZ CPID LPID ATIME DTIME CTIME

Shared Memory:m 132 0xa8058568 --rw-r-----ora10g dba ora10g dba 37 1002455040 9173 13725 4:20:53 4:20:539:23:44

List Semaphore -Solaris

T ID KEY MODE

OWNER GROUP CREATOR CGROUP NSEMS

OTIME CTIME

Semaphores:

s 196611 0x5831266c --ra-r-----

ora10g dba ora10g dba 154

4:21:56 9:23:46

• No Semaphore for Aix/Tru64

18

SEM – Instance Mapping

$ sysresvIPC Resources for ORACLE_SID "prdrpt" :

Shared Memory:

ID KEY

132 0xa8058568

Semaphores:

ID KEY

196611 0x5831266c

19

Kernel Parameters

SHMMAX = Max. SGA Segment Size

SHMMNI >= number of instances

SHMSEG = Max number of oracle instances one process can connect to

SEMMNS >= Σ “PROCESSES” parameters

SEMMNI >= Total number of oracle instances

SEMMSL >= Max PROCESSES parameter

20

SSH Port Forwarding

• “Local” or “Remote”• Besides SSH Any protocol can do• SSH encrypts data in transit• Does not encrypt SQLNET Data• Local – Traffic for a local port diverted to a

remote port• Remote – The other way

22

SSH Port Forward Example

From our client machine ( 192.168.2.100 ) $ ssh -f -N -C -R 1526:192.168.2.100:1521 -l oracle

192.168.2.111

[email protected]'s password:

-f forks ssh into background-N don't run a command on remote box-C for compression-R – Remote Port#

-l for login

23

Testing Port Forwarding..1

• Prerequisite – Listener on 1526, ssh on 22• Shows up --> netstat -an | egrep 'ESTA|Local'Proto Local Address

Foreign Address State

TCP 192.168.2.100:3882

192.168.2.111:22 ESTABLISHED

24

Testing Port Forwarding..2

$ tnsping pd10_eth0Used TNSNAMES adapter to resolve the alias

Attempting to contact (DESCRIPTION = (ADDRESS_LIST = (ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.2.111)(PORT = 1526))) (CONNECT_DATA

= (SERVICE_NAME = pd10)))OK (130 msec)

25

Testing Port Forwarding..3

sqlplus hr/hr@pd10_eth0… results inProto Local Address Foreign

Address State

TCP 192.168.2.100:3882

192.168.2.111:22 ESTABLISHED

TCP 192.168.2.100:3887

192.168.2.111:1526 ESTABLISHED (NEW)

26

Lessons From Port Forwarding

� SQLNET.EXPIRE_TIME = 5 ( Client )� Else client gets ORA-3135� May need TCP Valid Node Checking on

Client/Server� ( Not on 11G Windows client/Linux Server )� For TCP node checking, server needs itself

included� See MetaLink note# 465572.1 and 454252.1

27

Oracle Connection Manager

• SQL*Net Proxy• Session Multiplexing• Client access control• Very useful with firewalls• Not part of default EE install (10g/11g)

• like label security and data mining score engine

28

Setup CM..1

• $ cat cman.oraCMAN= (CONFIGURATION=

(address=(protocol=tcp)(host=bubunel0)(port=

1522))

(rule_list=

(rule=(src=*)(dst=192.168.15.2)(srv=*)(act=a

ccept)(ACTION_LIST=(AUT=on)(MCT=120)(MIT=

30)))

(rule=(src=bubunel0)(dst=127.0.0.1)(srv=cmon

)(act=accept)))

29

Setup CM..2

(PARAMETER_LIST=(MAX_GATEWAY_PROCESSES=1)(MIN_GATEWAY_PROCESSES=1)(trace_level=off) (log_level=off)(connection_statistics=On) ) )

CMCTL> administer cmanConnections refer to (address=(protocol=tcp)(host=bubunel0)(port=1522)).

CMCTL:cman> start

• Look up Note# 733421.1 for Syntax

30

Database Setup for CM

• Set Local_Listener ( if not default )• Remote_Listener = Listener_cman_eth1 (

TNS entry )Listener_cman_eth1 =

(DESCRIPTION =

(ADDRESS_LIST =

(ADDRESS = (PROTOCOL = TCP)(HOST =

192.168.15.110)(PORT = 1522))

)

)

31

Running CM

CMCTL:cman> show services

... lines snipped

Service "sumit" has 1 instance(s).

REMOTE SERVER

(ADDRESS=(PROTOCOL=TCP)(HOST=<DB_SERVER_NAME>

)(PORT=1521))

• SQLPLUS connects to oracle_sid on the CMAN host on CMAN port.

32

Immutable Files in Linux Ext2/3

$ mv rigid.txt trash

mv: cannot move `rigid.txt' to `trash': Operation not permitted

$ cat /dev/null >rigid.txt

bash: rigid.txt: Permission denied$ >rigid.txt

bash: rigid.txt: Permission denied

33

Test Immutable File

$ ln rigid.txt hlink.txt

ln: creating hard link `hlink.txt' to

`rigid.txt': Operation not permitted

$ echo "add a line to it " >>rigid.txt

bash: rigid.txt: Permission denied

$ whoami

oracle

$ ls -lad .drwxr-x--- 2 oracle oinstall 4096 Jan 3 19:18 .

$ ls –la rigid.txt

-rwxr-x--- 2 oracle oinstall 230 Jan 1 09:45

rigid.txt

34

Fix Immutable file

$ lsattr rigid.txt

----i-------- rigid.txt

$ chattr -i rigid.txt

chattr: Operation not permitted while

setting flags on rigid.txt

( Need to be root )

Another flag -a – file is allowed to be

modified with append only – Great for

Alert logs !

35

Thank You !

� Please Fill Out The Evaluation Form !