一直以root登陆使用linux的人来说很少有权限被拒这种概念,但某些时候又深受权限拒绝困扰。
知道为什么很多程序中需要使用getuid(),setuid()?为什么以普通权限登陆的用户不能进入/root,为什么在/目录下执行ls -l后可以显示root的信息,但ls /root -al却是权限不够?为什么有些文件夹可以继续创建文件,但就是不能ls?等等,相信看了此文就能明白。
主要是学习笔记,不足之处请指正。
CentOS 5.4 [testc@xxx opt]$ uname -a Linux xxx 2.6.18-164.el5xen #1 SMP Thu Sep 3 04:47:32 EDT 2009 i686 i686 i386 GNU/Linux
一、口令文件1,格式存储文件/etc/passwd,格式如下:root:x:0:0:root:/root:/bin/bash aaa:x:501:501:bj, bj, 8111111,136000111:/home/aaa:/bin/bash用户名:加密密码:用户ID:组ID:注释:工作目录:shell:
默认情况是第一行的格式;注释字段可以自行修改,用逗号隔开,如第二行格式,这主要是给finger命令使用时可解析。
可以vi /etc/passwd修改,但为了保证其格式的正确性,请用vipw命令编译此文件。
sh-3.2# finger aaa Login: aaa Name: bj Directory: /home/aaa Shell: /bin/bash Office: bj, 8111111 Home Phone: 136000111 Never logged in. No mail. No Plan.
2,编程实例
/*getpwnam_pwuid.c*/ #include #include #include
int main(void)
{ //struct passwd *pwd = getpwnam("aaa");struct passwd *pwd = getpwuid(501);if(pwd == NULL)
{ printf("err.\n");return 1;}
printf("name:%s\n", pwd->pw_name);printf("passwd:%s\n", pwd->pw_passwd);printf("description:%s\n", pwd->pw_gecos);printf("uid:%d\n", pwd->pw_uid);printf("gid:%d\n", pwd->pw_gid);printf("dir:%s\n", pwd->pw_dir);printf("shell:%s\n", pwd->pw_shell);
return 0;}
sh-3.2# gcc getpwnam_pwuid.c -o app sh-3.2# ./app name:aaa passwd:x description:bj, bj, 8111111,136000111 uid:501 gid:501 dir:/home/aaa shell:/bin/bash
二、组文件1,格式存储文件/etc/group,格式如下root:x:0:root bin:x:1:root,bin,daemon aaa:x:501:组名:加密密码:组ID:指向的各用户名
2,改变文件uid和gid.
sh-3.2# pwd /root/study sh-3.2# ls -al -rw-r——r—— 1 root root 397 10-11 03:23 test.c
chgrp 改变所属组ID,当然只有root权限才可以修改。
sh-3.2# chgrp aaa test.c sh-3.2# ls -al -rw-r——r—— 1 root aaa 397 10-11 03:23 test.c
这个aaa就是新组名,其在/etc/group中,可以通过adser aaa自行添加sh-3.2# cat /etc/group root:x:0:root bin:x:1:root,bin,daemon daemon:x:2:root,bin,daemon.
gdm:x:42:sabayon:x:86:plmtest:x:500:aaa:x:501:
chown 改变用户ID或组ID sh-3.2# chown aaa:aaa test.c sh-3.2# ls -al -rw-r——r—— 1 aaa aaa 397 10-11 03:23 test.c
3,编程实例
/*getgrnam.c*/ #include #include
int main(int argc, char *argv[])
{ if(argv[1] == NULL)
{ printf("input error.\n");return 1;}
struct group *gp = getgrnam(argv[1]);if(gp == NULL)
{ printf("err.\n");return 1;}
printf("name:%s\n", gp->gr_name);printf("psswd:%s\n", gp->gr_passwd);printf("gid:%d\n", gp->gr_gid);
int i;for(i = 0; gp->gr_mem[i] != NULL; i++)
{ printf("group name:%s\n", gp->gr_mem[i]);}
return 0;}
sh-3.2# gcc getgrnam.c -o app sh-3.2# ./app bin name:bin psswd:x gid:1 group name:root group name:bin group name:daemon 4,文件权限不细讲了sh-3.2# ls -al总计 483984 drwxr-x—— 13 root root 4096 02-22 00:01 . drwxr-xr-x 32 root root 4096 02-21 21:15 ……
-rw-r——r—— 1 root root 464023491 10-25 22:33 3.3.005-080425.tgz -rw—— 1 root root 9346 02-21 23:16 .bash_history -rw-r——r—— 1 root root 24 2007-01-06 .bash_logout -rw-r——r—— 1 root root 191 2007-01-06 .bash_profile -rw-r——r—— 1 root root 176 2007-01-06 .bashrc drwxrwxrwx 10 1000 users 4096 08-23 20:16 cflow-1.3 -rw-r——r—— 1 root root 759691 08-23 20:13 cflow.tar.gz -rw-r——r—— 1 root root 100 2007-01-06 .cshrc -rwxr-xr-x 1 root root 582 11-11 21:48 delete_M.sh -rw-r——r—— 1 root root 2518 11-11 20:25 .dir_colors
主要是最左边一列:drwxr-x——10个字符,最左边是文件类型,-默认为普通文件;d:目录文件;l符号链接……
后面9个,3个一组共三组,分别表示所属用户uid的权限;所属组或者附属组gid的权限;其它权限。
三个字符分别是读、写、执行权限读4,写2, 执行1
所以chmod 777 test.c,提升到读、写、执行权限。
5,组权限操作实例此节演示相同组的成员之间共享资源,即不同uid但相同gid的用户共享同一组的资源。
为了方便起见,我同时开了两个终端。
"sh-3.2#"以root权限登陆的shell /bin/sh "[testa@xxx root]"以testa用户登陆的shell
注:下文提到的“用户”是指/etc/passwd里定义的通过终端登陆的用户(此文即以下增加的三个账号名)。
sh-3.2# useradd testa sh-3.2# useradd testb sh-3.2# useradd testc
sh-3.2# tail -f /etc/passwd -n 4 sabayon:x:86:86:Sabayon user:/home/sabayon:/sbin/nologin testa:x:500:500::/home/testa:/bin/bash testb:x:501:501::/home/testb:/bin/bash testc:x:502:502::/home/testc:/bin/bash
再开一个终端登陆testa,之前那个终端保持。
sh-3.2# su testa [testa@xxx root]$ id uid=500(testa) gid=500(testa) groups=500(testa)
[testa@xxx home]$ ls -al总计 28 drwxr-xr-x 5 root root 4096 02-21 22:52 . drwxr-xr-x 32 root root 4096 02-21 21:15 ……
drwx—— 3 testa testa 4096 02-21 22:56 testa drwx—— 3 testb testb 4096 02-21 22:48 testb drwx—— 3 testc testc 4096 02-21 22:52 testc
[testa@xxx home]$ cd testb bash: cd: testb: 权限不够
通过root修改testb目录权限为770,即当前uid或者gid相同的用户均有读写执行权限。
sh-3.2# cd /home/ sh-3.2# chmod 770 testb
[testa@xxx home]$ ls -al总计 28 drwxr-xr-x 5 root root 4096 02-21 22:52 . drwxr-xr-x 32 root root 4096 02-21 21:15 ……
drwx—— 3 testa testa 4096 02-21 22:56 testa drwxrwx—— 3 testb testb 4096 02-21 22:48 testb (here modify)
drwx—— 3 testc testc 4096 02-21 22:52 testc
[testa@xxx home]$ cd testb bash: cd: testb: 权限不够[testa@xxx root]$ id uid=500(testa) gid=500(testa) groups=500(testa)
此时虽然开放了testb的所属组权限,但用户testa的gid=500(testa) groups=500(testa),它还不属于testb组。
下面修改testa的gid为testb(或者增加其附属组groups值为testb)
sh-3.2# usermod -G testb testa (增加用户testa的附属组testb)
sh-3.2# id testa uid=500(testa) gid=500(testa) groups=500(testa),501(testb)
此时testa终端需要重新登下,使刚才更改生效[testa@xxx root]$ exit exit [root@xxx ~]# su testa [testa@xxx root]$ id uid=500(testa) gid=500(testa) groups=500(testa),501(testb)
[testa@xxx root]$ cd /home/ [testa@xxx home]$ ls -al总计 28 drwxr-xr-x 5 root root 4096 02-21 22:52 . drwxr-xr-x 32 root root 4096 02-21 21:15 ……
drwx—— 3 testa testa 4096 02-21 22:56 testa drwxrwx—— 3 testb testb 4096 02-21 22:48 testb drwx—— 3 testc testc 4096 02-21 22:52 testc [testa@xxx home]$ cd testb [testa@xxx testb]$ pwd /home/testb
以上是增加了用户testa的附属组testb,使其对于属于testb组的资源有了访问权限。
下面再使用newgrp切换用户testa的gid.
[testa@xxx testb]$ id uid=500(testa) gid=500(testa) groups=500(testa),501(testb)
[testa@xxx testb]$ newgrp testb [testa@xxx testb]$ id uid=500(testa) gid=501(testb) groups=500(testa),501(testb)
此时testa用户的gid已改为501(testb)。
组之前的关系在文件/etc/group sh-3.2# tail -f /etc/group -n 4 sabayon:x:86:testa:x:500:testb:x:501:testa (最后一列:组内用户列表。即组testb里包含testa,testa属于testb组,大概就这意思吧……)
testc:x:502:
虽然知道控制组关系的文件,但不能直接修改些文件,否则执行newgrp时会出现"抱歉"错误提示。
当然root用户权限是无限制的,它访问文件时不需要进行权限检查。
三、相关系统调用getuid();getgid();int setuid(uid_t uid);int setgid(gid_t gid);
只有超级用户或者需要设置的uid和当前用户的uid一致才可以设置,否则返回-1,置errno = EPERM, errno可以通过strerror()翻译。
其它:[testa@xxx home]$ su testa [testa@xxx home]$ sudo touch aa
testa is not in the sudoers file. This incident will be reported.
以root权限vim /etc/sudoers增加testa ALL=(ALL) ALL
参考:APUE2E,1.8, 4.4, 8.11
⑵ 铏氭嫙鏈洪棶棰(鎵鐢ㄧ増鏈琖Mvare 5.51)
1.瀹夎卾mware server杞浠
浠www.vmware.com涓嬭浇vmware server 1.0 for linux杞浠,瀹夎呰繃绋嬪緢绠鍗,鍩烘湰涓婃槸涓璺疎nter.鍙鏄闇瑕乻n,鍦ㄨ繖閲屾彁渚涘嚑涓浣跨敤
928WH-Y65AW-21394-4C70J,92EY4-Y4NAT-23L07-4U7CH,9AWPN-Y400W-2179N-4K5HM
瀹夎卾mware server console,浠ヤ究杩滅▼绠$悊vmware server
2.瀹夎呰櫄鎷熸湇鍔″櫒鎿嶄綔绯荤粺
鎴戠敤鐨勬槸OS鏄疪edhat AS4,kernel 2.6.9-22,铏氭嫙鍑轰袱鍧楃綉鍗,寮濮嬪畨瑁呮搷浣滅郴缁,涓绘満鍚嶅彨ha1pub,eth0:10.1.250.17,eth1:192.168.100.100.鍏蜂綋杩囩▼鐪佺暐.瀹夎呯粨鏉熷悗,浣跨敤ntsysv鍛戒护,鍏抽棴鎺変竴浜涗笉甯镐娇鐢ㄧ殑杩涚▼,鍙鐣欎笅涓涓嬩竴浜涢渶瑕佺殑,濡俿sh,ftp绛夌瓑.鐒跺悗鍏虫満!
鐒跺悗cp ha1pub鐨勬墍鏈夐厤缃鏂囦欢鍒颁竴涓鏂扮殑鐩褰,鍦ㄨ櫄鎷熸満console閲岄潰鎵撳紑,灏变細鍑虹幇涓涓鏂扮殑绯荤粺,浣嗘槸鐢变簬閲岄潰鐨刬p淇℃伅鍜岀涓鍙版満鍣ㄧ殑閲嶅,杩涘叆绯荤粺鍚庝慨鏀逛竴涓
缂栬緫/etc/sysconfig/network鏂囦欢,灏唄a1pub淇鏀逛负ha2pub,鐒跺悗淇鏀筰p,eth0:10.1.250.18,eth1:192.168.100.200.
娉ㄦ剰,redhat绯荤粺閲岄潰,ip鐨勯厤缃鏂囦欢ifcfg-eth鏂囦欢閲岄潰,鏈夊彲鑳藉寘鍚玬ac鍦板潃鐨勪俊鎭,闇瑕佸垹闄ゆ帀,鍚﹀垯浼歮ac鍦板潃閲嶅嶇殑閿欒.ha2pub涔熷叧鏈
3.璁剧疆鍏变韩瀛樺偍
鐢变簬瀹夎匯AC闇瑕佸叡浜瀛樺偍,鎵浠ュ繀椤讳负涓ゅ彴鏈哄櫒璁剧疆鍏变韩瀛樺偍,鎴戜娇鐢╲mware-vdiskmanager鍛戒护鍒涘缓涓浜涜櫄鎷熺‖鐩
________________________________________________________________________
vmware-vdiskmanager -c -s 1Gb -a lsilogic -t 2 "/vmware/share/ocfs.vmdk" |鐢ㄤ簬Oracle闆嗙兢娉ㄥ唽琛ㄦ枃浠跺拰CRS琛ㄥ喅纾佺洏
________________________________________________________________________
vmware-vdiskmanager -c -s 2Gb -a lsilogic -t 2 "/vmware/share/asm1.vmdk" |鐢ㄤ簬Oracle鐨勬暟鎹鏂囦欢
________________________________________________________________________
vmware-vdiskmanager -c -s 2Gb -a lsilogic -t 2 "/vmware/share/asm2.vmdk" |鐢ㄤ簬Oracle鐨勬暟鎹鏂囦欢
________________________________________________________________________
vmware-vdiskmanager -c -s 2Gb -a lsilogic -t 2 "/vmware/share/asm3.vmdk" |鐢ㄤ簬Oracle鐨勬暟鎹鏂囦欢
________________________________________________________________________
vmware-vdiskmanager -c -s 2Gb -a lsilogic -t 2 "/vmware/share/asm4.vmdk" |鐢ㄤ簬Oracle鐨勯棯鍥炴仮澶嶅尯
____________________________________________________________________
鐒跺悗鍒嗗埆鍦ㄤ袱涓铏氭嫙鏈嶅姟鍣ㄧ殑鐨勯厤缃鏂囦欢,ha1.vmx鍜宧a2vmx鏂囦欢閲岄潰娣诲姞濡備笅淇℃伅
scsi1.present = "TRUE"
scsi1.virtualDev = "lsilogic"
scsi1.sharedBus = "virtual"
scsi1:1.present = "TRUE"
scsi1:1.mode = "independent-persistent"
scsi1:1.filename = "/vmware/share/ocfs.vmdk"
scsi1:1.deviceType = "disk"
scsi1:2.present = "TRUE"
scsi1:2.mode = "independent-persistent"
scsi1:2.filename = "/vmware/share/asm1.vmdk"
scsi1:2.deviceType = "disk"
scsi1:3.present = "TRUE"
scsi1:3.mode = "independent-persistent"
scsi1:3.filename = "/vmware/share/asm2.vmdk"
scsi1:3.deviceType = "disk"
scsi1:4.present = "TRUE"
scsi1:4.mode = "independent-persistent"
scsi1:4.filename = "/vmware/share/asm3.vmdk"
scsi1:4.deviceType = "disk"
scsi1:5.present = "TRUE"
scsi1:5.mode = "independent-persistent"
scsi1:5.filename = "/vmware/share/asm4.vmdk"
scsi1:5.deviceType = "disk"
disk.locking = "false"
diskLib.dataCacheMaxSize = "0"
diskLib.dataCacheMaxReadAheadSize = "0"
diskLib.DataCacheMinReadAheadSize = "0"
diskLib.dataCachePageSize = "4096"
diskLib.maxUnsyncedWrites = "0"
淇濆瓨鍚,鎵撳紑vmware console灏卞彲浠ョ湅鍒版坊鍔犵殑纭鐩,鍚鍔╤a1pub鍜宧a2pub!闅忎究杩涘叆涓鍙扮郴缁,鐢╢disk鏍煎紡鍖栬繖浜涙柊娣诲姞鐨勭‖鐩.
fdisk -l鍙浠ョ湅鍒板備笅
__________________________________________________________________
Disk /dev/sda: 16.1 GB, 16106127360 bytes
255 heads, 63 sectors/track, 1958 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Device Boot Start End Blocks Id System
/dev/sda1 * 1 13 104391 83 Linux
/dev/sda2 14 275 2104515 82 Linux swap
/dev/sda3 276 1958 13518697+ 83 Linux
Disk /dev/sdb: 1073 MB, 1073741824 bytes
255 heads, 63 sectors/track, 130 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Device Boot Start End Blocks Id System
/dev/sdb1 1 130 1044193+ 83 Linux
Disk /dev/sdc: 2147 MB, 2147483648 bytes
255 heads, 63 sectors/track, 261 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Device Boot Start End Blocks Id System
/dev/sdc1 1 261 2096451 83 Linux
Disk /dev/sdd: 2147 MB, 2147483648 bytes
255 heads, 63 sectors/track, 261 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Device Boot Start End Blocks Id System
/dev/sdd1 1 261 2096451 83 Linux
Disk /dev/sde: 2147 MB, 2147483648 bytes
255 heads, 63 sectors/track, 261 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Device Boot Start End Blocks Id System
/dev/sde1 1 261 2096451 83 Linux
Disk /dev/sdf: 2147 MB, 2147483648 bytes
255 heads, 63 sectors/track, 261 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Device Boot Start End Blocks Id System
/dev/sdf1 1 261 2096451 83 Linux
____________________________________________________________________
淇鏀/etc/hosts鏂囦欢,濡備笅鎵绀
127.0.0.1 localhost(杩欓噷蹇呴』杩欐牱淇鏀,鍚﹀垯RAC鑺傜偣鍚嶅嚭鐜板湪鍥為佸湴鍧涓锛屽畨瑁匯AC鏈熼棿鍙鑳戒細鎶ラ敊)
10.1.250.17 ha1pub
10.1.250.18 ha2pub
192.168.100.100 ha1prv
192.168.100.200 ha2prv
10.1.250.19 ha1vip
10.1.250.20 ha2vip
4.璋冩暣缃戠粶璁剧疆,璁剧疆鍏变韩鍐呭瓨鍜屼俊鍙峰弬鏁
鍒嗗埆鍦╤a1pub鍜宧a2pub涓,缂栬緫/etc/sysctl.conf鏂囦欢,娣诲姞濡備笅淇℃伅,杩欎簺淇℃伅鍙浠ユ牴鎹鑷宸辩殑鏈哄櫒瀹為檯鎯呭喌鏉ヨ皟鏁
net.core.rmem_default=262144
net.core.wmem_default=262144
net.core.rmem_max=262144
net.core.wmem_max=262144
kernel.shmall = 2097152
kernel.shmmax = 536870912
kernel.shmmni = 4096
kernel.sem = 250 32000 100 128
fs.file-max = 65536
net.ipv4.ip_local_port_range = 1024 65000
5. 閰嶇疆 hangcheck-timer 鍐呮牳妯″潡
璇ユā鍧楁槸鐢ㄦ潵鐩戞帶闆嗙兢鐨勭姸鎬佹儏鍐,linux as4涓宸茬粡瀹夎呬簡姝ゆā鍧,浣跨敤涓嬮潰鐨勫懡浠ょ‘璁
find /lib/moles -name "hangcheck-timer.o" 鐪嬬湅鏈夋病鏈,濡傛灉鏈,閰嶇疆骞跺姞杞借ユā鍧
#echo "/sbin/modprobe hangcheck-timer" >> /etc/rc.local
#modprobe hangcheck-timer
#grep Hangcheck /var/log/messages | tail -2
Jul 31 15:01:49 ha2pub kernel: Hangcheck: starting hangcheck timer 0.5.0 (tick is 30 seconds, margin is 180 seconds).
濡傛灉鐪嬪埌涓婇潰鐨勪俊鎭,璇存槑妯″潡鐨勮剧疆宸ヤ綔姝g‘
6. 鍦ㄤ袱涓鑺傜偣涓婂垱寤簅racle鐢ㄦ埛鍜岀洰褰
groupadd oinstall
groupadd dba
useradd -g oinstall -G dba oracle
passwd oracle
浠oracle鐢ㄦ埛鐧婚檰,鍒嗗埆寤虹珛涓や釜鐩褰
mkdir /home/oracle/app 鐢ㄤ簬瀹夎卭racle 鏁版嵁搴
mkdir /home/oracle/orcl 鐢ㄤ簬Oracle 闆嗙兢鏂囦欢绯荤粺 (OCFS) 鐨勬寕杞界偣
淇鏀筼racle鐢ㄦ埛鐨.bash_profile鏂囦欢濡備笅鎵绀
__________________________________________________________________
export ORACLE_BASE=/home/oracle/app/oracle
export ORACLE_HOME=$ORACLE_BASE/proct/10.2.0/db_1
export ORA_CRS_HOME=/home/oracle/app/oracle/proct/10.2.0/crs/
export ORACLE_SID=orcl1
export PATH=.:${PATH}:$HOME/bin:$ORACLE_HOME/bin
export PATH=${PATH}:/usr/bin:/bin:/usr/bin/X11:/usr/local/bin
export PATH=${PATH}:$ORACLE_BASE/common/oracle/bin
export ORACLE_TERM=xterm
export TNS_ADMIN=$ORACLE_HOME/network/admin
export ORA_NLS10=$ORACLE_HOME/nls/data
export LD_LIBRARY_PATH=$ORACLE_HOME/lib
export LD_LIBRARY_PATH=${LD_LIBRARY_PATH}:$ORACLE_HOME/oracm/lib
export LD_LIBRARY_PATH=${LD_LIBRARY_PATH}:/lib:/usr/lib:/usr/local/lib
export CLASSPATH=$ORACLE_HOME/JRE
export CLASSPATH=${CLASSPATH}:$ORACLE_HOME/jlib
export CLASSPATH=${CLASSPATH}:$ORACLE_HOME/rdbms/jlib
export CLASSPATH=${CLASSPATH}:$ORACLE_HOME/network/jlib
export THREADS_FLAG=native
export TEMP=/tmp
export TMPDIR=/tmp
________________________________________________________________________
娉ㄦ剰,鍦ㄧ浜屼釜鑺傜偣涓,淇鏀筍ID=orcl2
7.寤虹珛鑺傜偣涔嬮棿鐨勪簰淇
鎴戦噰鐢ㄧ殑鏄痵sh,鍏蜂綋杩囩▼鏈夊緢澶氭枃妗h存槑,杩欓噷鐪佺暐.鍒嗗埆瑕佸缓绔媟oot鐢ㄦ埛,oracle鐢ㄦ埛鐨勪簰淇.
鐒跺悗鍦ㄥ垎鍒浠root鐢ㄦ埛,oracle鍦ㄤ袱涓鑺傜偣涓婃墽琛屽備笅鍛戒护
ssh localhost
ssh ha1pub
ssh ha2pub
ssh ha1prv
ssh ha2prv
8.瀹夎呴厤缃畂cfs2
浠http://oss.oracle.com/projects/ocfs2/涓嬭浇涓庤嚜宸辨搷浣滅郴缁熺増鏈鐩哥﹀悎鐨刼cfs,ocfs console
姣斿傛垜鐨勫唴鏍告槸2.6.9-22.EL,浜庢槸鎴戜笅杞界殑灏辨槸ocfs2-2.6.9-22.EL-1.2.2-1.i686.rpm,杩欑偣闈炲父閲嶈
瀹夎呭緢绠鍗,鎶婅ヤ笅杞界殑鍖呴兘涓嬭浇浜唕pm瀹夎呭氨ok浜
8.1 ocfs2鐨勯厤缃
鍏堜娇鐢ㄤ笅闈㈠懡浠ょ佺敤SElinux
#system-config-securitylevel &
鐒跺悗鍦ㄩ泦缇や腑鐨勬瘡涓鑺傜偣涓婄敓鎴愬拰閰嶇疆 /etc/ocfs2/cluster.conf
鍙浠ヤ娇鐢╫cfs2console鍛戒护璋冨嚭鍥惧舰鐣岄潰,灏唄a1pub鍜宧a2pub涓や釜鑺傜偣閮藉姞鍏,鐐瑰嚮apply,鐒跺悗閫鍑.
鍦/etc/ocfs2/鐩褰曚笅闈㈠皢鏈塩luster.conf鏂囦欢,鍐呭瑰簲璇ュ備笅
______________________________________________________
node:
ip_port = 7777
ip_address = 10.1.250.17
number = 0
name = ha1pub
cluster = ocfs2
node:
ip_port = 7777
ip_address = 10.1.250.18
number = 1
name = ha2pub
cluster = ocfs2
cluster:
node_count = 2
name = ocfs2
________________________________________________________
鎺ョ潃缂栬緫 /etc/init.d/o2cb, 鍒犻櫎寮濮嬪甫 #鐨勯厤缃琛
鐒跺悗 /etc/init.d/o2cb offline ocfs2
/etc/init.d/o2cb unload ocfs2
/etc/init.d/o2cb configure ocfs2 杈撳叆y灏眔k浜
8.2 鍒涘缓ocfs2鏂囦欢绯荤粺
mkfs.ocfs2 -b 4k -C 32k -L oradatafiles /dev/sdb1
鐒跺悗鎸傝浇ocfs2鏂囦欢绯荤粺
mount -t ocfs2 -o datavolume /dev/sdb1 /home/oracle/orcl
淇鏀/etc/fstab,娣诲姞
/dev/sdb1 /home/oracle/orcl ocfs2 _netdev,datavolume 0 0
8.3 璋僌2CB鐨勫績璺抽榾鍊
淇鏀规枃浠/etc/sysconfig/o2cb灏哋2CB_HEARTBEAT_THRESHOLD 璁剧疆涓 301
淇鏀规枃浠 /etc/sysconfig/o2cb 鍚庯紝闇瑕佹洿鏀 o2cb 閰嶇疆銆傚悓鏍凤紝搴斿湪闆嗙兢鐨勬墍鏈夎妭鐐逛笂鎵ц屼互涓嬫搷浣溿
# umount /home/oracle/orcl/
# /etc/init.d/o2cb unload
# /etc/init.d/o2cb configure
reboot涓や釜鑺傜偣
9. 瀹夎,閰嶇疆鑷鍔ㄥ瓨鍌ㄧ$悊ASM2.0
鍙浠ヤ粠http://www.oracle.com/technology ... x/asmlib/rhel4.html杩欓噷涓嬭浇鐩稿叧rpm鍖
rpm瀹夎呰繃绋嬬渷鐣
鎵ц/etc/init.d/oracleasm configure
榛樿ょ敤鎴疯緭鍏oracle,榛樿ょ粍杈撳叆dba,鍏朵粬閮統,y灏卞彲浠ヤ簡
9.1鍒涘缓ASM纾佺洏
鍦ㄤ竴涓鑺傜偣涓婃墽琛
/etc/init.d/oracleasm createdisk VOL1 /dev/sdc1
/etc/init.d/oracleasm createdisk VOL2 /dev/sdd1
/etc/init.d/oracleasm createdisk VOL3 /dev/sde1
/etc/init.d/oracleasm createdisk VOL4 /dev/sdf1
鍒涘缓濂藉悗,鎵ц/etc/init.d/oracleasm listdisks鍙浠ョ湅鍒
VOL1
VOL2
VOL3
VOL4
鐒跺悗鍦ㄥ彟澶栦竴涓鑺傜偣涓婃墽琛
/etc/init.d/oracleasm scandisks
瀹屾垚鍚庢墽琛
/etc/init.d/oracleasm listdisks搴旇ュ彲浠ョ湅鍒板拰鐨勪竴涓鑺傜偣鐩稿悓鐨勫唴瀹
10. 瀹夎匫racle 10G cluster杞浠
浠巓racle缃戠珯涓嬭浇10201_clusterware_linux32
浠oracle鐢ㄦ埛鐧诲綍,unset鎺変竴浜涚幆澧冨彉閲,濡備笅
$ unset ORA_CRS_HOME
$ unset ORACLE_HOME
$ unset ORA_NLS10
$ unset TNS_ADMIN
寮濮嬪畨瑁卌luster杞浠
./runInstaller -ignoreSysPrereqs
*纭璁ゅ畨瑁呯洰褰曟槸/home/oracle/app/oracle/proct/10.2.0/crs/
*濡傛灉鎰挎剰鍙浠ュ皢clustername鐢眂rs淇鏀规垚鍏朵粬鐨勫悕绉
*娣诲姞涓や釜鑺傜偣,濡備笅鎵绀
____________________________________________________________________
Public Node Name Private Node Name Virtual Node Name
ha1pub ha1prv ha1vip
ha2pub ha2prv ha2vip
____________________________________________________________________
*瑕佷慨鏀逛竴涓媏th0鐨勭被鍨,浠栭粯璁ょ殑鏄痯rivate,淇鏀逛负public
*鎸囧畾OCR鍜宮irror鐨勮矾寰
Specify OCR Location: /home/oracle/orcl/OCRFile
Specify OCR Mirror Location:/home/oracle/orcl/OCRFile_mirror
*鎸囧畾Voting纾佺洏璺寰
Voting Disk Location: /home/oracle/orcl/CSSFile
Additional Voting Disk 1 Location:/home/oracle/orcl/CSSFile_mirror1
Additional Voting Disk 2 Location:/home/oracle/orcl/CSSFile_mirror2
*瀹夎呭揩缁撴潫鏃.浼氳佹眰浠root鎵ц宱rainsRoot.sh鍜宺oot.sh鑴氭湰,浠root鐢ㄦ埛鎵撳紑涓涓鏂扮殑缁堢,涓涓涓涓鑺傜偣椤哄簭鎵ц,鍗冧竾涓嶈佹姠鏃堕棿涓璧锋墽琛
*鎵ц屾渶鍚庝竴涓猺oot.sh鐨勬椂鍊,鍙鑳戒細鎶""eth0" is not public.Public interfaces should be used to configure virtual IPs."杩欐牱鐨勯敊璇.杩欐椂鍊欓渶瑕佷互root鐢ㄦ埛鍘绘墽琛$ORA_CRS_HOME/bin/vipca,閫夋嫨涓や釜鑺傜偣,閰嶇疆涓涓嬭櫄鎷焛p鐨勪俊鎭.
鑷虫,clusterware瀹夎呭氨ok浜,妫鏌ヤ竴涓嬮泦缇よ妭鐐
$ORA_CRS_HOME/bin/olsnodes -n
ha1pub 1
ha2pub 2
11. 瀹夎匫racle 10g杞浠
浠巓racle缃戠珯涓嬭浇10201_database_linux32
unset鎺変竴浜涚幆澧冨彉閲
$ unset ORA_CRS_HOME
$ unset ORACLE_HOME
$ unset ORA_NLS10
$ unset TNS_ADMIN
Oracle鐨勫畨瑁呯渷鐣,鏃㈢劧鏁㈢帺RAC,鑲瀹氫互鍓嶄篃瀹夎呰繃oracle,鍙鏄鏈変簺鍦版柟闇瑕佹敞鎰
*鑺傜偣鐨勯夋嫨涓,涓瀹氳侀変笂鎵鏈夌殑鑺傜偣
*閫夋嫨 "Install database software only",鍏堜笉瑕佸缓instance,绛夋暟鎹搴撳畨瑁呭畬姣曞悗鏃跺檇bca鍒涘缓
*瀹夎呭畬鎴愬悗,闇瑕佹墽琛宺oot.sh鑴氭湰,涓嶈佺潃鎬,涓涓鑺傜偣涓涓鑺傜偣鎵ц
12. 寤虹珛TNS渚﹀惉
浠oracle鐢ㄦ埛鎵ц
$ netca &
*閫夋嫨鎵鏈夎妭鐐
*閫夋嫨Listener configuration
*鍏朵粬鐨勯兘閫夋嫨榛樿ゅ嵆鍙
缁撴潫鍚庡彲浠ラ獙璇佷竴涓嬩睛鍚鏄鍚﹀凡缁忓湪鎵鏈夎妭鐐逛笂杩愯
ps -ef|grep LISTEN
搴旇ュ彲浠ョ湅鍒
/home/oracle/app/oracle/proct/10.2.0/db_1/bin/tnslsnr LISTENER_HA1PUB -inherit
鍙﹀栦竴涓鑺傜偣搴旇ユ槸
/home/oracle/app/oracle/proct/10.2.0/db_1/bin/tnslsnr LISTENER_HA2PUB -inherit
13. 鍒涘缓鏁版嵁搴撳疄渚
浠oracle鐢ㄦ埛鍦ㄤ换涓鑺傜偣鎵ц
dbca &
*閫夋嫨 Create a Database
*閫夋嫨鎵鏈夎妭鐐
*閫夋嫨Custom Database
*鍏ㄥ眬鏁版嵁搴撳悕杈撳叆orcl,SID涔熸槸orcl
*閫夋嫨浣跨敤鐩稿悓鐨勫瘑鐮佸规墍鏈夌敤鎴
*瀛樺偍閫夐」閫夋嫨 use ASM
*淇鏀光淐reate server parameter file (SPFILE)鈥濅负 /home/oracle/orcl/dbs/spfile+ASM.ora銆傛墍鏈夊叾浠栭夐」鍙浠ヤ繚鐣欏叾榛樿ゅ笺
*鍦ˋSM Disk Groups閰嶇疆鐣岄潰,閫夋嫨Create New,浼氭樉绀轰箣鍓嶉氳繃ASMlib鍒涘缓鐨4涓鍗稸OL1鍒癡OL4
閫夋嫨鍓嶄笁涓,VOL1,VOL2,VOL3,Disk group name杈撳叆DATA,Rendancy,閫夋嫨Normal,鍗曞嚮ok,瀹屾垚鍚庡啀娆″崟鍑籆reate New.閫夋嫨鏈鍚庝竴涓猇OL4,Disk group name杈撳叆FLASH_RECOVERY_AREA, Rendancy閫夋嫨External,鍗曞嚮ok,瀹屾垚ASM鐨勭佺洏缁勫垱寤.
*Database File Locations 閫夋嫨DATA
*Recovery Configuration 閫夋嫨FLASH_RECOVERY_AREA
*Database Content鐢变簬鏄娴嬭瘯,鍙浠ュ彇娑堟帀鎵鏈夐夐」
*Service name 鍙浠ヨ緭鍏orcltest,TAF Policy閫夋嫨Basic
*Database Storage 鏍规嵁鑷宸辩郴缁熺殑纭浠舵潯浠跺彲浠ユ洿鏀逛竴浜涘弬鏁.
瀹屾垚dbca,Oracle RAC灏卞彲浠ユ墍宸茬粡瀹屽叏瀹夎呮垚鍔熶簡!
14. RAC鐨勫惎鍔ㄥ拰鍏抽棴
濡傛灉閮介伒寰浜嗕笂闈㈢殑瀹夎呮ラ,閭d箞姣忔¤妭鐐归噸鏂板惎鍔ㄧ殑鏃跺,鎵鏈夋湇鍔¢兘浼氳嚜鍔ㄥ惎鍔,濡傛灉闇瑕佸叧闂鎴栬呭惎鍔ㄦ煇涓鑺傜偣,濡備笅鎵绀
*鍋滄RAC
1.emctl stop dbconsole
2.srvctl stop instance -d orcl -i orcl1
3.srvctl stop asm -n ha1pub
4.srvctl stop nodeapps -n ha1pub
*鍚鍔≧AC
鍜屼笂闈㈢殑姝ラゆeソ鐩稿弽鍗
1.srvctl start nodeapps -n ha1pub
2.srvctl start asm -n ha1pub
3.srvctl start instance -d orcl -i orcl1
4.srvctl start dbconsole
15. RAC鐨勯獙璇佸拰娴嬭瘯
鏈夊緢澶氭枃妗e啓鐨勯兘寰堣︾粏,鏈鏂囧氨涓嶈禈杩颁簡
16. 鍙傝冩枃妗
鍦 Linux 鍜 FireWire 涓婃瀯寤烘偍鑷宸辩殑 Oracle RAC 10g 绗 2 鐗堥泦缇
浣滆咃細Jeffrey Hunter
http://www.oracle.com/technology ... unter_rac10gr2.html