----模拟误操作
getfacl -pR /u01/app > /tmp/bk_lhr_perm_u01_rac1.txt
./permission.pl /u01/app
ocrconfig -export /tmp/export_asm_lhr.bak
chown -R oracle.oinstall /u01
chmod -R 444 /u01
kill -9 `ps -ef|grep d.bin| grep -v grep | awk '{print $2}'`
Linux环境中还可以通过getfacl和setfacl来进行操作:
--备份
getfacl -pR /u01/app > /tmp/bk_lhr_perm_u01_rac1.txt
--恢复
chmod -R 775 /u01 #取决于误操作是否有chmod操作
setfacl --restore=/tmp/bk_lhr_perm_u01_rac1.txt
---替换脚本中的主机名,注意大小写
:%s/raclhr-11gr2-n1/raclhr-11gr2-n2/g
:%s/raclhr-11gR2-N1/raclhr-11gR2-N2/g
--备份
./permission.pl /u01/app
--恢复
chmod -R 775 /u01 #取决于误操作是否有chmod操作
./restore-perm-
参考连接:http://blog.itpub.net/26736162/viewspace-2121470/
使用chown -R误操作将整个$GRID_BASE或$GRID_HOME的权限修改了,或者删除了$GRID_HOME/log文件夹下的所有内容,导致集群不能启动。在这种情况下可以根据MOS文档:Tips for checking file permissions on GRID environment(ID 1931142.1)来修复该问题。
该文档中描述到,在$GRID_HOME/crs/utl(Oracle 11.2及12.1.0.1)或
Check the permissions from the following 2 files which are created during Grid Infrastructure installation.
In $GRID_HOME/crs/utl (for 11.2 and 12.1.0.1) and
crsconfig_dirs :which has all directories listed in and their permissions
crsconfig_fileperms :which has list of files and their permissions and locations in .
[root@raclhr-11gR2-N1 utl]# ll $ORACLE_HOME/crs/utl/crsconfig_*
-rw-r--r-- 1 root root 8554 May 17 13:31 /u01/app/11.2.0/grid/crs/utl/crsconfig_dirs
-rw-r--r-- 1 root root 12619 May 17 13:31 /u01/app/11.2.0/grid/crs/utl/crsconfig_fileperms
-rw-r--r-- 1 root root 11218 May 17 13:31 /u01/app/11.2.0/grid/crs/utl/crsconfig_files
误操作:
chown -R oracle.oinstall $ORACLE_HOME
ps -ef |grep d.bin|grep -v grep|awk '{print $2}' | xargs kill -9
可以通过命令“cluvfy comp software -n all -verbose”来校验集群的权限是否正确。
所以要解决这个问题其实并不难,大致可以通过如下几种方法来解决:
1、根据MOS文档1931142.1提供的建议通过$GRID_HOME/crs/install/rootcrs.pl -init或roothas.pl -init进行解决。该方法可以用来解决删除了$GRID_HOME/log文件夹下的所有内容,导致集群不能启动的情况,但是对于chown -R误操作将整个$GRID_HOME的权限修改了的情况不一定能恢复。
For 11.2:
For clustered Grid Infrastructure, as root user
# cd
# ./rootcrs.pl -init
For Standalone Grid Infrastructure, as root user
# cd
# ./roothas.pl -init
For 12c:
For clustered Grid Infrastructure, as root user
# cd
# ./rootcrs.sh -init
For Standalone Grid Infrastructure, as root user
# cd
# ./roothas.sh -init
rootcrs.pl –init是在PSU>11.2.0.3.6下执行的,如果PSU<11.2.0.3.6可以执行如下两条命令来实现同样的效果。
2、采用MOS文档1515018.1上提供的脚本permission.pl在权限正常节点上生成修复脚本,然后将生成的修复脚本在异常节点上执行来修复权限问题。可以用来修复chown -R误操作将整个$GRID_HOME的权限修改了的情况。
注意,该脚本会产生2个文件:
a. permission-
b. restore-perm-
修复时只需要执行restore-perm-
:%s/raclhr-11gr2-n2/raclhr-11gr2-n1/g 替换每一行中所有 raclhr-11gr2-n2 为 raclhr-11gr2-n1
3、Oracle 11gR2可以deconfig crs的配置,然后重新运行root.sh即可。如果OCR和数据库不再同一个磁盘组里,那么重新运行root.sh脚本并不影响数据库,所以无需担心。可以用来修复OCR、OLR或表决磁盘损坏的情况,或ASM节点号和主机节点号不一致的情况。
$GRID_HOME/crs/install/rootcrs.pl -deconfig -force -verbose
dd if=/dev/zero of=/dev/rhdiskN bs=1024k count=1024 --清理磁盘头
$GRID_HOME/root.sh
在root.sh脚本执行完毕后,需要再次将数据库、监听和SERVICE等其它资源添加进集群中:
srvctl add db -d lhrrac1 -r PRIMARY -o $ORACLE_HOME
srvctl add instance -d lhrrac1 -i lhrrac11 -n raclhr-11gR2-N1
srvctl add instance -d lhrrac1 -i lhrrac12 -n raclhr-11gR2-N2
srvctl add listener -l LISTENER -o $ORACLE_HOME
在安装有GI的环境下,权限、属主是严格被设定的,任何对于它们的错误修改容易引发一系列的问题,而且这些问题往往都很诡异很难按照常规的思路去诊断。一旦出现权限的问题,个人建议第1和第3种方式来修改。
如果可执行文件$ORACLE_HOME/bin/oracle的属主或权限设定出了问题,那么可能会造成很多问题。例如:无法登陆到数据库、ora-600错误、“TNS-12518: TNS:listener could not hand off client connection”、“Linux Error: 32: Broken pipe”、“ORA-12537: TNS:connection closed”、访问ASM磁盘出错等。解决办法很简单,可以在grid用户下运行setasmgidwrap命令重新配置$ORACLE_HOME/bin/oracle可执行文件的权限和属主或者直接将oracle文件的权限修改为6751。$ORACLE_HOME/bin/oracle可执行文件正确属主应该是oracle:asmadmin,并且权限必须有s才可以,如下所示:
[root@orclalhr ~]$ which setasmgidwrap
/u01/app/11.2.0/grid/bin/setasmgidwrap
[root@orclalhr ~]$ setasmgidwrap -o /u01/app/oracle/product/11.2.0/dbhome_1/bin/oracle
[root@orclalhr ~]$ ll /u01/app/oracle/product/11.2.0/dbhome_1/bin/oracle
-rwsr-s--x 1 oracle asmadmin 232399083 Apr 21 2015 /u01/app/oracle/product/11.2.0/dbhome_1/bin/oracle
[root@orclalhr ~]# ll /u01/app/11.2.0/grid/bin/oracle
-rwsr-s--x. 1 grid oinstall 203972117 Jan 5 2015 /u01/app/11.2.0/grid/bin/oracle
[root@orclalhr ~]# chmod 6751 /u01/app/oracle/product/11.2.0/dbhome_1/bin/oracle
[root@orclalhr ~]# ll /u01/app/oracle/product/11.2.0/dbhome_1/bin/oracle
-rwsr-s--x 1 oracle asmadmin 232399083 Apr 21 2015 /u01/app/oracle/product/11.2.0/dbhome_1/bin/oracle
[root@orclalhr bin]# cd /u01/app/oracle/product/11.2.0/dbhome_1/bin/
[root@orclalhr bin]# which stat
/usr/bin/stat
[root@orclalhr bin]# stat oracle
File: `oracle'
Size: 210823844 Blocks: 411776 IO Block: 4096 regular file
Device: 802h/2050d Inode: 1717737 Links: 1
Access: (6751/-rwsr-s--x) Uid: ( 501/ oracle) Gid: ( 504/asmadmin)
Access: 2017-03-16 12:33:44.809363974 +0800
Modify: 2014-05-18 17:09:50.508549983 +0800
Change: 2017-03-16 11:05:15.733816820 +0800
& 说明:
有关修复权限的更多内容可以参考我的BLOG:http://blog.itpub.net/26736162/viewspace-2121470/
In this Document
Goal |
Solution |
Oracle Database - Enterprise Edition - Version 11.2.0.3 and later
Oracle Database - Standard Edition - Version 12.1.0.1 to 12.1.0.1 [Release 12.1]
Information in this document applies to any platform.
To provide ways how to check, find and correct permissions for Grid Infrastructure (GI) $ORACLE_HOME or
1. Validate the
$ cluvfy comp software -n all -verbose
This though only validates the binary files and theirs permissions. This is mentioned in unpublished bug 18407533 (closed as not a bug).
2. Check the permissions from the following 2 files which are created during Grid Infrastructure installation.
In $GRID_HOME/crs/utl (for 11.2 and 12.1.0.1) and
- crsconfig_dirs which has all directories listed in
- crsconfig_fileperms which has list of files and their permissions and locations in
3. The permissions can be reverted back to original values with rootcrs.pl or roothas.pl. For versions 11.2.0.3.6 and higher, there is an option -init:
Reset the permissions of all files and directories under Oracle
For 11.2:
For clustered Grid Infrastructure, as root user
# cd
# ./rootcrs.pl -init
For Standalone Grid Infrastructure, as root user
# cd
# ./roothas.pl -init
For 12c:
For clustered Grid Infrastructure, as root user
# cd
# ./rootcrs.sh -init
For Standalone Grid Infrastructure, as root user
# cd
# ./roothas.sh -init
4. If that does not work then permissions can be altered manually with information found from crsconfig_fileperms and crsconfig_dirs files.
Please note that changing the permissions manually is the last resort and shouldn't be used unless recommended by Oracle support or development.
In this Document
Main Content |
Purpose |
Requirements |
Configuring |
Instructions |
Caution |
Script |
Oracle Database - Enterprise Edition
Generic UNIX
Generic Linux
This script is intended to capture and restore the file permission of a given directory example - ORACLE_HOME. The script will create a output file called permission_
The script needs to be run on command prompt of Unix platform .
Perl is required to execute this script
Shell is required to run the shell script .
Download and save the script on your server as permission.pl
Provide the execute permission on the script
Run the script from the location where you have downloaded and saved it
./permission.pl
This sample code is provided for educational purposes only and not supported by Oracle Support Services. It has been tested internally, however, and works as documented. We do not guarantee that it will work for you, so be sure to test it in your environment before relying on it.
Proofread this sample code before using it! Due to the differences in the way text editors, e-mail packages and operating systems handle text formatting (spaces, tabs and carriage returns), this sample code may not be in an executable state when you first receive it. Check over the sample code to ensure that errors of this type are corrected.
Note : This script can restore permission back to the point at which it was captured. It is not intended to reset the permission.
Execute the script from the dollar ($) prompt
Steps to capture permission of a directory
1. Download the script from here
2. Log in as "oracle" user
3. copy the file to a location say /home/oracle/scripts
4. Give execute permission
$ chmod 755 permission.pl
5. Execute the script to capture permission
$ cd /home/oracle/scripts
$ ./permission.pl
Script generates two files
a. permission- - This contains file permission in octal value, owner and group information of the files captured
b. restore-perm- - This contains command to change the permission, owner, and group of the captured files
Steps to restore captured permission of the directory
1. Give execute permission to file generated during capture
chmod 755 restore-perm-
2. execute .cmd file to restore the permission and the ownership
$ ./restore-perm-
Sample output of the script
permission-
755 oracle oinstall /u03/app/oracle/OraHome_11202g
750 oracle oinstall /u03/app/oracle/OraHome_11202g/root.sh
644 oracle oinstall /u03/app/oracle/OraHome_11202g/install.platform
640 oracle oinstall /u03/app/oracle/OraHome_11202g/oraInst.loc
644 oracle oinstall /u03/app/oracle/OraHome_11202g/afiedt.buf
644 oracle oinstall /u03/app/oracle/OraHome_11202g/a.out
6755 root root /u03/app/oracle/OraHome_11202g/tsh.sh
644 oracle oinstall /u03/app/oracle/OraHome_11202g/Readme.txt
640 oracle oinstall /u03/app/oracle/OraHome_11202g/oraorcl1122
644 oracle oinstall /u03/app/oracle/OraHome_11202g/SQLtraining_day1.lst
751 oracle oinstall /u03/app/oracle/OraHome_11202g/bin/hsots
751 oracle oinstall /u03/app/oracle/OraHome_11202g/bin/nid
6751 oracle oinstall /u03/app/oracle/OraHome_11202g/bin/oracle
751 oracle oinstall /u03/app/oracle/OraHome_11202g/bin/orapwd
751 oracle oinstall /u03/app/oracle/OraHome_11202g/bin/wrap
750 oracle oinstall /u03/app/oracle/OraHome_11202g/bin/grdcscan
restore-perm-
chown oracle:oinstall /u03/app/oracle/OraHome_11202g
chmod 755 /u03/app/oracle/OraHome_11202g
chown oracle:oinstall /u03/app/oracle/OraHome_11202g/root.sh
chmod 750 /u03/app/oracle/OraHome_11202g/root.sh
chown oracle:oinstall /u03/app/oracle/OraHome_11202g/install.platform
chmod 644 /u03/app/oracle/OraHome_11202g/install.platform
chown oracle:oinstall /u03/app/oracle/OraHome_11202g/oraInst.loc
chmod 640 /u03/app/oracle/OraHome_11202g/oraInst.loc
chown oracle:oinstall /u03/app/oracle/OraHome_11202g/afiedt.buf
chmod 644 /u03/app/oracle/OraHome_11202g/afiedt.buf
chown oracle:oinstall /u03/app/oracle/OraHome_11202g/a.out
chmod 644 /u03/app/oracle/OraHome_11202g/a.out
chown root:root /u03/app/oracle/OraHome_11202g/tsh.sh
chmod 6755 /u03/app/oracle/OraHome_11202g/tsh.sh
chown oracle:oinstall /u03/app/oracle/OraHome_11202g/Readme.txt
chmod 644 /u03/app/oracle/OraHome_11202g/Readme.txt
chown oracle:oinstall /u03/app/oracle/OraHome_11202g/oraorcl1122
chmod 640 /u03/app/oracle/OraHome_11202g/oraorcl1122
chown oracle:oinstall /u03/app/oracle/OraHome_11202g/SQLtraining_day1.lst
chmod 644 /u03/app/oracle/OraHome_11202g/SQLtraining_day1.lst
chown oracle:oinstall /u03/app/oracle/OraHome_11202g/bin/nid
chmod 751 /u03/app/oracle/OraHome_11202g/bin/nid
chown oracle:oinstall /u03/app/oracle/OraHome_11202g/bin/oracle
chmod 6751 /u03/app/oracle/OraHome_11202g/bin/oracle
chown oracle:oinstall /u03/app/oracle/OraHome_11202g/bin/orapwd
chmod 751 /u03/app/oracle/OraHome_11202g/bin/orapwd
chown oracle:oinstall /u03/app/oracle/OraHome_11202g/bin/wrap
chmod 751 /u03/app/oracle/OraHome_11202g/bin/wrap
chown oracle:oinstall /u03/app/oracle/OraHome_11202g/bin/grdcscan
chmod 750 /u03/app/oracle/OraHome_11202g/bin/grdcscan
About Me
.............................................................................................................................................
● 本文作者:小麦苗,部分内容整理自网络,若有侵权请联系小麦苗删除
● 本文在itpub(http://blog.itpub.net/26736162/abstract/1/)、博客园(http://www.cnblogs.com/lhrbest)和个人微信公众号(xiaomaimiaolhr)上有同步更新
● 本文itpub地址:http://blog.itpub.net/26736162/abstract/1/
● 本文博客园地址:http://www.cnblogs.com/lhrbest
● 本文pdf版、个人简介及小麦苗云盘地址:http://blog.itpub.net/26736162/viewspace-1624453/
● 数据库笔试面试题库及解答:http://blog.itpub.net/26736162/viewspace-2134706/
● DBA宝典今日头条号地址:http://www.toutiao.com/c/user/6401772890/#mid=1564638659405826
.............................................................................................................................................
● QQ群号:230161599(满)、618766405
● 微信群:可加我微信,我拉大家进群,非诚勿扰
● 联系我请加QQ好友(646634621),注明添加缘由
● 于 2018-07-01 06:00 ~ 2018-07-31 24:00 在魔都完成
● 最新修改时间:2018-07-01 06:00 ~ 2018-07-31 24:00
● 文章内容来源于小麦苗的学习笔记,部分整理自网络,若有侵权或不当之处还请谅解
● 版权所有,欢迎分享本文,转载请保留出处
.............................................................................................................................................
● 小麦苗的微店:https://weidian.com/s/793741433?wfr=c&ifr=shopdetail
● 小麦苗出版的数据库类丛书:http://blog.itpub.net/26736162/viewspace-2142121/
● 小麦苗OCP、OCM、高可用网络班:http://blog.itpub.net/26736162/viewspace-2148098/
.............................................................................................................................................
使用微信客户端扫描下面的二维码来关注小麦苗的微信公众号(xiaomaimiaolhr)及QQ群(DBA宝典)、添加小麦苗微信,学习最实用的数据库技术。
小麦苗的微信公众号 小麦苗的DBA宝典QQ群2 小麦苗的微信二维码 小麦苗的微店
.............................................................................................................................................