2 Oracle Audit Vault Preinstallation Requirements

This chapter describes the tasks that you must complete before you start Oracle Universal Installer to install Oracle Audit Vault Server (Audit Vault Server) Release 10.3. It includes information about the following tasks:

Note:

If you want to use Oracle Automatic Storage Management (Oracle ASM) or Oracle Restart, then you must first install Oracle Grid Infrastructure for a standalone server and then install Oracle Audit Vault Server.

Logging In to the System as root
Checking the Hardware Requirements
Checking the Software Requirements
Installation Fixup Scripts
Enabling Core File Creation
Verifying UDP and TCP Kernel Parameters
Installing the cvuqdisk Package for Linux
Checking the Network Setup
Creating Required Operating System Groups and Users
Checking Resource Limits for the Oracle Software Installation Users
Configuring Kernel Parameters for Linux
Identifying Required Software Directories
Identifying or Creating an Oracle Base Directory
Choosing a Storage Option for Oracle Audit Vault Server and Recovery Files
Creating Directories for Oracle Audit Vault Server or Recovery Files
Configuring Storage for Oracle Audit Vault Server Files Using Block Devices
Configuring Disk Devices for Oracle Audit Vault Server
Configuring the oracle User's Environment
Setting the DISPLAY Environment Variable
Setting the Correct Locale

See Also:

"Requirements for Oracle Grid Infrastructure Installation" section in Oracle Database Installation Guide for Linux
"Preinstallation Requirements" section in Oracle Configuration Manager Installation and Administration Guide and Oracle Configuration Manager Prerequisites
Appendix A, "Country Codes", in Oracle Configuration Manager Installation and Administration Guide for a list of valid country codes that can be used while installing Oracle Configuration Manager

2.1 Logging In to the System as root

Before you install the Oracle software, you must complete several tasks as the root user. To log in as the root user, complete the following procedure:

$ sudo sh
password:#

2.2 Checking the Hardware Requirements

The system must meet the following minimum hardware requirements:

Memory Requirements
System Architecture
Disk Space Requirements
Display Requirements

2.2.1 Memory Requirements

The following are the memory requirements for installing Oracle Audit Vault Server Release 10.3, which installs a customized, specially configured release of Oracle Database 11g Release 2 (11.2.0.3).

On Linux x86-64:

Minimum: 1 GB of RAM

Recommended: 2 GB of RAM or more

To determine the RAM size, enter the following command:
```
# grep MemTotal /proc/meminfo
```
If the size of the RAM is less than the required size, then you must install more memory before continuing.
The following table describes the relationship between the installed RAM and the configured swap space recommendation:

Note:
On Linux, the HugePages feature allocates non-swappable memory for large page tables using memory-mapped files. If you enable HugePages, then you deduct the memory allocated to HugePages from the available RAM before calculating the swap space.

RAM Swap Space

Between 1 GB and 2 GB 1.5 times the size of the RAM

Between 2 GB and 16 GB Equal to the size of RAM

More than 16 GB 16 GB

RAM	Swap Space
Between 1 GB and 2 GB	1.5 times the size of the RAM
Between 2 GB and 16 GB	Equal to the size of RAM
More than 16 GB	16 GB

If the size of the RAM is less than the required size, then you must install more memory before continuing.

To determine the size of the configured swap space, enter the following command:

# grep SwapTotal /proc/meminfo

If necessary, see the operating system documentation for information about how to configure additional swap space.

To determine the available RAM and swap space, enter the following command:

# free

Note:

Oracle recommends that you take multiple values for the available RAM and swap space before finalizing a value. This is because the available RAM and swap space keep changing depending on the user interactions with the computer.

Automatic Memory Management

In the current release, the Automatic Memory Management feature requires more shared memory (/dev/shm)and file descriptors. The size of the shared memory must be at least the greater of the MEMORY_MAX_TARGET and MEMORY_TARGET parameters for each Oracle instance on the computer. If the MEMORY_MAX_TARGET parameter or the MEMORY_TARGET parameter is set to a non-zero value, and an incorrect size is assigned to the shared memory, it results in an ORA-00845 error at startup. On Linux systems, if the operating system /dev/shm mount size is too small for the Oracle system global area (SGA) and program global area (PGA), it will result in an ORA-00845 error.

The number of file descriptors for each Oracle instance must be at least 512*PROCESSES. The limit of descriptors for each process must be at least 512. If file descriptors are not sized correctly, you will see an ORA-27123 error from various Oracle processes and potentially Linux Error EMFILE (Too many open files)in non-Oracle processes.

To determine the amount of shared memory available, enter the following command:

# df -h /dev/shm/

Note:

The MEMORY_MAX_TARGET and MEMORY_TARGET parameters cannot be used when the LOCK_SGA parameter is enabled, or with HugePages on Linux.

On the Initialization Parameters page, note the Memory Size (SGA and PGA), which sets the initialization parameter MEMORY_TARGET or MEMORY_MAX_TARGET. Note that the initialization parameters cannot be greater than the shared memory file system on the operating system. For example, if the shared memory file system allocation on your system is 1 GB, but you set Memory Size (MEMORY_TARGET) to 2 GB, then the following error messages are displayed during database startup:

ORA-00845: MEMORY_TARGET not supported on this system
ORA-01078: Failure in processing system parameters

In addition, if you click All Initialization Parameters and the global database name is longer than eight characters, then the database name value (in the DB_NAME parameter) is truncated to the first eight characters, and the DB_UNIQUE_NAME parameter value is set to the global name.

The workaround, if you encounter the ORA-00845 error, is to increase the /dev/shm mountpoint size.

For example:

# mount -t tmpfs shmfs -o size=7g /dev/shm

To make this change persistent across system restarts, add an entry in /etc/fstab similar to the following:

shmfs /dev/shm tmpfs size=7g 0

2.2.2 System Architecture

To determine if the system architecture can run the software, enter the following command:

# uname -m

Verify that the processor architecture matches the Oracle software release that you want to install. If you do not see the expected output, then you cannot install the software on this system.

2.2.3 Disk Space Requirements

The following are the disk space requirements for installing Oracle Audit Vault Server Release 10.3:

1 GB of space in the /tmp directory

To determine the amount of space available in the /tmp directory, enter the following command:
```
# df -h /tmp
```
If the free space available in the /tmp directory is less than what is required, then complete one of the following steps:
- Delete unnecessary files from the /tmp directory to meet the disk space requirement.
- Set the TMP and TMPDIR environment variables when setting the oracle user's environment.
  
  See Also:
  Section 2.18 for more information about setting TMP and TMPDIR
- Extend the file system that contains the /tmp directory. If necessary, contact the system administrator for information about extending file systems.
The following tables describe the disk space requirements for software files and data files for each installation type on Linux x86-64:

Installation Type Requirement for Software Files (GB)

Oracle Audit Vault Server 4.45

Installation Type Disk Space for Data Files (GB)

Oracle Audit Vault Server 2.30

Installation Type	Requirement for Software Files (GB)
Oracle Audit Vault Server	4.45

Installation Type	Disk Space for Data Files (GB)
Oracle Audit Vault Server	2.30

To determine the amount of free disk space on the system, enter the following command:

# df -h

Additional disk space, either on a file system or on an Oracle ASM disk group is required for the fast recovery area if you configure automated backups.

2.2.4 Display Requirements

The minimum resolution for Oracle Audit Vault Server is 1024 x 768 or higher.

2.3 Checking the Software Requirements

Depending on the products that you intend to install, verify that the following software is installed on your system:

Operating System Requirements
Kernel Requirements
Package Requirements
Additional Software Requirements

Note:

This guide contains information required to install Oracle Audit Vault Server on various platforms. Ensure that you review information related to the platform on which you intend to install Oracle Audit Vault Server.
Oracle Universal Installer performs checks on the system to verify that it meets the listed requirements. To ensure that these checks pass, verify the requirements before you start Oracle Universal Installer.

2.3.1 Operating System Requirements

The following operating system versions (or later) are required for Oracle Audit Vault Server Release 10.3:

On Linux x86-64
- Asianux Server 3 SP2
- Oracle Linux 4 Update 7
- Oracle Linux 5 Update 2
- Oracle Linux 5 Update 5 (only if using Oracle Unbreakable Enterprise Kernel)
- Red Hat Enterprise Linux 4 Update 7
- Red Hat Enterprise Linux 5 Update 2
- Red Hat Enterprise Linux 5 Update 5 (only if using Oracle Unbreakable Enterprise Kernel)
- SUSE Linux Enterprise Server 10 SP2
- SUSE Linux Enterprise Server 11

Starting with Oracle Audit Vault Server Release 10.3, the Security Enhanced Linux (SE Linux) feature is supported for Oracle Linux 4, Red Hat Enterprise Linux 4, Oracle Linux 5, and Red Hat Enterprise Linux 5.

Note:

For Asianux Server, Oracle Linux, and Red Hat Enterprise Linux, the system requirements are identical by kernel version, specifically:

Oracle Linux 4 and Red Hat Enterprise Linux 4 requirements are the same.
Asianux Server 3, Oracle Linux 5, and Red Hat Enterprise Linux 5 Update 2 requirements are the same.
Oracle Unbreakable Enterprise Kernel for Linux 5 Update 5 (2.6.32), available for x86-64 systems, contains several additional features and performance enhancements not available either with Oracle Linux or with other supported Linux distributions. This kernel can be installed on either Oracle Linux or Red Hat Enterprise Linux distributions. Before installing the Unbreakable Enterprise Kernel, you must have Oracle Linux 5 Update 5 or RHEL5 Update 5 installed on an x86-64 server.

To determine the distribution and version of Linux installed, enter the following command :

# cat /proc/version

You can also enter the following command on some distributions of Linux:

# lsb_release -id

Note:

Only the distributions and versions listed in the previous list are supported. Do not install the software on other versions of Linux.

See Also:

Section 1.6.1 for information about how to access the latest system requirements

2.3.2 Kernel Requirements

The following are the kernel requirements for Oracle Audit Vault Server Release 10.3:

For Linux x86-64

On Oracle Linux 4 and Red Hat Enterprise Linux 4

2.6.9 or later
On Oracle Linux 5 Update 5 with the Unbreakable Enterprise Kernel for Linux

2.6.32-100.0.19 or later

See Oracle Database Installation Guide for Linux for more information about Oracle Unbreakable Enterprise Kernel for Linux.
On Red Hat Enterprise Linux 5 Update 5 with the Unbreakable Enterprise Kernel for Linux

2.6.32 or later

See Oracle Database Installation Guide for Linux for more information about Oracle Unbreakable Enterprise Kernel for Linux.
On Oracle Linux 5 Update 2

2.6.18 or later (compatible with Red Hat Enterprise kernel)
On Asianux Server 3, Oracle Linux 5 Update 2, and Red Hat Enterprise Linux 5 Update 2

2.6.18 or later
On SUSE Linux Enterprise Server 10

2.6.16.21 or later
On SUSE Linux Enterprise Server 11

2.6.27.19 or later

To determine if the required kernel is installed, enter the following command:

# uname -r

The following is a sample output displayed by running this command on an Oracle Linux 5 system:

2.6.18-128.el5PAE

In this example, the output shows the kernel version (2.6.18) and errata level (-128.el5PAE) on the system.

If the kernel version does not meet the requirement, then contact the operating system vendor for information about obtaining and installing kernel updates.

2.3.3 Package Requirements

The following are the list of packages required for Oracle Audit Vault Server Release 10.3:

Linux x86-64

Note:

Oracle recommends that you install your Linux operating system with the default software packages (RPMs), unless you specifically intend to perform a minimal installation and follow the directions for performing such an installation to ensure that you have all required packages for Oracle software.
Oracle recommends that you do not customize RPMs during a default operating system installation. A default installation includes most required packages and will help you to limit manual verification of package dependencies.
If you did not perform a default Linux installation, you intend to use LDAP, and you want to use the scripts odisrvreg, oidca, or schemasync, then install the Korn shell RPM for the Linux distribution.
You must install the packages (or later versions) listed in the following table, and ensure that the list of RPMs and all of the prerequisites for these RPMs are installed.

Linux x86-64

IMPORTANT:

Starting with Oracle Audit Vault Server Release 10.3 which installs a customized, specially configured release of Oracle Database 11g Release 2 (11.2.0.3), all the 32-bit packages, except for gcc-32bit-4.3, listed in the following table are no longer required for installing a database on Linux x86-64. Only the 64-bit packages are required.
If you are using Oracle Unbreakable Enterprise Kernel, then all required kernel packages are installed as part of the Oracle Unbreakable Enterprise Kernel installation.

Operating System	Requirement
Oracle Linux 4 and Red Hat Enterprise Linux 4	The following packages (or later versions) must be installed: binutils-2.15.92.0.2 compat-libstdc++-33-3.2.3 compat-libstdc++-33-3.2.3 (32 bit) elfutils-libelf-0.97 elfutils-libelf-devel-0.97 expat-1.95.7 gcc-3.4.6 gcc-c++-3.4.6 glibc-2.3.4-2.41 glibc-2.3.4-2.41 (32 bit) glibc-common-2.3.4 glibc-devel-2.3.4 glibc-headers-2.3.4 libaio-0.3.105 libaio-0.3.105 (32 bit) libaio-devel-0.3.105 libaio-devel-0.3.105 (32 bit) libgcc-3.4.6 libgcc-3.4.6 (32-bit) libstdc++-3.4.6 libstdc++-3.4.6 (32 bit) libstdc++-devel 3.4.6 make-3.80 numactl-0.6.4.x86_64 pdksh-5.2.14 sysstat-5.0.5
Asianux Server 3, Oracle Linux 5, and Red Hat Enterprise Linux 5	The following packages (or later versions) must be installed: binutils-2.17.50.0.6 compat-libstdc++-33-3.2.3 compat-libstdc++-33-3.2.3 (32 bit) elfutils-libelf-0.125 elfutils-libelf-devel-0.125 gcc-4.1.2 gcc-c++-4.1.2 glibc-2.5-24 glibc-2.5-24 (32 bit) glibc-common-2.5 glibc-devel-2.5 glibc-devel-2.5 (32 bit) glibc-headers-2.5 ksh-20060214 libaio-0.3.106 libaio-0.3.106 (32 bit) libaio-devel-0.3.106 libaio-devel-0.3.106 (32 bit) libgcc-4.1.2 libgcc-4.1.2 (32 bit) libstdc++-4.1.2 libstdc++-4.1.2 (32 bit) libstdc++-devel 4.1.2 make-3.81 numactl-devel-0.9.8.x86_64 sysstat-7.0.2
SUSE Linux Enterprise Server 10	The following packages (or later versions) must be installed: binutils-2.16.91.0.5 compat-libstdc++-5.0.7 gcc-4.1.0 gcc-c++-4.1.2 glibc-2.4-31.63 glibc-devel-2.4-31.63 glibc-devel-32bit-2.4-31.63 ksh-93r-12.9 libaio-0.3.104 libaio-32bit-0.3.104 libaio-devel-0.3.104 libaio-devel-32bit-0.3.104 libelf-0.8.5 libgcc-4.1.2 libstdc++-4.1.2 libstdc++-devel-4.1.2 make-3.80 numactl-0.9.6.x86_64 sysstat-8.0.4
SUSE Linux Enterprise Server 11	The following packages (or later versions) must be installed: binutils-2.19 gcc-4.3 gcc-32bit-4.3 gcc-c++-4.3 glibc-2.9 glibc-32bit-2.9 glibc-devel-2.9 glibc-devel-32bit-2.9 ksh-93t libaio-0.3.104 libaio-32bit-0.3.104 libaio-devel-0.3.104 libaio-devel-32bit-0.3.104 libstdc++33-3.3.3 libstdc++33-32bit-3.3.3 libstdc++43-4.3.3_20081022 libstdc++43-32bit-4.3.3_20081022 libstdc++43-devel-4.3.3_20081022 libstdc++43-devel-32bit-4.3.3_20081022 libgcc43-4.3.3_20081022 libstdc++-devel-4.3 make-3.81 sysstat-8.1.5

Note:

The numa package link for Linux x86-64 is /usr/lib64/.

To determine if the required packages are installed, enter commands similar to the following:

# rpm -q package_name

If a package is not installed, then install it from the Linux distribution media or download the required package version from the Linux vendor's Web site.

2.3.4 Additional Software Requirements

Depending on the components you want to use, you must ensure that the following software is installed:

Oracle JDBC/OCI Drivers
Linux-PAM Library
Browser Requirements

2.3.4.1 Oracle JDBC/OCI Drivers

Use JDK 6 (Java SE Development Kit 1.6.0_21) or JDK 5 (1.5.0_24) with the JNDI extension with the Oracle Java Database Connectivity and Oracle Call Interface drivers. However, these are not mandatory for the database installation. Note that JDK 1.5 is installed with this release.

2.3.4.2 Linux-PAM Library

Install the latest Linux-PAM (Pluggable Authentication Modules for Linux) library to enable the system administrator to choose how applications authenticate users.

2.3.4.3 Browser Requirements

Web browsers must support JavaScript, and the HTML 4.0 and CSS 1.0 standards. The following browsers meet these requirements for Oracle Enterprise Manager Database Control:

Netscape Navigator 8.1
Netscape Navigator 9.0
Microsoft Internet Explorer 6.0 SP2
Microsoft Internet Explorer 7.0 SP1
Microsoft Internet Explorer 8.0
Firefox 2.0
Firefox 3.0.7
Firefox 3.5
Firefox 3.6
Safari 3.1
Safari 3.2
Safari 4.0.x
Google Chrome 3.0
Google Chrome 4.0

2.4 Installation Fixup Scripts

During installation, for certain prerequisite verification failures, click Fix & Check Again to generate a fixup script (runfixup.sh). You can run this script as the root user to complete the required preinstallation steps.

The fixup script:

Checks for and sets kernel parameters to values required for successful installation, including:
- Shared memory parameters
- Open file descriptor and UDP send/receive parameters

Oracle recommends that you do not modify the contents of the generated fixup script.

Note:

Using fixup scripts does not ensure that all the prerequisites for installing Oracle Audit Vault Server are met. You must still verify that all the preinstallation requirements are met to ensure a successful installation.

2.5 Enabling Core File Creation

During installation, the installer checks the system configuration file that sets core dump preferences to see if core dumps are enabled. The value must be a file, and the file is checked to see if it contains the value of one (1). The following files are checked, in order of precedence:

/proc/sys/kernel/suid_dumpable 
 /proc/sys/fs/suid_dumpable 
 /proc/sys/kernel/core_setuid_ok

The first file that is present is read. If a value other than 1 is present in the file, then core files are disabled. Enabling core file creation can vary between Linux distributions; see your Linux vendor documentation for information about how to enable core file creation. The following example shows how to enable core file creation on Oracle Linux 5 and Red Hat Enterprise Linux 5:

Use a text editor to open the /etc/profile file of the Oracle Grid Infrastructure installation owner and find the following line:
```
ulimit –S –c 0 > /dev/null 2>&1 
```
Change it to the following:
```
ulimit -S -c unlimited > /dev/null 2>&1
```
Use a text editor to open /etc/sysctl.conf and find the following line:
```
kernel.core_uses_pid
```
Confirm that the file is set to 1. This setting appends the PID to the generated core file, which allows multiple core file dumps.

If kernel.core_uses_pid is missing, then add the following line:
```
kernel.core_uses_pid = 1
```
Find the following line:
```
fs.suid_dumpable 
```
By default, this value is set to 0 . Change it to 1.

If fs.suid_dumpable is not in the sysctl.conf file, then add the following line:
```
fs.suid_dumpable = 1
```
Save /etc/sysctl.conf and use the following command to reload settings:
```
# sysctl -p 
```

2.6 Verifying UDP and TCP Kernel Parameters

Set TCP/IP ephemeral port range parameters to provide enough ephemeral ports for the anticipated server workload. Ensure that the lower range is set to at least 9000 or higher, to avoid Well Known ports, and to avoid ports in the Registered Ports range commonly used by Oracle and other server ports. Set the port range high enough to avoid reserved ports for any applications you may intend to use. If the lower value of the range you have is greater than 9000, and the range is large enough for your anticipated workload, then you can ignore OUI warnings regarding the ephemeral port range.

For example, with IPv4, use the following command to check your current range for ephemeral ports:

$ cat /proc/sys/net/ipv4/ip_local_port_range
32768 61000

In the preceding example, the lowest port (32768) and the highest port (61000) are set to the default range.

If necessary, update the UDP and TCP ephemeral port range to a range high enough for anticipated system workloads, and to ensure that the ephemeral port range starts at 9000 and above. For example:

# echo 9000 65500 > /proc/sys/net/ipv4/ip_local_port_range

Oracle recommends that you make these settings permanent. For example, as root, use a text editor to open /etc/sysctl, and add or change to the following: net.ipv4.ip_local_port_range = 9000 65500, and then restart the network (# /etc/rc.d/init.d/network restart). Refer to your Linux distribution system administration documentation for detailed information about how to automate this ephemeral port range alteration on system restarts.

2.7 Installing the cvuqdisk Package for Linux

Install the operating system package cvuqdisk. Without cvuqdisk, the Cluster Verification Utility cannot find shared disks, and you receive a "Package cvuqdisk not installed" error when you run the Cluster Verification Utility. Use the cvuqdisk RPM for your hardware (for example, x86_64, or i386).

To install the cvuqdisk RPM, complete the following procedure:

Note:

If you prefer, you can disable Cluster Verification Utility shared disk checks by adding the following line to the file oracle_home1/cv/admin/cvu_config:

CV_RAW_CHECK_ENABLED=FALSE

In this example, oracle_home1 is the Oracle home directory where the database is installed.

Locate the cvuqdisk RPM package, which is in the directory rpm on the installation media. If you already installed Oracle Grid Infrastructure, then it is in the directory oracle_home1/cv/rpm.
Log in as root.
Use the following command to find if you have an existing version of the cvuqdisk package:
```
# rpm -qi cvuqdisk
```
If you have an existing version, then enter the following command to deinstall the existing version:
```
# rpm -e cvuqdisk
```
Set the environment variable CVUQDISK_GRP to point to the group that will own cvuqdisk, typically oinstall, for example:
```
# CVUQDISK_GRP=oinstall; export CVUQDISK_GRP
```
In the directory where you have saved the cvuqdisk RPM, use the following command to install the cvuqdisk package:
```
rpm -iv package
```
For example:
```
# rpm -iv cvuqdisk-1.0.9-1.rpm
```

2.8 Checking the Network Setup

Typically, the computer on which you want to install Oracle Audit Vault Server is connected to the network. The computer has local storage to store the Oracle Audit Vault Server installation. It also contains a display monitor and DVD drive. This section describes how to install Oracle Audit Vault Server on computers that do not meet the typical scenario. It describes the following cases:

Installing on DHCP Computers
Installing on Multihomed Computers
Installing on Computers with Multiple Aliases

2.8.1 Installing on DHCP Computers

Dynamic Host Configuration Protocol (DHCP) assigns dynamic IP addresses on a network. Dynamic addressing enables a computer to have a different IP address each time it connects to the network. In some cases, the IP address can change while the computer is still connected. You can have a mixture of static and dynamic IP addressing in a DHCP system.

In a DHCP setup, the software tracks IP addresses, which simplifies network administration. This lets you add a new computer to the network without having to manually assign a unique IP address to the newly added computer.

Do not install Oracle Audit Vault Server in an environment where the IP addresses of the Audit Vault Server or the Oracle Audit Vault collection agent can change. If your environment uses DHCP, ensure that all Oracle Audit Vault systems use static IP addresses.

2.8.2 Installing on Multihomed Computers

You can install Oracle Audit Vault Server on a multihomed computer. A multihomed computer is associated with multiple IP addresses. This is typically achieved by having multiple network cards on the computer. Each IP address is associated with a host name. In addition, you can set up aliases for the host name. By default, Oracle Universal Installer uses the ORACLE_HOSTNAME environment variable setting to find the host name. If ORACLE_HOSTNAME is not set and you are installing on a computer that has multiple network cards, then Oracle Universal Installer determines the host name from the /etc/hosts file.

Clients must be able to access the computer either by using this host name or by using aliases for this host name. To verify this, ping the host name from the client computers using the short name (host name only) and the full name (host name and domain name). Both tests must be successful.

Setting the ORACLE_HOSTNAME Environment Variable

Use the following procedure to set the ORACLE_HOSTNAME environment variable. For example, if the fully qualified host name is somehost.us.example.com, then enter one of the following commands:

In Bourne, Bash, or Korn shell:

$ ORACLE_HOSTNAME=somehost.us.example.com
$ export ORACLE_HOSTNAME

In C shell:

% setenv ORACLE_HOSTNAME somehost.us.example.com

2.8.3 Installing on Computers with Multiple Aliases

A computer with multiple aliases is registered with the naming service under a single IP address but with multiple aliases. The naming service resolves any of those aliases to the same computer. Before installing Oracle Audit Vault Server on such a computer, set the ORACLE_HOSTNAME environment variable to the computer whose host name you want to use.

2.9 Creating Required Operating System Groups and Users

Depending on if this is the first time Oracle software is being installed on this system and on the products that you are installing, you may need to create several operating system groups and users. Log in to your system as the root user before you attempt to create these operating system groups and users.

If you are installing Oracle Audit Vault Server, it requires the following operating system groups and user:

The OSDBA group (dba)

You must create this group the first time you install Oracle Audit Vault software on the system. It identifies operating system user accounts that have database administrative privileges (the SYSDBA privilege). The default name for this group is dba.
The OSOPER group (oper)

This is an optional group. Create this group if you want a separate group of operating system users to have a limited set of administrative privileges (the SYSOPER privilege). By default, members of the OSDBA group also have the SYSOPER privilege.
An unprivileged user

Verify that the unprivileged user nobody exists on the system. The nobody user must own the external jobs (extjob) executable after the installation.

The following operating system group and user are required for all installations:

The Oracle Inventory group (oinstall)

You must create this group the first time you install Oracle software on the system. The usual name chosen for this group is oinstall. This group owns the Oracle inventory, which is a catalog of all Oracle software installed on the system.

Note:
If Oracle software is already installed on the system, then the existing Oracle Inventory group must be the primary group of the operating system user that you use to install new Oracle software. The following topics describe how to identify an existing Oracle Inventory group.
The Oracle software owner user (typically, oracle)

You must create this user the first time you install Oracle software on the system. This user owns all software installed during the installation. This user must have the Oracle Inventory group as its primary group. It must also have the OSDBA and OSOPER groups as secondary groups.

Note:
In Oracle documentation, this user is referred to as the oracle user.

All installations of Oracle software on the system require a single Oracle Inventory group. After the first installation of Oracle software, you must use the same Oracle Inventory group for all subsequent Oracle software installations on that system. However, you can choose to create different Oracle software owner users, OSDBA groups, and OSOPER groups (other than oracle, dba, and oper) for separate installations. By using different groups for different installations, members of these different groups have DBA privileges only on the associated databases, rather than on all databases on the system.

See Also:

Oracle Database Administrator's Guide for more information about the OSDBA group and the SYSDBA and SYSOPER privileges

Note:

The following topics describe how to create local users and groups. As an alternative to creating local users and groups, you could create the appropriate users and groups in a directory service, for example, Network Information Services (NIS). For information about using directory services, contact your system administrator or see your operating system documentation.

If you prefer to allocate operating system user privileges so that you can use one administrative user and one group for operating system authentication for all administrative privileges, then you can use the oracle user as the installation owner, and use one group as the primary group for any user requiring administrative privileges for Oracle ASM, and Oracle Audit Vault Server administration. This group must also be the Oracle Inventory group. To simplify using the defaults for Oracle tools the group name should be oinstall.

You can also create custom configuration groups and users based on job role separation. A custom configuration is a configuration with groups and users that divide access privileges granted by membership in separate operating system groups and users. You can create a single user (for example, oracle) to own both Oracle Audit Vault Server, and Oracle Grid Infrastructure installations. Alternatively, you can create a separate user (for example, grid) to own the Oracle Grid Infrastructure installation.

Note that all Oracle Audit Vault Server and Oracle Grid Infrastructure for a standalone server installations must be owned by the Oracle software owner user (oracle), and belong to the Oracle Inventory group (oinstall).

Creating Custom Configuration Groups and Users for Job Roles
Creating Database Operating System Groups and Users with Job Role Separation

Note:

In Oracle documentation, a user created to own only Oracle Grid Infrastructure software installations is called the grid user. A user created to own either all Oracle installations, or only Oracle database installations, is called the oracle user.

2.9.1 Creating Custom Configuration Groups and Users for Job Roles

This section provides an overview of how to create users and groups to divide access privileges by job roles. Log in as root to create these groups and users.

Understanding Restrictions for Oracle Installations with Job Role Separation
Database Groups for Job Role Installations
Oracle Grid Infrastructure Groups for Job Role Installations

2.9.1.1 Understanding Restrictions for Oracle Installations with Job Role Separation

Oracle recommends that you create one software owner to own each Oracle software installation (typically, oracle, for the database software and grid for the Oracle Restart owner user). You must create at least one software owner the first time you install Oracle software on the system.

To create separate Oracle software owners, to create separate users, and separate operating system privileges groups for different Oracle software installations, note that each of these users must have the Oracle central inventory group (oraInventory group) as their primary group. Members of this group have write privileges to the Oracle central inventory (oraInventory) directory. In Oracle documentation, this group is represented as oinstall in code examples. See Section 2.9.2.1 about creating the Oracle Inventory Group.

The database software owner (typically, oracle) must also have the OSDBA group of the Oracle Grid Infrastructure home so that database instances can log on to Oracle ASM, and (if you create it) the OSOPER group as secondary groups. In Oracle documentation, the Oracle software owner users are referred to as oracle users.

For Oracle Grid Infrastructure only, the grid user (grid) must be in the OSDBA group of every database home.

See Also:

Oracle Database Administrator's Guide for more information about the OSDBA, OSASM and OSOPER groups, and the SYSDBA, SYSASM and SYSOPER privileges

2.9.1.2 Database Groups for Job Role Installations

Create the following operating system groups if you are installing Oracle Audit Vault Server:

The OSDBA group (typically, dba)

You must create this group the first time you install Oracle software on the system. This group identifies operating system user accounts that have database administrative privileges (the SYSDBA privilege). The name used for this group in Oracle code examples is dba.
The OSOPER group (typically, oper)

This is an optional group. Create this group if you want a separate group of operating system users to have a limited set of database administrative privileges (the SYSOPER privilege). This group cannot directly connect as SYSOPER, unless explicitly granted. However, they will have the privileges granted by the SYSOPER privilege. By default, members of the OSDBA group have all privileges granted by the SYSOPER privilege.

Oracle Universal Installer prompts you to specify the name of this group. The usual name chosen for this group is oper.

2.9.1.3 Oracle Grid Infrastructure Groups for Job Role Installations

Create the following operating system groups if you are installing Oracle Grid Infrastructure:

Note:

You can designate a unique group, separate from database administrator groups, or you can use the same group as the OSASM and OSDBA groups, to grant system privileges to administer both the Oracle ASM instances and Oracle Audit Vault Server instance.

The OSDBA group for Oracle ASM (typically, asmdba)

The OSDBA group for Oracle ASM can be the same group used as the OSDBA group for the database, or you can create a separate OSDBA group for Oracle ASM (typically, asmdba) to provide administrative access to Oracle ASM instances.

The Oracle Grid Infrastructure software owner (typically, grid) must be a member of the OSDBA group. Membership in the OSDBA group enables access to the files managed by Oracle ASM. If you have a separate OSDBA group for Oracle ASM, then the Oracle Restart software owner must be a member of the OSDBA group for each database and the OSDBA group for Oracle ASM.
The OSASM group for Oracle ASM (typically, asmadmin)

SYSASM privileges for Oracle ASM files provide administrator privileges for storage file. In Oracle documentation, the operating system group whose members are granted SYSASM privileges is called the OSASM group, and in command lines, is referred to as asmadmin. Oracle ASM can support multiple databases.

Members of the OSASM group can use SQL to connect to an Oracle ASM instance as SYSASM using operating system authentication. The SYSASM privileges permit mounting and dismounting of disk groups, and other storage administration tasks. SYSASM privileges provide no access privileges on an RDBMS instance.

If you do not designate a separate group as the OSASM group, then the OSDBA group you define is also, by default, the OSASM group.
The OSOPER group for Oracle ASM (typically, asmoper)

This is an optional group. Create this group if you want a separate group of operating system users to have a limited set of Oracle instance administrative privileges (the SYSOPER for ASM privilege), including starting up and stopping the Oracle ASM instance. By default, members of the OSASM group also have all privileges granted by the SYSOPER for ASM privilege.

If you want to have an OSOPER group for Oracle ASM, then the Oracle Grid Infrastructure owner must be a member of this group.

2.9.2 Creating Database Operating System Groups and Users with Job Role Separation

The following sections describe how to create the required operating system user and groups:

Creating the Oracle Inventory Group
Creating the OSDBA Group for Database Installations
Creating an OSOPER Group for Database Installations
Creating the OSASM Group for Oracle Automatic Storage Management
Creating the OSDBA Group for Oracle Automatic Storage Management
Creating the OSOPER Group for Oracle Automatic Storage Management
Creating the Oracle Software Owner User

Note:

If necessary, contact your system administrator before using or modifying an existing user.

Oracle recommends that you do not use the UID and GID defaults on each node because group and user IDs likely will be different on each node. Instead, provide common assigned group and user IDs, and confirm that they are unused on any node before you create or modify groups and users.

2.9.2.1 Creating the Oracle Inventory Group

When you install Oracle software on the system for the first time, Oracle Universal Installer creates the oraInst.loc file. This file identifies the name of the Oracle Inventory group (typically, oinstall) and the path of the Oracle Inventory directory.

You can configure one group to be the access control group for Oracle Inventory, for database administrators (OSDBA), and for all other access control groups used by Oracle software for operating system authentication. However, this group then must be the primary group for all users granted administrative privileges.

Log in as root, and use the following instructions to locate or create the Oracle Inventory group and a software owner:

Determining if the Oracle Inventory Group Exists
Creating the Oracle Inventory Group

Determining if the Oracle Inventory Group Exists

An oraInst.loc file in the /etc or /var/opt/oracle directory has contents similar to the following:

inventory_loc=central_inventory_location
inst_group=group

In the preceding example, central_inventory_location is the location of the Oracle Central Inventory, and group is the name of the group that has permissions to write to the central inventory.

If you have an existing Oracle Inventory, then ensure that you use the same Oracle Inventory for all Oracle software installations, and ensure that all Oracle software users you intend to use for installation have permissions to write to this directory.

To determine if the Oracle Inventory group exist, enter the following command:

# grep oinstall /etc/group

To determine if the oraInst.loc file exists, enter the following command:

# more /etc/oraInst.loc

If the oraInst.loc file exists, then the output from this command is similar to the following:

inventory_loc=/u01/app/oraInventory
inst_group=oinstall

In the previous output example:

The inventory_loc group shows the location of the Oracle Inventory
The inst_group parameter shows the name of the Oracle Inventory group (in this example, oinstall).

Creating the Oracle Inventory Group

If the oraInst.loc file does not exist, then create the Oracle Inventory group by entering the following command:

# /usr/sbin/groupadd oinstall

2.9.2.2 Creating the OSDBA Group for Database Installations

You must create an OSDBA group in the following circumstances:

An OSDBA group does not exist, for example, if this is the first installation of Oracle software on the system
An OSDBA group exists, but you want to give a different group of operating system users database administrative privileges for a new Oracle installation

If the OSDBA group does not exist or if you require a new OSDBA group, then create it as follows. In the following procedure, use the group name dba unless a group with that name already exists:

# /usr/sbin/groupadd -g 502 dba

2.9.2.3 Creating an OSOPER Group for Database Installations

Create an OSOPER group only if you want to identify a group of operating system users with a limited set of database administrative privileges (SYSOPER operator privileges). For most installations, it is sufficient to create only the OSDBA group. If you want to use an OSOPER group, then you must create it in the following circumstances:

If an OSOPER group does not exist; for example, if this is the first installation of Oracle software on the system
If an OSOPER group exists, but you want to give a different group of operating system users database operator privileges in a new Oracle installation

If you require a new OSOPER group (typically, oper), then create it as follows. In the following, use the group name oper unless a group with that name already exists:

# /usr/sbin/groupadd -g 503 oper

2.9.2.4 Creating the OSASM Group for Oracle Automatic Storage Management

If the OSASM group does not exist or if you require a new OSASM group, then create it as follows. In the following procedure, use the group name asmadmin unless a group with that name already exists:

# /usr/sbin/groupadd -g 504 asmadmin

2.9.2.5 Creating the OSDBA Group for Oracle Automatic Storage Management

If you require a new OSDBA group for Oracle ASM, then create it as follows. In the following procedure, use the group name asmdba unless a group with that name already exists:

# /usr/sbin/groupadd -g 506 asmdba

2.9.2.6 Creating the OSOPER Group for Oracle Automatic Storage Management

If you require an OSOPER group, then create it as follows. In the following procedure, use the group name asmoper unless a group with that name already exists:

# /usr/sbin/groupadd -g 505 asmoper

2.9.2.7 Creating the Oracle Software Owner User

You must create an Oracle software owner user in the following circumstances:

If an Oracle software owner user does not exist; for example, if this is the first installation of Oracle software on the system.
If an Oracle software owner user exists, but you want to use a different operating system user, with different group membership, to give database administrative privileges to those groups in a new Oracle Audit Vault Server installation.
If you have created an Oracle software owner for Oracle Grid Infrastructure, such as grid, and you want to create a separate Oracle software owner for Oracle Audit Vault Server software, such as oracle.

2.9.2.7.1 Determining if an Oracle Software Owner User Exists

To determine if an Oracle software owner user named oracle, or grid exists, enter a command similar to the following:

# id oracle
# id grid

If the oracle user exists, then the output from this command is similar to the following:

uid=501(oracle) gid=501(oinstall) groups=502(dba),503(oper)

If the grid user exists, then the output from this command is similar to the following:

uid=8001(oracle) gid=8001(oinstall) groups=8001(oinstall),8002(asmadmin),8003(asmdba),8006(dba)

Determine if you want to use the existing user or create another user. If you want to use the existing user, then ensure that the user's primary group is the Oracle Inventory group (oinstall) and that it is a member of the appropriate OSDBA and OSOPER groups. See the following sections for more information:

Creating an Oracle Software Owner User
Modifying an Existing Oracle Software Owner User

Note:

If necessary, contact your system administrator before using or modifying an existing user.

2.9.2.7.2 Creating an Oracle Software Owner User

If the Oracle software owner user does not exist, or if you require a new Oracle software owner user, such as oracle or grid, then create it as described in this section (in this case to create the oracle user).

In the following procedure, use the user name oracle unless a user with that name already exists:

To create an oracle user, enter a command similar to the following:
```
# /usr/sbin/useradd -u 502 -g oinstall -G dba,asmdba,[oper] oracle
```
In the preceding command:
- The -u option specifies the user ID. Using this command flag is optional because the system can provide you with an automatically generated user ID number. You must note the oracle user ID number because you will need it during preinstallation.
- The -g option specifies the primary group, which must be the Oracle Inventory group, for example oinstall.
- The -G option specifies the secondary groups, which must include the OSDBA group, and, if required, the OSOPER and ASMDBA groups, for example, dba, asmdba, or oper.
Set the password of the oracle user:
```
# passwd oracle
```

2.9.2.7.3 Modifying an Existing Oracle Software Owner User

If the oracle user exists, but its primary group is not oinstall, or it is not a member of the appropriate OSDBA or OSOPER groups, then modify it as follows:

Specify the primary group using the -g option and any required secondary group using the -G option:

# /usr/sbin/usermod -g oinstall -G dba,asmdba[,oper] oracle

2.10 Checking Resource Limits for the Oracle Software Installation Users

For each installation software owner, check the resource limits for installation, using the following recommended ranges:

Table 2-1 Installation Owner Resource Limit Recommended Ranges

Resource Shell Limit	Resource	Soft Limit	Hard Limit
Open file descriptors	nofile	At least 1024	At least 65536
Number of processes available to a single user	nproc	At least 2047	At least 16384
Size of the stack segment of the process	stack	At least 10240 KB	At least 10240 KB, and at most 32768 KB

To check resource limits:

Log in as an installation owner.
Check the soft and hard limits for the file descriptor setting. Ensure that the result is in the recommended range, for example:
```
$ ulimit -Sn
4096
$ ulimit -Hn
65536
```
Check the soft and hard limits for the number of processes available to a user. Ensure that the result is in the recommended range, for example:
```
$ ulimit -Su
2047
$ ulimit -Hu
16384
```
Check the soft limit for the stack setting. Ensure that the result is in the recommended range, for example:
```
$ ulimit -Ss
10240
$ ulimit -Hs
32768
```
Repeat this procedure for each Oracle software installation owner.

If necessary, update the resource limits in the /etc/security/limits.conf configuration file for the installation owner. For example, add the following lines to the /etc/security/limits.conf file:

oracle              soft    nproc   2047
oracle              hard    nproc   16384
oracle              soft    nofile  1024
oracle              hard    nofile  65536
oracle              soft    stack   10240

Note:

The values mentioned in the previous example are illustrative and not actual values that must be added.
When the limits.conf file is changed, these changes take effect immediately. However, if the grid or oracle users are logged in, then these changes will not take effect until you log these users out and log them back in. You must do this before you use these accounts for installation.

See Also:

Section 2.18 about configuring the oracle user's environment

2.11 Configuring Kernel Parameters for Linux

During installation, you can generate and run the Fixup script to check and set the kernel parameter values required for successful installation of the database. This script updates required kernel packages if necessary to minimum values.

If you cannot use the Fixup scripts, then verify that the kernel parameters shown in the following table are set to values greater than or equal to the minimum value shown. The procedure following the table describes how to verify and set the values manually.

IMPORTANT:

The kernel parameter and shell limit values shown in the following section are minimum values only. For production Oracle Audit Vault Server systems, Oracle recommends that you tune these values to optimize the performance of the system. See the operating system documentation for more information about tuning kernel parameters.

Parameter	Minimum Value	File
`semmsl` `semmns` `semopm` `semmni`	250 32000 100 128	`/proc/sys/kernel/sem`
`shmall`	2097152	`/proc/sys/kernel/shmall`
`shmmax`	64-bit Linux Systems: A maximum value of half the size of physical memory (in bytes). Default: 536870912 See My Oracle Support Note 567506.1 for additional information about configuring `shmmax`.	`/proc/sys/kernel/shmmax`
`shmmni`	4096	`/proc/sys/kernel/shmmni`
`file`-`max`	6815744	`/proc/sys/fs/file-max`
`aio-max-nr`	Maximum: 1048576 Note: This value limits concurrent outstanding requests and should be set to avoid I/O subsystem failures.	`/proc/sys/fs/aio-max-nr`
`ip_local_port_range`	Minimum: 9000 Maximum: 65500 See Section 2.6.	`/proc/sys/net/ipv4/ip_local_port_range`
`rmem_default`	262144	`/proc/sys/net/core/rmem_default`
`rmem_max`	4194304	`/proc/sys/net/core/rmem_max`
`wmem_default`	262144	`/proc/sys/net/core/wmem_default`
`wmem_max`	1048576	`/proc/sys/net/core/wmem_max`

Note:

If the current value for any parameter is greater than the value listed in this table, then the Fixup scripts do not change the value of that parameter.

See Also:

Section 2.4 about installation fixup scripts

2.11.1 Displaying and Changing Kernel Parameter Values

Enter the commands shown in the following table to display the current values of the kernel parameters, make a note of these values and identify any values that you must change:

Parameter	Command
`semmsl, semmns, semopm, and semmni`	`# /sbin/sysctl -a \| grep sem` This command displays the value of the semaphore parameters in the order listed.
`shmall, shmmax, and shmmni`	`# /sbin/sysctl -a \| grep shm` This command displays the details of the shared memory segment sizes.
`file`-`max`	`# /sbin/sysctl -a \| grep file-max` This command displays the maximum number of file handles.
i`p_local_port_range`	`# /sbin/sysctl -a \| grep ip_local_port_range` This command displays a range of port numbers.
`rmem_default`	`# /sbin/sysctl -a \| grep rmem_default`
`rmem_max`	`# /sbin/sysctl -a \| grep rmem_max`
`wmem_default`	`# /sbin/sysctl -a \| grep wmem_default`
`wmem_max`	`# /sbin/sysctl -a \| grep wmem_max`
`aio-max-nr`	`# /sbin/sysctl -a \| grep aio-max-nr`

If the value of any kernel parameter is different from the minimum value, then perform the following:

Using any text editor, create or edit the /etc/sysctl.conf file, and add or edit lines similar to the following:

Note:
Include lines only for the kernel parameter values that you want to change. For the semaphore parameters (kernel.sem), you must specify all four values. If any of the current values are larger than the minimum value, then specify the larger value.
```
fs.aio-max-nr = 1048576
fs.file-max = 6815744
kernel.shmall = 2097152
kernel.shmmax = 536870912
kernel.shmmni = 4096
kernel.sem = 250 32000 100 128
net.ipv4.ip_local_port_range = 9000 65500
net.core.rmem_default = 262144
net.core.rmem_max = 4194304
net.core.wmem_default = 262144
net.core.wmem_max = 1048586
```
Note:
The minimum value required for shmmax is 0.5 GB. However, Oracle recommends that you set the value of shmmax to 2.0 GB for optimum performance of the system.

By specifying the values in the /etc/sysctl.conf file, they persist when you restart the system. However, on SUSE Linux Enterprise Server systems, enter the following command to ensure that the system reads the /etc/sysctl.conf file when it restarts:
```
# /sbin/chkconfig boot.sysctl on
```
Enter the following command to change the current values of the kernel parameters:
```
# /sbin/sysctl -p
```
Review the output from this command to verify that the values are correct. If the values are incorrect, edit the /etc/sysctl.conf file, then enter this command again.
Enter the command /sbin/sysctl -a to confirm that the values are set correctly.
On SUSE systems only, enter the following command for the system to read the /etc/sysctl.conf file when it restarts:
```
# /sbin/chkconfig boot.sysctl on
```
On SUSE systems only, you must enter the GID of the oinstall group as the value for the parameter /proc/sys/vm/hugetlb_shm_group. Doing this grants members of oinstall a group permission to create shared memory segments.

For example, where the oinstall group GID is 501:
```
# echo 501 > /proc/sys/vm/hugetlb_shm_group
```
After running this command, use vi to add the following text to /etc/sysctl.conf, and enable the boot.sysctl script to run on system restart:
```
vm.hugetlb_shm_group=501
```
Note:
Only one group can be defined as the vm.hugetlb_shm_group.
After updating the values of kernel parameters in the /etc/sysctl.conf file, either restart the computer, or run the command sysctl -p to make the changes in the /etc/sysctl.conf file available in the active kernel memory.

2.12 Identifying Required Software Directories

You must identify or create the following directories for the Oracle software:

Oracle Base Directory
Oracle Inventory Directory
Oracle Home Directory

Note:

Ensure that the paths you select for Oracle software, such as the Oracle home path and the Oracle base path, use only ASCII characters. Because installation owner names are used by default for some path, this ASCII character restriction applies to user names, file names, and directory names.
Ensure that all paths used by the database software, such as the Oracle home path and the Oracle base path, use characters only from the following set: "#%&'()*+,-./:;<=>?@_A-Za-z0-9. This includes user names, file names, and directory names. At the time of this release, the use of other characters for an Oracle Grid Infrastructure home or Oracle Audit Vault Server home is not supported. The set of characters provided above is further restricted by user and file naming rules of the operating system.

2.12.1 Oracle Base Directory

The Oracle base directory is a top-level directory for Oracle software installations. The Optimal Flexible Architecture (OFA) guidelines recommend that you use a path similar to the following for the Oracle base directory:

/mount_point/app/software_owner

In this example:

mount_point is the mount point directory for the file system that will contain the Oracle software.

The examples in this guide use /u01 for the mount point directory. However, you can choose another mount point directory, such as /oracle or /opt/oracle.
software_owner is the operating system user name of the software owner installing the Oracle software, for example oracle, or grid.

Note:

If you start a database instance using spfile with ORACLE_BASE environment variable set, then its value is automatically stored in spfile. If you unset ORACLE_BASE environment variable subsequently and start the instance afresh, then database uses the value of Oracle base stored in spfile.

You must specify the Oracle base folder that contains all Oracle products.

Note:

If you have an existing Oracle base, then you can select it from the Use existing list. By default, the list contains the existing value for Oracle base preselected. Refer to Section 4.3 and Section 4.5 for further information.

If you do not have an Oracle base, then you can create one by editing the text in the list box.

You can use the same Oracle base directory for more than one installation or you can create separate Oracle base directories for different installations. If different operating system users install Oracle software on the same system, then each user must create a separate Oracle base directory. The following are examples of Oracle base directories that can exist on the same system:

/u01/app/oracle
/u01/app/orauser
/opt/oracle/app/oracle

Refer to Section 2.13.2 for information about creating an Oracle base directory.

2.12.2 Oracle Inventory Directory

The Oracle Inventory directory (oraInventory) stores an inventory of all software installed on the system. It is required and shared by all Oracle software installations on a single system. If you have an existing Oracle Inventory path, then Oracle Universal Installer continues to use that Oracle Inventory.

The first time you install Oracle software on a system, Oracle Universal Installer provides an OFA-compliant path in the format u[01-09]/app, such as /u01/app. The user running the installation has permissions to write to that path. If this is true, then Oracle Universal Installer creates the Oracle Inventory directory in the path /u[01-09]/app/oraInventory. For example:

/u01/app/oraInventory

If you have set ORACLE_BASE for the oracle user during installation, then Oracle Universal Installer creates the Oracle Inventory directory in the path ORACLE_BASE/../oraInventory. For example, if ORACLE_BASE is set to /opt/oracle/11, then the Oracle Inventory directory is created in the path /opt/oracle/oraInventory.

If you have neither created an OFA-compliant path nor set ORACLE_BASE, then the Oracle Inventory directory is placed in the home directory of the user that is performing the installation. For example:

/home/oracle/oraInventory

Oracle Universal Installer creates the directory that you specify and sets the correct owner, group, and permissions for it. You do not need to create it.

Note:

All Oracle software installations rely on this directory. Ensure that you back it up regularly.
Do not delete this directory unless you have completely removed all Oracle software from the system.
By default, the Oracle Inventory directory is not installed under the Oracle Base directory. This is because all Oracle software installations share a common Oracle Inventory, so there is only one Oracle Inventory for all users. Whereas, there is a separate Oracle Base for each user.

2.12.3 Oracle Home Directory

The Oracle home directory is the directory where you choose to install the software for a particular Oracle product. You must install different Oracle products or different releases of the same Oracle product in separate Oracle home directories. When you run Oracle Universal Installer, it prompts you to specify the path to this directory as well as a name that identifies it. The directory that you specify must be a subdirectory of the Oracle base directory. Oracle recommends that you specify a path similar to the following for the Oracle home directory:

oracle_base/product/10.3.0/av_1

Oracle Universal Installer creates the directory path that you specify under the Oracle base directory. It also sets the correct owner, group, and permissions on it. You do not need to create this directory.

Note:

During installation, you must not specify an existing directory that has predefined permissions applied to it as the Oracle home directory. If you do, then you may experience installation failure due to file and group ownership permission errors.

2.13 Identifying or Creating an Oracle Base Directory

Before starting the installation, you must either identify an existing Oracle base directory or if required, create one. This section contains information about the following:

Identifying an Existing Oracle Base Directory
Creating an Oracle Base Directory

Note:

You can choose to create an Oracle base directory, even if other Oracle base directories exist on the system.

2.13.1 Identifying an Existing Oracle Base Directory

Existing Oracle base directories may not have paths that comply with OFA (Optimal Flexible Architecture) guidelines. However, if you identify an existing Oracle Inventory directory or existing Oracle home directories, then you can usually identify the Oracle base directories, as follows:

Identifying an existing Oracle Inventory directory. Refer to Section 2.9.2.1 for more information.

Note:
Oracle recommends that you do not put the oraInventory directory under Oracle base for a new installation. However, if you have an existing installation, then you should follow the steps suggested in this section.
Identifying an existing Oracle home directory

Enter the following command to display the contents of the oratab file:
```
# more /etc/oratab
```
If the oratab file exists, then it contains lines similar to the following:
```
*:/u03/app/oracle/product/11.2.0/dbhome_1:N
*:/opt/orauser/infra_904:N
*:/oracle/9.2.0:N
```
The directory paths specified on each line identify Oracle home directories. Directory paths that end with the user name of the Oracle software owner that you want to use are valid choices for an Oracle base directory. If you intend to use the oracle user to install the software, then you can choose one of the following directories listed in the previous example:
```
/u03/app/oracle
/oracle
```
Note:
If possible, choose a directory path similar to the first one (/u03/app/oracle). This path complies with the OFA guidelines.
Identifying an existing Oracle base directory

After you have located the Oracle home directory, run a similar command to confirm the location of Oracle base:
```
cat /u01/app/oraInventory/ContentsXML/inventory.xml
```

Before deciding to use an existing Oracle base directory for this installation, ensure that it satisfies the following conditions:

It should not be on the same file system as the operating system.

It must have sufficient free disk space, as follows:

Requirement	Free Disk Space
The Oracle base directory will contain only software files.	Up to 4 GB
The Oracle base directory will contain both software and database files (not recommended for production databases).	Up to 6 GB

To determine the free disk space on the file system where the Oracle base directory is located, enter the following command:

# df -h oracle_base_path

To continue:

If an Oracle base directory exists and you want to use it, then refer to Section 2.14.

When you configure the oracle user's environment later in this chapter, set the ORACLE_BASE environment variable to specify the directory you chose.
If an Oracle base directory does not exist on the system or if you want to create an Oracle base directory, then refer to the following section.

2.13.2 Creating an Oracle Base Directory

Before you create an Oracle base directory, you must identify an appropriate file system with sufficient free disk space.

To identify an appropriate file system:

To determine the free disk space on each mounted file system use the following command:
```
# df -h
```
From the display, identify a file system that has appropriate free space.

The file system that you identify can be a local file system, a cluster file system, or an NFS file system on a certified NAS device.
Note the name of the mount point directory for the file system that you identified.

To create the Oracle base directory and specify the correct owner, group, and permissions for it:

Enter commands similar to the following to create the recommended subdirectories in the mount point directory that you identified and set the appropriate owner, group, and permissions on them:

# mkdir -p /mount_point/app/oracle_sw_owner
# chown -R oracle:oinstall /mount_point/app/oracle_sw_owner
# chmod -R 775 /mount_point/app/oracle_sw_owner

For example:

# mkdir -p /u01/app/oracle
# chown -R oracle:oinstall /u01/app/oracle
# chmod -R 775 /u01/app/oracle

When you configure the oracle user's environment (see Section 2.18), set the ORACLE_BASE environment variable to specify the Oracle base directory that you have created.

2.14 Choosing a Storage Option for Oracle Audit Vault Server and Recovery Files

Oracle Audit Vault Server files include data files, control files, redo log files, the server parameter file, and the password file. For all installations, you must choose the storage option that you want to use for Oracle Audit Vault Server files. If you want to enable automated backups during the installation, then you must also choose the storage option that you want to use for recovery files (the fast recovery area). You do not have to use the same storage option for each file type.

Note:

Oracle Audit Vault Server files and recovery files are supported on file systems and Oracle ASM.

Use the following guidelines when choosing the storage options that you want to use for each file type:

You can choose any combination of the supported storage options for each file type.
Determine if you want to use Oracle ASM for Oracle Audit Vault Server files, recovery files, or both. Refer to the section Section 3.6.2.
For more information about these storage options, refer to the Section 1.7.

For information about how to configure disk storage before you start the installation, refer to one of the following sections depending on your choice:

To use a file system for database or recovery file storage, refer to Section 2.15.
To use Oracle ASM for database or recovery file storage, refer to Section 3.6.
To identify disk groups and determine the free disk space that they contain, refer to Section 4.1.1.

2.15 Creating Directories for Oracle Audit Vault Server or Recovery Files

This section contains the following topics:

Guidelines for Placing Oracle Audit Vault Server Files on a File System
Creating Required Directories

2.15.1 Guidelines for Placing Oracle Audit Vault Server Files on a File System

If you choose to place the Oracle Audit Vault Server files on a file system, then use the following guidelines when deciding where to place them:

The default path suggested by Oracle Universal Installer for the database file directory is a subdirectory of the Oracle base directory.
You can choose either a single file system or more than one file system to store the database files:
- If you want to use a single file system, then choose a file system on a physical device that is dedicated to the database.
  
  For best performance and reliability, choose a RAID device or a logical volume on more than one physical device and implement the stripe-and-mirror-everything (SAME) methodology.
- If you want to use more than one file system, then choose file systems on separate physical devices that are dedicated to the database.
  
  This method enables you to distribute physical input-output operations and create separate control files on different devices for increased reliability. It also enables you to fully implement the OFA guidelines. You can choose the Advanced database creation option to implement this method.
If you intend to create a preconfigured database during the installation, then the file system (or file systems) that you choose must have at least 2 GB of free disk space.

For production databases, you must estimate the disk space requirement depending on the use that you want to make of the database.
For optimum performance, the file systems that you choose should be on physical devices that are used only by the database.
The oracle user must have write permissions to create the files in the path that you specify.

2.15.2 Creating Required Directories

Note:

You must perform this procedure only if you want to place the Oracle Audit Vault Server or recovery files on a separate file system to the Oracle base directory.

To create directories for the Oracle Audit Vault Server, or recovery files on separate file systems to the Oracle base directory:

Use the following to determine the free disk space on each mounted file system:
```
# df -h
```

From the display, identify the file systems that you want to use:

File Type	File System Requirements
Oracle Audit Vault Server files	Choose either: A single file system with at least 2 GB of free disk space Two or more file systems with at least 2 GB of free disk space in total
Recovery files	Choose a file system with at least 2.4 GB of free disk space

If you are using the same file system for more than one type of file, then add the disk space requirements for each type to determine the total disk space requirement.

Note the names of the mount point directories for the file systems that you identified.
Enter commands similar to the following to create the recommended subdirectories in each of the mount point directories and set the appropriate owner, group, and permissions on them:
- Database file directory:
```
# mkdir /mount_point/oradata
# chown oracle:oinstall /mount_point/oradata
# chmod 775 /mount_point/oradata
```
  The default location for Database file directory is $ORACLE_BASE/oradata.
- Recovery file directory (fast recovery area):
```
# mkdir /mount_point/recovery_area
# chown oracle:oinstall /mount_point/recovery_area
# chmod 775 /mount_point/recovery_area
```
  The default fast recovery area is $ORACLE_BASE/recovery_area. However, Oracle recommends that you keep the fast recovery area on a separate physical disk than that of the database file directory. This will enable you to use the fast recovery area to retrieve data if the disk containing oradata is unusable due to any reasons.
If you also want to use Oracle ASM for storage, then refer to Section 3.6.

2.16 Configuring Storage for Oracle Audit Vault Server Files Using Block Devices

This section describes how to configure Oracle Audit Vault Server files on block devices. Use the following procedure to create block device partitions:

Use fdisk to create disk partitions on block devices for database files.

If you intend to configure block devices and use Oracle ASM to manage data files, then create one partition for each disk comprising the whole disk, and go through the section Configuring Disks for Oracle ASM with ASMLIB in Oracle Grid Infrastructure Installation Guide .
Create or modify a rules file in /etc/udev/rules.d, to change the permissions of the datafiles from default root ownership.

Ensure that the file you create is appropriate for your distribution. For example, name this file 99-oracle.rules on Asianux, Red Hat Enterprise Linux, Oracle Linux, and SUSE Enterprise Server systems.
Example 2-1 Example of a Rules File With User oracle
```
/etc/udev/rules.d/99-oracle.rules
#
# ASM disks
KERNEL=="sdb[6-9]", OWNER="oracle", GROUP="dba", MODE="0660"
KERNEL=="sdb10", OWNER="oracle", GROUP="dba", MODE="0660"
```
Example 2-2 Example of a Rules File With User grid
```
/etc/udev/rules.d/99-oracle.rules
#
# ASM disks
KERNEL=="sdb[6-9]", OWNER="grid", GROUP="asmadmin", MODE="0660"
KERNEL=="sdb10", OWNER="grid", GROUP="asmadmin", MODE="0660"
```
See Also:
Chapter 2, "Preparing Storage for ASM" in the Oracle Automatic Storage Management Administrator's Guide for information about preparing the storage subsystem before you configure Oracle ASM.

2.17 Configuring Disk Devices for Oracle Audit Vault Server

The O_DIRECT parameter enables direct read and writes to block devices, avoiding kernel overhead. With Oracle Audit Vault Server Release 10.2.3 and later, Oracle Audit Vault Server files are configured by default to use direct input/output.

With the 2. 6 kernel or later for Red Hat Enterprise Linux, Oracle Linux, and SUSE Enterprise Server, you must create a permissions file to maintain permissions on Oracle Audit Vault Server files. If you do not create this permissions file, then permissions on disk devices revert to their default values, root:disk, and Oracle Audit Vault Server fails to start. Use the following steps to set the permissions file number:

On Red Hat Enterprise Linux 4 and Oracle Linux 4, you must create a permissions file number that is lower than 50.
On Asianux Server 3, Red Hat Enterprise Linux 5, Oracle Linux 5, SUSE Enterprise Linux 10, or SUSE Enterprise Linux 11, you must create a permissions file number that is higher than 50.

To configure a permissions file for disk devices, complete the following tasks:

Example of Creating a Udev Permissions File for Oracle Audit Vault Server
Example of Configuring Block Device Storage for Oracle Audit Vault Server

See Also:

Oracle Grid Infrastructure Installation Guide for information about configuring storage for Oracle Audit Vault Server files on shared storage devices.

2.17.1 Example of Creating a Udev Permissions File for Oracle Audit Vault Server

Refer to the examples in Section 2.16 for more information about creating a permissions file.

2.17.2 Example of Configuring Block Device Storage for Oracle Audit Vault Server

The following is the procedure to create partitions for Oracle Audit Vault Server files on block devices:

Log in as root
Enter the fdisk command to format a specific storage disk. For example, /sbin/fdisk /dev/sdb
Create a partition. For instance, make a partition of 280 MB for data files.
Use the command similar to the following to update the kernel partition table for the shared storage device:
```
/sbin/partprobe diskpath
```

The following is an example of how to use fdisk to create one partition on a shared storage block disk device for a data file:

$ sudo sh
Password:
# /sbin/fdisk /dev/sdb
The number of cylinders for this disk is set to 1024.
Command (m for help): n
Command action
  e   extended
  P   primary partition (1-4)
p
Partition number (1-4): 1
First cylinder (1-1024, default 1):
Using default value 1
Last cylinder or +size or +sizeM or +sizeK (1-4462, default 1)
Using default value 1
Last cylinder or +size or +sizeM or +sizeK (1-1024, default 4462): using default value 4462

Command (m for help):w

The partition table has been altered!
Calling ioctl () to re-read partition table.
Synching disks.
# exit
Last login Wed Feb 21 20:23:01 from localnode
$ sudo sh
Password:
# /sbin/partprobe /dev/sdb1

2.18 Configuring the oracle User's Environment

You run Oracle Universal Installer from the oracle account. However, before you start Oracle Universal Installer you must configure the environment of the oracle user. To configure the environment, you must:

Set the default file mode creation mask (umask) to 022 in the shell startup file.
Set the DISPLAY environment variable. (see Section 2.19)

Caution:

Use shell programs supported by your operating system vendor. If you use a shell program that is not supported by your operating system, then you can encounter errors during installation.

To set the oracle user's environment:

Start a new terminal session, for example, an X terminal (xterm).
Enter the following command to ensure that X Window applications can display on this system:
```
$ xhost fully_qualified_remote_host_name
```
For example:
```
$ xhost somehost.us.example.com
```
If you are not already logged in to the system where you want to install the software, then log in to that system as the oracle user.
If you are not logged in as the oracle user, then switch user to oracle:
```
$ su - oracle
```
To determine the default shell for the oracle user, enter the following command:
```
$ echo $SHELL
```
To run the shell startup script, enter one of the following commands:
- Bash shell:
```
$ . ./.bash_profile
```
- Bourne or Korn shell:
```
$ . ./.profile
```
- C shell:
```
% source ./.login
```
If you are not installing the software on the local computer, then run the following command on the remote machine to set the DISPLAY variable:
- Bourne, Bash or Korn shell:
```
$ export DISPLAY=local_host:0.0      
```
- C shell:
```
% setenv DISPLAY local_host:0.0
```
In this example, local_host is the host name or IP address of the local computer that you want to use to display Oracle Universal Installer.

Run the following command on the remote machine to check if the shell and the DISPLAY environmental variable are set correctly:
```
echo $SHELL
echo $DISPLAY
```
Now to enable X applications, run the following commands on the local computer:
```
$ xhost + fully_qualified_remote_host_name
```
To verify that X applications display is set properly, run a X11 based program that comes with the operating system such as xclock:
```
$ xclock
```
In this example, you can find xclock at /usr/X11R6/bin/xclocks. If the DISPLAY variable is set properly, then you can see xclock on your computer screen. If you receive any display errors, refer to the section "X Window Display Errors" the Troubleshooting chapter in Oracle Database Installation Guide for Linux for more information.

See Also:
PC-X Server or operating system vendor documents for further assistance
If you determined that the /tmp directory has less than 1 GB of free disk space, then identify a file system with at least 1 GB of free space and set the TMP and TMPDIR environment variables to specify a temporary directory on this file system:
1. To determine the free disk space on each mounted file system use the following command:
```
# df -h /tmp
```
2. If necessary, enter commands similar to the following to create a temporary directory on the file system that you identified, and set the appropriate permissions on the directory:
```
$ sudo mkdir /mount_point/tmp
$ sudo chmod a+wr /mount_point/tmp
# exit
```
3. Enter commands similar to the following to set the TMP and TMPDIR environment variables:
  - Bourne, Bash, or Korn shell:
```
$ TMP=/mount_point/tmp
$ TMPDIR=/mount_point/tmp
$ export TMP TMPDIR
```
  - C shell:
```
% setenv TMP /mount_point/tmp
% setenv TMPDIR /mount_point/tmp
```
Enter commands similar to the following to set the ORACLE_BASE and ORACLE_SID environment variables:
- Bourne, Bash, or Korn shell:
```
$ ORACLE_BASE=/u01/app/oracle
$ ORACLE_SID=sales
$ export ORACLE_BASE ORACLE_SID
```
- C shell:
```
% setenv ORACLE_BASE /u01/app/oracle
% setenv ORACLE_SID sales
```
In this example, /u01/app/oracle is the Oracle base directory that you created or identified earlier and sales is the name that you want to call the database (typically no more than five characters).
Enter the following commands to ensure that the ORACLE_HOME and TNS_ADMIN environment variables are not set:
- Bourne, Bash, or Korn shell:
```
$ unset ORACLE_HOME
$ unset TNS_ADMIN
```
- C shell:
```
% unsetenv ORACLE_HOME
% unsetenv TNS_ADMIN
```
Note:
If the ORACLE_HOME environment variable is set, then Oracle Universal Installer uses the value that it specifies as the default path for the Oracle home directory. However, if you set the ORACLE_BASE environment variable, then Oracle recommends that you unset the ORACLE_HOME environment variable and choose the default path suggested by Oracle Universal Installer.

See Also:

Section 3.1.3 about configuring the user's environment

2.19 Setting the DISPLAY Environment Variable

Before you begin the Audit Vault Server installation, you should check to see that the DISPLAY environment variable is set to a proper value. For example, for the Bourne, Bash, or Korn shell, you would enter the following commands, where myhost.us.example.com is your host name:

$ export DISPLAY = myhost.us.example.com:1.0

For example, for the C shell, you would enter the following command, where myhost.us.example.com is your host name:

% setenv DISPLAY myhost.us.example.com:1.0

2.20 Setting the Correct Locale

Ensure that the NLS_LANG environment variable is not set.

For example, for C shell:

unsetenv NLS_LANG

For example, for Bourne, Bash, or Korn shells:

unset NLS_LANG