|Oracle Internet File System Installation Guide
Release 9.0.1 for Sun SPARC Solaris
Part Number A80901-06
This chapter describes post-installation procedures for Oracle 9iFS. Topics include:
A number of configuration tasks must be performed after the Oracle 9iFS Configuration Assistant has successfully completed. These include manual procedures as well as tasks involving entities outside of the Oracle 9iFS administrative tools.
If you want to use the Oracle 9iFS e-mail servers, run the ifsemailsetup script, as the root user, from $ORACLE_HOME/9ifs/bin.
This should only be run if you want to receive mail on Oracle 9iFS using the public domain sendmail. If you don't want to receive mail into the users' inboxes, or if you are using a Sendmail Inc., sendmail, do not run this script. Running the ifsemailsetup script will replace your sendmail (if you are using the Solaris sendmail) and your sendmail configuration file.
Because the Oracle 9iFS Configuration Assistant makes changes to the configuration settings for the Domain Controller and the node, you must restart the Intelligent Agent (IA). You need to define ORACLE_SID in the environment when you start or restart IAs. See "Task 5: Set Database Parameters" in Chapter 2, "Pre-installation" for more information.
As the user who installed the Oracle database, typically 'oracle', enter these commands:
Because the Oracle 9iFS Configuration Assistant makes changes to the configuration settings for the Domain Controller and the node, you must rediscover the host where your Domain Controller and node reside in the Oracle9i Enterprise Manager Console. Refer to the Oracle 9iFS Setup and Administration Guide.
Because the Oracle 9iFS Configuration Assistant makes changes to the HTTP node, you must restart the Oracle HTTP Server located in $ORACLE_HOME/Apache/Apache/bin. To do so:
Optionally, if you want to monitor Oracle 9iFS from this machine, you can run the
ifsomssetup will ask you for three values:
ifsomssetup, restart Oracle Management Server. See "Start Oracle Management Server".
Re-populate the Oracle Text index for all existing documents in the Oracle 9iFS schema that was upgraded. To do this, log on to SQL*Plus as the Oracle 9iFS schema user (the database user that owns the schema, the default is IFSSYS), and type the following:
exec ctx_output.start_log('ifsidx.log') update odmz_context_router set contentprocedure = contentprocedure; commit; exec ctx_ddl.sync_index('ifs_text'); exec ctx_output.end_log
This process can take several hours or longer, depending on the number of documents in the Oracle 9iFS schema. If this step is not performed, the Oracle 9iFS servers will still run, but you will not be able to search on the content of any documents. Monitor the file ifsidx.log located in the
$ORACLE_HOME/ctx directory for any problems during the re-indexing.
In Oracle 9iFS, a new Oracle Text index replaces the old Oracle Text index. The new index uses the USER_DATASTORE feature to use multiple content stores with only one Text index. The name of the Text index, IFS_TEXT, is no longer derived from internal content store objects.
If you are upgrading from Oracle iFS 1.0 or 1.1, you need to update any scripts, such as DMBS_JOB procedures, with the new name. For 1.0, the index was named INDEXEDBLOB_I. For 1.1, the index was named GLOBALINDEXEDBLOB_I.
See Appendix E in the Oracle 9iFS Setup and Administration Guide for additional information.
To start Oracle 9iFS, start the Oracle Management Server and then the domain.
As the user who installed the Oracle database, typically 'oracle', perform these steps:
You will be asked to change the password for OMS administrator sysman. The initial password for sysman is oem_temp.
The domain and nodes, if selected, are stopped.
You can also start and stop domains and nodes from the Commandline.
On the machine where you want to run the Domain Controller:
Please refer to Chapter 2, "Administering an Oracle 9iFS Domain" in the Oracle 9iFS Setup and Administration Guide.
Run the ifsstopdomain script located in $ORACLE_HOME/9ifs/bin. You should run this as the same user who ran
The Oracle HTTP Server for Oracle9i is powered by Apache coupled with Jserv. Servlets that run under this infrastructure can run either in the default Jserv process that is launched by the web server or in a separate, distinct Jserv process listening on another port. In either case, servlets need to be configured appropriately.
This is the default configuration when you install Oracle 9iFS. The configuration files in use are
ifsprops.properties. The files are in
The process for starting and stopping the Oracle 9iFS Jserv process is distinct from that of starting and stopping the Apache server.
Use the script
ifsJservctl present in the
Also starts Apache if it is not running.
Does not stop Apache if it is running.
To use this configuration, the user needs to modify the following files which are in
You need to uncomment this line (remove the "#"):
Then you need to comment out the line (add a "#"):
The file contains instructions above each of the lines.
Go to the iFS section in the file and comment out all the wrapper declarations and the zone declarations in this section only. The section is very clearly marked in the file.
Stop the Oracle 9iFS Jserv process, if running, and restart Apache. The iFS Servlets are enabled by just starting and stopping Apache using the
To stop Apache, execute
apachectl stop, located under
<oracle_home>/Apache/Apache/bin/. To start Apache, execute
The Oracle 9iFS portlet is a Portal component that provides a summary of information about the user's Oracle 9iFS data. On the portlet, users can see their quota, initiate a search, list documents or folders, and upload documents. The portlet links to the Oracle 9iFS Web interface. There are several setup and configuration steps for the administrator to perform before users can add the portlet to their Oracle Portal.
Oracle Portal administrators can add the Oracle 9iFS portlet to their own installation of Oracle Portal, by registering it as a Web Provider on the portal:
9iFS portlet timedout
Register on Remote Node
Provider Login Frequency
Once per User Session
Web provider in the same cookie domain as the portal
For more instructions on adding the portlet to a portal page see the Oracle Portal documentation.
The Oracle 9iFS portlet provider is available at the following URL:
The hostname is the name of the machine you have installed Oracle 9iFS on. The port is the port of the Apache listener.
You can edit the following default parameters of the portlet using Oracle 9iFS Manager. For details on changing these parameters, see the Oracle Internet File System Setup and Administration Guide.
The Oracle 9iFS Network File System protocol (NFS) server can be configured either as the primary NFS server or as a secondary NFS server. On Unix systems, the standard Unix NFS server will normally be the primary NFS server and the Oracle 9iFS NFS server will be configured as a secondary NFS server. The Oracle 9iFS NFS server can be configured as the primary NFS server provided that the standard Unix NFS server is shut down. Windows NT systems do not have an existing NFS server, so the Oracle 9iFS NFS server is normally configured as the primary NFS server on Windows NT.
The primary NFS server runs on the standard NFS port (port 2049). The primary NFS and Mount servers are also registered with the Portmap server, which allows clients to locate the port numbers for the primary NFS and Mount servers. A secondary NFS server can run on any other port which is not in use. The secondary Mount server may also run on any port which is not in use. The secondary NFS and Mount servers are not registered with the Portmap server since doing so would overwrite the registrations of the primary NFS and Mount servers. Because the secondary NFS and Mount servers are not registered with Portmap, clients must explicitly specify the port number when mounting from the secondary NFS server.
The Oracle 9iFS NFS server uses the system authentication method. The system authentication method allows the user to log in once to the Unix system and access Oracle 9iFS through the NFS server without having to log in again to Oracle 9iFS. The user logs in to Unix using his/her Unix username and password. Using system authentication, it is not necessary for the user to specify his/her Oracle 9iFS password when accessing Oracle 9iFS through the NFS server once he or she has logged into Unix. Access to Oracle 9iFS is granted because the user has already been authenticated when he/she logged on to Unix. The Unix password and Oracle 9iFS password may be different, they do not have to be the same.
The system authentication method uses the user id number (UID) assigned to each Unix user account to identify the user. This assumes that the server machine and the client machines all share a common set of user account definitions. This will generally be true in a network environment where the machines are administered by a central administrator. In this environment, all the machines will share the same set of user accounts and the UIDs for the user accounts will be the same on every machine.
Using the system authentication method, the Oracle 9iFS NFS server receives the UID of the user on each request that it receives from a client. The Oracle 9iFS NFS server maps this UID to an Oracle 9iFS username and then uses this username to access Oracle 9iFS. Normally, the UID will map to an Oracle 9iFS username which is the same as the Unix username; however, it is possible to map the UID to an Oracle 9iFS username which is different from the Unix username. If the Oracle 9iFS NFS server is unable to map the UID to an Oracle 9iFS username, access is given to Oracle 9iFS using the anonymous user, guest.
The Oracle 9iFS NFS server uses a file to define the mapping from the Unix UIDs to the Oracle 9iFS usernames. This file is stored within the Oracle 9iFS repository and is named /ifs/nfs/config/UidToName. This file can be viewed or modified through any of the Oracle 9iFS protocols by a user with administrative privileges. The format of this file is similar to the standard Unix password file, /etc/passwd, which contains Unix usernames and UIDs.
After the initial installation, the /ifs/nfs/config/UidToName file will contain a default mapping which maps all Unix UIDs to the iFS guest user. Because admin privileges are required to update the UidToName file, the initial update of the file after installation must be done by an admin user through a different protocol, such as FTP, SMB, etc.
If the Oracle 9iFS usernames are the same as the Unix usernames, the Unix password file, /etc/passwd, can be copied to /ifs/nfs/config/UidToName. This will cause the Oracle 9iFS NFS server to map the UIDs to an Oracle 9iFS username which is the same as the Unix username. After copying /etc/passwd to /ifs/nfs/config/UidToName, the /ifs/nfs/config/UidToName file should be edited to change the Unix root user (UID 0) to the Oracle 9iFS account you want to use for root access to Oracle 9iFS. For security reasons, the root user should be mapped to the iFS guest account
If the Oracle 9iFS usernames are not the same as the Unix usernames, then it is necessary to edit the /ifs/nfs/config/UidToName file and create entries for mapping the Unix UIDs to Oracle 9iFS usernames. This file has the same format as the Unix password file, where each line consists of fields separated by colons. The Oracle 9iFS NFS server only reads the first three fields of the line which are
The password field is ignored and only the username and uid fields are used to create a mapping from the UID to the Oracle 9iFS username. For example, the following entries would map the Unix UID 1123 to the Oracle 9iFS user scott and the Unix UID 1124 to the Oracle 9iFS user guest.
The system authentication method depends upon the server machine and the client machines having the same user accounts and the same UIDs. The system authentication method also depends upon being able to trust the client machines and that root access to the client machines is secure. If root access to the client machines is not secure, it would be easy for someone on a client machine to create a user with the same UID as a different user on the server machine and then access NFS on the server machine as that user.
For this reason, you may decide to deny access through the Oracle 9iFS NFS server to Oracle 9iFS accounts which contain sensitive data. This can be done by changing the UID mapping in the /ifs/nfs/config/UidToName file to map the UID to a different Oracle 9iFS username, such as guest.
The NFS protocol specifications do not provide any explicit support for the use of non-ascii characters in filenames. By convention, NFS clients will transmit strings, such as filenames, to the NSF server in the default character encoding of the client. The server must use the same character encoding when reading these strings for these strings to be interpreted correctly.
The Oracle 9iFS NFS server has a parameter which specifies the character encoding to be used when interpreting strings which it receives from the clients. To set this parameter, use the Oracle 9iFS Manager to edit the NFS server configuration (NfsServerConfiguration) and add the following parameter name with a value type of String.
The value of this parameter should be set to a Java character encoding name, such as ISO8859_1 or CP437. This will be the character encoding used by the Oracle 9iFS NFS server to interpret strings received from the clients.
Hummingbird NFS Maestro clients require services in addition to those provided by the Oracle 9iFS NFS server. These services include
Hummingbird supplies a daemon program called hclnfsd which supplies these services. The hclnfsd program is supplied by Hummingbird in source code format which can be compiled for different Unix platforms. Refer to the Hummingbird NFS Maestro documentation for information on compiling and running the hclnfsd program.
The hclnfsd daemon must be running on at least one Unix machine in order to provide an authentication service to the NFS Maestro clients. If the hclnfsd daemon will be running on a machine which is different than the iFS NFS server machine, the NFS Maestro clients should configure the default authentication server to the machine running the hclnfsd daemon.
The hclnfsd daemon also provides a lock server which supports DOS style locking for the NFS Maestro clients. In order to provide support of DOS style locking, the hclnfsd daemon must be running on the same machine as the iFS NFS server. If there are multiple iFS NFS server machines, then the hclnfsd daemon should be started on each of these machines.
If the hclnfsd daemon is not running on an Oracle 9iFS NFS server machine, then DOS style locking will not be available to NFS Maestro clients linking to that server. Without DOS style locking, Oracle 9iFS will still prevent two users from simultaneously updating a file. However, if the hclnfsd daemon is not available and the NFS Maestro client tries to use DOS style locking there may be a considerable delay and the NFS Maestro client may appear to hang. If the hclnfsd daemon is not available, the NFS Maestro client should disable DOS style locking by unchecking the DOS style sharing box or specifying the '/L:' option on the command line.
The hclnfsd daemon is a Unix based program. If the Oracle 9iFS NFS server is running on a Windows NT system, then there must be at least one Unix system on the network on which to run the hclnfsd daemon as an authentication server. Since it is not possible to run the hclnfsd daemon on the Windows NT system running the Oracle 9iFS NFS server, DOS style locking will not be available for the Oracle 9iFS NFS server running on Windows NT. NFS Maestro clients linking to an Oracle 9iFS NFS server running on Windows NT should disable DOS style sharing.
The Oracle 9iFS NFS server has the following limitations.
The Oracle 9iFS NFS server does not allow access to the checked out version of a versioned document because this would violate the algorithm for the NFS client caching of files. NFS provides for caching of files on the client in order to improve performance. The client caching algorithm assumes that the contents of a file are the same for all users and that it can return the cached contents of a file to any user requesting that file. Allowing access to the checked out version of a document would violate this rule because the user who has the document checked out would see different contents from other users.
A versioned document cannot be deleted, moved or renamed. This is to prevent programs such as MS Office from deleting previous versions of a versioned document. Programs such as MS Office save files by first saving the data to a temporary file, deleting the original file and then renaming the temporary file to the original name. In the case of versioned documents, this would result in the loss of previous versions.
Programs that try to lock a file from the Oracle 9iFS NFS server will see an error returned by the Unix lock manager. Programs that require the Unix lock manager will not work with the Oracle 9iFS NFS server.
Unix style links are not compatible with Oracle 9iFS. Oracle 9iFS links may be used instead.
The Oracle 9iFS Command-line Utilities may be used to change the owner and access control list for a file.
Oracle 9iFS ships with JRE 1.2.2_05a and is configured to use this JRE by default. Oracle 9iFS is also certified with JDK 1.2.2_05a and JRE 1.3.0. If you would like to configure Oracle 9iFS servers using JRE 1.3.0, do the following:
ifsenv.sh file, located under
For example, replace:
<JRE_PATH> points to the location of JRE 1.3.0.
ifsprops.propertiesfile located under
For example, replace:
jserv.properties, located under
For example, replace:
wrapper.bin = $ORACLE_HOME/Apache/jdk/bin/java
wrapper.bin = <JRE_PATH>/bin/java