4
Post-Installation

After completing the Oracle Universal Installer session, you must perform certain post-installation steps and configure Oracle8i. This chapter describes the required steps, as well as some optional ones.

• User Passwords

• Configuration Tasks to Perform as the root User

• Configuration Tasks to Perform as the oracle User

• Post-Installation for Oracle Internet Directory

• Reviewing Installed Starter Database Contents

• Deinstalling Oracle Internet Directory

  Note: This chapter describes basic configuration only. The more sophisticated configuration and tuning typically required for production systems is described in the Oracle8i Administrator's Reference for your platform and in product administration and tuning guides.

User Passwords

Oracle Corporation recommends that you change the password for user names immediately after installation.

To change a password:

1. Start SQL*Plus:

   $ sqlplus
   

2. Connect with the user name and password that you want to change:

   Enter user-name: username/password
   

3. Change the password:

   SQL> ALTER USER USERNAME IDENTIFIED BY PASSWORD;
   

   See Also: Oracle Enterprise Manager Administrator's Guide for information on using Oracle Security Manager or Oracle DBA Studio to change the password

Configuration Tasks to Perform as the root User

Log in as the root user and perform the following tasks:

• Create Additional UNIX Accounts

• Verify Database File Security

• Automate Database Startup and Shutdown (Optional)

Create Additional UNIX Accounts

If necessary, create additional UNIX accounts with a system administration utility such as admintool or useradd. Each DBA user on the system must be a member of the OSDBA group.

Verify Database File Security

If you configure Oracle Internet Directory in a way similar to a United States NCSC C2 or European ITSEC E3 security evaluation configuration, verify database file security to ensure the integrity of the Oracle software installation. This task is optional if security is not an issue.

Many files require protection to prevent unauthorized access to secure data. The file privileges and recommended ownership are as follows:

• The oracle account should have read, write, and execute privileges for all files and directories in an Oracle installation.

• The oinstall group should have read, write, and execute privileges on the oraInventory directory, but should not have write permissions on anything else.

• No user outside the oracle account or the oinstall group should have write access on any files or directories in an Oracle installation.

Table 4-1 summarizes the directory and file permissions for different types of files.

Note: These permissions are the default values and should not be changed.

Table 4-1 Access Permissions on Oracle Directories and Files

Directories/Files	Permissions	Comments
All database, redo log, and control files (extensions for these files are typically.dbf,.log, and.ctl)	640 rw-r----	To maintain discretionary access to data, all databases, redo logs, and control files must be readable only by the oracle account and oinstall group.
$ORACLE_HOME/bin/	751 rwxr-x--x	Must be writable by the oracle software owner, and executable by all users.
The oracle executable, and the following network executables: $ORACLE_HOME/bin/oracle and $ORACLE_HOME/bin/dbsnmp	6751 rws-r-s--x	The 6 sets the setuid bit and the setgid bit so the executables run as the oracle user and DBA group, regardless of who executes them.
All other executables.	751 rwxr-x--x	Must be writable by the oracle account and executable by all users.
$ORACLE_HOME/lib/	755 rwxr-xr-x	The directory is readable, writable, and executable by the owner, readable and executable by all other users.
All files under $ORACLE_HOME/ lib/	644 rw-r--r--	The files are readable and writable by the owner, read-only for all other users.
$ORACLE_HOME/rdbms/log	751 rwxr-x--x	Restricts access to files in the directory to the oracle account and oinstall group.
Product subdirectories such as $ORACLE_HOME/sqlplus or $ORACLE_HOME/rdbms	751 rwxr-x--x	Restricts access to log files to the oracle account and oinstall group.
Files in $ORACLE_HOME/ sqlplus or $ORACLE_HOME/ rdbms	644 rw-r--r--	The files are readable and writable by the owner, read-only for all other users.
$ORACLE_HOME/ network/trace	777 rwxrwxrwx or 730 rwx-wx---	777 allows broad access to view and create trace files during development. Use 730 in a production environment to ensure that only the oracle account and members of the oinstall group have access to trace files.
All files under product admin directories, like $ORACLE_HOME/rdbms\ /admin and $ORACLE_HOME/sqlplus/\ admin	644 -rw-r--r--	SQL scripts should typically be run as the SYS user.

Automate Database Startup and Shutdown (Optional)

You can configure your system to automatically start Oracle databases when your system starts up and to shut down Oracle databases when your system shuts down. Automating database startup is optional, but automatic shutdown is recommended because it guards against improper shutdown of the database.

The dbstart and dbshut scripts are located in the $ORACLE_HOME/bin directory and can be used to automate database startup and shutdown.

The dbstart and dbshut scripts reference the same entries in the oratab file, so the scripts must apply to the same set of databases. For example, you cannot have dbstart automatically start up databases sid1, sid2, and sid3, and dbshut shut down only databases sid1 and sid2. You can, however, specify that dbshut shut down a set of databases while dbstart is not used at all. To do this, include the dbshut entry in the shutdown file but omit the dbstart entry from the system startup files.

See Also: For a description of system startup and shutdown procedures, check the init command in your system documentation.

This process must be completed for every new database that you want to configure for automated startup and shutdown. Perform the following tasks to set up the dbstart and dbshut scripts so that they are called at system startup:

1. Edit the /var/opt/oracle/oratab file.

   Database entries in the oratab file appear in the following format:

   ORACLE_SID:ORACLE_HOME:{Y|N}
   
   

   where Y or N specifies whether you want the dbstart and dbshut scripts to start up and shut down the database. Find the entries for all the databases that you want to start up. They are identified by the sid in the first field. Change the last field for each to Y.

2. Create a file named dbora in the /etc/init.d directory (if it does not already exist).

3. Create entries similar to the following at the end of the dbora file (if they do not already exist). Make sure that you give the full path of the dbstart utility.

   #!/bin/sh
   # Set ORA_HOME to be equivalent to the ORACLE_HOME 
   
   # from which you wish to execute dbstart and
   
   # dbshut
   
   # set ORA_OWNER to the user id of the owner of the 
   
   # Oracle database in ORA_HOME
   
   ORA_HOME=/u01/app/oracle/product/8.1.7
   
   ORA_OWNER=oracle
   
   if [! -f $ORA_HOME/bin/dbstart]
   
   then
   
   echo "Oracle startup: cannot start"
   
   exit
   
   fi
   
   case "$1" in
   
   'start')
   
   
   # Start the Oracle databases:
   # The following command assumes that the oracle login will not prompt the
   
   # user for any values
   
   
   su - $ORA_OWNER -c $ORA_HOME/bin/dbstart &
   
   ;;
   
   'stop')
   
   
   # Stop the Oracle databases:
   # The following command assumes that the oracle login will not prompt the
   
   # user for any values
   
   
   su - $ORA_OWNER -c $ORA_HOME/bin/dbshut &
   
   ;;
   
   esac
   
   

4. Link dbora by entering:

   # ln -s /etc/init.d/dbora /etc/rc0.d/K10dbora
   # ln -s /etc/init.d/dbora /etc/rc2.d/S99dbora
   

Configuration Tasks to Perform as the oracle User

Perform the following tasks as the oracle user:

• Update UNIX Account Startup Files

• Configuration Environment Variables

• Set Initialization Parameters

Update UNIX Account Startup Files

Update the startup files of the oracle account and the UNIX accounts of Oracle users.

Configuration Environment Variables

Set the following environment variables in the .profile or .login file of the oracle account before using Oracle8i products. Table 4-2, "Environment Variable Settings" shows the recommended settings. The settings that you use here should correspond to the settings you used during installation as described in "Task 2: Set Environment Variables". The syntax for setting environment variables is as follows.

For the Bourne or Korn shell:

variable_name=value; export variable_name

For the C shell:

setenv variable_name value 

Note: You should not define environment variables with names that are identical to those used for Oracle processes, for example: CKPT, PMON, and DBWR.

Table 4-2 Environment Variable Settings

Environment Variable	Recommended Setting
LD_LIBRARY_PATH	Set it to include $ORACLE_HOME/lib.
ORACLE_BASE	software_mount_point/app/oracle
ORACLE_HOME	$ORACLE_BASE/product/8.1.7
ORACLE_SID	If you do not remember the value you entered when you were prompted by the Oracle Universal Installer, you can find it listed in the Installer log file located in oraInventory_location/logs/installActions.log The oraInventory_location is defined in /var/opt/oracle/oraInst.loc
PATH	Make sure the new $ORACLE_HOME/bin directory is included in the PATH setting. See Chapter 2, "Pre-Installation" for other PATH requirements.
CLASSPATH	CLASSPATH must include the following: JRE_Location/lib, $ORACLE_HOME/JRE/lib/rt.jar: $ORACLE_HOME/jlib/<product jar file>:$ORACLE_HOME/product/jlib/<product jar file> Note: JRE_Location is defined as $ORACLE_HOME/JRE
TNS_ADMIN	Set it to the location of the Net8 configuration files. This variable only needs to be set if Net8 configuration files are not located in one of the default locations.
TWO_TASK	Set TWO_TASK to the Net8 connect string alias defined in tnsnames.ora which client software will use by default to connect to a server.

LD_LIBRARY_PATH

Required when using Oracle products that use shared libraries. Set
LD_LIBRARY_PATH to include $ORACLE_HOME/lib.

ORACLE_BASE

Specifies the directory at the top of the Oracle software and administrative file structure. The OFA-recommended value is:

software_mount_point/app/oracle.

For example:

/u01/app/oracle

ORACLE_HOME

Specifies the directory containing the Oracle software for a given release. The Optimal Flexible Architecture recommended value is:

$ORACLE_BASE/product/release.

For example:

/u01/app/oracle/product/8.1.7.

ORACLE_SID

Specifies the Oracle System Identifier (SID) which is the name of the Oracle Server instance. Because the sid is incorporated into many file names, Oracle Corporation recommends restricting it to no more than four characters to avoid filename problems on different operating systems.

PATH

After installation of Oracle software, the search path should include all of the following:

• $ORACLE_HOME/bin, /bin, /usr/bin, and /usr/ccs/bin

• the local bin directory specified when you ran the root.sh script, usually /usr/local/bin

  Note: If you require /usr/ucb in your search path, make sure it comes after /usr/ccs/bin in the search order.

CLASSPATH

The CLASSPATH variable is used for Java functionality. CLASSPATH is different for various products. Refer to your product documentation for more information. In addition to any pre-existing settings, CLASSPATH must include the following JRE location(s):

$ORACLE_HOME/JRE/lib:$ORACLE_HOME/jlib:$ORACLE_HOME/product/jlib

The variable product indicates any product directory in the ORACLE_HOME, such as rdbms or network, where a JRE or file required for Java functionality are located.

TNS_ADMIN

To place the Net8 configuration files in a location other than the default locations (/var/opt/oracle or $ORACLE_HOME/network/admin), set the
TNS_ADMIN environment variable to the directory where Net8 configuration files are located. For example, if tnsnames.ora resides in the /tns directory, set
TNS_ADMIN to /tns.

Oracle products will look for the tnsnames.ora file in the following order:

1. .tnsnames.ora file in the current user's home directory (Note the dot before the file name).

2. $TNS_ADMIN/tnsnames.ora

3. /var/opt/oracle/

4. $ORACLE_HOME/network/admin/

Check that a tnsnames.ora file exists in one of these locations; otherwise, you may be unable to connect to a database through Net8 using local naming.

TWO_TASK

If you have a Client/Server configuration, you can set TWO_TASK to the net service name of the database where client software will connect by default. When TWO_TASK is set, you do not have to specify the net service name of the database to connect to it with Oracle client software. See the Net8 Administrator's Guide and the Oracle8i Administrator's Reference for your platform for more information about net service names.

Initialize the oraenv Script

You have the option of using the oraenv script to set a common environment for oracle users. Follow the instructions below for a single-instance or multiple-instance configuration for the oraenv script.

Note: The C shell uses the coraenv command instead of the oraenv command.

Single-Instance Machine

On a single-instance machine, set the environment variable ORACLE_SID in the .profile or .login file of the oracle account followed by these commands to initialize the oraenv file at login.

For the Bourne or Korn shell:

ORAENV_ASK=NO

. /usr/local/bin/oraenv

For the C shell:

set ORAENV_ASK = NO

source /usr/local/bin/coraenv

unset ORAENV_ASK

Multiple-Instance Machine

On a multiple-instance machine, include a list of instance names and the commands necessary to initialize the oraenv file at the end of the startup file of the oracle  account.

For the Bourne or Korn shell:

#!/usr/bin/sh
echo "The SIDs on this machine are:"
cat /var/opt/oracle/oratab | awk -F: '{print $1}' | grep -v "#"
ORAENV_ASK="YES"
. /usr/local/bin/oraenv

For the C shell:

#!/usr/bin/csh
echo "The SIDs on this machine are:"
cat /var/opt/oracle/oratab | awk -F: '{print $1}' | grep -v "#"
set ORAENV_ASK="YES"
source /usr/local/bin/coraenv

Update Other Oracle User Startup Files

To create the same environment for all oracle accounts, update each user startup file to include the following line at the end of the startup file:

• for .profile files used by the Bourne or Korn shells:

  . /usr/local/bin/oraenv 
  
  

  for .login files used by the C shell:

  source /usr/local/bin/coraenv
  
  

• Settings for the ORACLE_BASE, ORACLE_HOME, and PATH environment variables as described in "Configuration Environment Variables".

Update the oratab File

If you have created a database manually instead of using Oracle Database Configuration Assistant, you must ensure the system configuration is reflected in the /var/opt/oracle/oratab file.

Add an entry for each Server instance on the system in the following format:

ORACLE_SID:ORACLE_HOME:{Y|N}

where Y or N indicates whether you want to activate the dbstart and dbshut scripts. Oracle Database Configuration Assistant automatically adds an entry for each database it creates.

Set Initialization Parameters

You can change initialization parameters to configure and tune your system for optimal performance. The default initsid.ora file shipped with the distribution is located in the $ORACLE_BASE/admin/sid/pfile directory. A template init.ora file is also in $ORACLE_HOME/dbs. The file contains settings for small, medium, and large databases, with the settings for medium and large databases commented out. The size settings are relative to each other, but do not represent an empirical size of the database.

Modify initsid.ora Parameters

When you create a typical startup database using Oracle Database Configuration Assistant, your initsid.ora parameters are automatically set. You can manually modify the initialization parameters in the initsid.ora with a UNIX text editor. Activate the modified initsid.ora file by shutting down and restarting the database.

Do not use symbolic character representations such as question marks (?) for ORACLE_HOME in parameter files, as they might lead to startup errors.

To bring rollback segments online automatically with database startup, you must uncomment the rollback_segments in the initsid.ora file.

For example, change:

#rollback_segments = (r0, r1, r2, r3)

to:

rollback_segments = (r0, r1, r2, r3)

See Also: Oracle8i Administer's Reference for your platform for information on initsid.ora parameters and on tuning and configuring initialization parameters.

Post-Installation for Oracle Internet Directory

Carry out the following task after installation:

Run cryptupgrd.sh immediately after installation. The script can be found in $ORACLE_HOME/ldap/bin.

See Also: The chapter on preliminary tasks in Oracle Internet Directory Administrator's Guide for more information.

Reviewing Installed Starter Database Contents

Database Identification

The Oracle8i database is identified by its global database name, which consists of the database name and network domain in which the database is located. The global database name uniquely distinguishes a database from any other database in the same network domain. You create a global database name when prompted in the Database Identification window during Oracle8i database installation. The global database name takes the form:

database_name.database_domain

For example:

sales.us.acme.com 

Where...	Is...
sales	The name you give your database. The database name portion is a string of no more than 8 characters that can contain alpha, numeric, and additional characters. The database name is also assigned to the DB_NAME parameter in the init.ora file.
us.acme.com	The network domain in which the database is located, making the global database name unique. The domain portion is a string of no more than 128 characters that can contain alpha, numeric, period (.), and additional characters. The domain name is also assigned to the DB_DOMAIN parameter in the init.ora file.

The DB_NAME parameter (value sales) and DB_DOMAIN name parameter (value us.acme.com) combine to create the global database name value assigned to the SERVICE_NAMES parameter (value sales.us.acme.com) in the init.ora file.

The System Identifier (SID) identifies a specific Oracle8i instance that references the database. The SID uniquely distinguishes a database from any other database on the same computer. Multiple Oracle homes enable you to have multiple, active Oracle databases on a single computer. Each database requires a unique SID and database name.

The SID name is taken from the value you entered for the database name in the Database Identification window. The SID can be up to 64 alphanumeric characters in length.

For example, if the SID and database name for an Oracle database are ORCL, each database file is located in the $ORACLE_BASE/oradata/ORCL directory and the initialization parameter file is located in the $ORACLE_BASE/admin/ORCL/pfile directory. The directory ORCL is named after the DB_NAME parameter value.

Tablespaces and Datafiles

An Oracle8i database is divided into smaller logical areas of space known as tablespaces. Each tablespace corresponds to one or more physical datafiles. Datafiles contain the contents of logical database structures such as tables and indexes. A datafile can be associated with only one tablespace and database.

Note: Unless you specified different names with Oracle Database Configuration Assistant, the tablespaces and datafiles described in the following table are also automatically included in the Custom database.

The tablespaces in the Oracle8i database contain the following types of datafiles located in the $ORACLE_BASE/oradata/<db_name> directory:

Tablespace	Datafile	Contains...
SYSTEM	system01.dbf	The data dictionary, including definitions of tables, views, and stored procedures needed by the Oracle database. Information in this area is maintained automatically. The SYSTEM tablespace is present in all Oracle databases.
USERS	users01.dbf	Your application data. As you create and enter data into tables, you fill this space with your data.
TEMP	temp01.dbf	Temporary tables and/or indexes created during the processing of your SQL statement. You might need to expand this tablespace if you are executing a SQL statement that involves a lot of sorting, such as ANALYZE COMPUTE STATISTICS on a very large table, or the constructs GROUP BY, ORDER BY, or DISTINCT.
RBS	rbs01.dbf	Rolled back transactions that fail to complete normally. You might need to expand this tablespace if you have long-running or high-data-volume transactions.
INDX	indx01.dbf	Indexes associated with the data in the USERS tablespace.
DRSYS	dr01.dbf	Oracle interMedia text-related schema objects.
TOOLS	tools01.dbf	Nothing. This datafile is used to install any third-party or Oracle tools/products.

Note: If you choose to create a new repository and accept the default settings when running Oracle Enterprise Manager Configuration Assistant, a tablespace named OEM_REPOSITORY and a datafile named oem_repository.ora are also created.

See Also: The "Tablespaces and Datafiles" chapter of Oracle8i Concepts The "Managing Tablespaces" and "Managing Datafiles" chapters of the Oracle8i Administrator's Reference.

Initialization Parameter File

The starter database contains one database initialization parameter file located in the $ORACLE_BASE/admin/<db_name>/pfile directory:

Initialization Parameter File	Description
init.ora	The parameter file init.ora must exist for an instance to start. A parameter file is a text file that contains a list of instance configuration parameters. The starter database init.ora file has preconfigured parameters. No edits are required to this file in order to use the starter database.

See Also: Oracle8i Administrator's Reference and Oracle8i Reference for Oracle8i database-specific initialization parameters and their default values for more information.

Redo Log Files

The starter database contains three redo log files located in the $ORACLE_BASE/oradata/<db_name> directory:

Note: The redo logs redo01.log, redo02.log, and redo03.log are also automatically included in the Custom database.

Database Files	Disk Size	Description
redo01.log redo02.log redo03.log	1 MB 1 MB 1 MB	Redo log files hold a record of all changes made to data in the database buffer cache. If an instance failure occurs, the redo log files are used to recover the modified data that was in memory. Redo log files are used in a cyclical fashion. For example, if three files constitute the online redo log, the first file is filled, then the second file, and then the third file. The first file is then re-used and filled, the second file is re-used and filled, and so on.

See Also: Oracle8i Backup and Recovery Reference for more information.

Control Files

The starter database contains three control files located in the $ORACLE_BASE/oradata/<db_name> directory:

Control Files	Description
control01.ctl control02.ctl control03.ctl	A control file is an administrative file required to start and run the database. The control file records the physical structure of the database. For example, a control file contains the database name, and the names and locations of the database's datafiles and redo log files.

Note: The files control01.ctl, control02.ctl, and control03.ctl are also automatically included in the Custom database. Oracle Corporation recommends that you keep at least three control files (on separate physical drives) for each database and set the CONTROL_FILES initialization parameter to list each control file.

See Also: Oracle8i Administrator's Guide for information on setting this initialization parameter value.

Rollback Segments

Rollback segments record the old values of data changed by each transaction (whether or not committed). Every database contains one or more rollback segments, which are portions of the database that record the actions of transactions in the event that a transaction is rolled back. Rollback segments provide read consistency to roll back transactions and to recover the database.

The starter database contains the following rollback segments:

Rollback Segment	Contained in this Tablespace...	Used by
SYSTEM	SYSTEM	SYS
RB_TEMP	SYSTEM (private)	SYS
RB1 through RB16	RBS	PUBLIC (a pool of rollback segments that any instance requiring a rollback segment can use)

Data Dictionary

The data dictionary is a protected collection of tables and views containing reference information about the database, its structures, and its users. The data stored in the dictionary includes the following:

• Names of the Oracle database users

• Privileges and roles granted to each user

• Names and definitions of schema objects (including tables, views, snapshots, indexes, clusters, synonyms, sequences, procedures, functions, and packages)

• Integrity constraints

• Space allocation for database objects

• Auditing information, such as who accessed or updated various objects

Deinstalling Oracle Internet Directory

To deinstall Oracle Internet Directory:

1. Stop the Oracle Internet Directory server:

   $ oidctl connect=<net_service_name> server=oidldapd instance=<server_instance_number> stop

   where <net_service_name> is the network connection to the Oracle Internet Directory server and <server_instance_number> is the instance number. This number appears in the Server List tab of Oracle Directory Manager.

2. Stop the OiD Monitor.

   $ oidmon stop

3. Start Oracle Universal Installer as described in "Oracle Universal Installer".

4. Click the [De-install Products] button on the Welcome dialog box or the [Installed Products...] button available on any Installer screen. The "Inventory" dialog box appears, listing installed products.

5. In the "Inventory" dialog box, select any product(s) to be de-installed, then click the [Remove] button.