has the access to all files & folders & can add or delete users or change their passwords. Some of the basic commands used on linux useful for Oracle Apps DBAs are: 1. useradd The general syntax for the useradd command is : useradd -d home_directory -e expire_date -g initial_group -p password login_name home_directory : Is the main directory within which the user is expected to store all his files and subdirectories. For a user named neha the home directory generally is /home/neha expire_date : This is the date on which the users account expires and he/she cannot access the computer anymore unless the account is renewed. initial_group : Every user in Linux belongs to a group which affects his file permissions. The initial group must be a group which already exists. Password : This will be the users password to access his account login_name : This will be the user name with which the user will access his account. Eg : useradd -d /home/neha -e 2009-12-03 -g root -p talent123 neha creates a user named neha on my computer. Home directory for user Neha is /home/neha Expirty date is 3rd december,2009 Belongs to the root group Password is talent123 Incase you do not enter one of the parameters group, home, expire or shell they are replaced by their default values. These default values can be viewed using the useradd -D command and can also be changed. 2) ls The ls command is equivalent of the DOS dir command. It lists the files and subdirectories contained within the present directory. Some possible flags which can be used with the ls command are : ls -l Uses a long listing format,which contains lots of useful information,like the exact size of file,who owns the file , who has the right to look at it & when it was last modified. ls -a List all files including the ones starting with . (Some configuration files starting with a dot . are otherwise not listed). ls | more Lists files and directories page after page on keystroke. The above command actually is a combination of two commands. It introduces a new concept called Piping. In Linux it is possible to give the output of one command to another command as an input.The ls command lists files & subdirectories and the more commands divides its input into page length views. Thus piping the ls output to more results in page length views of files and subdirectories. ls -R It lists the files and subdirectories of a directory and further lists the contents of each subdirectory recursively. 3) pwd The pwd or the present working directory command gives you the path to the directory in which you presently are. It is used without flags simply as pwd 4) su Many a times you might have logged in as a normal user and might need to be root (or any other user) to install a software or for some other small task. You could logout then login as that particular user, complete the work logout and login back as a normal user. Instead, you can just use the su command. The format is : su {username} eg : su root when you su to become root from a normal user, you are asked for the root password. But if you are root, you can use su to become any user without using a password. Once your work is finished, use exit to become yourself. * Check for (hyphen) with su command 5) whoami Will tell you which user you are logged in as. Useful when you have used su many times and now dont know who you are. 6) cp This one copies files / directories from one place to another .Its syntax is cp source_file_path destination_path eg : cp /home/neha/abctxt /ftp/xyz The cp command can be used with some useful flags also : cp -i Interactive copying, prompts before overwriting files or directories cp -l source_file_with_path destination_path Makes a link (shortcut) to the source_file at the destination path instead of actually copying it there. cp -p Preserve file attributes while copying if possible cp -R Copy Recursively . Used when copying directories. This command also copies the contents of the subdirectories. cp -u Update i.e. Copy only if the source file is newer than the destination file or the destination file does not exist. 7) rm The rm command is used to remove or delete files or directories. Its general syntax is: rm -flag file_or_directory_with_path eg : rm /home/neha/scrap.txt Some flags which can be used with the rm command are rm -v file.txt Remove verbosely, explain what is being done. rm -r my_directory Remove the directory and its contents recursively. mkdir This command is used to create new a new directory. Its syntax is mkdir -optional_flag directory_name The possible flags are mkdir -v directory_name Tell what is going on.mkdir -p directory_with_path Suppose you need a directory named ABC within another directory called XYZ in /usr/local and the parent directory XYZ itself does not exist, then you can use : mkdir -p /usr/local/XYZ/ABC This command creates the XYZ directory and the ABC subdirectory in one go. 9) man Suppose you have not understood fully one of the above commands or want to find out about a new command you have learnt , the man command provides a manual for that command. The syntax is: man command_name Thus man cp will show you a manual on the cp command and so on Linux Common Queries Lot of readers asked me to post on Linux hence first post on Linux covers common queries from Apps DBAs w.r.t. Linux. If you use any command in Linux/Unix very frequently and wish to share with our readers please leave it as comment Q: How to delete files older than N number of days ? (Useful in delete log, trace, tmp file ) find . -name *.* -mtime +[N in days] -exec rm {} \; ( This command will delete files older then N days in that directory, always good to use it when you are in applcsf/ tmp,out,log directory) Q: How to list files modified in last N days find . -mtime -<ndays> -exec ls -lt {} \; So to find files modified in last 3 days find . -mtime -3 -exec ls -lt {} \; Q: How to sort files based on Size of file ? ( useful to find large files in log directory to delete in case disk is full ) ls -l | sort -nrk 5 | more Q: How to find files changed in last N days (Solaris) find <dir_name> -mtime -N -print Q: How to extract cpio file cpio -idmv < file_name (Dont forget to use sign < before file name) Q: How to find CPU & Memory detail of linux cat /proc/cpuinfo (CPU) cat /proc/meminfo (Memory) Q: How to find if Operating system in 32 bit or 64 bit ? For solaris use command isainfo -v If you see out put like 32-bit sparc applications That means your O.S. is only 32 bit but if you see output like 64-bit sparcv9 applications 32-bit sparc applications above means your o.s. is 64 bit & can support both 32 & 64 bit applications Q: How to find if any service is listening on particular port or not ? netstat -an | grep {port no} For example if you know that OID is running on 389 port so to check if OID services is listening or not then use netstat -an | grep 389 Q: How to find Process ID (PID) associated with any port ? This command is useful if any service is running on a particular port (389, 1521..) and that is run away process which you wish to terminate using kill command lsof | grep {port no.} (lsof should be installed and in path) Q: How to change a particular pattern in a file ? Open file using vi or any other editor, go in escape mode (by pressing escape) and use :1,$s/old_pattern/new_parameter/gc ( g will change globally, c will ask for confirmation before changing ) Q: How to find a pattern in some file in a directory ? grep pattern file_name ( to find pattern in particular file ) grep pattern * ( in all files in that directory ) If you know how to find a pattern in files in that directory recursively please answer that as comment Q: How to create symbolic link to a file ? ln -s pointing_to symbolic_name
e.g. If you want to create symbolic link from a -> b ln -s b a (Condition:you should have file b in that directory & there should not be any file with name a) Q: How to setup cronjob (cronjob is used to schedule job in Unix at O.s. Level ) crontab -l( list current jobs in cron) crontab -e ( edit current jobs in cron) _1_ _2_ _3_ _4_ _5_ executable_or_job Where 1 Minutes (0-59) 2 Hours ( 0-24) 3 day of month ( 1- 31 ) 4 Month ( 1-12) 5 A day of week ( 0- 6 ) 0 -> sunday 1-> monday e.g. 0 3 * * 6 Means run job at 3AM every saturday This is useful for scheduling ftp, rman backup or removed old log files regularly. Sharing File System between SunOS Servers Servers: Indapp001 and Usaapp002 To do: To mount /export/home of Indapp001 on Usaapp002. Issue the following commands on Indapp001: 1. Share the required file system /export/home of Indapp001. Start the nfs server on Indapp001. # svcadm enable network/nfs/server 2. Share the /export/home of Indapp001 for everyone on the network. #share -F nfs -o rw -d home dirs /export/home Issue the following commands on Usaapp002: 3. From Usaapp002 check which files are shared on Indapp001 for NFS mount. # showmount -e Indapp001 export list for Indapp001: /export/home (everyone) 4. Create mount point on Usaapp002 t2 #mkdir /t2 5. Mount file system of Indapp001 /export/home on Usaapp002 # mount Indapp001:/export/home /t2 6. Checked the mounted file system by issuing the df -h command: # df -h /t2 Filesystem size used avail capacity Mounted on Indapp001:/export/home 29G 3.1G 25G 11% /t2 # How to set up SSH for No Password on SunOS This setup will allow you to log in to another account without having to provide the password. Identify the Sun Servers and its user ids among which you wish to enable secure session without passwords. The below steps concentrates on SSH2, the second version of SSH. Dont use the first version any longer; it contains security bugs. Also, older versions of the second versions SSH might contain security bugs. Check with ssh -V that your version matches the latest one available from OpenSSH. root@ffus # ssh -V Sun_SSH_1.1, SSH protocols 1.5/2.0, OpenSSL 0x0090704f If you cant find any of the SSH commands (ssh and scp, for instance) on your system, get the SSH package first and install it. This suite should also install the ssh-keygen command on your machine. Make sure that SSH is installed on every system that you want to access. Starting from the Solaris 9 OS, SSH is included in the distribution. If you cant find a package suitable for your version, refer to the OpenSSH web site for the source, and then download, unpack, read the README, compile, and install. Systems missing OpenSSL have to add that package as well for SSH to work. Test, for example, ssh localserver; this will create a .ssh subdirectory in your $HOME directory. SSH among UNIX users residing on the same Server. Assumptions: UNIX Server: ffus User 1: root User 2: oraffus User 3: appffus Requirement: You want to provide secure shell session between User 1 & User 2 and User 1 and User 3 with no passwords. This means that User 1 root can execute commands, shell scripts in User 2 oraffus shell and User3 appffus shell without providing passwords. Create personal SSH key in User 1 If this is first time you are creating SSH key then its possible that User 1 does not have .ssh directory in its home directory. If the .ssh directory exists then possibly the SSH key has been generated. Check the directory for the key. Alternatively you can re-create the key as follows.
root@ffus # hostname ffus root@ffus # id luid=0(root) gid=0(root) root@ffus # ssh-keygen -t dsa Generating public/private dsa key pair. Enter file in which to save the key (//.ssh/id_dsa): Created directory //.ssh. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in / /.ssh/id_dsa. Your public key has been saved in /t/.ssh/id_dsa.pub. The key fingerprint is: 7f:95:e0:76:3b:77:80:6a:d0:9a:3c:eb:d2:b2:32:a8 root@ffus
This creates id_dsa and id_dsa.pub in $HOME/.ssh. If you want to enable remote connections that dont require a password, do not enter a passphrase. If you do enter a non-empty passphrase, when connecting to the remote server you will be asked for the passphrase instead of the password!
Rename the key generated ida_dsa.pub to reflect the uniquely the key of user id on that server. i.e., rename id_dsa.pub to root_ffus_dsa.pub.
Append the public key to the file authorized_keys2: root@ffus # cat root_ffus_dsa.pub >>authorized_keys2 Dont worry if authorized_keys2 does not yet exist before you execute this command.
Create personal SSH key in User 2 As done for User 1 carry out the same steps for User 2. $ hostname ffus $ id uid=100(oraffus) gid=101(dba) $ pwd /home/oraffus $ ssh-keygen -t dsa Generating public/private dsa key pair. Enter file in which to save the key (/home/oraffus/.ssh/id_dsa): /home/oraffus/.ssh/oraffus_ffus _dsa Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/oraffus/.ssh/oraffus_ffus_dsa. Your public key has been saved in /home/oraffus/.ssh/oraffus_ffus_dsa.pub. The key fingerprint is: 15:05:69:cd:3e:6e:bc:9d:ba:6d:a7:15:0c:9f:ab:4d oraffus@ffus $ cd .ssh $ ls -lrt total 6 -rw-rr 1 oraffus dba 222 Aug 29 16:43 known_hosts -rw- 1 oraffus dba 668 Sep 21 14:34 oraffus_ffus_dsa -rw-rr 1 oraffus dba 604 Sep 21 14:34 oraffus_ffus_dsa.pub $ cat oraffus_ffus_dsa.pub >>authorized_keys2 $ ls -lrttotal 8 -rw-rr 1 oraffus dba 222 Aug 29 16:43 known_hosts -rw- 1 oraffus dba 668 Sep 21 14:34 oraffus_ffus_dsa -rw-rr 1 oraffus dba 604 Sep 21 14:34 oraffus_ffus_dsa.pub -rw-rr 1 oraffus dba 604 Sep 21 14:35 authorized_keys2 $
. Create personal SSH key in User 3. As done for User 1 and 2 carry out the same steps for User 3. $ hostname ffus $ id uid=102(appffus) gid=101(dba) $ pwd /home/appffus $ ssh-keygen -t dsa Generating public/private dsa key pair. Enter file in which to save the key (/home/appffus/.ssh/id_dsa): /home/appffus/.ssh/appffus_ffus_dsa Created directory /home/appffus/.ssh. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/appffus/.ssh/appffus_ffus_dsa. Your public key has been saved in /home/appffus/.ssh/appffus_ffus_dsa.pub. The key fingerprint is: 98:bc:68:49:7b:e2:05:5d:f9:ed:09:35:5d:4e:d3:ea appffus@ffus $ cd .ssh $ pwd /home/appffus/.ssh $ ls -lrt total 4 -rw- 1 appffus dba 668 Sep 21 14:38 appffus_ffus_dsa -rw-rr 1 appffus dba 604 Sep 21 14:38 appffus_ffus_dsa.pub $ cat appffus_ffus_dsa.pub >>authorized_keys2 $ ls -lrt total 6 -rw- 1 appffus dba 668 Sep 21 14:38 appffus_ffus_dsa -rw-rr 1 appffus dba 604 Sep 21 14:38 appffus_ffus_dsa.pub -rw-rr 1 appffus dba 604 Sep 21 14:38 authorized_keys2 $
Now you should already be able to make a secure connection to your own machine, using this account, without having to provide a password.
Check permissions on your keys and refer to the man page. The id_dsa file should be private, the other keys world readable. . On the remote server, generate keys in the same way for your account on that server. Copy your public key into ~/.ssh/ on the remote server. root@ffus # hostname iffus root@ffus # id uid=0(root) gid=0(root) root@ffus # root@ffus # cp /home/appffus/.ssh/appffus_ffus_dsa.pub . root@ffus # cp /home/oraffus/.ssh/oraffus_ffus_dsa.pub . root@ffus # ls -lrt total 18 -rw- 1 root root 668 Sep 19 14:18 id_dsa -rw-rr 1 root root 600 Sep 19 14:18 root_ffus_dsa.pub -rw-rr 1 root root 1808 Sep 19 15:21 authorized_keys2 -rw-rr 1 root root 670 Sep 21 11:42 known_hosts -rw-rr 1 root root 604 Sep 21 14:43 appffus_ffus_dsa.pub -rw-rr 1 root root 604 Sep 21 14:44 oraffus_ffus_dsa.pub root@ffus # Do the same thing for the remote key; copy it into your local ~/.ssh directory:
root@ffus # scp root_ffus_dsa.pub oraffus@ffus:/home/oraffus/.ssh Password: root_ffus_dsa.pub 100% |***************************************************| 600 00:00 root@ffus # scp root_ffus_dsa.pub appffus@ffus:/home/appffus/.ssh Password: root_ffus_dsa.pub 100% |***************************************************| 600 00:00 root@ffus # On both servers, append the key from the other server to the file authorized_keys2: root@ffus # cat appffus_ffus_dsa.pub >>authorized_keys2 root@ffus # cat oraffus_ffus_dsa.pub >>authorized_keys2 root@ffus # ls -lrt total 20 -rw- 1 root root 668 Sep 19 14:18 id_dsa -rw-rr 1 root root 600 Sep 19 14:18 root_ffus_dsa.pub -rw-rr 1 root root 670 Sep 21 11:42 known_hosts -rw-rr 1 root root 604 Sep 21 14:43 appffus_ffus_dsa.pub -rw-rr 1 root root 604 Sep 21 14:44 oraffus_ffus_dsa.pub -rw-rr 1 root root 3016 Sep 21 14:53 authorized_keys2 $ cat root_ffus_dsa.pub >>authorized_keys2 $ ls -lrt total 12 -rw- 1 oraffus dba 668 Sep 21 14:34 oraffus_ffus_dsa -rw-rr 1 oraffus dba 604 Sep 21 14:34 oraffus_ffus_dsa.pub -rw-rr 1 oraffus dba 450 Sep 21 14:48 known_hosts -rw-rr 1 oraffus dba 600 Sep 21 14:51 root_ffus_dsa.pub -rw-rr 1 oraffus dba 1204 Sep 21 14:54 authorized_keys2 $ $ ls -lrt total 10 -rw- 1 appffus dba 668 Sep 21 14:38 appffus_ffus_dsa -rw-rr 1 appffus dba 604 Sep 21 14:38 appffus_ffus_dsa.pub -rw-rr 1 appffus dba 600 Sep 21 14:51 root_ffus_dsa.pub -rw-rr 1 appffus dba 1204 Sep 21 14:54 authorized_keys2 $ Try to connect to the remote server now: root@ffus # ssh oraffus@ffus ls -la total 46 drwxr-xr-x 6 oraffus dba 512 Sep 19 11:56 . drwxr-xr-x 4 root root 512 Jul 3 10:03 .. -rw- 1 oraffus dba 42 Sep 15 11:04 .bash_history -rw-rr 1 oraffus dba 56 Aug 4 16:24 .profile -rw- 1 oraffus dba 8748 Sep 21 14:54 .sh_history drwx 2 oraffus dba 512 Sep 21 14:51 .ssh drwx 3 oraffus dba 512 Aug 29 16:43 .sunw -rw-rr 1 oraffus dba 66 Aug 11 12:33 afiedt.buf -rw-rr 1 oraffus dba 42 Jul 31 15:09 ffus.ffpl -rwxr-xr-x 1 oraffus dba 1060 Sep 21 13:55 startDB_FFUS -rwxr-xr-x 1 oraffus dba 1310 Sep 21 13:56 stopDB_FFUS drwxr-xr-x 2 oraffus dba 512 Jul 31 15:09 testbkp drwxr-xr-x 2 oraffus dba 512 Sep 19 11:57 work root@ffus # root@ffus # ssh appffus@ffus ls -la total 1216 drwxr-xr-x 4 appffus dba 512 Sep 21 14:38 . drwxr-xr-x 4 root root 512 Jul 3 10:03 .. -rw- 1 appffus dba 72 Sep 15 11:11 .bash_history -rw-rr 1 appffus dba 99 Sep 21 09:51 .profile -rw- 1 appffus dba 83418 Sep 21 10:10 .sh_history -rw-rr 1 appffus dba 570 Jul 17 13:47 t1 -rw-rr 1 appffus dba 465 Aug 23 14:47 t2 drwxr-xr-x 2 appffus dba 512 Jul 7 13:01 work root@ffus # . Server1: ukdba.com Server2: inddba.com root@ukdba.com # hostname ukdba.com root@ukdba.com # id uid=0(root) gid=0(root) root@ukdba.com # pwd / root@ukdba.com # ssh-keygen -t dsa Generating public/private dsa key pair. Enter file in which to save the key (//.ssh/id_dsa): //.ssh/root_ukdba.com_dsa Created directory //.ssh. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in //.ssh/root_ukdba.com_dsa. Your public key has been saved in //.ssh/root_ukdba.com_dsa.pub. The key fingerprint is: e1:95:a5:09:e0:56:24:ac:e1:51:2a:73:c9:09:c5:e2 root@ukdba.com
root@inddba.com # hostname inddba.com root@inddba.com # id uid=0(root) gid=0(root) root@inddba.com # pwd / root@inddba.com # ssh-keygen -t dsa Generating public/private dsa key pair. Enter file in which to save the key (//.ssh/id_dsa): //.ssh/root_inddba.com_dsa Created directory //.ssh.Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in //.ssh/root_inddba.com_dsa. Your public key has been saved in //.ssh/root_inddba.com_dsa.pub. The key fingerprint is: 62:39:aa:8b:04:c6:81:36:15:08:99:75:5e:26:04:86 root@inddba.com root@inddba.com # ls -lrt total 4 root@inddba.com # ls -lrt total 6 -rw- 1 root root 668 Sep 21 15:55 root_inddba.com_dsa -rw-rr 1 root root 603 Sep 21 15:55 root_inddba.com_dsa.pub -rw-rr 1 root root 603 Sep 21 15:56 authorized_keys2 root@inddba.com # $ hostname ukdba.com $ id uid=102(oaprod) gid=100(dba) $ pwd /home/oaprod $ ssh-keygen -t dsa Generating public/private dsa key pair. Enter file in which to save the key (/home/oaprod/.ssh/id_dsa): /home/oaprod/.ssh/oaprod_ukdba.com_dsa Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/oaprod/.ssh/oaprod_ukdba.com_dsa. Your public key has been saved in /home/oaprod/.ssh/oaprod_ukdba.com_dsa.pub. The key fingerprint is: 26:d5:11:3b:92:eb:fb:3d:20:f0:ab:54:db:d1:f1:13 oaprod@ukdba.com $ cd .ssh $ pwd /home/oaprod/.ssh $ ls -lrt total 6 -rw-rr 1 oaprod dba 228 Sep 19 09:32 known_hosts -rw- 1 oaprod dba 668 Sep 21 15:57 oaprod_ukdba.com_dsa -rw-rr 1 oaprod dba 606 Sep 21 15:57 oaprod_ukdba.com_dsa.pub $ cat oaprod_ukdba.com_dsa.pub >>authorized_keys2 $ ls -lrt total 8 -rw-rr 1 oaprod dba 228 Sep 19 09:32 known_hosts -rw- 1 oaprod dba 668 Sep 21 15:57 oaprod_ukdba.com_dsa -rw-rr 1 oaprod dba 606 Sep 21 15:57 oaprod_ukdba.com_dsa.pub -rw-rr 1 oaprod dba 606 Sep 21 15:58 authorized_keys2 $ hostname inddba.com $ id uid=101(oaospxy) gid=100(dba) $ pwd /home/oaospxy $ ssh-keygen -t dsa Generating public/private dsa key pair. Enter file in which to save the key (/home/oaospxy/.ssh/id_dsa): /home/oaospxy/.ssh/oaospxy_inddba.com_dsa Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/oaospxy/.ssh/oaospxy_inddba.com_dsa. Your public key has been saved in /home/oaospxy/.ssh/oaospxy_inddba.com_dsa.pub. The key fingerprint is: f1:4f:15:b4:6c:f1:c9:e9:31:79:37:ad:6e:09:71:0a oaospxy@inddba.com $ cd .ssh $ pwd /home/oaospxy/.ssh $ ls -lrt total 6 -rw-rr 1 oaospxy dba 228 Sep 19 09:26 known_hosts -rw- 1 oaospxy dba 668 Sep 21 16:03 oaospxy_inddba.com_dsa -rw-rr 1 oaospxy dba 606 Sep 21 16:03 oaospxy_inddba.com_dsa.pub $ cat oaospxy_inddba.com_dsa.pub >>authorized_keys2 $ ls -lrt total 8 -rw-rr 1 oaospxy dba 228 Sep 19 09:26 known_hosts -rw- 1 oaospxy dba 668 Sep 21 16:03 oaospxy_inddba.com_dsa -rw-rr 1 oaospxy dba 606 Sep 21 16:03 oaospxy_inddba.com_dsa.pub -rw-rr 1 oaospxy dba 606 Sep 21 16:03 authorized_keys2 $ root@ukdba.com # hostname ukdba.com root@ukdba.com # id uid=0(root) gid=0(root) root@ukdba.com # pwd /.ssh root@ukdba.com # ls -lrt total 8 -rw- 1 root root 668 Sep 21 15:51 root_ukdba.com_dsa -rw-rr 1 root root 603 Sep 21 15:51 root_ukdba.com_dsa.pub -rw-rr 1 root root 603 Sep 21 15:52 authorized_keys2 -rw-rr 1 root root 231 Sep 21 16:07 known_hosts root@ukdba.com # scp oaospxy@inddba.com:/apphome/oaospxy/.ssh/oaospxy_inddba.com_dsa.pub . The authenticity of host inddba.com (192.9.100.10) cant be established. RSA key fingerprint is 12:b0:35:37:07:2d:b3:f2:f7:80:1f:24:f5:f1:03:08. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added inddba.com,192.9.100.10 (RSA) to the list of known hosts.Password: oaospxy_inddba.com_dsa 100% |**************************************************************************| 606 00:00 root@ukdba.com # root@ukdba.com # scp root_ukdba.com_dsa.pub oaospxy@inddba.com:/apphome/oaospxy/.ssh Password: root_ukdba.com_dsa.pu 100% root@ukdba.com # cp root_ukdba.com_dsa.pub /home/oaprod/.ssh root@ukdba.com # ls -lrt total 14 -rw- 1 root root 668 Sep 21 15:51 root_ukdba.com_dsa -rw-rr 1 root root 603 Sep 21 15:51 root_ukdba.com_dsa.pub -rw-rr 1 root root 603 Sep 21 15:52 authorized_keys2 -rw-rr 1 root root 462 Sep 21 16:13 known_hosts -rw-rr 1 root root 606 Sep 21 16:13 oaospxy_inddba.com_dsa.pub -rw-rr 1 root root 606 Sep 21 16:16 oaprod_ukdba.com_dsa.pub root@ukdba.com # cat oaospxy_inddba.com_dsa.pub >>authorized_keys2 root@ukdba.com # cat oaprod_ukdba.com_dsa.pub >>authorized_keys2 $ hostname ukdba.com $ id uid=102(oaprod) gid=100(dba) $ pwd /home/oaprod/.ssh $ ls -lrt total 10 -rw-rr 1 oaprod dba 228 Sep 19 09:32 known_hosts -rw- 1 oaprod dba 668 Sep 21 15:57 oaprod_ukdba.com_dsa -rw-rr 1 oaprod dba 606 Sep 21 15:57 oaprod_ukdba.com_dsa.pub -rw-rr 1 oaprod dba 606 Sep 21 15:58 authorized_keys2 -rw-rr 1 root root 603 Sep 21 16:17 root_ukdba.com_dsa.pub $ cat root_ukdba.com_dsa.pub >>authorized_keys2 $ ls -lrt total 12 -rw-rr 1 oaprod dba 228 Sep 19 09:32 known_hosts -rw- 1 oaprod dba 668 Sep 21 15:57 oaprod_ukdba.com_dsa -rw-rr 1 oaprod dba 606 Sep 21 15:57 oaprod_ukdba.com_dsa.pub -rw-rr 1 root root 603 Sep 21 16:17 root_ukdba.com_dsa.pub -rw-rr 1 oaprod dba 1209 Sep 21 16:20 authorized_keys2 $ $ hostname inddba.com $ id uid=101(oaospxy) gid=100(dba) $ pwd /apphome/oaospxy/.ssh $ ls -lrt total 10 -rw-rr 1 oaospxy dba 228 Sep 19 09:26 known_hosts -rw- 1 oaospxy dba 668 Sep 21 16:03 oaospxy_inddba.com_dsa -rw-rr 1 oaospxy dba 606 Sep 21 16:03 oaospxy_inddba.com_dsa.pub -rw-rr 1 oaospxy dba 606 Sep 21 16:03 authorized_keys2 -rw-rr 1 oaospxy dba 603 Sep 21 16:24 root_ukdba.com_dsa.pub $ cat root_ukdba.com_dsa.pub >>authorized_keys2 $ ls -lrt total 12 -rw-rr 1 oaospxy dba 228 Sep 19 09:26 known_hosts -rw- 1 oaospxy dba 668 Sep 21 16:03 oaospxy_inddba.com_dsa -rw-rr 1 oaospxy dba 606 Sep 21 16:03 oaospxy_inddba.com_dsa.pub -rw-rr 1 oaospxy dba 603 Sep 21 16:24 root_ukdba.com_dsa.pub -rw-rr 1 oaospxy dba 1209 Sep 21 16:26 authorized_keys2 $ Root password Recovery SUN,AIX, LINUX(Redhat) and HP-UX I am trying to cover the password file information and root password recovery . It is not the task of DBA but sometimes the knowledge of Unix administration task help us to do the activities in effective manner . Password file information of root :- Operating system Sun Solaris :- /etc/passwd and /etc/shadow Operating system AIX :- /etc/passwd and /etc/passwd/security Operating System Linux :- /etc/passwd and /etc/shadow Operating System HP-UX :- /etc/passwd and /tcb/files/auth/r/root Being a DBA we need to have good idea about unix important files . Sun Solaris :- boot cdrom -s mkdir /tmp/a mount the cd using mount /dev/<Device> /tmp/a vi /tmp/a/etc/shadow AIX boot from cdrom or tape installation/Mantienance start limited shell getrootfs hd1sk0 vi /etc/security/passwd Linux If it LILO (Linux Loader) its a bootstrap program then we have the follow the below steps :- lilo Control -x linux s passwd root If it GRUB (Grans Unified Bootloader) then grub c kernel vmlinuz-2.4.9-13 single ro root=/dev/hda8 initrd /initrd-2.4.9-13.img boot passwd root HP-UX boot interact with ipl ? Y isl->hpux- iS passwd root Out of all the above opertaing system steps , i personally tried Linux (LILO) and it worked Introduction to Zones : Solaris 10 This post covers new feature ZONESintroduced in Solaris 10, zone is virtualized solaris operating system within Solaris. You can install multiple Solaris Operating System (Multiple Machine) with in Single Big Machine. This will help in consolidating multiple small Solaris machine into one big machine with multiple Solaris operating system each running different application. Zones: is virtualized operating system created with in single instance of Solaris operating system. Container : Zone which includes resource management feature is called as container. Key Points for Solaris 10 Zones 1. Zones can be created on any machine running Solaris 10 2. Maximum number of zones (virtualised solaris o.s.) is 8192 3. Master zone or base operating system is called as Global Zoneand any zone (virtualised Solaris o.s.) created is called as Non-Global zone. In figure serviceprovider.com is global zone where as apps.com , users.net and work.org are Non-Global zone. 4. Non global zones can only be created, managed, configured or uninstalled from Global zone.
5. Each zone (global & non global) is assigned a name and global zone always has zone name as global. Each zone is also given number ID and for global zone ID/zone number is always 0. 6. Each zone has path to its root directory which is relative to global zones root directory. 7. Root File system on non-global zone are of two type : Sparse and Whole root Whole root file system provide more flexibility where as Sparse root zone model provide maximum configuration. 8. Dynamic resource reallocation permits unused resource to be shifted to other containers (aka zones) 9. Process within same zone can communicate each other but if process in one zone need to communicate with process in other zone, they can do it only by using network APIs. 10. IP networking can be configured with each zone having its own exclusive IP address or can share IP layer configuration and state with global zone (aka shared-IP zone). 11. IP configuration of an exclusive-IP can only be viewed from global zone using zlogin like zlogin my-zone ifconfig -a 12. You use zonecfg command to configure a non-global zone 13. You use zlogin to login to a zone from global zone 14. zoneadm is used to administer zone including installation, stopping, starting. 15. Parameters changed using zonecfg dont affect running zone, you have to restart zone using zoneadm -z zone_name reboot Related Zones and Container FAQ Solaris 10 is free and you can download(X86 or Sparc) or order from here (Opensolaris and Solaris 10 are different, go for Solaris 10 5/08 which means Solaris 10 May 2008 release) Share files/folders from Windows to Linux on VMWare This post is for our Online Apps DBA trainees trying to install Oracle Application on Virtual Linux machine. If you install Linux O.S. as (Guest Operating System) on top of your existing windows machine using VMware virtual Server check here, Next step is to copy R12/11i/oracle software from windows machine to VMware Linux O.S. Steps mentioned below are to share folder on Windows (host o.s.) and access it from Linux (guest o.s.) A. Share folder on Windows Machine 1. Check your windows Workgroup name >> Right click on My Computer and click on Properties
2. Click on Computer Name tab and check Workgroup Name
3. Next step is to share folder on windows machine Right click on Folder which you wish to share and access from Linux Machine and click on Properties
4. Click on Sharing taband select Share this folder on the network
. B. Changes on Linux Virtual Machine (Guest Operating System) 1. During Linux installation, select Customize software packages to be installed
2. Click on Details against Server Configuration Tools
3. Select system-config-samba Samba Server Configuration Tool
If you dont want to select Samba Server specifically, then select everything 3. select Everything from package list After Linux installation, modify samba server configuration Open /etc/samba/smb.conf and make following changes 1. workgroup = [change it to your windows workgroup] like workgroup = WORKGROUP 2. server string = Samba Server [name] like server string = Samba Server myLinux Server 3. Uncomment entry like hosts allow = [windows IP address] to check your windows machine use ipconfig
hosts allow = [your windows IP address here] like hosts allow = 192.168.1.2 (Please change above IP to your windows IP) 4. uncomment these two lines by removing ; (semicolon) from below two lines encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd 5. At end of file uncomment following files [myshare] comment = My Linux share path = /BI valid users = oracle public = no writable = no printable = no create mask = 0765 Here path = /BI is windows share name and valid users= oracle is user on windows machine. 6. Restart samba server using /etc/init.d/service smb stop /etc/init.d/service smb start 7. Create directory on Linux to view windows shared folder mkdir -p /stage/WinServer 8. Mount Windows share foler on linux using mount -t smbfs -o username=atul, password=[password] //192.168.1.2/BI /stage/WinServer above password is windows machine password for user atul (replace your windows username and password) 192.168.1.2 is IP address of windows machine ( Change 192.168.1.2 to your windows IP address and Verify that you can ping windows IP from Linux machine) BI is shared folder name on windows and /stage/WinServer is folder name on Linux 9. Access windows share on linux using cd /stageWinServer ls . Reference http://www.vmware.com/support/ws3/doc/ws32_running9.html Install Oracle Fusion Applications in 10 Steps This post covers overview (High Level steps to install Oracle Fusion Applications), for Fusion Applications concepts click here
1. Download Oracle Fusion Applications Software from edelivery.oracle.com (check image at bottom of this post) and unzip all files 2. Stage the Fusion Applications Software using IDU (Installation Directory Utility) using startDVD/bin/idu.sh [updated on 18th June] : Staging of Fusion Software is not required if you are downloading from eDelivery. Download Fusion Application Software (zip files) in to single directory and unzip them. This step will create stage for Oracle Fusion Applications and directory structure like below
3. Install the Fusion Applications Provisioning Framework using runInstaller or setup.exe from [rep_name]/installers/faprov/bin where rep_name is directory created by step 1 (idu.sh) 4. Install and configure Oracle Identity and Access Management Component OAM, OIM, OID and OVD (OVD and OIM must be installed on different databases , though OID can be installed with database used by OIM or OVD or its own third database). You can also check my Book Oracle Identity and Access Manager 11g for Administrators 5. Install Transactional Database for Oracle Fusion Applications (use template shipped with Oracle Fusion Application Software to install database) using Provisioning Wizard from [repos_name]/provisioning/bin/[flowdesigner.sh or flowdesigner.bat] (select option Install an Applications Transactional Database) 6. Load/Create Schema in Transactional Database using Oracle Fusion Applications RCU [APP_RCU_HOME/bin/rcu.sh or rcu.bat] 7. Create a Provisioning Plan to provision an Oracle Fusion Applications Environment [repos_name]/provisioning/bin/[flowdesigner.sh or flowdesigner.bat] (select option Create a New Applications Environment Provisioning Plan) 8. Provision a new Oracle Fusion Application Environment [repos_name]/provisioning/bin/[flowdesigner.sh or flowdesigner.bat] (select option Provision an Application Environment) 9. Complete post installation tasks 10. Test Oracle Fusion Applications URL
Oracle Fusion Applications is currently available (GA) for Linux X86_64 from http://edelivery.oracle.com Oracle Database RMAN overview Solution available for backup and recovery of Oracle Database i) RMAN (Recovery Manager) ii) User Managed backup (using o.s. commands like cp, copy..) . RMAN (Recovery Manager) is Oracle Database client that perform backup & restore task of oracle database. . Components in RMAN 1. Target Database is Oracle database which you want to backup or restore. You use RMAN client to connect to Target Database. 2. RMAN Client is Oracle executable that interprets backup/restore related commands and direct server to execute those commands on Target Database. 3. RMAN Repository RMAN maintains metadata about its operations, this RMAN metadata is called as RMAN repository and stored in control file of database. 4. Recovery Catalog (Optional Component) Separate database schema to record RMAN activity against one or more TARGET database. 5. Media Manager (Optional Component) Application for RMAN to interface with sequential media devices like tape library. Job of media manager is to load , label , unload .media devices. You can use RMAN with or Without Recovery Catalog and Media Manager . Terminology in RMAN
a) Backup Set is one or more backup piece (physical files) written in format that only RMAN can access. b) Image Copy is bit-by-bit copy of database files created on Disk. This is equivalent to cp (on Linux) or copy (on windows). * Backup Set is default method to backup, for image copy use BACKUP AS COPY while backup. c) Hot backup backup taken while Oracle Database is Up. (Database should be in Archive Log mode for hot backup) d) Cold backup backup taken while Oracle database is down or in mount state (NOT OPEN). e) Full Backup Backing up entire database is called as full backup f) Incremental Backup Backup of block level changes to database made after previous incremental/full backup. g) Level 0 Incremental backup This backs up all blocks in database. This is equivalent to full backup. h) level 1 Incremental backup This backs up database block changes after previous incremental backup. If there is no level 0 incremental backup and you run level 1 incremental backup, RMAN will automatically make level 0 incremental backup. i) Cumulative incremental backup level 1 incremental backup which includes all blocks changed since most recent level 0 incremental backup. j) Differential incremental backup - level 1 incremental backup which includes only block changed since most recent incremental backup. By default, incremental backups are differential . Basic Commands in RMAN 1. Start RMAN client rman (rman executable is in $ORACLE_HOME/bin) 2. Connect to target database (start RMAN client as shown above) RMAN> connect target sys@TNS_ALIAS_FOR_TARGET like RMAN> connect target sys@PROD To connect to local database use operating system authentication RMAN> connect target / 3. To exit from RMAN client use EXIT like RMAN> exit 4. To view current RMAN configuration rman (To start RMAN Client) RMAN> connect target / (to connect to target database) RMAN> SHOW ALL 5. To backup database and archived redo while system is Up (Hot Backup) Database should be in archive log mode rman (To start RMAN Client) RMAN> connect target / (to connect to target database) RMAN> BACKUP DATABASE PLUS ARCHIVELOG; 6. To make consistent backup while database is not open (Database in No archive log mode) rman (To start RMAN Client) RMAN> connect target / (to connect to target database) RMAN> SHUTDOWN IMMEDIATE (to shutdown database) RMAN> STARTUP MOUNT; RMAN> BACKUP DATABASE; (to backup database, no need to backup archived log as database is not open) RMAN> ALTER DATABASE OPEN; (To Open Database ) . 7. To make incremental backup rman (To start RMAN Client) RMAN> connect target / (to connect to target database) RMAN> BACKUP INCREMENTAL LEVEL 0 DATABASE; (For incremental level 0 backup) RMAN> BACKUP INCREMENTAL LEVEL 1 DATABASE; (For incremental level 1 backup) . 8. To List backup rman (To start RMAN Client) RMAN> connect target / (to connect to target database) RMAN> LIST BACKUP ; (To list backup) . 9. To Delete Obsolete backup rman (To start RMAN Client) RMAN> connect target / (to connect to target database) RMAN> DELETE OBSOLETE ; (To DELETE obsolete backup) . Oracle Database Recovery Scenario and Solution The purpose of this article is to get acquianted with some of the recovery scenarios , this topic is useful for the folks who is having less experience and looking for good DBA exposure and preparing for interview . I am trying to jotting down both RMAN and normal database technique :- 1.Complete Closed database Recovery. System tablespace is missing In this case complete recovery is performed, only the system tablespace is missing , so the database can be opened without resetting the redologs. 1. rman target/ 2. startup nomount; 3. restore database ; 4. recover database ; 5. alter database open; If the system tablespace is missing or corrupted the database can not be started up so a complete closed database recovery must be performed. Pre requisites: A closed or open database backup and archive logs. a. Use OS command to restore the missing or corrupted system datafile to its original location , i.e. : cp p /fh01/backup/uman/system01.dbf /fh02/oradata/system01.dbf b. startup mount; c. recover datafile 1 ; d. alter database open ; 2. Complete Open Database Recovery. Non System tablespace is missing. If a non system tablespace is missing or corrupted while the database is open, recovery Can be performed while the database remains open.Pre requisites: A closed or open database backup and archive logs.a . cp p /fh01/backup/uman/user01.dbf /fh02/oradata/user01.dbfb. alter tablespace <tablespace_name> offline immediate ;c. recover tablespace <tablespace_name> ; d. alter tablespace <tablespace_name> online ; a. rman target / b. sql alter tablespace <tablespace_name> offline immediate ; c. restore datafile 3; d. recover datafile 3; e. sql alter tablespace <tablespace_name> online; 3. Complete Open Database Recovery .(when database is initially closed).Non system tablespace is missing . A user datafile is missing when trying to startup the database. The datafile can be turned offline and the database started up. Restore and recover are performed using Rman and without Rman .After recovery is preformed the datafile can be turned online again . a. sqlplus as/ sysdba b. startup mount c. alter database datafile <datafile_name> offline ; d. alter database open ; e. exit ; f. rman target / g. restore datafile <datafile_name>; h. recover datafile <datafile_name>; i. sql alter tablespace <tablespace_name> online; If a non system datafile that was not backed up since last backup is missing, recovery can be perform if all archived logs since the creation of the missing datafile exist. Since database is up you can check the tablespace . If a non system tablespace is missing or corrupted and the database is crashed ,recovery can be performed after the database is open . Pre requisites: A closed or open database backup and archived logs . a. startup ; (You ill get Ora 1157 ora 1110 and the name of the missing datafile , the database ill remain mounted ) b. Use OS commands to restore the missing or corrupted datafile to its original location i.e cp p /fh01/backup/uman/user01.dbf /fh02/oradata/user01.dbf c. Alter database datafile3 offline; (Tablespace cannot be used because database is not open ) d. Alter database open ; e. Recover datafile 3; f. Alter tabelspace <tablespace_name> online; 4. Recovery of missing datafile that has no backup (database is open)If a non system datafile that was not backed up since last backup is missing, recovery can be perform if all archived logs since the creation of the missing datafile exist. Pre requisites : All relevant archived logs. a. Alter tablespace <tablespace_name> offline immediate ; b. Alter tablespace create datafile /fh02/oradata/newdata.dbf ; c. Recover tablespace <tablespace_name> ; d. Alter tablespace <tablespace_name> online ; If the datafile command needs to be executed to place the datafile on a location different than the original use : Alter database create datafile /fh01/backup/uman/newdata.dbf as /fh02/oradata/rajat/newdata.dbf ; 1. sqlplus /as sysdba 2. Alter tablespace <tablespace_name> offline immediate ; 3. Alter tablespace create datafile /fh01/backup/uman/newdata.dbf ; 4. exit 5. rman target / 6. Recover tablespace <tablespace_name> ; 7. Alter tablespace <tablespace_name> online ; If the datafile command needs to be executed to place the datafile on a location different than the original use : Alter database create datafile /fh01/backup/uman/newdata.dbf as /fh02/oradata/rajat/newdata.dbf ; 5.Restore and Recovery of a datafile to a different location , Database is up. If a non system datafile is missing and its original location is not available , restore can be made to different location and recovery performed. Pre Requisites: All relevant archived logs , complete cold or hot backup. a. Use OS commands to restore the missing or corrupted datafile to its original location i.e cp p /fh01/backup/uman/user01.dbf /fh02/oradata/user01.dbf b. alter tablespace <tablespace_name> offline immediate ; c. alter tablespace <tablespace_name> rename datafile /fh01/oradata/user01.dbf to /fh02/oradata/rajat/user01.dbf d. rman target / e. recover tablespace <tablespace_name> f. sql alter tablespace <tablespace_name> online ; If a non system datafile is missing and its original location is not available , restore can be made to different location and recovery performed. Pre Requisites: All relevant archived logs , complete cold or hot backup. a. Use OS commands to restore the missing or corrupted datafile to its original location i.e cp p /fh01/backup/uman/user01.dbf /fh02/oradata/user01.dbf b. alter tablespace <tablespace_name> offline immediate ; c. alter tablespace <tablespace_name> rename datafile /fh01/oradata/user01.dbf to /fh02/oradata/rajat/user01.dbf d. recover tablespace <tablespace_name> e. alter tablespace <tablespace_name> online 6. Control file recovery Always multiplex your control files. Control files are missing , database crash. Pre Requisites: A backup of your controlfile , and all relevant archived log files . a. startup;(You get ora 205 , missing control file, instance start but database is not mounted ) b. Use OS command to copy the missing controlfile to its original location cp p /fh01/backup/uman/control101.dbf /fh02/oradata/control101.dbf c. alter database mount ; d. recover automatic database using backup controlfile ; e. alter database open resetlogs ; f. make a new complete backup , as the database is open in a new incarnation and previous archived log are not relevant. Always multiplex your control files. Control files are missing , database crash. Pre Requisites: A backup of your controlfile , and all relevant archived log files.When Using Rman always set configuration parameter. Autobackup of controlfile to ON . You will need the dbid to restore the controlfile. Get it from the name of the backup controlfile. It is the number following the c- at the start of the same. a. rman target/ b. set dbid <dbid> c. startup nomount ; d. restore controlfile from autobackup ; e. alter database mount ; f. recover database; g. alter database open resetlogs ; h. make a new complete backup , as the database is open in a new incarnation and previous archived log are not relevant 7. Incomplete Recovery, Until Time/Sequence/Cancel Incomplete recovery may be necessary when the database crash and needs to be recovered, and in recovery process you find that an archived log is missing .In this case recovery can only be made until the sequence before the one that is missing. Another scenario for incomplete recovery occurs when an important object was dropped or incorrect data was committed on it. In this case recovery needs to be performed until before the object was dropped. Pre requisites: A full closed or open database backup and archived logs , the time or sequence that the until recovery needs to be performed . a. If the database is open , shutdown it to perform full restore. b. Rman target \ c. Startup mount ; d. Restore database ; e. Recover database until sequence 8 thread 1 ;(You must pass the thread , if a single instance ill be always be 1 ) a. If the database is open , shutdown abort b. Use OS commands to restore all the datafiles to its original locations : Cp p /user/backup/*.dbf /u01/oradata/ c. startup mount ; d. recover automatic database until time 2007-01-01:10:10:10 ; e. alter database open resetlogs ; f. make a new complete backup , as the database is open in a new incarnation and previous archived log are not relevant Alternatively you may use instead of until time , until sequence or until cancel ; Recover automatic database until sequence 120 thread 1 ;or Recover database until cancel ; Recover an accidentally deleted file when the database is still open.
On Unix/Linux, when a file is deleted, but a process still has the file open, the file is still there in the filesystem, and only the inode is removed. But the process can continue to use its file handle, and the file can also be accessible under /proc/<pid>/fd . In the following example, we use that behavior to recover a lost datafile after is has been dropped from the os (with rm) but the datafile is still open by the background processes. First, we create a tablespace, and populate a table in it. SQL> REM we create a tablespace: SQL> create tablespace TEST_RM datafile /var/tmp/test_rm.dbf size 10M; Tablespace created. SQL> REM we create a table in it: SQL> create table FRANCK tablespace test_rm as select * from dba_objects; Table created. SQL> REM we check that table data is accessible: SQL> select count(*) from FRANCK; COUNT(*) - 12708 SQL> exit Disconnected from Oracle Database 10g Express Edition Release 10.2.0.1.0 Production Then, we drop the datafile from unix prompt. here is the datafile ls -l /var/tmp/test_rm.dbf -rw-r 1 oracle dba 10493952 Mar 26 14:25 /var/tmp/test_rm.dbf we accidently drop the datafile rm /var/tmp/test_rm.dbf ls -l /var/tmp/test_rm.dbf ls: /var/tmp/test_rm.dbf: no such file or directory
Here the datafile is lost. Now we connect again. sqlplus / as sysdba Connected to: Oracle Database 10g Express Edition Release 10.2.0.1.0 Production SQL> REM and we check if table data is accessible: SQL> select count(*) from FRANCK; select * from franck * ERROR at line 1: ORA-01116: error in opening database file 5 ORA-01110: data file 5: /var/tmp/test_rm.dbf ORA-27041: unable to open file Linux Error: 2: No such file or directory Additional information: 3 The datafile is lost and data is not accessible. However, the datafile should still have an open file descriptor by an oracle background process we check the dbwriter pid: ps -edf | grep dbw oracle 2661 1 0 Mar25 ? 00:00:06 xe_dbw0_XE oracle 7044 7037 0 14:40 pts/1 00:00:00 /bin/bash -c ps -edf | grep dbw oracle 7046 7044 0 14:40 pts/1 00:00:00 grep dbw and we check its opened file descriptors for our file: ls -l /proc/2661/fd | grep test_rm lrwx 1 oracle dba 64 Mar 26 14:02 66 -> /var/tmp/test_rm.dbf (deleted) here it is: ls -l /proc/2661/fd/66 lrwx 1 oracle dba 64 Mar 26 14:02 /proc/2661/fd/66 -> /var/tmp/test_rm.dbf (deleted) In some other unix, lsof may be needed to map the file descriptor with the deleted file name first we set a symbolic link so that oracle can see it as it was before the delete: ln -s /proc/2661/fd/66 /var/tmp/test_rm.dbf here data is accessible, but that will be lost if dbwriter closes it file handle (i.e if the database is closed) However we can now set the tablespace read only so that it is checkpointed, and no writes occurs on it. SQL> alter tablespace TEST_RM read only; Tablespace altered. We can now copy the file safely. then we drop the symbolic link: rm /var/tmp/test_rm.dbf ls -l /var/tmp/test_rm.dbf ls: /var/tmp/test_rm.dbf: No such file or directory and we can now copy the file cp -p /proc/2661/fd/66 /var/tmp/test_rm.dbf ls -l /var/tmp/test_rm.dbf -rw-r 1 oracle dba 10493952 Mar 26 14:54 /var/tmp/test_rm.dbf And datafile is now available again. SQL> REM we have it back, lets put the tablespace back in read/write SQL> alter tablespace test_rm read write; Tablespace altered. SQL> REM and we check data is still there: SQL> select count(*) from FRANCK; COUNT(*) - 12708 This is not to be used like that in production. This is unsupported and may behave differently on different unix/linux or oracle versions.