Installing and Configuring Oracle Database 10g on the

Linux Platform
by Roger Schrag
Database Specialists, Inc.
About Database Specialists, Inc.
Database Specialists, Inc. provides remote DBA services and onsite database support for your mission
critical Oracle systems. Since 1995, we have been providing Oracle database consulting in Solaris, HPUX, Linux, AIX, and Windows environments. We are DBAs, speakers, educators, and authors. Our team
is continually recognized by Oracle, at national conferences and by leading trade publications. Learn
more about our remote DBA, database tuning, and consulting services. Or, call us at 415-344-0500 or
888-648-0500.

Introduction
This paper will walk you through the steps of installing Oracle Database 10g release 2 (Oracle
version 10.2.0) in a Linux environment. About 90% of the material presented here applies to
other platforms as well. Everything you read in this paper is hands on, roll-up-your-sleeves-andget-busy material for Oracle users who want to get an Oracle database up and running quickly
without reading hundreds of pages of documentation and readme files.
These steps are meant to get you up and running as fast as possible, while leveraging best
practices in order to set up a scalable, robust database environment that offers high performance.
In order to keep the steps reasonably simple this paper does not cover Real Application Clusters
(RAC), nor does it cover Oracle Internet Directory (OID), Automatic Storage Management
(ASM), or Grid Control.
In this paper we will install the 10.2.0.2 release of Oracle Database 10g. This is the base
distribution of Oracle Database 10g release 2 (10.2.0.1) with the 10.2.0.2 patch set applied on
top. Be sure to check Oracle Supports Metalink at http://metalink.oracle.com to see if a newer
patch set has been released since this paper was published. You will need a valid Customer
Service Identifier (CSI) number in order to access the Metalink website.
We ran our Oracle installations on Dell servers equipped with Intel Xeon and Pentium processors
running Red Hat Enterprise Linux ES release 4, update 2. Oracle Database 10g is supported on
other processor architectures and Linux distributions as well. Note that with Red Hat Enterprise
Linux, the ES and AS varieties are supported while WS is not.
There are four phases to getting Oracle up and running on your server:
1. Prepare the server
2. Install the Oracle software and latest patch set
3. Create a database
4. Complete the server configuration

We will walk through these phases one at a time, detailing all the steps involved. The end result
will be a very usable database that can be scaled up quite large, and an Oracle installation that
follows industry-recognized best practices. Of course, every implementation is unique, and you
will need to evaluate each step carefully against your particular requirements. However, this
paper will get you off to a very solid start.

Prepare the Server

These steps configure your database server so that it will be ready to accept the Oracle software
and database. In this section, we will make sure your server meets Oracles minimum
requirements, create a Linux user and group to own the software, and create some directories
that will be used by the Oracle software and database. All of the steps in this section are run as
the root user.
1. Make sure that your hardware platform (processor architecture) is certified by Oracle
Corporation for use with Oracle Database 10g release 2, and that you have acquired the
correct distribution of Oracle software for your hardware platform. As of May 2006, the
supported hardware platforms for Oracle on Linux are as follows:
Supported Hardware Platforms for Oracle Database 10g release 2
x86 (Intel and AMD processor chips that adhere to the x86 32-bit architecture)
x86-64 (AMD64/EM64T and Intel processor chips that adhere to the x86-64 architecture)
Itanium
IBM Power (Power 4+, 5, 5+, and PowerPC chip sets)
2. The following commands can be used to identify the processor architecture on your
database server:
3.
$ uname -m
4.
$ grep "model name" /proc/cpuinfo
5. Make sure that your Linux distribution is certified by Oracle Corporation for use with
Oracle Database 10g release 2. Note that certifications vary by hardware platform. As of
May 2006, the supported Linux distributions are as follows:
Supported Linux Distributions for Oracle Database 10g release 2
Red Hat Enterprise Linux AS/ES 4
Red Hat Enterprise Linux AS/ES 3 update 4 or later (x86, x86-64, and Itanium only)
SUSE Linux Enterprise Server 9.0 with SP2 or later
SUSE Linux Enterprise Server 8.0 with SP4 or later (Itanium only)
Asianux 2.0 (x86 only)
Asianux 1.0 (x86 only)
6. Be sure to check Oracle Supports Metalink for the latest certification information,
because it is quite possible that Oracle Database 10g realse 2 has been certified with
additional Linux distributions or hardware platforms since this paper was written.

7. On systems running Red Hat distributions of Linux, you can use the following command
to determine exactly which version and update of Red Hat you are using:
8.
$ cat /etc/redhat-release
9. Make sure that all of the required operating system packages have been installed on the
database server. Which packages and versions are required will vary depending on your
Linux distribution and hardware platform. The package version specified is typically a
minimum, meaning that newer versions of the package are usually acceptable.
Required Packages for Red Hat
Enterprise Linux 4
and Asianux 2.0 (x86 Hardware
Platform)

Required Packages for Red Hat

Enterprise Linux 3
and Asianux 1.0 (x86 Hardware
Platform)

binutils-2.15.92.0.2-13.EL4

make-3.79.1

compat-db-4.1.25-9

gcc-3.2.3-34

compat-libstdc++-296-2.96-132.7.2

glibc-2.3.2-95.20

compat-libstdc++-33-3.2.3-47.3

compat-db-4.0.14-5

control-center-2.8.0-12

compat-gcc-7.3-2.96.128

gcc-3.4.3-22.1.EL4

compat-gcc-c++-7.3-2.96.128

gcc-c++-3.4.3-22.1.EL44

compat-libstdc++-7.3-2.96.128

glibc-2.3.4-2.9

compat-libstdc++-devel-7.3-2.96.128

glibc-common-2.3.4-2.9

openmotif21-2.1.30-8

gnome-libs-1.4.1.2.90-44.1

setarch-1.3-1

libstdc++-3.4.3-22.1
libstdc++-devel-3.4.3-22.1
make-3.80-5
pdksh-5.2.14-30
sysstat-5.0.5-1
xscreensaver-4.18-5.rhel4.2
setarch-1.6-1
Required Packages for Red Hat
Enterprise Linux 4
(x86-64 Hardware Platform)

Required Packages for Red Hat

Enterprise Linux 3
(x86-64 Hardware Platform)

binutils-2.15.92.0.2-13

make-3.79.1-17

compat-db-4.1.25-9

compat-db 4.0.14-5.1

compat-libstdc++-33-3.2.3-47.3 (32 and

64-bit)

control-center-2.2.0.1-13

control-center-2.8.0-12

gcc-c++-3.2.3-47

gcc-3.2.3-47

gcc-3.4.3-9.EL4

gdb-6.1post-1.20040607.52

gcc-c++-3.4.3-9.EL4

glibc-2.3.2-95.30

glibc-2.3.4-2

glibc-common-2.3.2-95.30

glibc-common-2.3.4-2

glibc-devel-2.3.2-95.30

glibc-devel-2.3.4-2.9 (both 32 and 64 bit

required)

glibc-devel-2.3.2-95.20 (32 bit)

glibc-headers-2.3.4-2.9

compat-gcc-7.3-2.96.128

glibc-kernheaders-2.4-9.1.87

compat-gcc-c++-7.3-2.96.128

gnome-libs-1.4.1.2.90-44.1

compat-libstdc++-7.3-2.96.128

libaio-0.3.103-3 (both 32 and 64 bit

required)

compat-libstdc++-devel-7.3-2.96.128

libstdc++-3.4.3-9.EL4
libstdc++-devel-3.4.3-9.EL4
make-3.80-5
pdksh-5.2.14-30
sysstat-5.0.5-1
xscreensaver-4.18-5.rhel4.2

compat-db-4.0.14-5

gnome-libs-1.4.1.2.90-34.2 (32 bit)

libstdc++-3.2.3-47
libstdc++-devel-3.2.3-47
openmotif-2.2.3-3.RHEL3
sysstat-5.0.5-5.rhel3
setarch-1.3-1
libaio-0.3.96-3
libaio-devel-0.3.96-3

Required Packages for SUSE Linux Enterprise Server 9.0

(x86 and x86-64 Hardware Platforms)
binutils-2.15.90.0.1.1-32.5
gcc-3.3.3-43.24
gcc-c++-3.3.3-43.24
glibc-2.3.3-98.28
gnome-libs-1.4.1.7-671.1
libstdc++-3.3.3-43.24
libstdc++-devel-3.3.3-43.24
make-3.80-184.1
pdksh-5.2.14-780.1
sysstat-5.0.1-35.1
xscreensaver-4.16-2.6
12. You can use the following command to verify that a package has been installed:
13.
$ rpm -q <package name>
14. The following command will verify all of the packages required on Red Hat Enterprise
Linux 4 (x86) systems:

15.

$ rpm -q binutils compat-db compat-libstdc++-296 control-center

gcc \

16.
+-devel \

gcc-c++ glibc glibc-common gnome-libs libstdc++ libstdc+

17.
make pdksh sysstat xscreensaver setarch
18. If you are planning to install Red Hat Enterprise Linux 4 on an x86 or x86-64 server, you
will likely find that all of the necessary packages are loaded for you if you select
Customize during the package group selection phase of the Linux installation, followed
by choosing the Everything option.
19. Note that in some cases both the 32 bit and 64 bit architecture of an RPM are required.
You can verify that both have been installed with a command similar to the following:
20.

$ rpm -qa --queryformat "%{NAME}-%{VERSION}-%{RELEASE} (%

{ARCH})\n" | grep libaio

21. You will need to perform the Oracle installation from an X window environmentyou
cannot use a character mode environment such as an SSH or telnet session. There is a
facility for performing non-interactive installations (silent installs), but we wont be
covering that technique here. Your X environment can be the console on the database
server, but it does not need to be. You can also use a Windows X emulator like Cygwin. If
the database server is in a remote location, you can use SSH to securely forward X traffic
from the database server back to your desktop. You can also use VNC to install remotely.
We have run installations from a Windows desktop using both Cygwin and VNC and
have had no problems with either. Over slow networks, VNC seems to be faster than X.
22. Make sure that your hardware is sufficient. Youll need at least 1024 Mb RAM, a swap
space at least the size of physical memory (or 1.5 times the amount of physical memory if
you has 2 Gb or less of RAM) , and a bare minimum of 2.6 Gb of disk space. This will let
you perform a typical Enterprise or Standard Edition software installation from CD or
DVD and create a starter database. If you will be downloading the Oracle software from
Oracle Technology Network at http://www.oracle.com/technology, you will need about
1.4 Gb of additional disk space to download and unpack the Oracle software. A
production implementation typically requires more RAM and more disk space than the
minimums listed here. The following commands will allow you to check physical
memory and swap space:
23.

$ grep MemTotal /proc/meminfo

$ grep SwapTotal /proc/meminfo

24. The Oracle installer will need access to a directory with at least 400 Mb of free space for
writing temporary files during installation. Usually /tmp serves this purpose. If /tmp on
your database server has less than 400 Mb of free space, then you will need to locate
another directory with sufficient free space for use during the installation.
25. Make sure that the Linux kernel on the database server has parameters set sufficiently
high for Oracle. The Oracle architecture makes extensive use of shared memory segments
for sharing data among multiple processes and semaphores for handling locking. Many
operating systems, including Linux, do not by default offer sufficient shared memory or
semaphores for optimal Oracle performance. Thankfully, you can change kernel
parameters in Linux simply by editing the /etc/sysctl.conf file and rebooting the server.

The following script will show the current settings of the Linux kernel parameters
relevant to Oracle:
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.

K="/tmp/kernelparams$$"
/sbin/sysctl -a > $K 2> /dev/null
grep kernel.shm $K
echo "`grep sem $K | tr '\t' ' '` # semmsl semmns semopm semmni"
grep file-max $K
grep ip_local_port_range $K | tr '\t' ' '
grep rmem_default $K
grep rmem_max $K
grep wmem_default $K
grep wmem_max $K
rm -f $K

The following table shows the purpose of each of these kernel parameters and a
recommended setting to get you started:
Kernel
Parameter

Setting To Get
You Started

Purpose

shmmni

4096

Maximum number of shared memory segments

shmall

2097152

Maximum total shared memory (4 Kb pages)

shmmax

2147483648

Maximum size of a single shared memory segment

semmsl

250

Maximum number of semaphores per set

semmns

32000

Maximum number of semaphores

semopm

100

Maximum operations per semop call

semmni

128

Maximum number of semaphore sets

file-max

65536

Maximum number of open files

ip_local_port_range 1024 - 65000

Range of ports to use for client connections

rmem_default

1048576

Default TCP/IP receive window

rmem_max

1048576

Maximum TCP/IP receive window

wmem_default

262144

Maximum TCP/IP send window

wmem_max

262144

Maximum TCP/IP send window

These settings will be appropriate for most systems. If you decide to configure a very
large buffer cache or library cache for your database down the road, or if you choose to
run a large number of databases on one server, then you may need to increase the shmall
setting and possibly the shmmax setting as well. In addition, if you configure your
database to allow a large number of concurrent sessions without using Oracle's shared
server architecture, then you may need to increase the semmsl and semmns settings as
well.

Note that these recommended settings assume you have no other applications running on
the database server that use shared memory segments or semaphores. You can view
current shared memory and semaphore usage on your system with the following
command:
$ ipcs

In general, if your Linux kernel already has any of these parameters set larger than
recommended here, you should not reduce the settings. If you do change any kernel
parameter settings in /etc/sysctl.conf, then reboot the server so that the new settings will
take effect.
We added the following lines to the end of our /etc/sysctl.conf file:
# Kernel parameter settings for Oracle
kernel.shmmni = 4096
kernel.shmall = 2097152
kernel.shmmax = 2147483648
kernel.sem = 250 32000 100 128
net.ipv4.ip_local_port_range = 1024 65000
net.core.rmem_default = 1048576
net.core.rmem_max = 1048576
net.core.wmem_default = 262144
net.core.wmem_max = 262144

If you are using SUSE Linux, then you must run the following command before
rebooting the server to ensure that the /etc/sysctl.conf file will be read during reboot:
$ /sbin/chkconfig boot.sysctl on

36. Create a Linux group that will be used by the Oracle software owner. You can call it
anything you like, but the standard is oinstall. This group is often called the Oracle
Inventory group. If you will be installing Oracle on multiple servers on your network,
you might want to keep the groupid the same on all servers. You can create your oinstall
group with a command like:
$ /usr/sbin/groupadd -g 501 oinstall

37. Create a Linux group that will be used by Oracle database administrators. You can call it
anything you like, but the standard is dba. Anybody who logs onto the database server
with a Linux login that belongs to this group will be able to log onto all databases that run
from this Oracle software installation with DBA privileges. If you will be installing
Oracle on multiple servers on your network, you might want to keep the groupid the same
on all servers. You can create your dba group with a command like:
$ /usr/sbin/groupadd -g 502 dba

38. Create a Linux user that will be the Oracle software owner. You can call it anything you
like, but the standard is oracle. If you will be installing Oracle on multiple servers on
your network, you might want to keep the userid the same on all servers. Note that this
users home directory will not be the ORACLE_HOME or where the actual Oracle

software is installed; this users home directory should be in the same place as other
users home directories.
The Oracle software owner should have the oinstall group as the primary group and the
dba group as a secondary group. You can create your oracle user with commands like:
$ /usr/sbin/useradd -c 'Oracle software owner' -d /home/oracle \
-g oinstall -G dba -m -u 501 -s /bin/bash
oracle

$ passwd oracle

The useradd command shown here give your oracle user the Bash shell. You could just as
easily choose Korn or Bourne shell instead.
39. For larger systems, it will be necessary to increase limits that the shell imposes on the
oracle user for maximum number of open file descriptors and processes. Follow these
steps to increase the limits:
a. Add the following lines in the /etc/security/limits.conf file:
b.
c.
d.

oracle
oracle
oracle
oracle

soft
hard
soft
hard

nproc
nproc
nofile
nofile

2047
16384
1024
65536

e. Add the following lines to the /etc/pam.d/login file, if they are not already
present:
f.

session
session

required
required

/lib/security/pam_limits.so
pam_limits.so

g. Add the following lines in the /etc/profile file (or the /etc/profile.local file on
SUSE systems) if the oracle user uses the Bash, Korn or Bourne shell:
h.
i.
j.
k.
l.
m.
n.

if [ $USER = "oracle" ]; then

if [ $SHELL = "/bin/ksh" ]; then
ulimit -p 16384
ulimit -n 65536
else
ulimit -u 16384 -n 65536
fi
fi

o. If the oracle user uses the C shell, then add the following lines in the
/etc/csh.login file (or the /etc/csh.login.local file on SUSE systems):
p.
q.
r.

if ( $USER == "oracle" ) then

limit maxproc 16384
limit descriptors 65536
endif

40. Create mount points for the Oracle software and the Oracle database. Each mount point
should correspond to a separate physical device or set of devices. Youll need at least one
mount point. Typically you use one mount point for the Oracle software and one or more
mount points for each database. One common convention is to call the mount points /u01,
/u02, and so on. Because mount points are typically owned by root and the Oracle
installer will run as the oracle user and not as root, you should create some subdirectories
now to avoid permission problems later. Create an app/oracle subdirectory below the
software mount point, and oradata subdirectories below the mount points to be used for

database files. (You can put software and a database on the same mount point if you
wish.) Make these subdirectories owned by the oracle user and oinstall group, and give
them 775 permissions. You can use commands like:
41.
42.

$ mkdir /u01/app /u01/app/oracle /u01/oradata

$ chown oracle:oinstall /u01/app /u01/app/oracle /u01/oradata
$ chmod 775 /u01/app /u01/app/oracle /u01/oradata

43. If you downloaded the Oracle software Oracle Technology Network, then use unzip to
unpack the distribution. If you have the software on CD or DVD, then mount the Oracle
Database 10g release 2 media now.

Install the Oracle Software and Latest Patch Set

These steps install the Oracle software and latest patch set on your server. As of this writing,
Oracle release 10.2.0.1 is the only version of Oracle Database 10g release 2 available for
download from Oracle Technology Network or available on CD or DVD media. However, the
current patch set is 10.2.0.2. Therefore, we will install Oracle release 10.2.0.1 and apply patch set
10.2.0.2 on top of the installation. Before proceeding with the steps in this section, you should
check Oracle Technology Network (http://www.oracle.com/technology) and Oracle Supports
Metalink (http://metalink.oracle.com) to see if any newer releases and/or patch sets are available.
The Oracle Universal Installer will suggest creating a database at the same time that it installs the
Oracle software. It will be better to hold off on database creation until after the latest patch set
has been appliedthis will allow us to avoid having to patch the newly created database when
installing the patch set.
In this section, we will prepare the oracle users environment, run the Oracle Universal Installer
twice (once to install the base release and once to install the latest patch set), and tidy up a few
minor loose ends. All of the steps in this section, except where noted, are run as the oracle user.
1. Edit the oracle users login file on the database server so that the environment will be
configured automatically on login. If you are using Bash shell, then edit .bash_profile. If
you are using Bourne or Korn shell, then edit .profile. You can also use C shell and edit
.cshrc, but the syntax will be different from the examples you see here. For now, we will
hardcode certain things. But after we create a database, we will come back and eliminate
all hardcodings. Here is what we added to our .bash_profile for the install:
2.
umask 022
3.
#
4.
# Substitute your Oracle software mount point in the line below.
5.
export ORACLE_BASE=/u01/app/oracle
6.
#
7.
# Ensure that ORACLE_HOME and TNS_ADMIN are not set.
8.
unset ORACLE_HOME
9.
unset TNS_ADMIN
10.
#
11.
# If your /tmp directory has less than 400 Mb free, then edit
12.
# and uncomment the following three lines.

13.
14.
15.
16.
17.
18.

# TMP=/mount_point_with_400_mb_free
# TMPDIR=/same_mount_point
# export TMP TMPDIR
#
# The documentation does not mention how PATH should be set.
# The following PATH setting worked for us:
export PATH=/usr/local/bin:/bin:/usr/bin:/usr/X11R6/bin

19. Log out and log back in as the oracle user from an X window so that the environment is
set correctly. If you will be performing the installation from a PC or other workstation
instead of using the database servers console directly, you may wish to forward X
window traffic over an SSH connection. This offers increased security (in the case of a
public network) and convenience. If you will be performing the installation from a
Windows PC, you can use PuTTY to forward your X window traffic by selecting the
Enable X11 forwarding checkbox in PuTTYs SSH Tunnels configuration screen. As
an alternative to X, you may wish instead to start a VNC server on your database server
by running the following command as the oracle user:
$ /usr/bin/vncserver

With a VNC server running in this way, you can achieve an X environment by running a
VNC viewer on your desktop workstation. You can shut down the VNC server by running
the following command:
$ /usr/bin/vncserver -kill :1

20. Make sure your DISPLAY variable is set. If you are forwarding X window traffic over an
SSH connection, using VNC, or working from the servers console directly, the
DISPLAY variable should already be set for you. If your DISPLAY variable has not been
set already, then you will need to set it manually to the IP address of your X server plus
the X server and screen numbers. You can set your DISPLAY variable with a command
like:
$ export DISPLAY=myworkstation:0.0

21. If you had to set your DISPLAY variable manually in the previous step, then ensure that
the X server on your workstation will allow your database server to open windows on
your display. The easiest way to do this is to issue an xhost command from a session on
your workstation. (Dont get confused and issue the command in a window that is logged
onto your database server.) You can issue a command like:
$ xhost +mydatabaseserver

22. Ensure that the mount point you plan to use for the Oracle software has sufficient free
space. For a basic Enterprise Edition and patch set installation, allow 1.6 Gb for the
software mount point as a bare minimum. You will need more space if you plan to install
non-default options or components from the Oracle Database 10g Companion CD (or the
Companion area of the DVD).
23. Double check that you are logged in as oracle and not root, and that the environment
variables have been set by the login script you prepared earlier. Then change to your

home directory and start the Oracle Universal Installer with a command like one of the
following:
$ <full path to DVD>/database/runInstaller

or
$ <full path to CD>/runInstaller

Well walk through the installer prompts one at a time:

a. The Select Installation Method window appears. Choose Advanced Installation
and then click Next.
b. If the Specify Inventory Directory and Credentials window appears, verify that
the inventory directory is set to the oraInventory subdirectory of the directory
referenced by the ORACLE_BASE environment variable you set in the login
script. In the Operating System Group Name field, select the oinstall group. Click
Next. You won't see this window if you have previously installed Oracle software
on this database server.
c. The Select Installation Type window appears. We will perform a typical install
to get a basic set of Oracle software installed. You can rerun the installer again
later and choose Custom to install additional products individually. For now,
choose Standard Edition or Enterprise Edition. The Enterprise Edition of Oracle
Database 10g has some very sophisticated features missing from Standard
Edition, and the opportunity to purchase additional options that might be valuable
to a large enterprise. However, the Enterprise Edition is much more expensive
than Standard Edition. It is very important that you choose the edition that
matches your license, as this will be difficult to fix later. Click Next.
d. The Specify Home Details window appears. Oracle provides a suggested Name
and Path for the Oracle home (software installation) that is about to be created.
You can name this Oracle home anything you like. Beginning in Oracle Database
10g the standard for Oracle home location has changed to /<mountpoint>/app/oracle/product/10.2.0/db_<N>. The new component at the end, such as
db_1 or db_2, allows you to install multiple copies of the same Oracle version on
one server in a standardized way. Note that we will refer back to this path
frequently, calling it the Oracle home or simply $ORACLE_HOME. If you are
planning to go with the path suggestion provided by Oracle, make sure there isnt
an extra occurrence of the oracle component in the path. When you are satisfied
with the name and path for your Oracle home, click Next.
e. At this point Oracle performs a serries of prerequisite checks. If you performed all
of the preparation steps correctly, all checks should be successful and you can
simply click the Next button. If there are any problems, you can correct the
problem and click Retry, or click checkboxes in order to ignore specific warnings
or error messages.

f. If you have any existing Oracle databases on your server that are at a version prior
to what you are now installing, the installer will ask if you would like to run the
Database Upgrade Assistant at the end of the installation to migrate or upgrade
these older databases to the current version. Make your decision and click Next.
(We wont be covering the Database Upgrade Assistant here.)
g. The Select Configuration Options window appears. We could have Oracle create a
database at the same time the software is installed, but this would not be a good
idea because we would have to immediately patch the database when we install
the patch set. We will choose the Install database Software only option instead.
After we have applied the patch set, we will use the Database Configuration
Assistant to create a database. Click Next.
h. The Summary window appears. Review all of the selections you have made to
confirm they are correct. Click Install.
i. During the installation an Execute Configuration Scripts window will appear. The
installation will be paused at this point, waiting for you to run scripts as root. (The
first time you install Oracle software on the database server there will be two
scripts to run as root, while additional installations only require one script to be
run as root.) You should open another window, log in to the database server as
root, review the scripts to be run thoroughly, run the scripts, and click OK in the
Execute Configuration Scripts window.
j. The End of Installation window appears. URLs for iSQL*Plus will be displayed.
Note these URLs for future reference. Click Exit to exit the installer.
k. You can run the installer again and perform a custom installation to install any
individual products that did not get installed as part of the typical installation.
l. It is important to note that the default Enterprise Edition install loads certain extra
cost options, such as OLAP and table partitioning, onto your database server. If
you are not licensed to use these options, then you should deinstall them. To
deinstall products, restart the installer and click the Installed Products button on
the End of Installation or Select Installation Type window.
24. Some distributions of Oracle Database 10g release 2 install with file permissions that are
excessively strict for most applications. Setting file permissions as restrictively as
possible makes the system more secure, but this makes no sense if permissions are so
limiting that the system cannot be used properly. A patch is available to loosen the
permissions to a level that is still considered secure, yet allows users other than oracle to
connect to the database directly without having to use Oracle's network listener. To
determine if you need this patch, check the permissions on the $ORACLE_HOME
directory (the directory you specified as the path on the Specify Home Details screen of
the Oracle software installation). If the permissions are 755, then you do not need the
patch. If the permissions are 750, then you will need the patch if you want Linux users
logged into the database server to be able to access the database without having to

connect through Oracle's network listener. You can download and apply the patch as
follows:
a. Set the ORACLE_HOME environment variable to point to your Oracle home
with a command like:
$ export ORACLE_HOME=/u01/app/oracle/product/10.2.0/db_1

b. Create a subdirectory to hold the patch file as follows:

$ mkdir $ORACLE_HOME/patches

c. Download patch 4516865 from Oracle Supports Metalink

(http://metalink.oracle.com) for your correct platform, such as Linux x86, into the
patch directory created in the previous step.
d. Unpack the patch file as follows:
$ unzip p4516865_10201_LINUX.zip

e. Apply the patch with the following commands:

f.
$ cd 4516865
g.
$ PATH=$PATH:$ORACLE_HOME/OPatch
h.
$ opatch apply
i.
$ cd $ORACLE_HOME/install
j.
$ chmod u+x changePerm.sh
$ ./changePerm.sh

When running the changePerm.sh script, you will be asked if you wish to
continue. Press y and Enter.
k. The libclntsh.so.10.1 library apparently is missing from the list of files to be
adjusted by this patch, so adjust its permissions manually as follows:
$ chmod 755 $ORACLE_HOME/lib/libclntsh.so.10.1

25. At this point we are ready to patch the Oracle software installation with the latest
maintenance release available. Log onto Oracle Oracle Supports Metalink
(http://metalink.oracle.com) and download the latest patch set for Linux x86 or
whichever processor architecture your database server uses. As of this writing, release
10.2.0.2 (patch number 4547817) is the latest for Linux x86.
26. Use a command like the following to unpack the patch set:
$ unzip p4547817_10202_LINUX.zip

27. Set the ORACLE_HOME environment variable to point to your Oracle home with a
command like:
$ export ORACLE_HOME=/u01/app/oracle/product/10.2.0/db_1

28. Double check that you are logged in as oracle and not root, and that your DISPLAY
environment variable is still set correctly. Then change to the directory where you
unpacked the patch set and start the Oracle Universal Installer with these commands:
29.
$ cd <location of unpacked patch set>/Disk1
$ ./runInstaller

Once again, well walk through the installer prompts one at a time:
a. The Welcome window appears. Click Next.
b. The Specify Home Details window appears. Verify that the Name and Path fields
are set to the Oracle home where you just installed Oracle software in the
previous steps. Do not go with a different Name or Path, even if the installer has
defaulted these fields this way. Click Next.
c. The Summary window appears. Click Install.
d. During the installation an Execute Configuration Scripts window will appear.
Once again the installation will be paused at this point, waiting for you to run a
root.sh script as root. As before, the script can be found in the Oracle home
directory. You should open another window, log in to the database server as root,
and review the root.sh script thoroughly before running it. The script will
complain about three files already existing in /usr/local/bin. You can accept the
default action to not overwrite these files. Click OK in the Execute Configuration
Scripts window after running the script.
e. The End of Installation window appears. Click Exit to exit the installer.
30. In $ORACLE_HOME/bin (the bin directory under your Oracle home) you will find a
shell script called oraenv. This script can be called from .bash_profile or .profile to set up
a users environment automatically whenever they log onto the database server. We will
customize the oraenv script because there are a few variables that the script should set but
doesnt. Make a backup copy of the oraenv script and then edit it, adding the following
lines to the very end:
# Begin customizations
ORACLE_BASE=`dirname $ORACLE_HOME`
ORACLE_BASE=`dirname $ORACLE_BASE`
case "$ORACLE_BASE" in
*/product) ORACLE_BASE=`dirname $ORACLE_BASE` ;;
*)
;;
esac
DBA=$ORACLE_BASE/admin
# Substitute the locale and character set you plan to use for your
# database in the line below. Some common choices are:
#
NLS_LANG=american_america.WE8ISO8859P1 (Linux and Unix
default)
#
NLS_LANG=american_america.AL32UTF8
(Unicode 3.1)
#
NLS_LANG=american_america.UTF8
(Unicode 3.0)
#
NLS_LANG=american_america.WE8MSWIN1252 (Windows)
NLS_LANG=american_america.WE8ISO8859P1
export ORACLE_BASE DBA NLS_LANG
# End customizations

31. In the same directory youll also find a shell script called coraenv that can be called
from .cshrc. If you use C shell, you will want to back up and edit coraenv with similar
changes to the oraenv script.

32. The root.sh script copied oraenv and coraenv from $ORACLE_HOME/bin to the
/usr/local/bin directory. You just updated these scripts in $ORACLE_HOME/bin. Copy
the updated versions to the /usr/local/bin directory.

Create a Database
These steps create an Oracle database. Everybody will have different needs for their database,
but the steps here will yield a functional database that you can further tailor to your specific
needs. In this section we will use the Database Configuration Assistant to create a database,
adjust the database in order to better comply with industry-proven best practices, and configure
Oracle Net. All of the steps in this section are run as the oracle user.
1. Set up your environment the same way you did when you ran the Oracle Universal
Installer: Log in as the oracle user on the database server from an X window or VNC
session, set your DISPLAY variable appropriately, and make sure that your
ORACLE_BASE variable is set correctly based on your login file.
2. Set the ORACLE_HOME environment variable to point to your Oracle home with a
command like:
$ export ORACLE_HOME=/u01/app/oracle/product/10.2.0/db_1

3. Choose a name for your Oracle instance, up to eight characters long. The instance name
is easy to change at any time. However, you will want to keep the instance name the same
as the database name in order to avoid confusion. Changing the database name later is
possible, but not the easiest thing to do. So pick a name for the instance that you like. Set
the ORACLE_SID variable accordingly with a command like:
$ export ORACLE_SID=dev10ee

4. Launch the Database Configuration Assistant with the following commands:

5.
$ cd $ORACLE_HOME/bin
$ ./dbca

Well walk through the prompts one at a time:

a. The Welcome window appears. Click Next.
b. The Operations window appears. Choose Create a Database and click Next.
c. The Database Templates window appears. Here you choose a template (a set of
default specifications) for the database you wish to create. Oracle provides
templates called Data Warehouse, General Purpose, and Transaction
Processing. Oracle has pre-built data files available for these three templates,
meaning that database creation will go faster than if Oracle has to build the
database from scratch. You can also choose Custom and create your own
template. We will choose General Purpose here. Click Next.
d. The Database Identification window appears. Here you specify the global name
and the instance name (SID) for the database. It would be nice if these fields
defaulted from the ORACLE_SID environment variable, but this may or may not

happen. In the Global Database Name field, enter the database name you selected,
followed by a period and your domain name. For example,
dev10ee.dbspecialists.com. The SID field will fill in automatically from the
global name. Click Next.
e. The Management Options window appears. Here you indicate whether or not you
wish to have the Enterprise Manager tool configured. Grid Control is Oracles
enterprise-wide database management tool. This option will be grayed out if Grid
Control infrastructure has not already been established. Database Control is a
stand-alone management tool specifically configured to manage one database. If
Grid Control is not present, the defaults in this window will specify to configure
Database Control for this database. This will enable you to perform many
database management functions for this database from a web browser. You may
optionally configure Database Control to send you alerts via email and to back up
the database daily. It does not hurt to choose Database Control configuration at
this timeyou can always shut it down later. We will not be covering the
database backup feature here. Click Next.
f. The Database Credentials window appears. Every Oracle 10g database has
accounts called SYS, SYSTEM, DBSNMP, and SYSMAN. You must provide
passwords for each of these accounts, although you can choose to give all four the
same password. It is easy to change passwords later, and members of the dba
Linux group can access the database without a password and change passwords
for any database account. Enter the initial passwords for these accounts and click
Next.
g. The Storage Options window appears. The files that make up an Oracle database
can be stored on a regular file system, raw devices, or disks managed
automatically by Oracles Automatic Storage Management facility. We will not be
covering raw devices or ASM here, so select File System and click Next.
h. The Database File Locations window appears. Here you specify where on the file
system the files that make up the database should initially reside. It will be easy to
change file locations later, and database files can be spread over multiple
directories. The default option on this window is to use the file location specified
in the template. This is not a good idea as the location specified by the templates
goes against standard conventions. Instead you should select Use Common
Location for All Database Files and enter a mount point name followed by the
oradata subdirectory, such as /u01/oradata. The location you enter here should
match one of the directories you created in step 12 of the first section above. Click
Next.
i. The Recovery Configuration window appears. A solid backup and recovery plan
is absolutely necessary for any database that will hold data of any importance.
However, there are many options available and needs vary greatly from one
situation to the next. The flash recovery area is used by the Flashback database
feature and also by Enterprise Manager if you chose to configure automatic
database backups. Archiving, meanwhile, is necessary for databases that will be

backed up while they are open. Archiving can be enabled easily at a later time.
Since we are not covering backup and recovery strategies here, we will uncheck
both options and click Next.
j. The Database Content window appears. This window contains multiple tabs
where you may choose what data will be preloaded in the new database. Your
options here will vary depending on which Oracle software options you installed
and which database creation template you chose. Typically there will be no need
for you to specify any custom scripts, and preloading the sample schemas can be
helpful in a development database for seeing examples of various techniques.
Make your selections and click Next.
k. The Initialization Parameters window appears. Tabs in this window let you set
various initialization parameters, and a button lets you view and edit all
parameters in a tabular form. Click on the Character Sets tab and select the
character set for the database that matches the character set name you put into the
oraenv script in an earlier step. It is hard to change the character set of a database,
so make sure you are happy with your selection before proceeding. Initialization
parameters, on the other hand, are easily changed later. In this window, therefore,
you should make sure the character set is correct but not worry too much about
the other settings. (Setting the character sets is very different from setting
initialization parameters, so the fact that the Character Sets tab appears on a
window entitled Initialization Parameters may be confusing.) Click Next.
l. The Database Storage window appears. Here you can review and edit the details
of how the control files, online redo logs, data files, and tablespaces will be
created. If you are using one of the templates that was provided, you will not be
able to change very many settings. If you want to change the locations of some of
the database files, you can do that here or after the database has been created. The
default redo log size (10 Mb) is somewhat small, so you might want to change it.
Again, you can do that here or after the database has been created. When you are
satisfied with the settings, click Next.
m. The Creation Options window appears. You may choose to create the database
now, generate scripts to create the database later, and/or save the settings as a
template. Saving as a template allows you to create the database at a later time or
create many similar databases more easily. Make your selection and click Finish.
n. A Confirmation window appears. Review all of your selections and click OK.
o. A progress window appears and database creation proceeds.
p. When database creation is complete, a window will appear which indicates the
name of the database, the location of the parameter file, and the URL for
accessing Enterprise Manager. Note this URL for future reference. Depending on
what options you selected, additional accounts may have been created on the
database besides the basic SYS, SYSTEM, DBSNMP, and SYSMAN. All
additional accounts are now locked. You may click the Password Management

button to unlock these accounts and set passwords if you wish, but you should
only unlock an account if you have a specific reason for doing so. When you are
finished, click the Exit button to exit the Database Creation Assistant.
6. While logged onto the database server as the oracle user, run the following commands to
set environment variables so that you will be able to access the database easily (substitute
your Oracle instance name):
7.
8.

$ export ORACLE_SID=dev10ee
$ export ORAENV_ASK=NO
$ . /usr/local/bin/oraenv

9. If you would like to move any of the data files or online redo logs for this database to
another directory, use commands like the following:
10.
$ sqlplus /nolog
11.
SQL> CONNECT / AS SYSDBA
12.
SQL> SHUTDOWN IMMEDIATE
13.
SQL> STARTUP MOUNT
14.
SQL> HOST mv -i /u01/oradata/dev10ee/users01.dbf
15.
16.
17.
18.
19.
20.
21.
22.

/u02/oradata/dev10ee/users01.dbf
SQL> ALTER DATABASE RENAME FILE
2 '/u01/oradata/dev10ee/users01.dbf' TO
3 '/u02/oradata/dev10ee/users01.dbf';
SQL> HOST mv -i /u01/oradata/dev10ee/redo01.log
/u02/oradata/dev10ee/redo01.log
SQL> ALTER DATABASE RENAME FILE
2 '/u01/oradata/dev10ee/redo01.log' TO
3 '/u02/oradata/dev10ee/redo01.log';
SQL> ALTER DATABASE OPEN;
SQL> EXIT

Note that this procedure does not work for control files. Relocating database control files
will be covered in a later step.
23. In databases created with supplied templates, all data files have the auto-extend feature
turned on. This means that when a data file becomes full, it will automatically grow
larger as needed. The problem with this is that an application can get out of control and
fill up an entire disk partition. It also means that you need to manage your free space at
the operating system level. Many DBAs prefer to manage free space at the database level
by pre-allocating space to data files and not using the auto-extend feature. You may resize
data files and disable auto-extend with commands like:
24.
$ sqlplus /nolog
25.
SQL> CONNECT / AS SYSDBA
26.
SQL> ALTER DATABASE DATAFILE '/u01/oradata/dev10ee/system01.dbf'
27.
28.

AUTOEXTEND
SQL>
AUTOEXTEND
SQL>
AUTOEXTEND

OFF;
ALTER DATABASE DATAFILE '/u01/oradata/dev10ee/sysaux01.dbf'
OFF;
ALTER DATABASE DATAFILE '/u01/oradata/dev10ee/undotbs01.dbf'
OFF;

29.
30.
31.
32.
33.
34.

SQL> ALTER
AUTOEXTEND OFF;
SQL> ALTER
AUTOEXTEND OFF;
SQL> ALTER
AUTOEXTEND OFF;
SQL> ALTER
RESIZE 600m;
SQL> ALTER
RESIZE 300m;
SQL> ALTER
RESIZE 50m;
SQL> ALTER
RESIZE 50m;

DATABASE DATAFILE '/u01/oradata/dev10ee/example01.dbf'

DATABASE DATAFILE '/u01/oradata/dev10ee/users01.dbf'
DATABASE TEMPFILE '/u01/oradata/dev10ee/temp01.dbf'
DATABASE DATAFILE '/u01/oradata/dev10ee/system01.dbf'
DATABASE DATAFILE '/u01/oradata/dev10ee/sysaux01.dbf'
DATABASE DATAFILE '/u01/oradata/dev10ee/undotbs01.dbf'
DATABASE TEMPFILE '/u01/oradata/dev10ee/temp01.dbf'

35. Oracle uses a server parameter file or spfile to store the initialization parameters
settings that affect the instance. The default parameter settings provided by the Database
Configuration Assistant are not bad, but you may want to make some changes.
Unfortunately, you cannot edit the spfile. Instead, you must export the contents of the
spfile to a plain text file called a pfile. You can then edit the pfile and convert it back to
an spfile for use on your database. (This might sound confusing, but is actually pretty
straightforward.)
Shut down the database and export the contents of the spfile into a pfile that you can edit
with commands like:
$ sqlplus /nolog
SQL> CONNECT / AS SYSDBA
SQL> CREATE PFILE='/home/oracle/dev10ee-params.txt'
2 FROM SPFILE;
SQL> SHUTDOWN IMMEDIATE

36. Make a backup copy of the pfile you created in the previous step and edit the pfile to
change parameters as you wish, based on your needs and your servers capabilities. You
can always change parameters again in the future, so you are not locking yourself into
anything right now. Here is the pfile that we ended up with:
37.
*.audit_file_dest='/u01/app/oracle/admin/dev10ee/adump'
38.
*.background_dump_dest='/u01/app/oracle/admin/dev10ee/bdump'
39.
*.compatible='10.2.0.2.0'
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.

*.control_files='/u01/oradata/dev10ee/control01.ctl','/u01/oradata/
dev10ee/control02.ctl','/u01/oradata/dev10ee/control03.ctl'
*.core_dump_dest='/u01/app/oracle/admin/dev10ee/cdump'
*.db_block_size=8192
*.db_domain='dbspecialists.com'
*.db_file_multiblock_read_count=16
*.db_name='dev10ee'
*.job_queue_processes=10
*.open_cursors=300
*.os_authent_prefix=''

50.
51.
52.
53.
54.
55.

*.pga_aggregate_target=24m
*.processes=50
*.remote_login_passwordfile='EXCLUSIVE'
*.sga_target=240m
*.undo_management='AUTO'
*.undo_tablespace='UNDOTBS1'
*.user_dump_dest='/u01/app/oracle/admin/dev10ee/udump'

56. The database is created with three control files. The control file is a pretty small file that
contains crucial configuration and synchronization information that Oracle needs in order
to locate all the files that make up the database and keep them consistent. All three copies
of the control file are kept identical; whatever Oracle writes to one control file it also
writes to the other two. (Think of it like software mirroring.) It is a good idea to move at
least one of the control files to another location. With the database shut down, you can go
ahead and move the control files around as you wish. Be sure to change the control_files
entry in your pfile accordingly.
57. Remove the existing spfile that the Database Configuration Assistant created, and the
bogus pfile that it left behind, with the following commands:
58.

$ rm -i $ORACLE_HOME/dbs/spfile$ORACLE_SID.ora
$ rm -i $ORACLE_BASE/admin/$ORACLE_SID/pfile/init.ora*

59. Create a symbolic link from the location where Oracle looks for the spfile to the location
where you will actually maintain the spfile:
60.
$ ln -s $ORACLE_BASE/admin/$ORACLE_SID/pfile/spfile$ORACLE_SID.ora
\

$ORACLE_HOME/dbs/spfile$ORACLE_SID.ora

61. Now convert the pfile that you edited back into an spfile that Oracle can use with the
following commands:
62.
$ sqlplus /nolog
63.
SQL> CONNECT / AS SYSDBA
64.
SQL> CREATE SPFILE='$ORACLE_BASE/admin/
$ORACLE_SID/pfile/spfile$ORACLE_SID.ora'
2 FROM PFILE='/home/oracle/dev10ee-params.txt';

65. You are now ready to restart your database using your newly created spfile. Use the
following commands to start the database and view the parameters that are in effect.
These settings should match what you put in your pfile a few steps back:
66.
$ sqlplus /nolog
67.
SQL> CONNECT / AS SYSDBA
68.
SQL> STARTUP
69.
SQL> SET PAGESIZE 100
70.
SQL> SELECT
name, value, isdefault
71.
2 FROM
v$parameter
3

ORDER BY isdefault, name;

72. You can follow the above few steps at any time to make further changes to the
parameters. However, if you only have a few changes to make, there is a much easier way
than exporting the spfile into a pfile, editing the pfile, and converting back to an spfile.
You can simply:
73.
$ sqlplus /nolog

74.
75.

SQL> CONNECT / AS SYSDBA

SQL> ALTER SYSTEM SET parameter = value
2 SCOPE = SPFILE;

This will update the setting in your spfile, and the change will take effect the next time
you restart the instance. Many parameters are dynamic, meaning that you can change
them on the fly without restarting the instance. For dynamic parameters, you can omit the
SCOPE = line above and Oracle will change the parameter setting immediately and in the
spfile.
76. Oracle Net is the networking infrastructure that allows applications running on other
servers to access the database. The Oracle Net listener is a process that runs on the
database server and monitors a TCP port for requests to access the database. The Oracle
Net listener is configured by creating a file called listener.ora in the
$ORACLE_HOME/network/admin directory. In the
$ORACLE_HOME/network/admin/samples directory you will find an example
listener.ora file. Unfortunately, many Oracle security exploits involve the Oracle Net
listener, and therefore it is important that you configure it properly and securely. A
functional listener.ora file that uses operating system authentication for securing the
Oracle Net listener is as follows:
77.
#
78.
# Filename: listener.ora
79.
#
80.
LISTENER =
81.
(DESCRIPTION_LIST =
82.
(DESCRIPTION =
83.
(ADDRESS_LIST =
84.
(ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.1.16)(PORT =
1521))

85.
86.
87.
88.
89.
90.
91.
92.
93.
94.

)
)
)
SID_LIST_LISTENER =
(SID_LIST =
(SID_DESC =
(GLOBAL_DBNAME = dev10ee.dbspecialists.com)
(ORACLE_HOME = /u01/app/oracle/product/10.2.0/db_1)
(SID_NAME = dev10ee)
)
)

The permissions on the listener.ora file should be 640.

95. Start the Oracle Net listener with the following command:
$ lsnrctl start

96. The Oracle client libraries invoked by an application wishing to access the database read
configuration files called sqlnet.ora and tnsnames.ora in order to figure out how to find
the Oracle Net listener and what connection parameters should be used. In the same
directory where the sample listener.ora file is located, you will also find a sample
sqlnet.ora and tnsnames.ora. You should create a sqlnet.ora file and a tnsnames.ora file in
the same directory where you created your listener.ora file. Set the file permissions to
644. Copy these two files to all application servers or other machines that will access the
database. Functional sqlnet.ora and tnsnames.ora files are as follows:
97.
#
98.
# Filename: sqlnet.ora
99.
#
100.
NAMES.DEFAULT_DOMAIN = dbspecialists.com
101.
NAMES.DIRECTORY_PATH= (TNSNAMES)
102.
103.
#
104.
# Filename: tnsnames.ora
105.
#
106.
DEV10EE.DBSPECIALISTS.COM =
107.
(DESCRIPTION =
108.
(ADDRESS_LIST =
109.
(ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.1.16)(PORT =
1521))

110.
111.
112.
113.
)

)
(CONNECT_DATA =
(SERVICE_NAME = dev10ee.dbspecialists.com)
)

114.
You can verify that Oracle Net is configured correctly by attempting to access the
database from an application server or other remote server, or by using commands like
the following on the database server directly:
115.
$ sqlplus /nolog
116.
SQL> CONNECT system@dev10ee
Enter password: <Enter SYSTEM password>

117.
At this point you are ready to create tablespaceslogical groupings of data files
to hold your application data. You can put all of your data into one tablespace, or you
can separate data into multiple tablespaces based on object type, object size, permanence,
volatility, I/O volume, or any of a number of other criteria. In the past, choosing storage
parameters and allocation schemes for database objects was rather tedious. Now it is
quite simple because you can have Oracle do the space allocation and management
automatically and it will do a pretty good job. Here is a sample tablespace creation
statement for an application called Flex:
118.
CREATE TABLESPACE flex_data
119.
DATAFILE '/u02/oradata/dev10ee/flex_data01.dbf' SIZE 500m
SEGMENT SPACE MANAGEMENT AUTO;

120.
Create application roles if desired. Alternatively, you can use the default roles
CONNECT, RESOURCE, and DBA.

121.
Create your application accounts that will own the application schemas. Set the
default tablespace to one of your application tablespaces designated to hold tables. Assign
quotas on all of the application tablespaces where the account will need to be able to
create schema objects. (You can use the keyword UNLIMITED.) You should not set any
quota on the SYSTEM, SYSAUX, or TEMP tablespaces. Do not plan to create any
application objects in the SYS or SYSTEM schemas, or store any application objects in
the SYSTEM, SYSAUX, or TEMP tablespaces. Here is a sample application account
creation statement:
122.
123.

CREATE USER bob IDENTIFIED BY bob123

DEFAULT TABLESPACE flex_data
QUOTA UNLIMITED ON flex_data;

124.
Grant roles and/or system privileges to the application accounts. Note that if you
grant the RESOURCE role to an account, that account will also receive the UNLIMITED
TABLESPACE system privilege. This will let the account create objects in any
tablespace, regardless of quotas. Think very carefully before granting the DBA role or
allowing any accounts th have the UNLIMITED TABLESPACE privilege. Sample
statements to grant and revoke privileges are as follows:
125.
GRANT connect, resource TO bob;
REVOKE unlimited tablespace FROM bob;

126.
Review the overall security of your database. Oracle Corporation has published a
very detailed 25 page listing of recommended security checks. Download it from Oracle
Technology Network at
http://www.oracle.com/technology/deploy/security/pdf/twp_security_checklist_db_datab
ase.pdf. Another checklist, although not all of the recommendations seem appropriate, is
available at http://www.sans.org/score/checklists/Oracle_Database_Checklist.pdf.

Complete the Server Configuration

These steps complete the configuration of your server for smooth Oracle operation. In this
section we will change the oracle users login script to eliminate hardcoding, create individual
operating system accounts for each database user, and configure the server to start the database
and listeners automatically whenever the server is rebooted.
1. Edit the login file (.bash_profile or .profile) for the oracle user to eliminate hardcodings
and call the oraenv script to set the environment instead. The following will work with
Bash, Bourne, or Korn shell:
2.
3.
4.
5.

# Settings for Oracle environment

ORACLE_SID=dev10ee
# Put your instance name here
ORAENV_ASK=NO
export ORACLE_SID ORAENV_ASK
. oraenv

Note that this script assumes that the /usr/local/bin directory is on your path. Also, if you
use C shell then you should edit .cshrc and have it source coraenv.
6. Create separate Linux accounts for DBAs and database users who will log onto the
database server directly. You should only log in as oracle when installing or patching

software. The Linux accounts for DBAs should be members of the dba group, and other
users should not be members of the dba group. Give each of these accounts a login file
like oracles so that their environment initializes correctly when they log in.
7. Edit the /etc/oratab file to verify that the entry for your database is correct. Lines starting
with a pound sign are considered comments and are ignored. Each non-comment line
contains the name of one Oracle instance, its Oracle home, and a Y or N. A Y indicates
that the database should be started automatically on server reboot, and an N indicates that
it should not. The three fields should be separated by colons. A sample /etc/oratab file
looks like this:
8.
9.
10.
11.

#
# /etc/oratab
# ===========
#
dev10ee:/u01/app/oracle/product/10.2.0/db_1:Y

12. To make the database and listeners start up automatically when the server reboots and
shut down automatically when the server shuts down, youll need to create a dbora file
in /etc/init.d and either user the chkconfig command or manually link dbora to /etc/rc3.d
and /etc/rc0.d. Youll need to do this as the root user. First create a file called dbora in
/etc/init.d as follows:
13.
14.
15.

#
# chkconfig: 35 99 10
# description: Start and stop the Oracle database, listener, EM,
and iSQLPlus
16.
#
17.
ORA_HOME=/u01/app/oracle/product/10.2.0/db_1
18.
ORA_OWNER=oracle
19.
if [ ! -f $ORA_HOME/bin/dbstart ]
20.
then
21.
echo "Oracle startup: cannot start"
22.
exit
23.
fi
24.
case "$1" in
25.
'start') # Start the Oracle databases and listeners
26.
su - $ORA_OWNER -c "$ORA_HOME/bin/dbstart $ORA_HOME"
27.
su - $ORA_OWNER -c "$ORA_HOME/bin/emctl start
dbconsole"
28.
su - $ORA_OWNER -c "$ORA_HOME/bin/isqlplusctl start"
29.
touch /var/lock/subsys/dbora
30.
;;
31.
'stop') # Stop the Oracle databases and listeners
32.
su - $ORA_OWNER -c "$ORA_HOME/bin/isqlplusctl stop"
33.
su - $ORA_OWNER -c "$ORA_HOME/bin/emctl stop
dbconsole"
34.
su - $ORA_OWNER -c "$ORA_HOME/bin/dbshut $ORA_HOME"
35.
rm -f /var/lock/subsys/dbora
36.
;;
esac

Set the permissions on the dbora file to 700:

$ chmod 700 /etc/init.d/dbora

After creating the dbora file, you need to link it to /etc/rc3.d and /etc/rc0.d for startup and
shutdown. You may do this manually as follows:
$
$
$
$
$
$
$

ln
ln
ln
ln
ln
ln
ln

-s
-s
-s
-s
-s
-s
-s

/etc/init.d/dbora
/etc/init.d/dbora
/etc/init.d/dbora
/etc/init.d/dbora
/etc/init.d/dbora
/etc/init.d/dbora
/etc/init.d/dbora

/etc/rc3.d/S99dbora
/etc/rc5.d/S99dbora
/etc/rc0.d/K10dbora
/etc/rc1.d/K10dbora
/etc/rc2.d/K10dbora
/etc/rc4.d/K10dbora
/etc/rc6.d/K10dbora

Alternatively, you may use the chkconfig command to create the links as follows:
$ cd /etc/init.d
$ /sbin/chkconfig --add dbora

Conclusion
This paper walks you through the intricate details of getting Oracle Database 10g release 2 up
and running on a database server running Linux. It may look complicated, but thats only
because this paper goes down to a nitty-gritty level of detail.
Please keep in mind, though, that the requirements are different for every Oracle implementation.
We are extremely confident that if you follow these steps to install Oracle Database 10g release 2
(Oracle version 10.2.0) on a server with Red Hat Enterprise Linux and an x86 hardware
platform, the process will go very smoothly for you. Things should go nearly as smoothly if you
use another Linux distribution certified by Oracle or another hardware platform such as x86-64.
However, no single document can address every specific hardware configuration and every set of
business needs. Please use this paper as a starting point to get Oracle up and running in your
shop. To get the best performance and scalability, each system needs to be considered
individually.

About the Author

Roger Schrag has been an Oracle DBA and application architect for over fifteen years. He started
out at Oracle Corporation on the Oracle Financials development team and moved into the roles
of production DBA and database architect at various companies in the San Francisco Bay Area.
Roger is a frequent speaker at Oracle Open World and the IOUG Live! conferences. He is also
Director of Conference Programming for the Northern California Oracle Users Group. In 1995,
Roger founded Database Specialists, Inc. which provides remote DBA services and onsite
database support for mission critical Oracle systems.