11gR2 rac中用户角色分离及常见oracle bin程序及ASM磁盘权限问题汇总

前端之家收集整理的这篇文章主要介绍了11gR2 rac中用户角色分离及常见oracle bin程序及ASM磁盘权限问题汇总前端之家小编觉得挺不错的,现在分享给大家,也给大家做个参考。

1. 11gR2 RAC 角色分离信息

11gR2中安装oracle 集群件和数据库软件中的一些group进行简单的介绍。
oinstall : 这个group是GI 和RDBMS软件的拥有者。
dba : 这个group是数据库的dba group,对数据库具有最高权限。
asmdba : 这个group是asm实例的dba group,可以启动/关闭实例,挂载/卸载asm 磁盘组。
asmadmin: 这个group是asm的管理员group,它包含asmdba的全部权限,同时还可以增加/删除 asm 磁盘,磁盘组等。

2. ASM共享磁盘及orale/grid用户及GI_HOME/RDBMS_HOME bin目录的oracle程序正确权限

------------GI及RDBMS软件安装完成,未DBCA创建数据库时的权限:
[root@bys1 ~]# su - oracle
[oracle@bys1 ~]$ cd $ORACLE_HOME/bin
[oracle@bys1 bin]$ ls -al oracle --RDBMS_HOME的
-rwsr-s--x 1 oracle oinstall 239626665 Nov 9 21:31 oracle
[grid@bys1 ~]$ cd $ORACLE_HOME/bin
[grid@bys1 bin]$ ls -al oracle --GRID_HOME的
-rwsr-s--x 1 grid oinstall 209914471 Nov 9 19:07 oracle
[grid@bys1 bin]$ crsctl query crs activeversion
Oracle Clusterware active version on the cluster is [11.2.0.4.0]

------------DBCA创建数据库后的正确权限示例, 即正常的权限
[oracle@bys1 bin]$ ls -al oracle
-rwsr-s--x 1 oracle asmadmin 239626665 Nov 9 21:31 oracle

[grid@bys1 ~]$ cd $ORACLE_HOME/bin
[grid@bys1 bin]$ ls -al oracle
-rwsr-s--x 1 grid oinstall 209914471 Nov 9 19:07 oracle
[grid@bys1 bin]$ id oracle
uid=502(oracle) gid=501(oinstall) groups=501(oinstall),502(dba),506(asmdba)
[grid@bys1 bin]$ id grid
uid=501(grid) gid=501(oinstall) groups=501(oinstall),504(asmadmin),506(asmdba),507(asmoper)


3.RAC中常见的因GI/RDBMS HOME中oracle程序权限或者ASM使用的磁盘权限有问题引起的问题汇总:


3.1 sqlplus登陆时报错:ORA-12547: TNS:lost contact

在RAC中常见的还有oracle程序的权限不对,
ORA-12547 Errors
The error ORA-12547 indicates that the communication channel has been broken. It's most often thrown because the other end of the process went away unexpectedly.

参考MOS文档:
Note 1307075.1 Oracle Database Fails to Start with Error ORA-12547
Note 381566.1 connect / as sysdba Fails with Ora-12547 And Tns-12514
ORA-12537 / ORA-12547 or TNS-12518 if Listener (including SCAN Listener) and Database are Owned by Different OS User (文档 ID 1069517.1)
Note 744512.1 Ora-12547: Tns:Lost Contact Creating Database After Clean Installation
导致 Scan VIP 和 Scan Listener(监听程序)出现故障的最常见的 5 个问题 (文档 ID 1602038.1)

3.2 安装完GI与RDBMS软件,未使用DBCA创建数据库。使用手动恢复数据库方法,此时rdmbs_home下oracle程序权限问题引发的错误

RMAN> restore controlfile from '/home/oracle/fulldb_SCTTEST_900418795_84';

Starting restore at 06-JAN-16
using target database control file instead of recovery catalog
allocated channel: ORA_DISK_1
channel ORA_DISK_1: SID=98 instance=scttest1 device type=DISK

channel ORA_DISK_1: restoring control file
RMAN-00571: ===========================================================
RMAN-00569: =============== ERROR MESSAGE STACK FOLLOWS ===============
RMAN-00571: ===========================================================
RMAN-03002: failure of restore command at 01/06/2016 13:20:29
ORA-19870: error while restoring backup piece /home/oracle/fulldb_SCTTEST_900418795_84
ORA-19504: Failed to create file "+DATA/scttest/controlfile/control01.ctl"
ORA-17502: ksfdcre:3 Failed to create file +DATA/scttest/controlfile/control01.ctl
ORA-15001: diskgroup "DATA" does not exist or is not mounted
ORA-15055: unable to connect to ASM instance
ORA-01034: ORACLE not available
ORA-27123: unable to attach to shared memory segment
其它类似报错类型:
sql> create spfile='+DATA/jdedb/spfilejdedb1.ora' from pfile;
create spfile='+DATA/jdedb/spfilejdedb1.ora' from pfile
*
ERROR at line 1:
ORA-17502: ksfdcre:4 Failed to create file +DATA/jdedb/spfilejdedb1.ora
ORA-15001: diskgroup "DATA" does not exist or is not mounted
ORA-15040: diskgroup is incomplete

查看alert日志:
Mon Nov 07 14:12:19 2016
Decreasing number of real time LMS from 2 to 0
Mon Nov 07 14:17:50 2016
ORA-15025: could not open disk "/dev/raw/raw2"
ORA-27041: unable to open file
Linux-x86_64 Error: 13: Permission denied
Additional information: 9
Mon Nov 07 14:17:50 2016
SUCCESS: diskgroup DATA was dismounted
ERROR: diskgroup DATA was not mounted

3.3 ASM使用的磁盘权限问题导致的报错

11.2.0.3中报错信息如下:
ORA-15045:ASM file name '+DATA1' is not in reference form
ORA-17502:ksfdcre:5 Failed to create file +DATA1
ORA-15081:Failed to submit an I/0 operation to a disk;

[oracle@bys1 bin]$ ls -al /dev/sdc /dev/sdd --这可以看到只有GRID用户可读写,要修改
brw-r----- 1 grid asmadmin 8,32 Apr 11 19:24 /dev/sdc

4.LINUX “suid”和“sgid”权限简介

Linux 权限模型有两个专门的位,叫做“suid”和“sgid”。当设置了一个可执行程序的“suid”这一位时,它将代表可执行文件的所有者运行,而不是代表启动程序的人运行。
关于6751权限的说明:
6751分别指定了ugoa的权限:
第一位6是suid+sgid权限
第二位7代表g(组)有读、写、执行权限
第三位5代表o(其它用户)有读、执行权限
第四位1代表a(所有者、组、其它用户)有执行权限

详细可以参考其它BLOG:

http://www.cnblogs.com/snake-hand/p/3161511.html

http://blog.csdn.net/xiaocainiaoshangxiao/article/details/17378611

----------------------------本文内容参考MOS文档: Oracle Database Fails to Start with Error ORA-12547 (文档 ID 1307075.1) "Connected to an Idle Instance" Message when Connecting Bequeath to a Running Instance (文档 ID 435044.1) Troubleshooting when srvctl can't start RAC instance,but sqlplus can start it (文档 ID 844272.1) 10gR2 Database Creation Fails with 11gR2 ASM storage: ORA-15045,ORA-17502,ORA-15081 [ID 1384180.1] Database Creation on 11.2 Grid Infrastructure with Role Separation ( ORA-15025,KFSG-00312,ORA-15081 ) (文档 ID 1084186.1) ORA-00600 [kfioTranslateIO03] [17090] (Doc ID 1336846.1) ORA-15183 Unable to Create Database on Server using 11.2 ASM and Grid Infrastructure (文档 ID 1054033.1) Startup Instance Failed with ORA-27140 ORA-27300 ORA-27301 ORA-27302 and ORA-27303 on skgpwinit6 (文档 ID 1274030.1) https://blogs.oracle.com/Database4CN/entry/%E4%BB%BB%E5%8A%A1%E8%A7%92%E8%89%B2%E5%88%86%E7%A6%BB_job_role_separation_%E7%AE%80%E4%BB%8B 原文链接:https://www.f2er.com/oracle/211854.html

猜你在找的Oracle相关文章