Oracle Linux Configuration for Database Installation
Version 18.1.0.0.0

General Information
Library Note Morgan's Library Page Header
"We don't live in a dictatorship or a monarchy. I swore an oath in the military and in the Senate to preserve, protect and defend the Constitution of the United States, not to mindlessly cater to the whims of Cadet Bone Spurs and clap when he demands I clap,"
~ Sen. Tammy Duckworth
Purpose This page is a work in progress so do not be surprised by missing information. It will be filled in as I get more time.

The ORACLE_BASE and ORACLE_HOME file system and directories were provisioned using the REST API within Oracle Cloud Infrastructure (OCI) and the REST API part of the deployment is not included on this page which focuses on running dbca.
 
Linux Configuration
/etc/ntp.conf [oracle@db18c-ee-hp etc]$ more ntp.conf
# For more information about this file, see the man pages
# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).

driftfile /var/lib/ntp/drift

# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery

# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
restrict -6 ::1

# Hosts on local network are less restricted.
#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap

# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
server 0.rhel.pool.ntp.org iburst
server 1.rhel.pool.ntp.org iburst
server 2.rhel.pool.ntp.org iburst
server 3.rhel.pool.ntp.org iburst

#broadcast 192.168.1.255 autokey # broadcast server
#broadcastclient # broadcast client
#broadcast 224.0.1.1 autokey # multicast server
#multicastclient 224.0.1.1 # multicast client
#manycastserver 239.255.254.254 # manycast server
#manycastclient 239.255.254.254 autokey # manycast client

# Enable public key cryptography.
#crypto

includefile /etc/ntp/crypto/pw

# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography.
keys /etc/ntp/keys

# Specify the key identifiers which are trusted.
#trustedkey 4 8 42

# Specify the key identifier to use with the ntpdc utility.
#requestkey 8

# Specify the key identifier to use with the ntpq utility.
#controlkey 8

# Enable writing of statistics records.
#statistics clockstats cryptostats loopstats peerstats

# Disable the monitoring facility to prevent amplification attacks using ntpdc
# monlist command when default restrict does not include the noquery flag. See
# CVE-2013-5211 for more details.
# Note: Monitoring will not be disabled with the limited restriction flag.
disable monitor
/etc/oratab [oracle@db18c-ee-hp etc]$ more oratab
#
# This file is used by ORACLE utilities. It is created by root.sh
# and updated by either Database Configuration Assistant while creating
# a database or ASM Configuration Assistant while creating ASM instance.

# A colon, ':', is used as the field terminator. A new line terminates
# the entry. Lines beginning with a pound sign, '#', are comments.
#
# Entries are of the form:
# $ORACLE_SID:$ORACLE_HOME:<N|Y>:
#
# The first and second fields are the system identifier and home
# directory of the database respectively. The third field indicates
# to the dbstart utility that the database should , "Y", or should not,
# "N", be brought up at system boot time.
#
# Multiple entries with the same $ORACLE_SID are not allowed.
#
orcl:/u01/app/oracle/product/18.0.0/dbhome_1:Y
orabase:/u01/app/oracle/product/18.0.0/dbhome_1:N
/etc/profile [oracle@db18c-ee-hp etc]$ more profile
# /etc/profile

# System wide environment and startup programs, for login setup
# Functions and aliases go in /etc/bashrc

# It's NOT a good idea to change this file unless you know what you
# are doing. It's much better to create a custom.sh shell script in
# /etc/profile.d/ to make custom changes to your environment, as this
# will prevent the need for merging in future updates.

pathmunge () {
    case ":${PATH}:" in
        *:"$1":*)
            ;;
        *)
            if [ "$2" = "after" ] ; then
                PATH=$PATH:$1
            else
                PATH=$1:$PATH
            fi
    esac
}

if [ -x /usr/bin/id ]; then
    if [ -z "$EUID" ]; then
        # ksh workaround
        EUID=`id -u`
        UID=`id -ru`
    fi
    USER="`id -un`"
    LOGNAME=$USER
    MAIL="/var/spool/mail/$USER"
fi

# Path manipulation
if [ "$EUID" = "0" ]; then
    pathmunge /sbin
    pathmunge /usr/sbin
    pathmunge /usr/local/sbin
else
    pathmunge /usr/local/sbin after
    pathmunge /usr/sbin after
    pathmunge /sbin after
fi

HOSTNAME=`/bin/hostname 2>/dev/null`
HISTSIZE=1000
if [ "$HISTCONTROL" = "ignorespace" ] ; then
    export HISTCONTROL=ignoreboth
else
    export HISTCONTROL=ignoredups
fi

export PATH USER LOGNAME MAIL HOSTNAME HISTSIZE HISTCONTROL

# By default, we want umask to get set. This sets it for login shell
# Current threshold for system reserved uid/gids is 200
# You could check uidgid reservation validity in
# /usr/share/doc/setup-*/uidgid file
if [ $UID -gt 199 ] && [ "`id -gn`" = "`id -un`" ]; then
    umask 002
else
    umask 077
fi

for i in /etc/profile.d/*.sh ; do
    if [ -r "$i" ]; then
        if [ "${-#*i}" != "$-" ]; then
            . "$i"
        else
            . "$i" >/dev/null 2>&1
        fi
    fi
done

unset i
unset -f pathmunge
/etc/resolv.conf [oracle@db18c-ee-hp etc]$ more resolv.conf
; generated by /sbin/dhclient-script
search compute-a430291.oraclecloud.internal. compute-a430291.oraclecloud.internal.
nameserver 10.196.161.153
/etc/sysctl.conf [oracle@db18c-ee-hp etc]$ more sysctl.conf
# Kernel sysctl configuration file for Red Hat Linux
#
# For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and
# sysctl.conf(5) for more details.
#
# Use '/sbin/sysctl -a' to list all possible parameters.

# Controls IP packet forwarding
net.ipv4.ip_forward = 0

# Controls source route verification

# Do not accept source routing
net.ipv4.conf.default.accept_source_route = 0

# Controls the System Request debugging functionality of the kernel
kernel.sysrq = 0

# Controls whether core dumps will append the PID to the core filename.
# Useful for debugging multi-threaded applications.
kernel.core_uses_pid = 1

# Controls the use of TCP syncookies
net.ipv4.tcp_syncookies = 1

# Controls the default maxmimum size of a mesage queue
kernel.msgmnb = 65536

# Controls the maximum size of a message, in bytes
kernel.msgmax = 65536

# Controls the maximum shared segment size, in bytes

# Controls the maximum number of shared memory segments, in pages
kernel.panic = 1

xen.independent_wallclock = 1

net.ipv4.tcp_limit_output_bytes = 262144

# oracle-database-server-12cR2-preinstall setting for fs.file-max is 6815744
fs.file-max = 6815744

# oracle-database-server-12cR2-preinstall setting for kernel.sem is '250 32000 100 128'
kernel.sem = 250 32000 100 128

# oracle-database-server-12cR2-preinstall setting for kernel.shmmni is 4096
kernel.shmmni = 4096

# oracle-database-server-12cR2-preinstall setting for kernel.shmall is 1073741824 on x86_64
kernel.shmall = 4294967296

# oracle-database-server-12cR2-preinstall setting for kernel.shmmax is 4398046511104 on x86_64
kernel.shmmax = 4398046511104

# oracle-database-server-12cR2-preinstall setting for kernel.panic_on_oops is 1 per Orabug 19212317
kernel.panic_on_oops = 1

# oracle-database-server-12cR2-preinstall setting for net.core.rmem_default is 262144
net.core.rmem_default = 262144

# oracle-database-server-12cR2-preinstall setting for net.core.rmem_max is 4194304
net.core.rmem_max = 4194304

# oracle-database-server-12cR2-preinstall setting for net.core.wmem_default is 262144
net.core.wmem_default = 262144

# oracle-database-server-12cR2-preinstall setting for net.core.wmem_max is 1048576
net.core.wmem_max = 1048576

# oracle-database-server-12cR2-preinstall setting for net.ipv4.conf.all.rp_filter is 2
net.ipv4.conf.all.rp_filter = 2

# oracle-database-server-12cR2-preinstall setting for net.ipv4.conf.default.rp_filter is 2
net.ipv4.conf.default.rp_filter = 2

# oracle-database-server-12cR2-preinstall setting for fs.aio-max-nr is 1048576
fs.aio-max-nr = 1048576

# oracle-database-server-12cR2-preinstall setting for net.ipv4.ip_local_port_range is 9000 65500
net.ipv4.ip_local_port_range = 9000 65500

vm.nr_hugepages = 1455

net.ipv4.conf.all.accept_redirects = 0
net.ipv6.conf.all.accept_redirects = 0
net.ipv4.conf.all.send_redirects = 0
groups [oracle@db18c-ee-hp /]$ cut -d: -f1 /etc/group
root
bin
daemon
sys
adm
tty
disk
lp
mem
kmem
wheel
mail
uucp
man
games
gopher
video
dip
ftp
lock
audio
nobody
users
utmp
utempter
floppy
vcsa
cdrom
tape
dialout
ntp
sshd
saslauth
mailnull
smmsp
ADMINS
opc
dbus
haldaemon
named
rpc
rpcuser

nfsnobody
oinstall
dba
users [oracle@db18c-ee-hp /]$ cut -d: -f1 /etc/passwd
root
bin
daemon
adm
lp
sync
shutdown
halt
mail
uucp
operator
games
gopher
ftp
nobody
vcsa
ntp
sshd
saslauth
mailnull
smmsp
opc
dbus
haldaemon
named
rpc
rpcuser
nfsnobody
oracle
NUMA configuration

The environment presented to the database is non-NUMA as shown at right: Onl a single node
[oracle@db18c-ee-hp etc]$ numactl --hardware
available: 1 nodes (0)
node 0 cpus: 0 1 2 3 4 5 6 7
node 0 size: 30157 MB
node 0 free: 7435 MB
node distances:
node 0
0: 10

[oracle@db18c-ee-hp etc]$ numactl --show
policy: default
preferred node: current
physcpubind: 0 1 2 3 4 5 6 7
cpubind: 0
nodebind: 0
membind: 0
[oracle@db18c-ee-hp etc]$
 
DBCA Installation
Step 1: Select "Create a database" ... [Click Next]
Step 2: Select "Advanced configuration" ... [Click Next]

Using the "Typical configuration" option hides too many choices to be of value.
Step 3: Select "General Purpose or Transaction Processing" ... then [Click Next]
Step 4:
  • Provide a unique Global database name. In this example "orabase". The balance of the entry is the host name in the Oracle Cloud
  • Be sure you are creating a Container database. There is no value going-forward in the legacy architecture
  • Local Undo for PDBs means that the PDB will have its own private Undo tablespace
  • You can certainly provision more than 1 PDB with dbca but remember that multiple PDBs requires having the Multitenant license from Oracle
  • [Click Next]
Step 5: Select "Use template" in the OCI cloud ... then [Click Next]
Step 6:
  • Select "Specify Fast Recovery Area" so that the FRA is created
  • Select "Enable archiving" if you plan on performing backups and may need to do a recovery. Leave "Enable archiving" unchecked if the database will only be used as a sandbox and contains nothing requiring restoration and/or recovery.
  • [Click Next]
Step 7:
  • If a listener was created during OCI provision accept it
  • If a listener was not created create a new listener named LISTENER
  • Use a port number between 1521 and 1526 if creating a new listener
  • [Click Next]
Step 8:
  • We chose to install Database Vault so we could kick the tires in 18c but you do not need to do so to learn to work with the new database version
  • Note that the Vault owner and Account manager usernames and passwords are simplistic. In a production environment, with real data to protect, use names that are not obvious and passwords that are both long and complex
  • Also note that the Database Vault users are going to show up in the PDBs, not just in CDB$ROOT so they must be name appropriately with the c## prefix
  • [Click Next]
Step 9: Tab 1
  • Select "Use Automatic Shared Memory Management": This is the 10g and 12c ASSM memory management which is operationally superior to either manual management and AMM
  • Accept the default values populated by dbca until you stand up your database and have a chance to poke around and learn about your OCI environment
  • [Click Next]
Step 9: Tab 2
  • Select "Use Automatic Shared Memory Management": This is the 10g and 12c ASSM memory management which is operationally superior to either manual management and AMM
  • Accept the default values populated by dbca until you stand up your database and have a chance to poke around and learn about your OCI environment
  • [Click Next]
Step 9: Tab 3
  • Select "Use Automatic Shared Memory Management": This is the 10g and 12c ASSM memory management which is operationally superior to either manual management and AMM
  • Accept the default values populated by dbca until you stand up your database and have a chance to poke around and learn about your OCI environment
  • [Click Next]
Step 9: Tab 4
  • Select "Dedicated server mode"
  • [Click Next]
Step 9: Tab 5
  • Select "Add sample schemas to the database"
  • This will not be all of the sample schemas from previous version. Get the additional sample schemas, if you want them, from GitHub
  • [Click Next]
Step 10: This is optional ... SELECT EM Database Express to configure the management tool and have it available for your work. Configure EM Cloud Control if you have Oracle Enterprise Manager with a repository already deployed ... then [Click Next]
Step 11: In a non-teaching environment always set up separate, complex, passwords for each of the three administrative users. I chose the same simple password for all 3 because this instance will be used for internal training only ... then [Click Next]
Step 12:
  • Select "Create Database"
  • a Post DB creation script is a script you have written that performs actions such as performing some ALTER SYSTEM commands to change initialization files. If you do not have one ignore this option
  • Always save a database template but be sure to rename it so that it corresponds with the name of the database you are creating. This template is part of your configuration management documentation
  • Always generate a database creation script and save it as part of your configuration management documentation
  • It is a good practice to change initialization parameters but we recommend doing so following database creation using a script that is part of your configuration management documentation. The next slide shows the interface if you choose to change a parameter within dbca
  • [Click Next]
Step 12 Initialization Parameters:
  • Press the "All Initialization Parameters" button
  • The dialog box shown will, by default, allow changing the basic parameters
  • Click the "Show advanced parameters" checkbox and you will be able to alter all non-underscore parameters
  • In the example at right the undo_retention parameter has been altered from the default (and near useless) 900 seconds to 43,200 seconds which is sufficient time to find an issue and perform a flashback transaction
  • [Click Close] and your changes will be automatically saved
Step 13:
  • [Click Save Response File]
Step 13 Save Response:
  • Accept the default location or navigate to a directory where you want to save the response file
  • The response file should be part of your Change Management documentation
  • [Click Save] to save the response file
  • [Click Finish]
Step 14:
  • Do absolutely nothing ... be patient ... but if you feel the overwhelming urge to do something [Click Details]
Step 14:
  • Again be patient ... enjoy the more rapidly moving display
  • When installation is complete, or you get bored, [Click Close]
Step 15:
  • [Click Password Management]
Step 15:
  • You can optionally unlock accounts in CDB$ROOT and enter passwords but our recommendation, just as with changing initialization parameters is that you just [Click Close] and change the account status and passwords using a script that is part of your configuration management (taking care that this document is not in a place where it could become the source of a database compromise)
  • [Click OK] to save any account changes
  • [Click Close] to complete the installation
 
SQL*NET Configuration
sqlnet.ora [oracle@db18c-ee-hp admin]$ more sqlnet.ora
SQLNET.ENCRYPTION_SERVER = required

SQLNET.CRYPTO_CHECKSUM_TYPES_SERVER = (SHA1)

SQLNET.CRYPTO_CHECKSUM_SERVER = required

ENCRYPTION_WALLET_LOCATION = (SOURCE=(METHOD=FILE)(METHOD_DATA=(DIRECTORY=/u01/app/oracle/admin/orcl/tde_wallet)))

SQLNET.ENCRYPTION_TYPES_SERVER = (AES256, AES192, AES128)

NAMES.DIRECTORY_PATH = (TNSNAMES, EZCONNECT)

SQLNET.WALLET_OVERRIDE = FALSE

SQLNET.EXPIRE_TIME = 10

SSL_VERSION = 1.2

WALLET_LOCATION = (SOURCE=(METHOD=FILE)(METHOD_DATA=(DIRECTORY=/u01/app/oracle/admin/orcl/db_wallet)))
listener.ora # Generated by Oracle configuration tools.

LISTENER =
  (DESCRIPTION_LIST =
    (DESCRIPTION =
      (ADDRESS = (PROTOCOL = TCP)(HOST = db18c-ee-hp.compute-a430291.oraclecloud.internal)(PORT = 1521))
      (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC1521))
    )
  )

VALID_NODE_CHECKING_REGISTRATION_LISTENER=ON
SSL_VERSION = 1.2
tnsnames.ora [oracle@db18c-ee-hp admin]$ more tnsnames.ora
# tnsnames.ora Network Configuration File: /u01/app/oracle/product/18.0.0/dbhome_1/network/admin/tnsnames.ora
# Generated by Oracle configuration tools.

PDB01 =
  (DESCRIPTION =
    (ADDRESS = (PROTOCOL = TCP)(HOST = db18c-ee-hp.compute-a430291.oraclecloud.internal)(PORT = 1521))
    (CONNECT_DATA = (SERVER = DEDICATED)
    (SERVICE_NAME = PDB01.a430291.oraclecloud.internal))
  )

ORABASE =
  (DESCRIPTION =
    (ADDRESS = (PROTOCOL = TCP)(HOST = db18c-ee-hp.compute-a430291.oraclecloud.internal)(PORT = 1521))
    (CONNECT_DATA = (SERVER = DEDICATED)
    (SERVICE_NAME = orabase.compute-a430291.oraclecloud.internal))
  )

ORCL =
  (DESCRIPTION =
    (ADDRESS = (PROTOCOL = TCP)(HOST = db18c-ee-hp.compute-a430291.oraclecloud.internal)(PORT = 1521))
    (CONNECT_DATA = (SERVER = DEDICATED)
    (SERVICE_NAME = orcl.a430291.oraclecloud.internal))
  )

PDBDEV =
  (DESCRIPTION =
    (ADDRESS = (PROTOCOL = TCP)(HOST = db18c-ee-hp.compute-a430291.oraclecloud.internal)(PORT = 1521))
    (CONNECT_DATA = (SERVER = DEDICATED)
    (SERVICE_NAME = pdbdev))
  )

LISTENER_ORABASE =
(ADDRESS = (PROTOCOL = TCP)(HOST = db18c-ee-hp.compute-a430291.oraclecloud.internal)(PORT = 1521))
initialization parameter configuration __data_transfer_cache_size=0
__db_cache_size=1600M
__inmemory_ext_roarea=0
__inmemory_ext_rwarea=0
__java_pool_size=16M
__large_pool_size=64M
__oracle_base='/u01/app/oracle' # ORACLE_BASE set from environment
__pga_aggregate_target=752M
__reload_lsnr='0' # lreg reload listener
__sga_target=2256M
__shared_io_pool_size=112M
__shared_pool_size=448M
__streams_pool_size=0
_always_anti_join='CHOOSE'
_always_semi_join='CHOOSE'
_b_tree_bitmap_plans=TRUE
_bloom_serial_filter='ON'
_complex_view_merging=TRUE
_compression_compatibility='18.0.0'
_diag_adr_trace_dest='/u01/app/oracle/diag/rdbms/orabase/orabase/trace'
_ds_xt_split_count=1
_eliminate_common_subexpr=TRUE
_fast_full_scan_enabled=TRUE
_generalized_pruning_enabled=TRUE
_gs_anti_semi_join_allowed=TRUE
_hang_resolution_scope='OFF' # _hang_resolution_scope updated by kjznhm
_improved_outerjoin_card=TRUE
_improved_row_length_enabled=TRUE
_index_join_enabled=TRUE
_key_vector_create_pushdown_threshold=20000
_ksb_restart_policy_times='0'
_ksb_restart_policy_times='60'
_ksb_restart_policy_times='120'
_ksb_restart_policy_times='240' # internal update to set default
_left_nested_loops_random=TRUE
_mv_access_compute_fresh_data='ON'
_new_initial_join_orders=TRUE
_new_sort_cost_estimate=TRUE
_nlj_batching_enabled=1
_odci_index_pmo_rebuild=FALSE # domain index pmo rebuild
_optim_enhance_nnull_detection=TRUE
_optim_peek_user_binds=TRUE
_optimizer_ads_use_partial_results=TRUE
_optimizer_better_inlist_costing='ALL'
_optimizer_cbqt_or_expansion='ON'
_optimizer_cluster_by_rowid_control=129
_optimizer_control_shard_qry_processing=65528
_optimizer_cost_based_transformation='LINEAR'
_optimizer_cost_model='CHOOSE'
_optimizer_extended_cursor_sharing='UDO'
_optimizer_extended_cursor_sharing_rel='SIMPLE'
_optimizer_extended_stats_usage_control=192
_optimizer_join_order_control=3
_optimizer_max_permutations=2000
_optimizer_mode_force=TRUE
_optimizer_native_full_outer_join='FORCE'
_optimizer_or_expansion='DEPTH'
_optimizer_proc_rate_level='BASIC'
_optimizer_system_stats_usage=TRUE
_optimizer_try_st_before_jppd=TRUE
_optimizer_use_cbqt_star_transformation=TRUE
_or_expand_nvl_predicate=TRUE
_ordered_nested_loop=TRUE
_parallel_broadcast_enabled=TRUE
_pivot_implementation_method='CHOOSE'
_pred_move_around=TRUE
_push_join_predicate=TRUE
_push_join_union_view=TRUE
_push_join_union_view2=TRUE
_px_dist_agg_partial_rollup_pushdown='ADAPTIVE'
_px_groupby_pushdown='FORCE'
_px_partial_rollup_pushdown='ADAPTIVE'
_px_shared_hash_join=FALSE
_px_wif_dfo_declumping='CHOOSE'
_resource_manager_plan=''
_sql_model_unfold_forloops='RUN_TIME'
_sqltune_category_parsed='DEFAULT' # parsed sqltune_category
_subquery_pruning_mv_enabled=FALSE
_table_scan_cost_plus_one=TRUE
_union_rewrite_for_gs='YES_GSET_MVS'
_unnest_subquery=TRUE
_use_column_stats_for_function=TRUE
_xt_sampling_scan_granules='ON'
audit_file_dest='/u01/app/oracle/admin/orabase/adump'
audit_trail='DB'
compatible='18.0.0'
connection_brokers='((TYPE=DEDICATED)(BROKERS=1))'
connection_brokers='((TYPE=EMON)(BROKERS=1))' # connection_brokers default value
control_files='/u01/app/oracle/oradata/ORABASE/control01.ctl'
control_files='/u01/app/oracle/fast_recovery_area/ORABASE/control02.ctl'
core_dump_dest='/u01/app/oracle/diag/rdbms/orabase/orabase/cdump'
db_block_size=8192
db_domain='compute-a430291.oraclecloud.internal'
db_name='orabase'
db_recovery_file_dest='/u01/app/oracle/fast_recovery_area/ORABASE'
db_recovery_file_dest_size=12918M
diagnostic_dest='/u01/app/oracle'
dispatchers='(PROTOCOL=TCP) (SERVICE=orabaseXDB)'
enable_pluggable_database=TRUE
local_listener='LISTENER_ORABASE'
log_buffer=7360K # log buffer update
nls_language='AMERICAN'
nls_territory='AMERICA'
open_cursors=300
optimizer_mode='ALL_ROWS'
pga_aggregate_target=748M
plsql_warnings='DISABLE:ALL' # PL/SQL warnings at init.ora
processes=300
query_rewrite_enabled='TRUE'
remote_login_passwordfile='EXCLUSIVE'
resource_manager_plan=''
result_cache_max_size=11552K
sga_target=2256M
undo_management='AUTO'
undo_tablespace='UNDOTBS1'

Related Topics
Built-in Functions
Built-in Packages
Control Files
Dynamic Performance Views
Redo Log Files
RMAN
Security
Startup Parameters
What's New In 12cR2
What's New In 18cR1

Morgan's Library Page Footer
This site is maintained by Dan Morgan. Last Updated: This site is protected by copyright and trademark laws under U.S. and International law. © 1998-2017 Daniel A. Morgan All Rights Reserved