Sunday

Linux Tip: Configuring Sendmail to use Gmail as an SMTP Server

[Update 03102010]

My linux server recently suffered a hardware failure and had to be rebuilt.   I had to setup this up again and rain into issues.   I found another article which is much more straightforward.

http://www.linuxarticles.org/2010/09/relay-email-using-gmail-account-shell-prompt/

[/Update]

Wireless networking is pretty much common place these days. I've been using it at home for a number of years now and have been using security from day 1. Today I noticed that my Linksys router forgot my Wireless Security settings, leaving me exposed. I have no idea how long i've been open so needless to say i'm not pleased.

I have a script which polls my router and if my ip address has changed, it updates my dynamic dns account. So I thought it should be pretty easy to write a script to check my wireless security settings.

The script was pretty simple:

#!/bin/sh

cd /scripts

wget https://192.168.1.1/WL_WPATable.asp --http-user=admin \
  --http-passwd=admin --no-check-certificate
success=`grep "\"wpa_personal\" selected" WL_WPATable.asp | wc -l`

if [ $success -ne 1 ]; then
mailx -s "WIRELESS SECURITY DISABLED" MyEmailAddr@mydomain.com <<EOF
Please check wireless security settings.  There seems to be a problem.
EOF

echo "WIRELESS SECURITY DISABLED!!"
fi
rm WL_WPATable.asp



Note: Notice the rm command at the end of the script. You need to do this if your using wget because if it detects the page your trying to download already exists it appends a version number to the end. ie. WL_WPATable.asp.1 If this happens, your script won't be checking the right file.

Pretty simple script, the only problem is, I didn't receive an email. My linux server is on my home network, which doesn't have an smtp server and I believe they are blocked by my ISP anyways.

I found a webpage which describes how to configure sendmail to use gmails smtp server.

A correction and addition. He mentions to "Create or edit the /etc/authinfo file and with this codes". However if you cut and paste his instructions the path placed in sendmail.mc for this file is

FEATURE(`authinfo’, `Hash -o /etc/mail/authinfo’)dnl

So make sure you create authinfo in the same location. Towards the end he mentions to execute the make command. If you don't have the sendmail source this will not work for you. So instead of:

make all install restart

use:

[root@stockade mail]# m4 sendmail.mc > sendmail.cf
[root@stockade mail]# /etc/init.d/sendmail restart

Note: Any email now sent from your server will be from your gmail account. I've sent the emails to my phone and gmail account, so if my wireless security gets disabled again i'll know right away.

Anyways, thought it may be useful.

Tuesday

rhn_register/up2date - OpenSSL.SSL.Error

Now that I work for a small company there are no fine lines between roles. DBA's are responsible for some system administration for example. I've been using Linux since Slackware version .8 (or some such) but i've never configured and supported it in a work environment before. I installed Red Hat on a server a few days ago and preparing to install Oracle I had to update some packages.

The first time you execute up2date you need to register with the Red Hat network. However, it would accept my username and password. It would keep sending me back to the login screen or provide me with the option to register later. (Which means you can't download updates until you register.)

I noticed on the command line from which I launched up2date:

[root@server ~]# rhn_register
An error has occurred:
OpenSSL.SSL.Error
See /var/log/up2date for more information


The log file was of no use... Searching google and the Red Hat knowledge base didn't help either. So I tried to run up2date without the GUI using the --nox option and I saw this:

[root@server ~]# up2date --nox
There was an SSL error: [('SSL routines',
'SSL3_GET_SERVER_CERTIFICATE', 'certificate verify failed')] A common cause of
this error is the system time being incorrect. Verify that the time on this
system is correct.


Bingo! I checked the system date/time and the year was 2008... Once I fixed that up2date ran fine. I have no idea why it would care if the system date was in the past.

Friday

Monitoring your RMAN backup scripts

There is an easy way to monitor your RMAN backup scripts in a unix environment. I've seen quite a few DBA's log the rman output to a file and then grep it for errors. Ex.


rman target / CMDFILE /home/oracle/scripts/rman.sql LOG $logfile
errors=`cat $logfile|grep -i error|wc -l`
if test $errors -gt 0
then
mailx -s "BACKUP FAILED" email1@myserver.com, email2@myserver.com <<\!
`cat $logfile`
!
fi

Another method would be to examine the return code from the rman client. Rman returns a value of 0 to the shell if the backup was successful. Otherwise it returns a nonzero value and from what I have seen this is always 1. (Have you seen any other values?)

So another way of writing the above script would be


rman target / CMDFILE /home/oracle/scripts/rman.sql LOG $logfile
status=$?

if [ $status -gt 0 ] ; then
mailx -s "BACKUP FAILED: TESTDB" email1@myserver.com <<\!
`cat $logfile`
\!
else
mailx -s "SuccessfulBackup: TESTDB" email1@myserver.com <<\!
`cat $logfile`
\!
fi

NOTE: Ignore the backlashes before the exclamation points above. I'm not sure how to format it properly within blogger. I'll see if I can fix it later.

As you can see above, after rman executes I set a status variable. $? is automatically set to the return code from the rman client. After that I check the value and there was an error I send an email saying the backup failed and put the contents of the log file into the body of the message. If the backup was successful, I still send a copy of the logfile.

The reason I do this is because each day I will expect to see either a successful or failed email. I've had issues in the past with cron not executing scheduled jobs (for numerous reasons). So if I don't receive an email I'll verify the backup manually.

Thursday

WARNING: Oracle executable binary mismatch detected.

Interesting message appeared in my test environment alert log:

WARNING: Oracle executable binary mismatch detected.
Binary of new process does not match binary which started instance
issue alter system set "_disable_image_check" = true to disable these messages


The message appeared to be pretty obvious.. For some reason it thinks the Oracle binary has changed somehow.
Note: 369260.1 describes the error and mentions that there could be many reasons but doesn't actually list them or refer to other notes which may contain more information. To suppress the message you can issure the alter system command as per the error message above.

I had to shutdown the environment to apply the patch, so I watched the alert log after startup to see if the error would reappear. I haven't made any changes to this environment, so i'm not sure what may have caused this message to appear. If it happens again i'll open an SR.

Have you seen this problem before? If so, did you find a root cause?

Wednesday

R12 Bug: Compiling forms manually

Today I received a request to recompile a form. In R12 the method has changes slightly... In 11.5.x I used f60gen but in R12 you now have to use the executable frmcmp_batch.sh. For details see Note: 130686.1.

However, when I executed frmcmp_batch.sh I received an error:


[applmgr@myserver VIS]$ frmcmp_batch.sh module=./apps/apps_st/appl/au/12.0.0/forms/US/QPXPRLST.fmb
userid=apps/apps@VIS output_file=./apps/apps_st/appl/qp/12.0.0/forms/US/QPXPRLST.fmx
module_type=form compile_all=special

Forms 10.1 (Form Compiler) Version 10.1.2.0.2 (Production)

Forms 10.1 (Form Compiler): Release - Production

Copyright (c) 1982, 2005, Oracle. All rights reserved.

PL/SQL Version 10.1.0.5.0 (Production)
Oracle Procedure Builder V10.1.2.0.2 - Production
Oracle Virtual Graphics System Version 10.1.2.0.0 (Production)
Oracle Multimedia Version 10.1.2.0.2 (Production)
Oracle Tools Integration Version 10.1.2.0.2 (Production)
Oracle Tools Common Area Version 10.1.2.0.2
Oracle CORE 10.1.0.5.0 Production
ORA-12154: TNS:could not resolve the connect identifier specified

Form not created



I checked my environment and everything seemed ok. Sqlplus worked fine, etc. A Metalink search turned up Note: 431324.1 Manual forms compilation In R12 fails. Even tho the error isn't the same, it shows that frmcmp_batch.sh is also affected.

I haven't applied the patch yet because I could still use adadmin to recompile the form. But if I start receiving alot of requests then I will put it in.

Monday

R12: Changing apps password

In 11i there were a few steps in order to change the apps password.

1. Shutdown the environment.
2. execute FNDCPASS to change the apps password.
Ex. FNDCPASS apps/[oldpassword] 0 Y system/[system password] SYSTEM APPLSYS [new apps password]

3. Manually modify files such as appsweb.cfg and wdbsvr.app
4. Startup the environment.


In R12:

1. Shutdown the environment.
2. Execute FNDCPASS as above.
3. Run Autoconfig
4. Startup the environment.

I realized the process had changed when I looked at the wdbsvr.app file and noticed the following:


;
; $Header: wdbsvr.app 120.0.12000000.2 2007/06/29 11:43:45 sbandla ship $
;
; $AutoConfig$
;
; Not required in R12. Stubbing the file from %s_fndtop%/admin/template

Report Access in R12

As I mentioned in an earlier post, I am now working on an R12 implementation project. A user called me today with a report issue. I asked for the concurrent request id so that I could troubleshoot the issue on my end to make sure it wasn't an environment issue.

I noticed the "View Output" button was grayed out in the Concurrent -> Requests screen. In 11i there is a profile option Concurrent: Request Access Level, which allows you to set access privileges for report output files.

However, in R12 this profile option is now obsolete and has been replaced by RBAC (Role Based Access Control). Details can be found in Note: 563946.1, Note: 555524.1 or Chapter 6 of the Oracle Applications System Administrator's Guide - Configuration

For now i'll just go to the users desk because I don't have access to configure this at the moment. It seems like an awful amount of work tho for something that was handled by a profile option before.

Thursday

New Job, New responsibilities

Recently I started a new job with the added benefit that I have some new stuff to learn. Previously I managed EBS environments with a few standalone databases and I will be doing that here as well. Additionally they also use Oracle Portal, Oracle Internet Directory and standalone application server.

I haven't used these before so I thought I would setup a vmware environment, install it and start plugging away. For the life of me, I couldn't find the install guide for the application server. After I wasted enough time looking I decided to uncompress the software and move forward anyways. It was then that I noticed the docs subfolder under Disk1, which containg an install guide.

The first step of the install is to execute runInstaller and check for pre-reqs:

prompt> mount_point/1012disk1/runInstaller -executeSysPrereqs


The OS, temp and swap space checks passed but failed checking the display:

Checking monitor: must be configured to display at least 256 colors. Failed <<<<
>>>> could not execute auto check for display colors using command
/usr/X11R6/bin/xdpyinfo. Check if the DISPLAY variable is set.


I was local to the box and my display was working properly.. I could also execute xdpyinfo manually and it would work ok. However, a which xdpyinfo turned up that the program resided in a different directory than the one runInstaller was trying to use.

[oracle@localhost Disk1]$ which xdpyinfo
/usr/bin/xdpyinfo
[oracle@localhost bin]$ ln -s /usr/bin/xdpyinfo /usr/X11R6/bin/xdpyinfo


So I created a symbolic link, as you can see above and tried executing runInstaller again. This time everything passed.

Not much of a tip a day... Just wanted to mention that I had started a new job and hopefully the dry spell of posts is over. I was very idle in my previous position (one of the reasons why I left), which made it more difficult to think of stuff to blog. I'll be using some new pieces of software now and we are in the process of implementing a new R12 environment. So I should have alot to talk about soon.