selinux and oracle

Daniel J Walsh dwalsh at redhat.com
Wed Jan 24 13:47:09 UTC 2007 

Adam Turk wrote:
> Hello again,
>
> I was able to install Oracle 10gR2 on RHEL4U4 with selinux in targeted 
> enforcing mode.  No selinux messages in /var/log/messages or dmesg.  I 
> found a couple of scripts that will start and shutdown the database 
> and enterprise manager on boot and shutdown.  I had a couple of 
> problems with this part and I am not sure if selinux is the problem or 
> not.  Let me explain then I will post the code.
>
> I created a file called oracle in /etc/rc.d/init.d.  I ran chkconfig 
> oracle reset.  I then ran service oracle start.  The database wouldn't 
> start.  oracle calls the script dbstart which needs ORACLE_HOME 
> defined.  If I add a export ORACLE_HOME=/path/to/oracle to dbstart 
> everything works.  If I remove the export then the database won't 
> start.  I was under the assumption that when I set ORACLE_HOME in 
> oracle it would be able to be used by dbstart.  This does not appear 
> to be true.  Is this a selinux problem, or did I misunderstand 
> something?  To get the database to start I added the export 
> ORACLE_HOME to /etc/profile.  Also when I do a init 6 or init 0 the 
> oracle service doesn't shutdown i.e. no shutting down oracle 
> ................
>
I would doubt this is an SELinux problem.  You can always check for avc 
messages in /var/log/messages.  You can also temporarily turn off 
enforcing mode "setenforce 0", then try it.  If it is still broken while 
SELinux is in permissive mode, it is most likely not an SELinux problem.
> Thanks,
>
>
> #!/bin/bash
> #
> # chkconfig: 35 95 1
> # description: init script to start/stop oracle database 9i, TNS 
> listener, EMS
> #
> # DON'T FORGET TO MODIFY /etc/oratab AND CHANGE THE LAST VARIBLE TO Y
> # chmod 750 this file
> export ORACLE_HOME=/u01/app/oracle/product/10.2.0/db_1
> export ORACLE_BIN=$ORACLE_HOME/bin
> export ORACLE_SID=jrd
> export LD_LIBRARY_PATH=$ORACLE_HOME/lib
> export ORACLE_USER=oracle
>
> export PATH=$PATH:$ORACLE_BIN
>
> if [ ! -f $ORACLE_BIN/dbstart ]
> then
>    echo "Oracle startup: cannot start"
>    exit
> fi
>
> # see how we are called:
> case $1 in
>    start)
>        su - $ORACLE_USER -c  $ORACLE_BIN/dbstart
> #        su - $ORACLE_USER -c "$ORACLE_BIN/emctl start dbconsole"
>        ;;
>    stop)
> #        su - $ORACLE_USER -c "$ORACLE_BIN/emctl stop dbconsole"
>        su - $ORACLE_USER -c  $ORACLE_BIN/dbshut
>        ;;
>    *)
>        echo "Usage: $0 {start|stop}"
>        ;;
> esac
>
> _________________________________________________________________
> Invite your Hotmail contacts to join your friends list with Windows 
> Live Spaces 
> http://clk.atdmt.com/MSN/go/msnnkwsp0070000001msn/direct/01/?href=http://spaces.live.com/spacesapi.aspx?wx_action=create&wx_url=/friends.aspx&mkt=en-us 
>
>

More information about the fedora-selinux-list mailing list