Documentos de Académico
Documentos de Profesional
Documentos de Cultura
Instalar Samba
https://oracle-base.com/articles/linux/linux-samba-configuration
https://www.howtoforge.com/samba-server-installation-and-configuration-on-centos-7
1.2)Ip fija
if a cd /etc/sysconfig/network-scripts
luego:
vi ifcfg-enp1s0
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=enp1s0
UUID=fb09e79b-ad9f-4165-b21a-54ccedc7a6f3
DEVICE=enp1s0
ONBOOT=yes
IPADDR=192.168.1.7
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
mkdir /opt/nombre_empresa
mkdir /opt/nombre_empresa/instaladores
mkdir /opt/nombre_empresa/programas
mkdir /opt/nombre_empresa/respaldos
1.4) Crear grupos para instalacion oracle
groupadd sistemas
groupadd usuarios
passwd sistemas1
passwd usuario1
smbpasswd -a sistemas1
smbpasswd -a usuario1
vi /etc/samba/smb.conf
[programas]
browsable=yes
path=/opt/cjamileth/programas
force group = +sistemas
valid users = @sistemas @usuarios
write list = @sistemas
create mask = 0775
force create mode = 775
writable = yes
read only = no
[xml_tmp]
browsable=yes
path=/opt/cjamileth/xml_tmp
writable = yes
read only = no
firewall-cmd --reload
https://oracle-base.com/articles/12c/oracle-db-12cr1-installation-on-
oracle-linux-7
unzip linuxamd64_12102_database_1of2.zip
unzip linuxamd64_12102_database_2of2.zip
The "/etc/hosts" file must contain a fully qualified name for the server.
vi /etc/hosts
vi /etc/hostname
colocar:
servidor.nombre_empresa
5) Configurar Selinux
vi /etc/selinux/config
y colocar
SELINUX=permissive
setenforce Permissive
vi /home/oracle/.bash_profile
# Oracle Settings
export TMP=/tmp
export TMPDIR=$TMP
export ORACLE_HOSTNAME=servidor.nombre_empresa
export ORACLE_UNQNAME=oraxxx
export ORACLE_BASE=/opt/u01/app/oracle
export ORACLE_HOME=$ORACLE_BASE/product/12.1.0.2/db_1
export ORACLE_SID=oraxxx
export PATH=/usr/sbin:$PATH
export PATH=$ORACLE_HOME/bin:$PATH
export LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr/lib
export CLASSPATH=$ORACLE_HOME/jlib:$ORACLE_HOME/rdbms/jlib
ssh -X oracle@192.168.1.7
vi /etc/selinux/config
SELINUX=enforcing
setenforce Enforcing
firewall-cmd --reload
Se siguio el manual:
https://docs.oracle.com/database/121/UNXAR/strt_stp.htm#UNXAR002
#! /bin/sh
# description: Oracle auto start-stop script.
#
# Set ORACLE_HOME to be equivalent to the $ORACLE_HOME
# from which you wish to execute dbstart and dbshut;
#
# Set ORA_OWNER to the user id of the owner of the
# Oracle database in ORACLE_HOME.
ORA_HOME=/opt/u01/app/oracle/product/12.1.0.2/db_1
ORA_OWNER=oracle
case "$1" in
'start')
# Start the Oracle databases:
# The following command assumes that the oracle login
# will not prompt the user for any values
# Remove "&" if you don't want startup as a background process.
su - $ORA_OWNER -c "$ORA_HOME/bin/dbstart $ORA_HOME" &
touch /var/lock/subsys/dbora
;;
'stop')
# Stop the Oracle databases:
# The following command assumes that the oracle login
# will not prompt the user for any values
su - $ORA_OWNER -c "$ORA_HOME/bin/dbshut $ORA_HOME" &
rm -f /var/lock/subsys/dbora
;;
esac
ln -s /etc/init.d/dbora /etc/rc.d/rc0.d/K01dbora
ln -s /etc/init.d/dbora /etc/rc.d/rc3.d/S99dbora
ln -s /etc/init.d/dbora /etc/rc.d/rc5.d/S99dbora
SQLNET.ALLOWED_LOGON_VERSION=8
2) Cambiar la base de datos case sensitive de contrasena, esto es dentro del sqlplus con el usuario sys:
Para asegurar linux se va a crear un usuario con privilegios para ejecutar comandos sin usar el usuario root
1) adduser srvadm01
2) passwd srvadm01
SRVadm2018.megdata!
ASEGURAR SSH
# CONFIGURACION MANUAL
PermitRootLogin no
AllowUsers srvadm01
Protocol 2
Port 50013
4) reiniciar Firewall
firewall-cmd --reload
5) Reiniicar el servicio de SSH
DESACTIVAR IP6
https://blog.dbi-services.com/oel-7-how-to-disable-ipv6-on-oracle-linux-7/
IPV6INIT=no
SEGURIDAD CLAVES – ESTO SALIO MAL, HAY QUE REVISAR MEJOR EL TEMA
https://docs.oracle.com/cd/E52668_01/E54669/html/ol7-s7-syssec.html
1) Abrir el arhivo
/etc/pam.d/system-auth
The line for pam_pwquality.so defines that a user gets three attempts to choose a good password with a
minimum of eight characters, of which five characters must be different from the previous password, and
which must contain at least one upper case letter, one lower case letter, one numeric digit, and one non-
alphanumeric character.
The line for pam_unix.so specifies that the module does not perform password checking, uses SHA-512
password hashing and the /etc/shadow file, and saves information about the previous five passwords for each
user in the /etc/security/opasswd file. As nullok is not specified, a user cannot change his or her password if
the existing password is null.
The omission of the try_first_pass keyword means that the user is always asked for their existing password,
even if he or she entered it for the same module or for a previous module in the stack.
1) ir al directorio /var/lib/AccountsService/users
2) Copiar el archivo oracle con el nombre dle usuario que no se quiere visualizar
[User]
Language=
XSession=gnome
SystemAccount=true
CLAMAV ANTIVIRUS
https://videlcloud.wordpress.com/2017/07/03/instalacion-de-antivirus-clamav-en-rhel-7/
2) instlar el antivirus
5) Encendemos el antivirus
setsebool -P antivirus_can_scan_system 1
sudo vi /etc/clamd.d/clamd.conf
sudo vi /etc/clamd.d/scan.conf
sudo freshclam
groupadd respaldos
useradd respaldos1 -G respaldos
passwd sistemas1
DATA17dref08!
2) En el servidor dela base de datos, usuario oracle, abrir una consola ir al home
y poner:
ssh-keygen
esto realiza las operaciones necesarias para poder conectarse al servidor remoto
sin clave
https://docs.oracle.com/cd/E52668_01/E54669/html/ol7-s11-openssh.html
INSTALAR PAYARA
/etc/systemd/system/payara.service
[Unit]
Description=Payara Service
After=syslog.target network.target dbora.service
[Service]
Type=forking
ExecStart=/opt/payara5/glassfish/bin/asadmin start-domain
ExecStop=/opt/payara5/glassfish/bin/asadmin stop-domain
[Install]
WantedBy=multi-user.target
6)systemctl daemon-reload
7) Anadir el servicio
8) Encender el servicio
[Unit]
Description=FeDaemon Service
After=payara.service
[Service]
Type=simple
WorkingDirectory=/opt/fe/bin/FeDaemon
ExecStart=/bin/java -jar FeDaemon.jar
Restart=on-failure
RestartSec=10
[Install]
WantedBy=multi-user.target
4)systemctl daemon-reload
5) Anadir el servicio
6) Encender el servicio
https://www.opentechguides.com/how-to/article/centos/169/systemd-custom-service.html
https://computingforgeeks.com/how-to-run-java-jar-application-with-systemd-on-linux/