pam_systemd(sshd:session): Failed to create session: Failed to activate service ‘org.freedesktop.login1’: timed out

Problem:

1. Slow ssh connections
2. System seems slow when trying to su to another user

/var/log/secure contains the following errors:

pam_systemd(sshd:session): Failed to create session: Failed to activate
service 'org.freedesktop.login1': timed out

Solution:

1. Restart systemd-logind service

# systemctl restart systemd-logind

2. Restart server

# reboot 

Note that the mentioned solutions are considered as temporary solutions (Frankly, I’ve never seen this error after restart. The problem happened with our two customers, who changed sshd_config file and did “something” after that, so the problem was caused by humman error in my all cases), for more information about this problem please see article at redhat site
https://access.redhat.com/discussions/3536621 .

Azure: yum install returns [Errno 14] curl#58 – “SSL peer rejected your certificate as expired.”

Action:

I have deleted tigervnc rpm and was trying to reinstall it but got the following error:

yum install tigervnc*

https://rhui-3.microsoft.com...x86_64/dotnet/1/debug/repodata/repomd.xml: [Errno 14] curl#58 - "SSL peer rejected your certificate as expired."
Trying other mirror.

Actually, the problem is not related to tigervnc only, it is global. During this time I was not able to run yum update or any installation using yum.

Causes:

Red Hat Update Infrastructure (RHUI) certificate has expired and it needs to be updated.

Solution:

Update RHUI certificate using the following rpm:

For RHEL 7:

# curl -o azureclient.rpm https://rhui-1.microsoft.com/pulp/repos/microsoft-azure-rhel7/rhui-azure-rhel7-2.2-74.noarch.rpm
# sudo rpm -U azureclient.rpm

For RHEL 6:

# curl -o azureclient.rpm https://rhui-1.microsoft.com/pulp/repos/microsoft-azure-rhel6/rhui-azure-rhel6-2.2-74.noarch.rpm
# sudo rpm -U azureclient.rpm

Linux: Rename files from uppercase to lowercase

If you have downloaded Oracle 18c installation files, you may need to change downloaded file  names from uppercase letters into lowercase. 🙂

[root@rac1 ~]# cd /sw
[root@rac1 sw]# for i in LINUX.X64_180000_*; do mv $i `echo $i |tr [:upper:] [:lower:]`; done

You may think these are just two files and why I need script? I can do it manually.. 🙂
You are right , but scripting is much more fun. Good luck!

Change timezone on Linux using /etc/localtime file

Assume we have timezone UTC:

[root@oradbfw-hq01-mgmt ~]# date
Mon Sep 11 09:29:27 UTC 2017

On many distributions , like OEL, CentOS.. . the timezone is conntrolled by localtime file located in /etc directory.

# cd /etc

Localtime is a symbolic link , so we can remove it

# rm localtime

All timezones are located under /usr/share/zoneinfo.
I live and my servers are located in Tbilisi, Georgia. So searching my timezone file:

[root@oradbfw-hq01-mgmt etc]# ll /usr/share/zoneinfo/Asia/Tbilisi
-rw-r–r–. 1 root root 1024 Mar 24 09:21 /usr/share/zoneinfo/Asia/Tbilisi

My country is not in Asia, but in Europe 🙂 this condition changed recently so Linux has not updated and still thinks we in Asia. (Don’t tell this to my goverment 🙂 )

Let’s create correct symbolic link:

# cd /etc
# ln -s /usr/share/zoneinfo/Asia/Tbilisi localtime

Let’s check that it was changed:

[root@oradbfw-hq01-mgmt etc]# date
Mon Sep 11 13:47:04 +04 2017

Create a Local Yum Repository for Oracle Linux 6

0. Just to note –repoid parameter has two dashes in front (- – repoid). Unfortunately wordpress makes it one dash. Please, do not blame me 🙂

1. Create OEL.repo file in /etc/yum.repos.d and add the following entry

# vi /etc/yum.repos.d/OEL.repo

[oraclerpms]
name=OracleEnterpriseLinux
baseurl=http://yum.oracle.com/repo/OracleLinux/OL6/latest/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
enabled=1

2. Install yum-utils and createrepo packages

# yum install yum-utils createrepo

3. It is better to add another disk and create repository there, do not use / disk(disk where OS is installed) for repository. It is just a best practice.

Create necessary folders:

# mkdir -p /OEL_repo/OEL6/latest
# mkdir -p /OEL_repo/logs
# mkdir -p /OEL_repo/scripts

4. Download rpms.
If you are using proxy you may need to set proxy parameters like  export http_proxy=http://proxy_server_ip:proxy_port/

/usr/bin/reposync –newest-only –repoid=oraclerpms -p /OEL_repo/OEL6/latest

5. After download completes create repository on downloaded rpms:

/usr/bin/createrepo /OEL_repo/OEL6/latest/oraclerpms/getPackage/

####################
The above steps should be done every time you want to update your local repository, so let’s create script and place all them in one file.

vi /OEL_repo/scripts/repo_sync.sh

#!/bin/bash

LOG_FILE=/OEL_repo/logs/repo_sync_$(date +%Y.%m.%d).log

# Delete old logs
find /OEL_repo/logs/repo_sync* -mtime +5 -delete; >> $LOG_FILE 2>&1

#Clean cache
yum clean all

# Sync repositories
/usr/bin/reposync /usr/bin/reposync –newest-only –repoid=oraclerpms -p /OEL_repo/OEL6/latest >> $LOG_FILE 2>&1

/usr/bin/createrepo /OEL_repo/OEL6/latest/oraclerpms/getPackage/ >> $LOG_FILE 2>&1

2. Change permissions for the executable script:

# chmod u+x /OEL_repo/scripts/repo_sync.sh

3. Set up a CRON job to run the script on a daily basis. The following entry runs the script each day at 01:00.

0 1 * * * /OEL_repo/scripts/repo_sync.sh > /dev/null 2>&1

###############

1. Install the Apache HTTP servers, start it and make sure it restarts automatically on reboot.

# yum install httpd
# service httpd start
# chkconfig httpd on

2. Create directory and place link there

mkdir -p /var/www/html/OEL_repo/OEL6/latest
ln -s /OEL_repo/OEL6/latest/oraclerpms/getPackage/ /var/www/html/OEL_repo/OEL6/latest/x86_64

# cd /var/www/html
# wget http://public-yum.oracle.com/RPM-GPG-KEY-oracle-ol6

Note: /var/www/html is the default DocumentRoot directory. To check yours(sysadmin may have changed it) please check /etc/httpd/conf/httpd.conf file and find the keyword DocumentRoot

##############

1. Configure clients

vi /etc/yum.repos.d/local-ol6.repo

[oraclerpms]
name=Oracle Linux $releasever Latest ($basearch)
baseurl=http://RepositoryServerHostname.domain.ge/OEL_repo/OEL6/latest/$basearch/
gpgkey=http://RepositoryServerHostname.domain.ge/RPM-GPG-KEY-oracle-ol6
gpgcheck=1
enabled=1

Now you are able to install packages on clients by

# yum install ntp

Upgrade Oracle Database from 11g to 12c

  1. Download Oracle 12c software fromhttp://www.oracle.com/technetwork/database/enterprise-edition/downloads/database12c-linux-download-1959253.html

    unzip files:

    unzip linuxamd64_12102_database_1of2.zip
    unzip linuxamd64_12102_database_2of2.zip
  2. Make another home for 12c.
    mkdir -p /u01/app/oracle/product/12.1.0/dblb
  3. Change permissions for /u01 directory.  If 11g home is also located in /u01 you have already done the steps bellow. Just check that permissions are the following:
    chown -R oracle:oinstall /u01
    chmod -R 775 /u01
  4. Change the following parameters in response file, other parameters just leave blank.
    Response file is located in installation directory… extract_drectory/database/response/db_install.rsp

     oracle.install.option=INSTALL_DB_SWONLY
     ORACLE_HOSTNAME=DBServerHostname
     UNIX_GROUP_NAME=oinstall
     INVENTORY_LOCATION=/u01/app/oraInventory
     SELECTED_LANGUAGES=en
     ORACLE_HOME=/u01/app/oracle/product/12.1.0/dblb
     ORACLE_BASE=/u01/app/oracle
     oracle.install.db.InstallEdition=EE
     oracle.install.db.DBA_GROUP=dba
     oracle.install.db.OPER_GROUP=dba
     oracle.install.db.BACKUPDBA_GROUP=dba
     oracle.install.db.DGDBA_GROUP=dba
     oracle.install.db.KMDBA_GROUP=dba
     SECURITY_UPDATES_VIA_MYORACLESUPPORT=false
     DECLINE_SECURITY_UPDATES=true
  5. Go to the 12c installation folder  and run runInstaller, to install 12c home:
     ./runInstaller -silent -responseFile /install/database/response/db_install.rsp  -waitforcompletion -showProgress

    When it asks , connect to the server via root user and run

    /u01/app/oracle/product/12.1.0/dblb/root.sh
  6. At this time your database should be turned on from 11g home. Connect to the database via SYS user and run the following scripts: emremove.sql will remove EM repository. olspreupgrade.sql will run preupgrade scripts

    You should also purge the recyclebin. For reducing upgrade time.

    Note: these scripts should be run to the open database , that is turned on by 11g

    export ORACLE_HOME=/u01/app/oracle/product/11.2.0/dblb
     sqlplus / as sysdba
     @/u01/app/oracle/product/12.1.0/dblb/rdbms/admin/emremove.sql
     @/u01/app/oracle/product/12.1.0/dblb/rdbms/admin/olspreupgrade.sql
     purge recyclebin;
  7. Run DBUA from 12c home to upgrade existing database
    export ORACLE_HOME=/u01/app/oracle/product/11.2.0/dblb
    /u01/app/oracle/product/12.1.0/dblb/bin/dbua -silent \
    -sid ORCL \
    -oracleHome /u01/app/oracle/product/11.2.0/dblb \
    -diagnosticDest /u01/app/oracle \
    -recompile_invalid_objects true \
    -degree_of_parallelism 40 \
    -upgradeTimezone \
    -emConfiguration NONE \
    -keepHiddenParams \
    -gatheringStatistics \
    -upgrade_parallelism 40
  8. To check that everything was upgraded successfully, after successful message from the previous command, check the following:
    cat /etc/oratab
    ORCL:/u01/app/oracle/product/12.1.0/dblb:N
    cat /u01/app/oraInventory/ContentsXML/inventory.xml
     <VERSION_INFO>
     <SAVED_WITH>12.1.0.2.0</SAVED_WITH>
     <MINIMUM_VER>2.1.0.6.0</MINIMUM_VER>
     </VERSION_INFO>

    Update the following parameters in your  .bash_profile:

     export ORACLE_HOME=/u01/app/oracle/product/12.1.0/dblb
     export LD_LIBRARY_PATH=/u01/app/oracle/product/12.1.0/dblb/lib
  9. Network file configuration. Stop listener that was previously started from 11g. Move listener.ora and tnsnames.ora files to 12c home and rename them in old location. Start the listener from 12c home.
    /u01/app/oracle/product/11.2.0/dblb/bin/lsnrctl stop
    cp /u01/app/oracle/product/11.2.0/dblb/network/admin/listener.ora /u01/app/oracle/product/12.1.0/dblb/network/admin
    cp /u01/app/oracle/product/11.2.0/dblb/network/admin/tnsnames.ora /u01/app/oracle/product/12.1.0/dblb/network/admin
    mv /u01/app/oracle/product/11.2.0/dblb/network/admin/tnsnames.ora /u01/app/oracle/product/11.2.0/dblb/network/admin/tnsnames.ora.old
    mv /u01/app/oracle/product/11.2.0/dblb/network/admin/listener.ora /u01/app/oracle/product/11.2.0/dblb/network/admin/listener.ora.old
    /u01/app/oracle/product/12.1.0/dblb/bin/lsnrctl start
  10. Connect to the database using 12c home and check again the version in v$instance view:
    export ORACLE_HOME=/u01/app/oracle/product/12.1.0/dblb
    sqlplus / as sysdba
    select instance_name,version,status
    from v$instance;
  11. If you want to deinstall 11g home run the following :
    /u01/app/oracle/product/11.2.0/dblb/deinstall/deinstall

Install Backup Exec Client(Remote Agent) on Linux

RALUS is a remote agent installation , simply Linux client of Backup exec that can be retrieved from Backup Exec installation DVD in LinuxUnixMac folder.

Some details:

Client Server IP: 10.0.1.100
Client Hostname: orcl_node
Domain: sa.ge
Media Server IP: 192.168.1.100

Create some installation directory and locate RALUS installation file to this folder.

1. Installation

# mkdir /0
# cd /0
# tar -xvf RALUS_RMALS_RAMS-4164.5.tar
# ./installralus

Step 1:

Enter the system names separated by spaces on which to install RALUS: (oracle-node1.tbilisi.gov.ge)10.0.1.100

Checking system communication:

Checking OS version on 10.0.1.100 ………….. Linux 2.6.18-194.el5
Checking system support for 10.0.1.100 … Linux 2.6.18-194.el5 supported by RALUS

Initial system check completed successfully.

Press Enter.

Step 2:

Press Enter.

Step 3:

If the output is:

Checking file system space ……………. required space is available

Then  press Enter

Step 4:

To display the Remote Agent as a selection in a media server’s backup selection tree, and to be able to specify a local network for use between the Remote Agent and a media server, enter the names or IP addresses of the media servers that you want the Remote Agent on ‘10.0.1.100’ to communicate with.

An IP Address: XXX.XXX.XXX.XXX
A Host Name: COMPUTERNAME

Enter a directory host:192.168.1.100

Do you want to add another name or address for this agent? [y, n] (n)

Step 5:

If the information is correct press Enter

Step 6:

In this step beoper group will be created if it doesn’t exist and root user will be added to this group.

Press Enter

Press Enter

Press Enter (choosing y option by default)

Press Enter(choosing n option by default)

Press Enter (choosing y option by default)

Press Enter

Step 7 :

Checking VRTSralus package ………………………… not installed

Press Enter

Step 8:

Installing VRTSralus 13.0.4164 on 10.0.1.100 …… done 1 of 1 steps

Press Enter

Step 9 :

Creating configuration files on 10.0.1.100  ………………… Done

Press Enter

RALUS installation is complete, now it’s time to configure it.

2. Configuration on Client

Step 1:

Run AgentConfig:

# /opt/VRTSralus/bin/AgentConfig

Symantec Backup Exec Remote Agent Utility
Choose one of the following options:
1. Configure database access
2. Configure Oracle instance information
3. Quit
Please enter your selection: 1

Configuring machine information
Choose one of the following options:
1. Add system credentials for Oracle operations
2. Edit system credentials used for Oracle operations
3. Remove system credentials used for Oracle operations
4. View system credentials used for Oracle operations
5. Quit
Please enter your selection: 1
     Enter a user name that has local system credentials: oracle
Enter the password:
Re-enter password:
Validating credentials…….
Do you want to use a custom port to connect to the media server during Oracle operations? (Y/N): N
     Commit Oracle operation settings to the configuration file? (Y/N): Y
     SUCCESS: Successfully added the entry to the configuration file.

Configuring machine information
Choose one of the following options:
1. Add system credentials for Oracle operations
2. Edit system credentials used for Oracle operations
3. Remove system credentials used for Oracle operations
4. View system credentials used for Oracle operations
5. Quit
Please enter your selection: 5

Symantec Backup Exec Remote Agent Utility
Choose one of the following options:
1. Configure database access
2. Configure Oracle instance information
3. Quit
Please enter your selection: 2

If this computer is a RAC node, you must perform additional steps for configuration before you continue. Refer to the readme for these additional steps.

Configuring the Oracle Agent
Choose one of the following options:
1. Add a new Oracle instance to protect
2. Edit an existing Oracle instance
3. Delete an existing Oracle instance
4. View Oracle instance entries that have been added in the Remote Agent Utility
5. Quit
Please enter your selection: 1
     Select an Oracle instance to configure
Entry 1. orcl
Enter the number 0 to go back
Enter your selection: 1
     Enter the Oracle database SYSDBA user name: SYS
Enter the Oracle database SYSDBA password:
Re-enter password:
Validating credentials…….
Enter the media server name or IP address:      The length of the entered data is greater than the maximum permitted length.
Enter the media server name or IP address: 192.168.1.100
     Do you use a recovery catalog? (Y/N):N
     Do you want to use a customized job template? (Y/N): N
     Commit Oracle operation settings to the configuration file? (Y/N): Y
     Created symbolic link for /opt/VRTSralus/bin/libobk.so at /u01/app/oracle/product/11.2.0/db_1/lib/libobk.so
SUCCESS: Successfully added the entry to the configuration file.

Configuring the Oracle Agent
Choose one of the following options:
1. Add a new Oracle instance to protect
2. Edit an existing Oracle instance
3. Delete an existing Oracle instance
4. View Oracle instance entries that have been added in the Remote Agent Utility
5. Quit
Please enter your selection: 5

Symantec Backup Exec Remote Agent Utility
Choose one of the following options:
1. Configure database access
2. Configure Oracle instance information
3. Quit
Please enter your selection: 3

Start agent:

# /etc/init.d/VRTSralus.init start
Starting Symantec Backup Exec Remote Agent ……
Starting Symantec Backup Exec Remote Agent:                              [  OK  ]

3. Configuration on Media Server

To make media server see your client do the following steps:

Step 1:

Run Start->-All Programs>Symantec Backup Exec->Backup Exec 2010

Step 2:

Tools->Options->Oracle –>click Modify List button->click New button and fill the following fields, by the following way:

Oracle or DB2 Server: 10.0.1.100
Logon Account  ->>>>click New button –>click New button and fill the following fields, by the following way:

User name: oracle
Password: enter oracle password for client server
Confirm Password: enter the password again
Account Name: oracle

click OK.

You will also need to configure SYS  user account.

And choose oracle in Logon Account  field.

click OK.

Do the same steps for 2 more times, just change Oracle or DB2 Server filed to orcl_node(instead of 10.0.1.100) for the first time and orcl_node.sa.ge for the second time

Step 3:

On media server , in hosts file add client entry.

That is all.