Oracle OCR的备份与恢复(2)--如何修复11.2 Grid权限误操作

一.1.1  如何修复11.2 Grid权限误操作

 关于Oracle GRID HOME文件目录的权限问题

① chown -R 误操作了,将整个/u01/app的权限修过了如何恢复?

② 删除了$GRID_HOME/log文件夹下的所有内容,集群不能启动,如何恢复?

使用chown -R 误操作了,将整个/u01/app的权限修过了,导致grid无法启动。,搜了下mos发现了一篇文档:Tips for checking file permissions on GRID environment(ID 1931142.1)


该文档中描述到,$GRID_HOME/crs/utl下面的几个文件中记录了整个GRID_HOME下面的文件和目录的相关权限。

Check the permissions from the following 2 files which are created during Grid Infrastructure installation.

In $GRID_HOME/crs/utl (for 11.2 and 12.1.0.1) and <GRID_HOME>/crs/utl/<hostname> (for 12.1.0.2) directory:

crsconfig_dirs :which has all directories listed in <GRID_HOME> and their permissions

crsconfig_fileperms :which has list of files and their permissions and locations in <GRID_HOME>.

 

 我们来看下是否是这样的,cd $ORACLE_HOME/crs/utl:

[root@rac2 bin]# cd  /home/grid/app/11.2/grid/crs/utl

[root@rac2 utl]# ls -ltr

total 324

-rw-r–r– 1 root root  1128 Aug 11 09:48 usrvip

-rw-r–r– 1 root root  8437 Aug 11 09:48 srvctl

……

-rw-r–r– 1 root root 12102 Aug 11 09:48 crsconfig_files

-rw-r–r– 1 root root 13468 Aug 11 09:48 crsconfig_fileperms

-rw-r–r– 1 root root  8666 Aug 11 09:48crsconfig_dirs

-rw-r–r– 1 root root   699 Aug 11 09:48 crfsetenv

-rw-r–r– 1 root root  1280 Aug 11 09:48 cmdllroot.sh

-rw-r–r– 1 root root  3680 Aug 11 09:48 cluutil

-rw-r–r– 1 root root  1648 Aug 11 09:48 clsrwrap

-rw-r–r– 1 root root   540 Aug 11 09:48 appvipcfg

[zfzhlhrdb1:grid]:/oracle/app/11.2.0/grid/crs/utl>more crsconfig_dirs

# Copyright (c) 2009, 2013, Oracle and/or its affiliates. All rights reserved.

# The values in each line use the following format:

#

# OSLIST DIRNAME OWNER GROUP CLOSED-PERMS OPEN-PERMS

#

# Note:

# 1) OSLIST is a comma-separated list of platforms on which the directory

#    needs to be created.  'all' indicates that the directory needs to be

#    created on every platform.  OSLIST MUST NOT contain whitespace.

# 2) Permissions need to be specified AS OCTAL NUMBERS.  If permissions are

#    not specified, default (umask) values will be used.

#

# TBD: OPEN-PERMS need to be added for each dir

 

all /oracle/app/11.2.0/grid/cdata grid dba 0775

all /oracle/app/11.2.0/grid/cdata/zfzhlhrdb-crs grid dba 0775

all /oracle/app/11.2.0/grid/cfgtoollogs grid dba 0775

all /oracle/app/11.2.0/grid/cfgtoollogs/crsconfig grid dba 0775

all /oracle/app/11.2.0/grid/log grid dba 0775

.............................................

unix /etc/oracle/olr.loc root dba 0644

unix /etc/oracle/ocr.loc root dba 0644

[zfzhlhrdb1:grid]:/oracle/app/11.2.0/grid/crs/utl>

我们可以看到,确实是这样,crsconfig_dirs里面记录所有$GRID_HOME相关目录的权限。crsconfig_fileperms中记录了文件的权限.

一.1.1.1  校验权限

我们可以通过命令来校验:Validate the <GRID_HOME> by using cluvfy tool.

$ cluvfy comp software -n all -verbose

 

[zfzhlhrdb1:grid]:/home/grid>cluvfy comp software -n all -verbose

 

Verifying software

 

Check: Software

 

  Component: crs                      

 

  Node Name: zfzhlhrdb2               

    /oracle/app/11.2.0/grid/bin/racgeut..."Permissions" did not match reference

        Permissions of file "/oracle/app/11.2.0/grid/bin/racgeut" did not match the expected value. [Expected = "0755" ; Found = "0775"]

    /oracle/app/11.2.0/grid/bin/racgmain..."Permissions" did not match reference

        Permissions of file "/oracle/app/11.2.0/grid/bin/racgmain" did not match th...............................

    /oracle/app/11.2.0/grid/clone/rootpre/ORCLcluster/lib/libskgxnr.a...No such file or directory

 

  1227 files verified                 

 

Software check failed

 

Verification of software was unsuccessful on all the specified nodes.

 

一.1.1.2  解决

 所以要解决这个问题其实并不难,我们大致可以通过如下几种方法来解决:

1. 根据前面的几个权限配置脚本自己参考进行修改,实际上并不难,直接UE编辑就很快搞定.

2. 根据Mos文档提供的建议通过 $GRID_HOME/crs/install/rootcrs.pl -init 或 roothas.pl -init进行解决. rootcrs.pl –init是在PSU>11.2.0.3.6下执行的,如果PSU<11.2.0.3.6可以执行如下两条命令来实现同样的效果

<GRID_HOME>/crs/install/rootcrs.pl -unlock

<GRID_HOME>/crs/install/rootcrs.pl -patch

 

For 11.2:
For clustered Grid Infrastructure, as root user

# cd <GRID_HOME>/crs/install/
# ./rootcrs.pl -init

For Standalone Grid Infrastructure, as root user

# cd <GRID_HOME>/crs/install/
# ./roothas.pl  -init


For 12c:
For clustered Grid Infrastructure, as root user

# cd <GRID_HOME>/crs/install/
# ./rootcrs.sh -init

For Standalone Grid Infrastructure, as root user

# cd <GRID_HOME>/crs/install/
# ./roothas.sh -init

 

3.采用MOS1515018.1文档提供的脚本在正常库上生成脚本,然后将生成的脚本在异常库上执行从而来修复权限问题(应该和方法2结合使用)。

 

4. 11gR2可以deconfig crs的配置,然后重新跑root.sh即可。重新跑root.sh脚本并不影响数据库,所以无需担心(个人推荐的一种方式).

$ORACLE_HOME/crs/install/rootcrs.pl -deconfig -force -verbose

$ORACLE_HOME/root.sh

 

5. 如果是rac的某个节点的误操作,那么还可以通过delete node然后add node来做,不过这个相对麻烦太多了,但是或许是最保险的一种方式。oracle也推荐这样,因为你如果人为修改文件权限,很难保证以后运行过程中不会出现什么问题。

补充:

Linux环境中还可以通过getfacl和setfacl来进行操作,如下是例子:

1) getfacl   /home/grid/app/11.2/grid  > dir_privs.txt

2) set –restore dir_privs.txt

 

总结:

在安装有GI的环境下,权限、属主是严格被设定的,任何对于它们的错误修改容易引发一系列的问题,而且这些问题往往都很诡异很难按照常规的思路去诊断。万一权限或属主被修改了可以通过rootcrs.pl -init及permission.pl进行修复,rootcrs.pl –init仅修复GI的核心目录,所以其修复速度较快,如果遇到GI无法启动的问题,建议首选这种方法以使GI能够快速启动,但其缺点在于无法全量的进行修复,GI虽然正常了,并不能保证之后的运行过程中不出现这样那样的问题,这时就需要permission.pl出场了,permission.pl的运行模式决定了源库(权限正确的库)与目标库(权限错误的库)间的软件版本尽可能的一致,所以源库一定要选好,否则问题会更糟,另外如果源、目标两个库的安装目录不一样还需要对permission*脚本作调整后再执行。

所以个人建议还是跑root.sh来的稳妥一点。

 

一.1.1.3  MOS 1515018.1  permission.pl脚本的使用



chmod 755 permission.pl

oracle用户获取ORACLE_HOME: ./permission.pl $ORACLE_HOME

root用户获取GRID_HOME: ./permission.pl $ORACLE_HOME

 

Script generates two files
a. permission-<time stamp> - This contains file permission in octal value, owner and group information of the files captured
b. restore-perm-<time stamp>.cmd - This contains command to change the permission, owner, and group of the captured files

 

 

拷贝到目标主机后分别执行:

chmod 755 restore-perm-<timestamp>.cmd

    ./restore-perm-<timestamp>.cmd

 

 

一.1.2  如何修复ASM实例名和节点名不一致的情况

对于10g的情况,我们可以参考Dave大神的blog:RAC修改ASM实例名的步骤:http://blog.csdn.net/tianlesoftware/article/details/6275827

对于11g的情况,我们只能重新执行root.sh脚本来修复这个问题。

 

 

一.1.3  如何彻底清除CRS信息


[ZFTPCCDB1:root]:/>$ORACLE_HOME/crs/install/rootcrs.pl -h

Unknown option: h

Usage:

      rootcrs.pl [-verbose] [-upgrade [-force] | -patch]

                 [-paramfile <parameter-file>]

                 [-deconfig [-deinstall] [-keepdg] | -downgrade] [-force] [-lastnode]

                 [-downgrade] [-oldcrshome <old crshome path>] [-version <old crs version>]  

                 [-unlock [-crshome <path to crs home>] [-nocrsstop]]

 

      Options:

       -verbose    Run this script in verbose mode

       -upgrade    Oracle HA is being upgraded from previous version

       -patch      Oracle HA is being upgraded to a patch version

       -paramfile  Complete path of file specifying HA parameter values

       -lastnode   Force the node this is executing on to be considered the

                   last node of the install and perform actions associated

                   with configuring the last node

       -downgrade  Downgrade the clusterware

       -version    For use with downgrade; special handling is required if

                   downgrading to 9i. This is the old crs version in the format

                   A.B.C.D.E (e.g 11.1.0.6.0).

       -deconfig   Remove Oracle Clusterware to allow it to be uninstalled or reinstalled.

       -force      Force the execution of steps in delete that cannot be verified

                   to be safe

       -deinstall  Reset the permissions on CRS home during de-configuration

       -keepdg     Keep existing diskgroups during de-configuration

       -unlock     Unlock CRS home

       -crshome    Complete path of crs home. Use with unlock option.

       -oldcrshome For use with downgrade. Complete path of the old crs home.

       -nocrsstop  used with unlock option to reset permissions on an inactive grid home

 

      If neither -upgrade nor -patch is supplied, a new install is performed

 

      To see the full manpage for this program, execute:

        perldoc rootcrs.pl

 

[ZFTPCCDB1:root]:/>

 

根据MOSHow to Proceed from Failed 11gR2 Grid Infrastructure (CRS) Installation (文档 ID 942166.1) 文档,若要重新执行root.sh脚本,我们可以如下操作:

在除最后一个节点外的所有节点执行:$ORACLE_HOME/crs/install/rootcrs.pl -deconfig -force -verbose

在最后一个节点执行:$ORACLE_HOME/crs/install/rootcrs.pl -deconfig -force -verbose -lastnode

重启OS后再执行:$ORACLE_HOME/root.sh

需要注意的一点是,我们在执行完$ORACLE_HOME/crs/install/rootcrs.pl -deconfig -force -verbose执成之后需要删除如下的文件:

ls -l $ORACLE_BASE/Clusterware/ckptGridHA*

find $ORACLE_HOME/gpnp/* -type f

find $ORACLE_HOME/gpnp/* -type f -exec rm -rf {} \;

 

其中(find $ORACLE_HOME/gpnp/* -type f)中的文件删除后,我们在重新执行root.sh的时候才会有如下的提示:

root wallet

root wallet cert

root cert export

peer wallet

profile reader wallet

pa wallet

peer wallet keys

pa wallet keys

peer cert request

pa cert request

peer cert

pa cert

peer root cert TP

profile reader root cert TP

pa root cert TP

peer pa cert TP

pa peer cert TP

profile reader pa cert TP

profile reader peer cert TP

peer user cert

pa user cert



About Me

..........................................................................................................................................................................................................

本文作者:小麦苗,只专注于数据库的技术,更注重技术的运用

本文在ITpub(http://blog.itpub.net/26736162)和博客园(http://www.cnblogs.com/lhrbest)有同步更新

本文地址:http://blog.itpub.net/26736162/viewspace-2121470/

本文pdf版:http://yunpan.cn/cdEQedhCs2kFz (提取码:ed9b) 

小麦苗分享的其它资料:http://blog.itpub.net/26736162/viewspace-1624453/

联系我请加QQ好友(642808185),注明添加缘由

于 2016-06-24 10:00~ 2016-07-04 19:00 在中行完成

【版权所有,文章允许转载,但须以链接方式注明源地址,否则追究法律责任】

..........................................................................................................................................................................................................

 

拿起手机扫描下边的图片来关注小麦苗的微信公众号:xiaomaimiaolhr,学习最实用的数据库技术。


本文分享自微信公众号 - DB宝(lhrdba)。
如有侵权,请联系 support@oschina.cn 删除。
本文参与“OSC源创计划”,欢迎正在阅读的你也加入,一起分享。

上一篇:JAVAEE——navicat安装


下一篇:Photoshop CS3教程:动画的淡入淡出