Re: rman problem with nfs permission.

From: pier paolo Bruno <pbrunoster_at_gmail.com>
Date: Sun, 2 Apr 2023 10:17:25 +0200
Message-ID: <CA+dM1yPXV5t0jEaJC2fu4yEfw9vC9LuBgnr5iF-w6POyLsC5=A_at_mail.gmail.com>


No we are not on asm. Those are old 10g instances on aix My idea was to clone binaries with right uid and gid and try to restore from there. I tried to copy a controlfile backup piece on a local filesystem, leaving it with user and group of production, and rman restores it with no problem only adding as secondary group the gid of the source system. So i think it is a ruby security problem. I can restore on nfs a backup of the same system, so i don't believe it is an nfs issue . I had also opened a support request to rubrik support

Il giorno sab 1 apr 2023 alle ore 01:35 <dimensional.dba_at_comcast.net> ha scritto:
>
> If on OS lun instead of ASM, then after shutdown of restored DB you can chown the files to oracle:oinstall on your restore server.
>
> -----Original Message-----
> From: dimensional.dba_at_comcast.net <dimensional.dba_at_comcast.net>
> Sent: Friday, March 31, 2023 4:34 PM
> To: 'pier paolo Bruno' <pbrunoster_at_gmail.com>
> Cc: 'gogala.mladen_at_gmail.com' <gogala.mladen_at_gmail.com>; 'oracle-l_at_freelists.org' <oracle-l_at_freelists.org>
> Subject: RE: rman problem with nfs permission.
>
> I can't find anything in the Rubrik's documentation for changing the security settingso n the files.
> Quickist path to solution would be on your retore sever create a new user and group with the gid/uid matching the original server. The user will need the other standard OS groups that your current user has.
> Copy your current Oracle home to the new user and group or chown after copying. You will probably need to add the home to your inventory and relink it.
> You should be able to do a restore off of those files.
> They may be some interesting tweaks if you are using ASM and rights to the ASM luns for the new user. If it has the original assigned groups as Oracle user it all should work.
>
> I don’t have a system to currently test on with ASM.
>
>
>
> -----Original Message-----
> From: pier paolo Bruno <pbrunoster_at_gmail.com>
> Sent: Friday, March 31, 2023 1:28 PM
> To: dimensional.dba_at_comcast.net
> Cc: gogala.mladen_at_gmail.com; oracle-l_at_freelists.org
> Subject: Re: rman problem with nfs permission.
>
> I can't because those are rubrik snapshots and are read only. i would have to copy the backup piece and change them. One solution could be to clone Oracle Home, change the ownership of binary ( there is a procedure on support ), restore instance on those binaries and then change the ownership of datafiles control files redo back, but i was asking if there could be a simple solution because i have the same situation on more than one host. I did not setup the environment and the decision of having different uid gid was taken when the backup were made with a different software (tsm i think but i was working elsewhere at those times )
>
> Il giorno ven 31 mar 2023 alle ore 22:22 <dimensional.dba_at_comcast.net> ha scritto:
> >
> > This is one of the reasons you try to have uniform gid/uid across your fleet to not have perm problems in restoring.
> > You can change the gid/uid of the files on your mount to match the server you are trying to retore to.
> > After restore change them back so they will work with original server.
> >
> >
> >
> > -----Original Message-----
> > From: oracle-l-bounce_at_freelists.org <oracle-l-bounce_at_freelists.org> On
> > Behalf Of pier paolo Bruno
> > Sent: Friday, March 31, 2023 12:22 PM
> > To: gogala.mladen_at_gmail.com
> > Cc: oracle-l_at_freelists.org
> > Subject: Re: rman problem with nfs permission.
> >
> > Already done, as i put in the mail :
> >
> > I have already tried to use :
> > sql "alter system set events=''10298 trace name context forever, level
> > 32''" ; and mount option cio,rw,bg,hard,nointr,rsize=32768,
> > wsize=32768,proto=tcp,noac,
> > vers=3,timeo=600
> > as in support note Doc ID 359515.1.
> >
> > And i also tried setting event 10298 trace name context forever, level
> > 32 at session and at system level .
> > Thanks .
> >
> > Il giorno ven 31 mar 2023 alle ore 21:15 Mladen Gogala <gogala.mladen_at_gmail.com> ha scritto:
> > >
> > > On 3/31/23 13:05, pier paolo Bruno wrote:
> > >
> > > I have to duplicate an ora10g database from one machine to another one .
> > > I have host A, on which i do a backup rman to disk ( it is a rubric
> > > nfs appliance ) .
> > > On host A, uid and gid of oracle user are 205 and 204 .
> > > I have to restore it on an host B in which oracle user has uid/gid 203/202 .
> > > I put a chmod 777 on the backup script so that from host B i see
> > > backuppiece mounted like this :
> > > -rwxrwxrwx 1 205 204 93749248 Mar 31 18:15 ctl-j21oel54_1_1
> > > and in theory i could read backuppiece from rubrik mount .
> > > If i mount the nfs backup to host B and if i try to restore, i have a problem .
> > > if i copy the backuppiece of a controlfile from nfs rubrik mount
> > > point with user oracle , on a local filesystem and i launch restore
> > > it works, instead if i launch the restore of a controlfile directly
> > > from the rubrik mount points i have the error
> > > RMAN-06172: no autobackup found or specified handle is not a valid
> > > copy or piece.
> > > I have already tried to use :
> > > sql "alter system set events=''10298 trace name context forever,
> > > level 32''" ; and mount option cio,rw,bg,hard,nointr,rsize=32768,
> > > wsize=32768,proto=tcp,noac,
> > > vers=3,timeo=600
> > > as in support note Doc ID 359515.1.
> > >
> > > On local filesystem i tried to restore a controlfile , changing the
> > > ownership and leaving the ownership as the source system, and it
> > > works with no errors in any case
> > > -rw-r--r-- 1 ora10g dba 93749248 Mar 31 18:02 ctl-ih1oej5q_1_1
> > > -rwxrwxrwx 1 205 204 93749248 Mar 31 18:15 ctl-j21oel54_1_1
> > > but when i try to read the controlfile from nfs , it finish with RMAN-06172.
> > >
> > > Hi Paolo,
> > >
> > > Your NFS mount options are likely wrong. I recommend the following document:
> > >
> > > Mount Options for Oracle files for RAC databases and Clusterware
> > > when used with NFS on NAS devices (Doc ID 359515.1)
> > >
> > >
> > >
> > > --
> > > Mladen Gogala
> > > Database Consultant
> > > Tel: (347) 321-1217
> > > https://dbwhisperer.wordpress.com
> > --
> > http://www.freelists.org/webpage/oracle-l
> >
> >
> >
>

--
http://www.freelists.org/webpage/oracle-l
Received on Sun Apr 02 2023 - 10:17:25 CEST

Original text of this message