Why and How to check and table size/actual size in oracle ?

 Why ?

In Oracle after the deletion of number of rows in the table you will expected a size change however due the high water mark things which mark the deleted space and keep the HWM thus the size will not be affected unless you do further action, however it is useful to know the actual size after this deletion and whether you will reclaim or not this is can be decided based on that.

How ?

Below are queries to this matter:

1- To check a table reserved size  :

col owner format A20

col SEGMENT_NAME format A20

set linesize 300

SELECT SEGMENT_NAME ,  OWNER , SUM(bytes)/1024/1024 "MB"

FROM DBA_SEGMENTS

WHERE segment_name=upper('&object_name') and segment_type= upper('&object_type')

Group by segment_name , owner;

 2- To check the waisted size and how many reclaimed size , you may check the below query , however it is mostly same to things in segment adviser that I will add about it last things , it is can help you to reach 90% of things in this matter:

SELECT TABLE_NAME

         ROUND((BLOCKS * 8/1024),0) "SIZE (MB)",

         ROUND((NUM_ROWS * AVG_ROW_LEN / 1024/1024), 0) "ACTUAL DATA (MB)",

         (ROUND((BLOCKS * 8/1024),0) - ROUND((NUM_ROWS * AVG_ROW_LEN / 1024/1024), 0)) "WASTED (MB)"

    FROM DBA_TABLES

   WHERE  OWNER LIKE upper('&owner_name') and table_name = upper('&table_name') ;

 3- If you just do the clean you , you may need to update the DB about this object using the below  :

analyze table &owner..&object COMPUTE STATISTICS;

 

4- Another option is to use the Segment advisor which part of tuning pack license so if you got this license you can run the advisor or it is daily run by default to check all these details , using Oracle Enterprise Manager ( OEM) ,

 

You may run it manually if you don’t have the OEM agent in this DB as below :

The example that follows shows how to use the DBMS_ADVISOR procedures to run the Segment Advisor for the sample table hr.employees.

variable id number;

begin

  declare

  name varchar2(100);

  descr varchar2(500);

  obj_id number;

  begin

  name:='Manual_Employees';

  descr:='Segment Advisor Example';

 

  dbms_advisor.create_task (

    advisor_name     => 'Segment Advisor',

    task_id          => :id,

    task_name        => name,

    task_desc        => descr);

 

  dbms_advisor.create_object (

    task_name        => name,

    object_type      => 'TABLE',

    attr1            => 'HR',

    attr2            => 'EMPLOYEES',

    attr3            => NULL,

    attr4            => NULL,

    attr5            => NULL,

    object_id        => obj_id);

 

  dbms_advisor.set_task_parameter(

    task_name        => name,

    parameter        => 'recommend_all',

    value            => 'TRUE');

 

  dbms_advisor.execute_task(name);

  end;

end;

/

** Then use select from view or dbms_space.asa_recommendations

The following example shows how to query the DBA_ADVISOR_* views to retrieve findings from all Segment Advisor runs submitted by user STEVE:

 

select af.task_name, ao.attr2 segname, ao.attr3 partition, ao.type, af.message

  from dba_advisor_findings af, dba_advisor_objects ao

  where ao.task_id = af.task_id

  and ao.object_id = af.object_id

  and ao.owner = 'STEVE';

TASK_NAME          SEGNAME      PARTITION       TYPE             MESSAGE

 

select tablespace_name, segment_name, segment_type, partition_name,

recommendations, c1 from

table(dbms_space.asa_recommendations('FALSE', 'FALSE', 'FALSE'));

** the above example is from Oracle document 

https://docs.oracle.com/cd/E18283_01/server.112/e17120/schema003.htm.

Why and How to check network traffic in Linux ?

  Why ?

To check the network traffic in your Linux server for certain cases , you may use tcpdump or Wireshark as a GUI of it, this will help you to monitor and filter the network traffic in the OS level .

How ?

Below are commands for port and all ports as a sample example  :

1- The traffic for all income for specific port:

tcpdump -ni <net_dev> -s0 -w /path/to/"$HOSTNAME"_"$(date +%d-%m-%y)".pcap host <ip_host>

 2- To check traffic for specific or all traffics port in specific network device:

tcpdump -ni <net_dev>  host <host_ip> -l > /path/to/"$HOSTNAME"_"$(date +%d-%m-%y)".pcap

3- To check traffic for specific network device and source/destination :

ifconfig -a

tcpdump -i <device name>

tcpdump -i <device name> dst <IP>

tcpdump -i <device name> src <IP>

Why and How to search all your code text in Oracle DB codes ?

Why ?

In Oracle to search in all codes source text (any code written like package body , function ..etc) if you need to search for certain word or any text matched it will difficult to open each one to see whether it contain this text or not , thus; you need to run the below query to reach this .

How ?

Below are commands in sql to reach this:

select *

from dba_source

where upper(text) like upper('%SOMETEXT%');

Why and How to hard the RHEL OS

 Why ?

In Linux Red-hat OS system in order to comply to the certain policies you will need to configure the password in certain levels , in RHCSA it doesn’t covered all kind of these aspects to reach all kind of hardening , below are the main password things I think you may be need to set all required aspects in the matter.

How ?

Below are commands in CLI to configure the:

1- To check telnet server is not installed ( only client is allowed) :

rpm -qa telnet

telnet-0.17-73.el8_1.1.x86_64

 2- To disable the Root SSH login directly (change or check) parameter “PermitRootLogin” is no:

# vim /etc/ssh/sshd_config

PermitRootLogin no

 3- To set the SSH maximum concurrent sessions for all and specific user , for example all users 2 maximum and admin 5 sessions  :

# vim /etc/security/limits.conf

*                -       maxlogins       2

admin            -       maxlogins       5

 

4- To set the password’s strength against a set of rules, Red-hat have the “pam_pwquality” module to be used for this matter, the PAM-aware (Pluggable Authentication Modules) will affect passwd command while user change the password.

 

To set minimum length of password as example :

Length not less than 8 + have upper case + lowercase + other character

minlen = minum length of password

dcredit = credit for having required digits in password

ucredit =  credit for having uppercase characters in password .

lcredit = credit for having lowercase characters in password

# vim /etc/security/pwquality.conf

# The new password is rejected if it fails the check and the value is not 0.

enforcing = 1

ucredit = -1

lcredit = -1

minlen = 8

dcredit = -1

 

5- To setup the lock account after 6 failed tried and unlock it after 30 minutes or success login rest these number as below :

 

vi /etc/pam.d/system-auth

## After this line :

auth        [default=1 ignore=ignore success=ok]         pam_localuser.so

 

auth        required      pam_faillock.so preauth silent unlock_time=1800 deny=6

auth        sufficient                                   pam_unix.so  try_first_pass

auth        [default=die] pam_faillock.so authfail unlock_time=1800 deny=6

auth        [default=1 ignore=ignore success=ok]         pam_usertype.so isregular

# make sure to pam_faillok.so

account     required      pam_faillock.so

account     required                                     pam_unix.so

## to remember password last 4 times:

password    requisite                                    pam_pwquality.so try_first_pass local_users_only

password    requisite                                    pam_pwhistory.so remember=4 use_authtok

password    sufficient                                   pam_unix.so sha512 shadow  try_first_pass use_authtok remember=4

## another file is :

vi /etc/pam.d/password-auth

auth        required      pam_faillock.so preauth silent unlock_time=1800 deny=6

auth        sufficient                                   pam_unix.so  try_first_pass

auth        [default=die] pam_faillock.so authfail unlock_time=1800 deny=6

auth        [default=1 ignore=ignore success=ok]         pam_usertype.so isregular

auth        sufficient                                   pam_sss.so forward_pass

auth        required                                     pam_deny.so

 

account     required      pam_faillock.so

account     [default=bad success=ok user_unknown=ignore] pam_sss.so

account     required                                     pam_permit.so

 

password    requisite                                    pam_pwquality.so try_first_pass local_users_only

password    requisite                                    pam_pwhistory.so remember=4 use_authtok

password    sufficient                                   pam_unix.so sha512 shadow  try_first_pass use_authtok remember=4

6- If you use 8.2 and above use the new recommended approach as per RHEL article as below (from RHEL article) :

1. List available profiles:

# authselect list

2. List current profile and features enabled:

# authselect current

3. Backup the current profile/changes:

# authselect apply-changes -b --backup=sssd.backup

4. Create new custom profile name password-policy copied from existing profile sssd:

#  authselect create-profile password-policy -b sssd

Newly created profile will be available at location: /etc/authselect/custom/password-policy/

5. Set new custom profile as current profile:

# authselect select custom/password-policy

# authselect current

6. To enable features for example, to create home directory on user login if not already present and to enable account lockout using faillock, run these commands:

# authselect enable-feature with-mkhomedir

# authselect enable-feature with-faillock

7. Make desired/custom changes in global PAM config files system-auth and password-auth available under custom profile directory /etc/authselect/custom/password-policy/. Once changes are made apply them with command:

# authselect apply-changes

Confirm if changes are written to the files.

1. Keep history of used passwords (the number of previous passwords which cannot be reused).

• Insert the following line in /etc/authselect/custom/password-policy/system-auth and /etc/authselect/custom/password-policy/password-auth files (after pam_pwquality.so line:

password    requisite     pam_pwhistory.so remember=5 use_authtok

2. Enforce root for password complexity.

• Insert/append the following option in pam_pwquality.so line under password section in /etc/authselect/custom/password-policy/system-auth and /etc/authselect/custom/password-policy/password-auth files:

enforce_for_root

Note: After making the changes, authselect apply-changes needs to be run so that changes can take effect.

SHOW PARAMTER columns format in SQLPLUS

 

Why ?

In SQL-Plus utility you may have a values listed in short two lines and while you try the normal set linesize xxx or set pagesize xxx then the column name format axx with name , type or value column of the show parameter , it doesn’t affected , this is because these column names is differ from what you see in screen. Below is the default value in oracle sqlplus :

- Defaults for SHOW PARAMETERS
COLUMN name_col_plus_show_param FORMAT a36 HEADING NAME
COLUMN value_col_plus_show_param FORMAT a30 HEADING VALUE

How ?

Below are commands in sqlplus to edit the name , type or value of show parameter for sga as example  :

1- to check the value of sga:

SQL> show parameter sga

NAME                           TYPE

------------------------------ ------------------------------

VALUE------------------------------

lock_sga                       boolean

FALSE

pre_page_sga                   boolean

FALSE

sga_max_size                   big integer

300M

sga_target                     big integer0

 2- To set the parameter column format as below (change the number as needed) :

SQL> column NAME_COL_PLUS_SHOW_PARAM format A20

SQL> column TYPE format A20

SQL> column VALUE_COL_PLUS_SHOW_PARAM format A20

 3- check the format layout after that :

SQL> show parameter sga

NAME                 TYPE                 VALUE

-------------------- -------------------- --------------------

lock_sga             boolean              FALSE

pre_page_sga         boolean              FALSE

sga_max_size         big integer          300M

sga_target           big integer          0

Why and How to Monitoring user DBSNMP will expire in xx hours

 

 Why ?

Each user in oracle is assigned with a password and password has a lot of details, these details may be configured in profile, this profile can be link with function if needed to fulfill all complexity required. One of these is lifetime limit, if you have a limit in profile assigned to your user then you will be prompted in OEM that user xxx will be expired in xxx hour, this is based on your OEM configuration. To renew this time limit you can just re-enter the password or you may create new profile to unlimited or new time period as needed.

How ?

Below are commands in sqlplus to check and update the password for dbsnmp user for example  :

1- to check the user expiration date use:

SQL> set linesize 200

SQL> col username format a30

SQL> select USERNAME,EXPIRY_DATE from dba_users where username="DBSNMP" ;

2- you can renew the password age by re-enter a same or new password as below :

alter user dbsnmp identified by ‘password’ ;

Why and How to copy file from ASM to filesystem and from filesystem to ASM

 

 Why ?

If you are using oracle ASM filesystem you will need to copy files from non ASM ( normal filesystem) to ASM file system, ASM will be used in RAC GRID and RAC one node DB. Revert is true as well .

How ?

Below are commands to copy files from ASM to filesystem and from filesystem to ASM  :

1- To copy files from ASM to filesystem use the below:

ASMCMD> cp +DATA/ORCL/FILE /path/to/filesytem/orcl_xyz.dbf_tmp                                       

copying +DATA/ORCL/FILE /path/to/filesytem/orcl_xyz.dbf_tmp

2- To copy file from filesystem to ASM use the below:

ASMCMD> cp /path/to/filesytem/orcl_xyz.dbf_tmp '+DATA/ORCL/FILE'

copying /path/to/filesytem/orcl_xyz.dbf_tmp +DATA/ORCL/FILE