Posted by John Paul van Helvoort on November 20, 2009
When passing a website using a reverse proxy , you might encounter an 503 error when the site you try to pass on is for some reason not available.
You can monitor this behavior by implementing your own 503 reporting system.
First you take on a line that will catch these errors.
Alias /error /srv/www/htdocs/error
ErrorDocument 503 /error/503.php
After this you can put together your own 503.php script
<?php
ob_start();
header('HTTP/1.1 503');
header('Status: 503');
$error=503
?>
<html>
<title>Example.com Page Reported <? echo $error ?></title>
<body>
<br>
<center><img src=/error/images/logo.png></center>
<br>
<center> Technical Problem Encountered</center>
</body>
</html>
<?
// Retrieve the URL requested
function curPageURL() {
$isHTTPS = (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == "on");
$port = (isset($_SERVER["SERVER_PORT"]) && ((!$isHTTPS && $_SERVER["SERVER_PORT"] != "80") || ($isHTTPS && $_SERVER["SERVER_PORT"] != "443")));
$port = ($port) ? ':'.$_SERVER["SERVER_PORT"] : '';
$url = ($isHTTPS ? 'https://' : 'http://').$_SERVER["SERVER_NAME"].$port.$_SERVER["REQUEST_URI"];
return $url;
}
// Fill basic variables
$page=curPageUrl();
$today = date("F j, Y, G:i");
$ip=$_SERVER['REMOTE_ADDR'];
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
// E-mailadres to inform
$to='webmaster@example.com';
$subject='ERROR '.$error.' Reported on '.$page;
$message = '
<html>
<body>
<table>
<tr>
<td>Requested URL</td><td>'.$page.'</td>
</tr>
<tr>
<td>Requested By</td><td>'.$ip.'</td>
</tr>
<tr>
<td>Requested On</td><td>'.$today.'</td>
</tr>
</table>
</table>
</body>
</html>
';
// Mail the error
mail($to, $subject, $message, $headers);
?>
Offcourse you can use this same code to report on different errors reported aswell :).
Posted in Apache, Linux | Leave a Comment »
Posted by John Paul van Helvoort on November 20, 2009
To catch all traffic which requests an APEX admin page like 4550 , you can include these RewriteRules in your Apache Reverse Proxy configuration.
When not set on the first entry point ( in this case the reverse proxy ), you might run into the problem that all traffic received on your back-end server seem to come from an internal adres( your reverse proxy server)
and can therefor not be filtered using the build-in security feature in APEX. So be implementing these rules your site can be made more secure again.
# Set Engine on
RewriteEngine On
# 403 error will be thrown if met
# exclude the password change page for apex users
RewriteCond %{REQUEST_URI}%{QUERY_STRING} !/(apex|builder)/f?p=4155:.*
RewriteCond %{REQUEST_URI}%{QUERY_STRING} /(apex|builder)/f?p=(4[0-9]{3}:.*)
# Making it available still from 127.0.0.1 and 10.0.0.x
RewriteCond %{REMOTE_ADDR} !^(127\.0\.0\.1|10\.0\.0\.[0-9]{1,3})$
# Else , let request go threw
RewriteRule /(apex|builder)/ - [F]
If you want to catch these 403 errors and show a nice error message for it, you can set these lines aswell
alias /error /srv/www/htdocs/error
ErrorDocument 403 /error/forbidden.html
Now place a forbidden.html file in /srv/www/htdocs/error/ and you are all set.
Posted in Apache, Apex, Linux | Leave a Comment »
Posted by John Paul van Helvoort on November 1, 2009
While installing the latest HTTP Server (Oracle HTTP Server (Apache 2.0) (10.1.3.3.0) ) from oracle to take advantage of the modplsql module that is provided.
The installation completed succesfully but still the httpd process could not start because of missing library dependencies.
When opening your $ORACLE_ACACHE_HOME/opmn/logs/HTTP_Server~1.log
you could find the following errors there :
——–
09/10/31 18:28:32 Start process
——–
/u00/oracle/product/10.1.3/apache/ohs/bin/apachectl startssl: execing httpd
/u00/oracle/product/10.1.3/apache/ohs/bin/httpd: error while loading shared libraries: libgdbm.so.2: cannot open shared object file: No such file or directory
——–
09/10/31 18:37:31 Start process
——–
/u00/oracle/product/10.1.3/apache/ohs/bin/apachectl startssl: execing httpd
/u00/oracle/product/10.1.3/apache/ohs/bin/httpd: error while loading shared libraries: libdb-3.3.so: cannot open shared object file: No such file or directory
In the same order you could fix this by creating symbolic links to the current shared library for each missing library.
( execute as root user )
cd /usr/lib
ln -s libgdbm.so.3.0.0 libgdbm.so.2
ln -s libdb-4.3.so libdb-3.3.so
These versions are found on “SUSE Linux Enterprise Server 10 SP2 (i586)” , your symbolic links can be different when the problem is faced on a different version operating system.
Please adjust accordingly.
( execute as root user )
cd /usr/lib
ln -s libgdbm.so.X.0.0 libgdbm.so.2
ln -s libdb-4.X.so libdb-3.3.so
Posted in Application Server, Linux | Leave a Comment »
Posted by John Paul van Helvoort on July 9, 2009
While wanting to preform a disaster recovery using RMAN on a spare server which has an ORACLE_HOME 10.2.0.1 64bits installed on a Red Hat Enterprise Linux AS release 4 Operating System.
I tried the following to read back my controlfile. But before getting to this point i faced this error :
oracle@xxx: $ $ORACLE_HOME/bin/rman target /
Recovery Manager: Release 10.2.0.1.0 – Production on Wed Jul 8 10:32:56 2009
Copyright (c) 1982, 2005, Oracle. All rights reserved.
oraclewiki: error while loading shared libraries: libaio.so.1: cannot open shared object file: No such file or directory
RMAN-00571: ===========================================================
RMAN-00569: =============== ERROR MESSAGE STACK FOLLOWS ===============
RMAN-00571: ===========================================================
RMAN-00554: initialization of internal recovery manager package failed
RMAN-04005: error from target database:
ORA-12547: TNS:lost contact
Assuming the libaio library was installed i searched and tried to clear this up. As the server is a x86_64 server there should be a 64 bit library of libaio installed :
oracle@xxx: # find / -name libaio.so.1
/local/app/oracle/product/db10g/lib/stubs/libaio.so.1
/local/app/oracle/product/agent10g/lib/stubs/libaio.so.1
/local/app/oracle/product/db10gtest/lib/stubs/libaio.so.1
/local/app/oracle/product/10.2.0/db/lib/stubs/libaio.so.1
/local/app/oracle/product/10.2.0/db/lib32/stubs/libaio.so.1
/usr/lib/libaio.so.1
oracle@xxx: $ ldd $ORACLE_HOME/bin/oracle | grep libaio
libaio.so.1 => not found
As i could see here, this was not the case. Only the 32 bit is availible and therefor not used by the Oracle 64 bits Database software.
The output of the ldd command supports this as there is a dependency problem for the oracle process on libaio.so.1.
After adding the following rpm’s i was able to connect without problems.
root@xxx: # up2date –showall | grep libaio | grep 64
libaio-0.3.105-2.x86_64
libaio-devel-0.3.105-2.x86_64
As you can see now the correct library is found and the dependency problem is solved.
oracle@xxx: $ ldd $ORACLE_HOME/bin/oracle | grep libaio
libaio.so.1 => /usr/lib64/libaio.so.1 (0×0000002a96f40000)
Posted in Linux, RMAN | Leave a Comment »
Posted by John Paul van Helvoort on July 8, 2009
Every ran into the problem that the BACKSPACE key does not work ?
Instead you will get “^?” or “^h” on the screen when BACKSPACE is used.
^? will be returned on ksh shell and ^h will be returned when using a bash shell
When you want to lose this behaviour in your session you could execute the following command :
stty erase [BACKSPACE]
After this the BACKSPACE works again ! After logout the setting is gone and should be executed again.
Posted in Linux, Tips & Tricks | Leave a Comment »
Posted by John Paul van Helvoort on July 6, 2009
Just a quick reminder on how to setup a simple password-less SSH login on your servers.
You might get lost in all documentation that is published on the topic. Here is what i execute to make it work !
Actions for the source server :
oracle@db $ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/oracle/.ssh/id_rsa):
Enter passphrase (empty for no passphrase): [LEAVE EMPTY]
Enter same passphrase again: [LEAVE EMPTY]
Your identification has been saved in /home/oracle/.ssh/id_rsa.
Your public key has been saved in /home/oracle/.ssh/id_rsa.pub.
The key fingerprint is:
xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx oracle@db.example.nl
oracle@db $
Resulting in ;
oracle@db $ ll
total 12
-rw——- 1 oracle oinstall 1675 Jul 3 11:33 id_rsa
-rw-r–r– 1 oracle oinstall 401 Jul 3 11:33 id_rsa.pub
-rw-r–r– 1 oracle oinstall 1138 Jul 3 10:38 known_hosts
oracle@db $
Actions for the remote server :
Now copy the content of the id_rsa.pub file in the authorized_keys on the server( db2 in my case ) you want to connect to. The location of the the file is /home/oracle/.ssh/authorized_keys
That it !
Now we can connect without the use of a password ;
oracle@db $ ssh db2
Last login: Fri Jul 3 11:37:41 2009 from db2.example.nl
oracle@db2$
I use this setup to be able to execute os command’s from within my script on a remote server.
Posted in Linux | Leave a Comment »
Posted by John Paul van Helvoort on June 30, 2009
To verify the Suse 10 release and its Service Packs you can either consult the /etc/SuSE-release file or execute the following command.
[] xxx:/> SPident -v
Summary (using 840 packages)
Product/ServicePack conflict match update (shipped)
SLE-10-x86_64 0 0% 306 36.4% 0 (2754 11.1%)
SLE-10-x86_64-SP1 0 0% 443 52.7% 0 (2938 15.1%)
SLE-10-x86_64-SP2 0 0% 840 100% 0 (2337 35.9%)
CONCLUSION: System is up-to-date!
found SLE-10-x86_64-SP2
[] xxx:/>
Posted in Linux, Tips & Tricks | Leave a Comment »
Posted by John Paul van Helvoort on June 12, 2009
Today i was challanged with an error which suddenly appeared after running multiple installs on the system.
oracle@xxx 1021 $ ./runInstaller
Starting Oracle Universal Installer…
Checking installer requirements…
./runInstaller: line 65: 4245 Segmentation fault $CMDDIR/install/runInstaller -oneclick SHOW_CUSTOM_TREE_PAGE=false $*
when strace is used to find the error occuring i was able to find this ;
oracle@xxx 1021 $ strace ./runInstaller -oneclick SHOW_CUSTOM_TREE_PAGE=false $*
…
…
write(3, “\nChecking operating system versi”…, 44) = 44
write(3, “redhat-Red Hat Enterprise Linux “…, 192) = 192
access(“/etc/redhat-release”, F_OK) = 0
stat64(“/etc/redhat-release”, {st_mode=S_IFREG|0700, st_size=45, …}) = 0
open(“/etc/redhat-release”, O_RDONLY) = -1 EACCES (Permission denied)
— SIGSEGV (Segmentation fault) @ 0 (0) —
+++ killed by SIGSEGV +
As it turned out , someone just changed the security properties on the redhat-release file so that public could not read it anymore.
WRONG
-rw——- 1 root root 56 Apr 11 2007 redhat-release
(chmod 600 )
RIGHT
-rw-r–r– 1 root root 56 Apr 11 2007 redhat-release
(chmod 644)
After changing this back to original chmod 644 , the installer started perfectly
Posted in Linux | Leave a Comment »
Posted by John Paul van Helvoort on June 2, 2009
Ever ran into this error ?
Well the solution other then removing the directory and recreating it would be to run a command similar to this from within the directory you want to clean;
find . -name ‘*.trm’ | xargs rm
find . -name ‘*.trc’ | xargs rm
Just a nice to know :)
Posted in Linux | Leave a Comment »
Posted by John Paul van Helvoort on May 20, 2009
Using an export OS script with a command similar to this:
exp “‘/ AS SYSDBA’” full=y file=export_SID.dmp log=export_SID.log statistics=none
This error suddenly came around.
EXP-00056: ORACLE error 1031 encountered
ORA-01031: insufficient privileges
After researching this error, i found that when the TWO_TASK parameter is set, Oracle tries to connect via Oracle Net.
This then will return an error while connecting using $OPS login of “/” , which is done in my case.
after unset this variable the problem was solved !
unset TWO_TASK
Posted in Database, Linux, Scripting | Leave a Comment »
