pam.d and Oracle 11g1 failure FIXED but what about errors
landon kelsey
landonmkelsey at hotmail.com
Wed Jun 3 14:00:48 UTC 2009
Oracle 11g1 automatic startup under Fedora 9 Linux worked for months
Then in late 3/2009 I had to start 11g1 manually!
I've do regular yum updates.
currently :
Able (root) /var/log 600>uname -a
Linux Able 2.6.27.19-78.2.30.fc9.i686 #1 SMP Tue Feb 24 20:09:23 EST 2009 i686 i686 i386 GNU/Linux
on boot page, the usual command that starts 11g1 just zips on by
How it should be done..this worked before 3/2009
http://download.oracle.com/docs/cd/B28359_01/server.111/b32009/strt_stp.htm#sthref191
I've looked in all the boot messages to no avail. I did find the messages below in
/var/log/secure below
I suspected pam.d and I was right!
SELINUX is disabled as a site suggested!
I changed /etc/pam.d/rsh to the following and now Oracle 11g1 is starting automatically again:
#%PAM-1.0
# For root login to succeed here with pam_securetty, "rsh" must be
# listed in /etc/securetty.
auth required pam_nologin.so
auth required pam_securetty.so
auth required pam_env.so
# auth sufficient pam_rhosts.so
auth sufficient pam_rhosts_auth.so
account include system-auth
session optional pam_keyinit.so force revoke
session include system-auth
session required pam_loginuid.so
I did a www.ask.com for "dbstart pam.d" and got the answer.
I am still wary of lurking problems!
Apr 16 18:43:57 Able sshd2176: Server listening on 0.0.0.0 port 22.
Apr 16 18:44:10 Able rshd2473: PAM unable to dlopen(/lib/security/pam_rhosts_auth.so): /lib/security/pam_rhosts_auth.so: cannot open shared object file: No such file or directory
Apr 16 18:44:10 Able rshd2473: PAM adding faulty module: /lib/security/pam_rhosts_auth.so
Apr 16 18:44:11 Able rshd2473: pam_rhosts(rsh:auth): denied access to root at localhost.localdomain as oracle
Apr 16 18:44:11 Able rshd2473: pam_unix(rsh:session): session opened for user oracle by (uid=0)
Apr 16 18:45:11 Able rshd2473: pam_unix(rsh:session): session closed for user oracle
Apr 16 18:49:07 Able kdm: :02881: pam_unix(kdm:session): session opened for user oracle by (uid=0)
Apr 16 18:50:41 Able su: pam_unix(su-l:session): session opened for user root by oracle(uid=503)
Apr 16 18:54:46 Able su: pam_unix(su-l:session): session closed for user root
Apr 16 18:54:49 Able kdm: :02881: pam_unix(kdm:session): session closed for user oracle
Apr 16 18:55:01 Able sshd2176: Received signal 15; terminating.
Apr 16 18:56:55 Able sshd2171: Server listening on 0.0.0.0 port 22
Apr 16 18:57:08 Able rshd2473: PAM unable to dlopen(/lib/security/pam_rhosts_auth.so): /lib/security/pam_rhosts_auth.so: cannot open shared object file: No such file or directory
Apr 16 18:57:08 Able rshd2473: PAM adding faulty module: /lib/security/pam_rhosts_auth.so
Apr 16 18:57:09 Able rshd2473: pam_unix(rsh:session): session opened for user oracle by (uid=0)
Apr 16 18:58:09 Able rshd2473: pam_unix(rsh:session): session closed for user oracle
Apr 16 18:59:26 Able kdm: :02880: pam_unix(kdm:session): session opened for user oracle by (uid=0)
Apr 16 19:00:31 Able su: pam_unix(su-l:session): session opened for user root by oracle(uid=503)
Apr 16 19:01:50 Able su: pam_unix(su-l:session): session closed for user root
Apr 16 19:02:23 Able su: pam_unix(su-l:session): session opened for user root by oracle(uid=503)
Apr 16 20:48:14 Able sshd4117: Address 194.80.134.6 maps to no-reverse-defined.ja.net, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Apr 16 20:48:14 Able sshd4117: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.80.134.6 user=root
Apr 16 20:48:16 Able sshd4117: Failed password for root from 194.80.134.6 port 51090 ssh2
Apr 16 20:48:16 Able sshd4120: Connection closed by 194.80.134.6
Apr 16 21:11:12 Able sshd4287: Address 194.80.134.6 maps to no-reverse-defined.ja.net, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Apr 16 21:11:12 Able sshd4287: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.80.134.6 user=root
Apr 16 21:11:14 Able sshd4287: Failed password for root from 194.80.134.6 port 53791 ssh2
Apr 16 21:11:15 Able sshd4290: Connection closed by 194.80.134.6
Apr 16 21:28:54 Able sshd4383: Address 194.80.134.6 maps to no-reverse-defined.ja.net, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Apr 16 21:28:54 Able sshd4383: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.80.134.6 user=root
Apr 16 21:28:55 Able sshd4383: Failed password for root from 194.80.134.6 port 44904 ssh2
Apr 16 21:28:56 Able sshd4386: Connection closed by 194.80.134.6
Apr 16 21:46:47 Able sshd4481: Address 194.80.134.6 maps to no-reverse-defined.ja.net, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Apr 16 21:46:48 Able sshd4481: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.80.134.6 user=root
Apr 16 21:46:50 Able sshd4481: Failed password for root from 194.80.134.6 port 36020 ssh2
Apr 16 21:46:50 Able sshd4484: Connection closed by 194.80.134.6
Here is the latest /etc/rc.d/init.d/dbora
>cat /etc/rc.d/init.d/dbora
#! /bin/sh -x
#
# Change the value of ORACLE_HOME to specify the correct Oracle home
# directory for your installation.
ORACLE_HOME=/u01/app/oracle/product/11.1.0/db_1
#
# Change the value of ORACLE to the login name of the
# oracle owner at your site.
#
ORACLE=oracle
PATH=${PATH}:$ORACLE_HOME/bin
HOST=`hostname`
PLATFORM=`uname`
export ORACLE_HOME PATH
#
if [ ! "$2" = "ORA_DB" ] ; then
if [ "$PLATFORM" = "HP-UX" ] ; then
remsh $HOST -l $ORACLE -n "$0 $1 ORA_DB"
exit
else
rsh $HOST -l $ORACLE $0 $1 ORA_DB
exit
fi
fi
#
case $1 in
'start')
$ORACLE_HOME/bin/dbstart $ORACLE_HOME &
;;
'stop')
$ORACLE_HOME/bin/dbshut $ORACLE_HOME &
;;
*)
echo "usage: $0 {start|stop}"
exit
;;
esac
#
exit
_________________________________________________________________
Lauren found her dream laptop. Find the PC that’s right for you.
http://www.microsoft.com/windows/choosepc/?ocid=ftp_val_wl_290
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pam-list/attachments/20090603/5e94782b/attachment.htm>
More information about the Pam-list
mailing list