Workaround for systemtap issue : Oracle Tracing [registration error (rc 0) !]

This is my third blog post about an issue that we may encounter with uprobes and the recent kernel/oracle version.

As the name of this article suggest i will show here how we can put a probe point on oracle functions using systemtap based on the workaround that i described previously.

Continue reading

Workaround for Linux Perf Probes issue for Oracle Tracing

As explained in my previous post there is some issues with uprobes and the recent kernel/oracle version.Based on the workaround that i described i will show in  this short blog post how we can put a probe point on oracle function using Linux Perf. Sadly i haven’t figured out a way to do that using systemtap (Special thanks to Frank Ch. Eigler for his help)

Continue reading

uprobes issue with oracle 12c

If you are using dynamic tracing tools like systemtap/perf for user space probing (based on uprobes/uretprobes) with recent oracle/kernel version you may have hit this issue.As stated by Luca Canali Ref

“Issues with uprobes and Oracle versions: uprobes works OK for tracing Oracle 11.2. However, for Oracle 12.1 I find that uprobes works OK on  RHEL7.0 (kernel 3.10.0-123) and UEK (kernel 3.8.x), but does not work for kernels that ship with RHEL 7.1,7,2 and anything higher (including UEK4). When testing the easiest is to use Oracle 11.2 or if you want to test Oracle 12.1 use UEK3 or RHEL 7.0 kernel. More investigations are needed on this topic.”

Let’s check :

Continue reading

CREATE ANY DIRECTORY threats : PDBs and the PATH_PREFIX clause

In my last blog post  “CREATE ANY DIRECTORY”=DBA=SYSDBA ! Ouch ! i talked about the potential threat that can represent the PREPROCESSOR feature introduced in oracle 11gr2 in a consolidated environment and how to develop a systemtap live patch to help preventing that.As Frank Pachot also stated a new parameter “PDB_OS_CREDENTIAL” was introduced in oracle which is meant to prevent that in CDB databases:

Continue reading


As Kamil Stawiarski explained in some great articles :

“A lot companies consolidates databases into one appliance – like for example Oracle Exadata. So you can have a lot of different databases in one physical cluster. And what if I tell you that you can execute any OS command as an oracle user, having just access to a database user with appropriate privileges? What if I tell you that DBA=SYSDBA? And not just SYSDBA for one database but for every database in a cluster?” Ref1

This is possible using only three elements thanks to the PREPROCESSOR feature introduced in oracle 11G   Ref2 :

Continue reading