In my previous blog posts Metric Extension : HugePages & capacity planning and Metric Extension : CPU usage and capacity planning we have seen haw to improve some of the metric usually used for capacity planning. Another very important metric is our FC HBA utilization and how much free capacity we still have.Continue reading
Oracle oradism or the directly intimate shared monster !
oradism binary was initially created for managing Dynamic Intimate Shared Memory on Solaris, but since then it has evolved a lot (increasing the attack surface) and it’s nowadays used for many operations requiring root privileges on our Linux system. By the way i have peeked it’s new name “Directly Intimate Shared Monster” from Frits Hoogland in tweeter and i think that it fits it better 🙂
I would say that if dism stands for directly intimate shared monster, it seems a fitting description? No?— Frits Hoogland (@fritshoogland) October 22, 2020
The purpose of this blog post is to try to enumerate some of those operations using an oracle 20C preview version (Armed with my old friends systemtap/etc 🙂 )Continue reading
A first hands on Oracle 20C DbNest (Preview)
My previous blog post was an introduction to Oracle DBNest and the fundamental Linux technologies it is based on.It’s now the time to give it a try (This is not an in depth blog post as i’am just giving it a try so don’t expect to much :p) !Continue reading
Oracle database flashback and clone (COW) using LVM snapshots
As the title of this blog post suggest we will be looking at how to use LVM snapshot to flashback our oracle database to point in time snap or to create a thin clone for what if analysis. I’am taking the oracle database as an example here but it can be any database supporting crash consistent snapshot.Continue reading
The PureStorage migration and the entropy problem : /dev/random
Recently “someone/somewhere” started migrating there storage to PureStorage FlashArray. Usually when doing this kind of things we tend to flow different best practice dictated in this case by the storage vendor . Following best practice without carefully understanding them may have bad consequence. In this particular case multiple JAVA application stopped running after the migration !
Metric Extension : HugePages & capacity planning
For big database servers (used for consolidating multiple databases) with a lot of memory and a lot of preallocated free HugePages it’s important to take into consideration the number of free HugePage for capacity planning .
The default “memory used” metric calculated as (MemTotal – (MemFree + Buffers + Cached)) and as (MemTotal – (MemFree – Buffers – Cached – Slab)) in recent version as shown by the free command (Ref: https://access.redhat.com/solutions/406773) don’t take into consideration the amount of Free HugePages. Using the metric extension feature of cloud control we can easily alleviate that.
Oracle Linux UEK 5 : DTrace and the PID provider
The UEK5 kernel is out and as usually there is many enhancements and new features included in it ! One of the notable new feature is the dtrace PID provider Which allow setting “function boundary probes on user space functions, and to probe most arbitrary instructions within user space functions” check uek5-features-dtrace
Let’s give it a try :
Tracking Oracle Database Binaries files changes
The Linux Audit system provides a way to determine the violator of the security policy and the actions they performed such as tracking malicious changes on the oracle executable.
Using Linux Audit system we can basically do the following activities :
- Watching file access
- Monitoring system calls
- Recording commands run by a user
- Recording security events
In this short blog post i will show how we can easily use it to catch changes in “./bin” directory.
Using LD_PRELOAD to implement a hidden trojan in an oracle database
In one of my previous post i showed how we can inject a backdoor in an ORACLE database based on Dennis Yurichev findings.The described method required the modification of the oracle executable files. Few days ago Rodrigo Jorge shared a blog post explaining how we can add another layer of security to the oracle binaries files to protect them against improper changes. That motivated me to check if i still can implement the hidden Trojan without modifying the oracle executable files ?
Playing with oracle DB 18c on-premises before official release
Rodrigo Jorge has already explained a great way to install and play with Oracle 18c DB instance on-premises using Exadata binaries downloaded from edelivery. The basic idea is to install the oracle exadata binaries and before creating the database replace the library “libserver18.a” with the version gotten from an oracle cloud instance (Using Oracle Cloud trial account). And that’s it !
- Installing Oracle Database 126.96.36.199.0 binaries on Oracle Linux 7
- Creating and running an Oracle 188.8.131.52.0 DB instance on Oracle Linux
But for those like me that don’t have an international credit card required to create an Oracle Cloud trial account (Yes i don’t have one 😦 ) or don’t want to create one ! How to proceed to get a copy of this working libserver18.a library ? May be ask one of the oracle folks to upload it to somewhere and hope that there is no backdoor on it :p or just try to hack it your self 😀