Oracle DB – How to select user roles

You can use this SQL script giving the username as argument.


sqlplus myuser@myDBName @select_roles.sql user1
/* select_roles.sql Script */
  lpad(' ', 2*level) || granted_role "User and roles"
  /* THE USERS */
      null     grantee,
      username granted_role
      username like upper('%&1%')
start with grantee is null
connect by grantee = prior granted_role;

Install and configure chrony – CentOS7

What is Chrony ?
Chrony provides another implementation of NTP. It is designed for systems that are often powered down or disconnected from the network. The main configuration file is /etc/chrony.conf and the parameters are similar to those in the /etc/ntp.conf file. Chronyd is a daemon that runs in user space and also is a command-line program that provides a command prompt and a number of commands.

tracking: Displays system time information.
sources: Displays information about current sources.

You can find more about here:

1. Make sure you have your hostnames and /etc/hosts file properly configured

Server (
Client (

/etc/hosts file localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 host2 host1

2. Install chrony package on both the server and the client machine

# yum install chrony

3. Start and enable the daemon on both the server and client machines

# systemctl start chrony
# systemctl enable chrony

4. At the server machine, edit the /etc/chrony.conf file and add your client network

## Allow NTP client access from local network.

5. At the client machine, edit the /etc/chrony.conf and add your ntp server IP address

# Use public servers from the project.
# Please consider joining the pool (
#server iburst
#server iburst
#server iburst
#server iburst
server iburst

6. Restart chrony service on both machines

# systemctl restart chrony

7. Make sure you allow ntp service in your firewall on both machines

# firewall-cmd --permanent --zone=public --add-service ntp
# firewall-cmd --reload
# firewall-cmd --list-all | grep services

8. Verify your sources information


# chronyc sources
210 Number of sources = 4
MS Name/IP address Stratum Poll Reach LastRx Last sample
^? 0 6 0 - +0ns[ +0ns] +/- 0ns
^? 0 6 0 - +0ns[ +0ns] +/- 0ns
^? 0 9 0 - +0ns[ +0ns] +/- 0ns
^? 0 6 0 - +0ns[ +0ns] +/- 0ns


# chronyc sources
210 Number of sources = 1
MS Name/IP address Stratum Poll Reach LastRx Last sample
^? 0 7 0 - +0ns[ +0ns] +/- 0ns

9. Verify your system time information

# chronyc tracking
Reference ID : 7F7F0101 ()
Stratum : 10
Ref time (UTC) : Wed Aug 15 12:16:29 2018
System time : 0.000000020 seconds fast of NTP time
Last offset : +0.000000000 seconds
RMS offset : 0.000000000 seconds
Frequency : 3.440 ppm fast
Residual freq : +0.000 ppm
Skew : 0.000 ppm
Root delay : 0.000000000 seconds
Root dispersion : 0.000000000 seconds
Update interval : 0.0 seconds
Leap status : Normal

Some of the fields
Reference ID:  The Reference ID and the name or IP address (if available), of the server to which the computer is currently synchronized.
Stratum: The stratum indicates how many hops away from a computer with an attached reference clock you are.
Ref time: This is the time (UTC) at which the last measurement from the reference source was processed.
10. Verify your sources

# chronyc sources -v
210 Number of sources = 4
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| / '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
^? 0 6 0 - +0ns[ +0ns] +/- 0ns
^? 0 6 0 - +0ns[ +0ns] +/- 0ns
^? 0 9 0 - +0ns[ +0ns] +/- 0ns
^? 0 6 0 - +0ns[ +0ns] +/- 0ns

M: The mode of the source, where:
^ means a server
= means a peer
# indicates a locally connected reference clock.

S: The state of the sources, where:

“*” indicates the source to which chronyd is currently synchronized.
“+” indicates acceptable sources that are combined with the selected source.
“-” indicates acceptable sources that are excluded by the combining algorithm.
“?” indicates sources to which connectivity has been lost or whose packets do not pass all tests.
“x” indicates a clock that chronyd thinks is a false ticker, that is, its time is inconsistent with a majority of other sources.
“~” indicates a source whose time appears to have too much variability.
“?” condition is also shown at start-up, until at least three samples have been gathered from it.

Name/IP address: This shows the name or the IP address of the source, or reference ID for reference clocks.

Ubuntu with /var/lib/dpkg locked

“Could not get lock /var/lib/dpkg/lock – open (11: Resource temporarily unavailable)”

As soon as you have your Ubuntu 16.04 machine up provisioned by either Ansible or Vagrant, it starts a process for unattended-updates that locks the dpkg repository and any script that needs to send instructions for apt app, will fail.

This appears to be caused by a combination of an unattended-upgraded package policy set by the Debian/Ubuntu, and a change in how unattended upgrades are handled now.

In past versions of Ubuntu, unattended package upgrades were handled by creating a cron job in /etc/cron.daily responsible for running apt. With 16.04 version and the shift to systemd, unattended upgrades are handled by a systemd unit. The new systemd unit has OnCalendar set to 6am and 6pm, along with Persistent set to true. The result is that a full apt-get update && apt-get upgrade will run the first time the system boots, in order to “catch-up” with missed runs.

The idea that packages will be upgraded automatically twice a day, so what you can do is to disable the automatic apt upgrades at all.

How to disable apt automatic updates:

You have to edit this file:


Change the line:




Edit this file:


Change these lines:




Just remember to set the automatic updates ON again after your provision in case this machine is a server.