Author: camilalui

Oracle DB – How to select user roles

- camilalui Leave a comment

You can use this SQL script giving the username as argument.

Example:

sqlplus myuser@myDBName @select_roles.sql user1
/* select_roles.sql Script */
select
  lpad(' ', 2*level) || granted_role "User and roles"
from
  (
  /* THE USERS */
    select
      null     grantee,
      username granted_role
    from
      dba_users
    where
      username like upper('%&1%')
  /* THE ROLES TO ROLES RELATIONS */
  union
    select
      grantee,
      granted_role
    from
      dba_role_privs
  )
start with grantee is null
connect by grantee = prior granted_role;

Install and configure chrony – CentOS7

- camilalui Leave a comment

What is Chrony ?
Chrony provides another implementation of NTP. It is designed for systems that are often powered down or disconnected from the network. The main configuration file is /etc/chrony.conf and the parameters are similar to those in the /etc/ntp.conf file. Chronyd is a daemon that runs in user space and also is a command-line program that provides a command prompt and a number of commands.

Examples:
tracking: Displays system time information.
sources: Displays information about current sources.

You can find more about here:

https://chrony.tuxfamily.org/comparison.html

1. Make sure you have your hostnames and /etc/hosts file properly configured

Server (host1.localnet.com)
Client (host2.localnet.com)

/etc/hosts file

127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.0.200 host2.localnet.com host2
192.168.0.199 host1.localnet.com host1

2. Install chrony package on both the server and the client machine

# yum install chrony

3. Start and enable the daemon on both the server and client machines

# systemctl start chrony
# systemctl enable chrony

4. At the server machine, edit the /etc/chrony.conf file and add your client network

## Allow NTP client access from local network.
allow 192.168.0.0/24

5. At the client machine, edit the /etc/chrony.conf and add your ntp server IP address

# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
#server 0.centos.pool.ntp.org iburst
#server 1.centos.pool.ntp.org iburst
#server 2.centos.pool.ntp.org iburst
#server 3.centos.pool.ntp.org iburst
server 192.168.0.199 iburst

6. Restart chrony service on both machines

# systemctl restart chrony

7. Make sure you allow ntp service in your firewall on both machines

# firewall-cmd --permanent --zone=public --add-service ntp
# firewall-cmd --reload
# firewall-cmd --list-all | grep services

8. Verify your sources information

server

# chronyc sources
210 Number of sources = 4
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^? t1.time.ir2.yahoo.com 0 6 0 - +0ns[ +0ns] +/- 0ns
^? bray.walcz.net 0 6 0 - +0ns[ +0ns] +/- 0ns
^? t1.time.ir2.yahoo.com 0 9 0 - +0ns[ +0ns] +/- 0ns
^? tshirt.heanet.ie 0 6 0 - +0ns[ +0ns] +/- 0ns

client

# chronyc sources
210 Number of sources = 1
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^? host1.localnet.com 0 7 0 - +0ns[ +0ns] +/- 0ns

9. Verify your system time information

# chronyc tracking
Reference ID : 7F7F0101 ()
Stratum : 10
Ref time (UTC) : Wed Aug 15 12:16:29 2018
System time : 0.000000020 seconds fast of NTP time
Last offset : +0.000000000 seconds
RMS offset : 0.000000000 seconds
Frequency : 3.440 ppm fast
Residual freq : +0.000 ppm
Skew : 0.000 ppm
Root delay : 0.000000000 seconds
Root dispersion : 0.000000000 seconds
Update interval : 0.0 seconds
Leap status : Normal

Some of the fields
Reference ID:  The Reference ID and the name or IP address (if available), of the server to which the computer is currently synchronized.
Stratum: The stratum indicates how many hops away from a computer with an attached reference clock you are.
Ref time: This is the time (UTC) at which the last measurement from the reference source was processed.
10. Verify your sources

# chronyc sources -v
210 Number of sources = 4
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| / '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^? mail.thefrown.net 0 6 0 - +0ns[ +0ns] +/- 0ns
^? t2.time.ir2.yahoo.com 0 6 0 - +0ns[ +0ns] +/- 0ns
^? bray.walcz.net 0 9 0 - +0ns[ +0ns] +/- 0ns
^? 193.1.12.167 0 6 0 - +0ns[ +0ns] +/- 0ns

M: The mode of the source, where:
^ means a server
= means a peer
# indicates a locally connected reference clock.

S: The state of the sources, where:

“*” indicates the source to which chronyd is currently synchronized.
“+” indicates acceptable sources that are combined with the selected source.
“-” indicates acceptable sources that are excluded by the combining algorithm.
“?” indicates sources to which connectivity has been lost or whose packets do not pass all tests.
“x” indicates a clock that chronyd thinks is a false ticker, that is, its time is inconsistent with a majority of other sources.
“~” indicates a source whose time appears to have too much variability.
“?” condition is also shown at start-up, until at least three samples have been gathered from it.

Name/IP address: This shows the name or the IP address of the source, or reference ID for reference clocks.

Ubuntu with /var/lib/dpkg locked

- camilalui Leave a comment

Error:
“Could not get lock /var/lib/dpkg/lock – open (11: Resource temporarily unavailable)”

As soon as you have your Ubuntu 16.04 machine up provisioned by either Ansible or Vagrant, it starts a process for unattended-updates that locks the dpkg repository and any script that needs to send instructions for apt app, will fail.

This appears to be caused by a combination of an unattended-upgraded package policy set by the Debian/Ubuntu, and a change in how unattended upgrades are handled now.

In past versions of Ubuntu, unattended package upgrades were handled by creating a cron job in /etc/cron.daily responsible for running apt. With 16.04 version and the shift to systemd, unattended upgrades are handled by a systemd unit. The new systemd unit has OnCalendar set to 6am and 6pm, along with Persistent set to true. The result is that a full apt-get update && apt-get upgrade will run the first time the system boots, in order to “catch-up” with missed runs.

The idea that packages will be upgraded automatically twice a day, so what you can do is to disable the automatic apt upgrades at all.

How to disable apt automatic updates:

You have to edit this file:

 

Change the line:

 

To:

 

Edit this file:

 

Change these lines:

 

To:

 

Just remember to set the automatic updates ON again after your provision in case this machine is a server.