000027951 - KB-1459 - Oracle installation prerequisites

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000027951
Applies ToAffected Versions: 5.X; 4.2.X

Before installing the Aveksa solution, systems not purchased and preconfigured from Aveksa (the software only solution) must meed certain minimum requirements for Oracle 10.0.2.X in order to have a successful installation.


Please throughly review the server specific ACM Installation Guide for complete details.
The script (provided as-is) attached to this KB can be used to verify and automatically set the parameters. However take care when using any scripts that modify the kernel and validate any changes before rebooting.
Checking Memory and Swap Space
Oracle says that the system must have at least 1GB of physical RAM and 1GB of swap space or twice the size of RAM. And for systems with more than 2 GB of RAM, the swap space can be between one and two times the size of RAM. You might also want to check out sizing swap space.
To check the size of physical memory, execute:

grep MemTotal /proc/meminfo

MemTotal: 515700 kB

To check the size of swap space, execute:
grep SwapTotal /proc/meminfo

SwapTotal: 1004052 kB

You can add temporary swap space to your system by creating a temporary swap file instead of using a raw device. Here is the procedure:
su - root

cd /root

dd if=/dev/zero of=/root/tmpswp bs=1k count=500000

500000+0 records in

500000+0 records out

chmod 600 tmpswp

mkswap tmpswp

Setting up swapspace version 1, size = 511995 kB

swapon tmpswp

grep SwapTotal /proc/meminfo

SwapTotal: 1504044 kB

Checking /tmp Space
The Oracle Installer requires up to 400 MB of free space in the /tmp directory. If you do not have enough space in the /tmp filesystem, you can temporarily create a tmp directory in another filesystem. Here is how you can do this (/u01 is another filesystem)
su - root

mkdir /u01/tmp

chown root:root /u01/tmp

chmod 1777 /u01/tmp

export TEMP=/u01

export TMPDIR=/u01

When you are done with the Oracle installation, shutdown Oracle and remove the temporary /tmp directory:
su - root

rmdir /u01/tmp

unset TEMP

unset TMPDIR

Checking Kernel Parameters (Values from Oracle Site for 10.2.0.x)
To see all kernel parameters, execute:
su - root

sysctl -a

Verify that the kernel parameters shown in the following table are set to values greater than or equal to the recommended value shown. Do not change the value of any kernel parameter on a system where it is already higher than listed as minimum requirement.




































Half the size of physical memory (in bytes)





























Maximum: 65000










































For example, we added the following lines to the /etc/sysctl.conf file which is used during the boot process:


Creating Oracle User Account
To create the oracle account and group(s), execute the following commands:


su - root

groupadd -g 500 oinstall

useradd -u 500 -g 500 -d /home/oracle -s /bin/bash

Note on home directory:


Aveksa recommends creating and using the /home/oracle directory, certain operation will look for explicit paths in this directory. An alternative can be a link from /home/oracle to the real home directory for your environment.


Note on using oinstall:


The oinstall group is often needed for those organizations who have separate groups that maintain the software and the database. In this scenario, the group membership prevents unauthorized access to the database by personnel who maintain the software, and it prevents the database administrators from making changes to the software and the installations inventory directory.
When using oinstall during the install of the software, one must set their default group to the one that will be maintaining the database before creating the database or permission problems will arise.
Oinstall is not needed when the same people will be maintaining the software and the database. In this situation, it will create more work and add an extra layer of complexity to the maintenance of the installation.
Recommendation: Aveksa recommends using the oinstall group for added security,

Setting Shell Limits for the Oracle User
Most shells like Bash provide control over various resources like the maximum allowable number of open file descriptors or the maximum number of processes available to a user. To see all shell limits, run:


ulimit -a

After you changed and increased /proc/sys/fs/file-max, there is still a per user limit of open file descriptors which is set to 1024 by default:

su - oracle

ulimit -n


To change this, you have to edit the file /etc/security/limits.conf as root and make the following changes or add the following lines, respectively:

# To increase the shell limits for Oracle 10

oracle soft nproc 2047

oracle hard nproc 16384

oracle soft nofile 1024

oracle hard nofile 65536

The soft limit in the first line defines the number of file handles or open files that the Oracle user will have after login. If the Oracle user gets error messages about running out of file handles, then the Oracle user can increase the number of file handles like in this example up to 63536 («hard limit») by running the following command:

ulimit -n 63536


Note that we do not recommend to set the «hard limit» for nofile for the oracle user equal to /proc/sys/fs/file-max. If you do that and the user uses up all the file handles, then the system would run out of file handles. This could mean that you won't be able to initiate new remote logins any more since the system won't be able to open any PAM modules which are required for performing a login. That's why we set the hard limit to 63536 and not to 65536.
You also need to make sure that pam_limits is configured in the file /etc/pam.d/system-auth. This is the PAM module that will read the /etc/security/limits.conf file. The entry should read like:


session required pam_limits.so

session required pam_unix.so

Make Settings Permanent
For the Bourne, Bash, or Korn shell, add the following lines to the $HOME/.bash_profile


if [ $USER = "oracle" ]; then

if [ $SHELL = "/bin/ksh" ]; then

ulimit -p 16384

ulimit -n 63536


ulimit -u 16384 -n 63536