The permissions of Oracle Applications under grid and Oracle users are inconsistent, resulting in failure to connect to ASM
In RAC, the following error is reported when the database is started:
Oracle instance started.
Total System Global Area 807682048 bytes
Fixed Size 1347964 bytes
Variable Size 549457540 bytes
Database Buffers 251658240 bytes
Redo Buffers 5218304 bytes
ORA-00205: error in identifying control file, check alert log for more info
Check the log. The error is as follows:
Fatal NI connect error 12547, connecting:
(DESCRIPTION = (ADDRESS = (PROTOCOL = beq) (PROGRAM =/u01/app/11.2.0/grid/bin/oracle) (ARGV0 = oracle + ASM2_asmb_gzyt2) (ENVS = 'oracle _ HOME =/u01/app/11.2.0/grid, ORACLE_SID = + ASM2 ') (ARGS =' (DESCRIPTION = (LOCAL = YES) (ADDRESS = (PROTOCOL = beq) ') (enable = setuser) (CONNECT_DATA = (CID = (PROGRAM = oracle @ node2) (HOST = node2) (USER = oracle ))))
Version information:
TNS for Linux: Version 11.2.0.3.0-Production
Oracle Bequeath NT Protocol Adapter for Linux: Version 11.2.0.3.0-Production
Time: 23-JAN-2018 22:11:58
Tracing not turned on.
Tns error struct:
Ns main err code: 12547
TNS-12547: TNS: lost contact
Ns secondary err code: 12560
Nt main err code: 517
TNS-00517: Lost contact
Nt secondary err code: 32
Nt OS err code: 0
ERROR: Failed to connect with connect string: (DESCRIPTION = (ADDRESS = (PROTOCOL = beq) (PROGRAM =/u01/app/11.2.0/grid/bin/oracle) (ARGV0 = oracle + ASM2_asmb_gzyt2) (ENVS = 'oracle _ HOME =/u01/app/11.2.0/grid, ORACLE_SID = + asm2 ') (ARGS = '(DESCRIPTION = (LOCAL = YES) (ADDRESS = (PROTOCOL = beq)') (enable = setuser ))
Troubleshooting:
1. The ASM disk has been mounted normally:
Copy code
SQL> select name, state from v $ asm_diskgroup;
NAME STATE
-------------------------------------------------------------
DATA MOUNTED
FRA MOUNTED
OCRVOTE MOUNTED
2. Database alert Log:
ORA-00210: cannot open the specified control file
ORA-00202: control file: '+ FRA/gzyt/controlfile/current.256.966128177'
ORA-17503: ksfdopn: 2 Failed to open file + FRA/gzyt/controlfile/current.256.966128177
ORA-15001: diskgroup "FRA" does not exist or is not mounted.
ORA-15055: unable to connect to ASM instance
ORA-12547: TNS: lost contact
Solution:
1. view the permissions of the ORACLE program:
[Oracle @ node1 ~] $ Ls-l/u01/app/oracle/product/11.2.0/db_1/bin/oracle
-Rwsr-s -- x 1 oracle oinstall 239626665 Jan 6 oracle
[Grid @ node1 ~] $ Ls-l/u01/app/11.2.0/grid/bin/oracle
-Rwxr-x -- x 1 grid oinstall 209914471 Jan 6 oracle
2. After the permission is changed to 6751, the system returns to normal:
[Oracle @ node1 ~] $ Ls-l/u01/app/oracle/product/11.2.0/db_1/bin/oracle
-Rwsr-s -- x 1 oracle oinstall 239626665 Jan 6 oracle
[Grid @ node1 ~] $ Ls-l/u01/app/11.2.0/grid/bin/oracle
-Rwsr-s -- x 1 grid oinstall 209914471 Jan 6 oracle
3. After installing oracle software only, the $ ORACLE_HOME/bin/oracle File Attribute permission is 751 (-rwxr-x -- x)
When you install an ASM database (DBCA), the file attribute is automatically changed to 6751 (-rwsr-s -- x)
-- This permission issue may also cause ORA-12537: TNS: connection closed
-- This permission problem may also cause failure to find the ASM disk when DBCA is used to create a database.
4. Instructions on 6751 permissions:
6751 the ugoa permissions are specified respectively:
The first six represents that u (owner) has read and write permissions and has no execution permissions.
The second digit 7 indicates that g (Group) has read, write, and execution permissions.
The third digit 5 indicates that o (other users) has read and execution permissions.
The fourth digit 1 indicates that a (owner, group, and other users) has the execution permission.
If a four-digit 6751 is represented as 675 in three digits, the fourth digit inherits the umask value.
The Linux permission model has two special bits: "suid" and "sgid ". When an executable program is set
When the user executes the program, the user's permissions are the permissions of the program file owner. For example, if the owner of the program file is root, the user who executes the program will temporarily obtain the permissions of the root account. Sgid is similar to suid, except that the permissions of the file group are obtained when the program is executed.