在Debian系统中设置Oracle的安全配置涉及多个步骤,以下是一个基本的指南:
./oracleshellinstall -lf ens33 `# local ip ifname`\-n debian12 `# hostname`\-op oracle `# oracle password`\-d /u01 `# software base dir`\-ord /oradata `# data dir`\-o luci hostnamectl set-hostname oracle /etc/hosts 文件,添加主机名和IP地址的映射:echo "172.18.12.82 oracle" >> /etc/hosts groupadd -g 54321 oinstall groupadd -g 54322 dbagroup groupadd -g 54323 opergroup groupadd -g 54324 backupdbagroup groupadd -g 54325 dgdbagroup groupadd -g 54326 kmdbagroup groupadd -g 33061 racdbauser useradd -u 54321 -g oinstall oracle echo "oracle" | passwd oracle --stdin /etc/security/limits.d/30-oracle.conf 文件,设置Oracle用户的安全限制:cat >/etc/security/limits.d/30-oracle.conf<<EOF Oracle soft nofile 1024 Oracle hard nofile 65536 Oracle soft nproc 16384 Oracle hard nproc 16384 Oracle soft stack 10240 Oracle hard stack 32768 Oracle hard memlock 134217728 Oracle soft memlock 134217728 EOF /etc/profile 文件,为Oracle用户设置环境变量:cat >> /etc/profile<<EOF if [ $USER = "oracle" ];then if [ $SHELL = "/bin/ksh" ];then ulimit -p 16384 ulimit -n 65536 else ulimit -u 16384 -n 65536 fi fi EOF source /etc/profile /etc/sysctl.d/98-oracle.conf 文件,修改内核参数:cat >/etc/sysctl.d/98-oracle.conf<<EOF fs.file-max = 6815744 kernel.sem = 250 32000 100 128 kernel.shmmni = 4096 kernel.shmall = 1073741824 kernel.shmmax = 4398046511104 kernel.panic_on_oops = 1 net.core.rmem_default = 262144 net.core.rmem_max = 4194304 net.core.wmem_default = 262144 net.core.wmem_max = 1048576 net.ipv4.conf.all.rp_filter = 2 net.ipv4.conf.default.rp_filter = 2 fs.aio-max-nr = 1048576 net.ipv4.ip_local_port_range = 9000 65500 EOF sysctl --system mkdir -p /u01/app/oracle/product/19.3.0/dbhome_1 mkdir -p /u01/oradata chown -R oracle:oinstall /u01 chmod -R 775 /u01 apt update apt install ufw ufw allow OpenSSH ufw enable apt update 和 apt upgrade 命令,确保系统和软件包保持最新。通过以上步骤,您可以在Debian系统中完成Oracle数据库的基本安全设置。请根据实际需求和环境调整配置。
