Use this checklist to check minimum operating system requirements for Oracle Database.
Table 1-2 Operating System General Checklist for Oracle Database on Linux
Item
Task
Operating system general requirements
OpenSSH installed manually, if you do not have it installed already as part of a default Linux installation.
A Linux kernel in the list of supported kernels and releases listed in this guide.
Linux x86-64 operating system requirements
The following Linux x86-64 kernels are supported:
Oracle Linux 8.1 with the Unbreakable Enterprise Kernel 6: 5.4.17-2011.0.7.el8uek.x86_64 or later Oracle Linux 8 with the Red Hat Compatible kernel: 4.18.0-80.el8.x86_64 or later
Oracle Linux 7.4 with the Unbreakable Enterprise Kernel 4: 4.1.12-124.19.2.el7uek.x86_64 or later Oracle Linux 7.4 with the Unbreakable Enterprise Kernel 5: 4.14.35-1818.1.6.el7uek.x86_64 or later Oracle Linux 7.7 with the Unbreakable Enterprise Kernel 6: 5.4.17-2011.4.4.el7uek.x86_64 or later Oracle Linux 7.5 with the Red Hat Compatible Kernel: 3.10.0-862.11.6.el7.x86_64 or later
Red Hat Enterprise Linux 8: 4.18.0-80.el8.x86_64 or later
Red Hat Enterprise Linux 7.5: 3.10.0-862.11.6.el7.x86_64 or later
SUSE Linux Enterprise Server 15: 4.12.14-23-default or later
SUSE Linux Enterprise Server 12 SP3: 4.4.162-94.72-default or later
Review the system requirements section for a list of minimum package requirements.
IBM: Linux on System z operating system requirements
The following IBM: Linux on System z kernels are supported:
Red Hat Enterprise Linux 8.3: 4.18.0-240.el8.s390x or later
Red Hat Enterprise Linux 7.4: 3.10.0-693.el7.s390x or later
SUSE Linux Enterprise Server 12: 4.4.73-5-default s390x or later
Review the system requirements section for a list of minimum package requirements.
Oracle Database Preinstallation RPM for Oracle Linux
If you use Oracle Linux, then Oracle recommends that you run the Oracle Database Preinstallation RPM for your Linux release to configure your operating system for Oracle Database and Oracle Grid Infrastructure installations.
Oracle RPM Checker utility for IBM: Linux on System z
Oracle recommends that you use the Oracle RPM Checker utility to verify that you have the required Red Hat Enterprise Linux or SUSE packages installed on your IBM: Linux on System z operating system before you start the Oracle Database or Oracle Grid Infrastructure installation.
Disable Transparent HugePages
Oracle recommends that you disable Transparent HugePages and use standard HugePages for enhanced performance.
Источник
How to see the version of Oracle Linux
Determine Oracle Linux version
Oracle Linux is based on Red Hat Enterprise Linux. At first, it may be confusing to determine what specific operating system is running. This is because both have the /etc/redhat-release file.
If that file exists, use the cat command to display the contents. Next step is to determine if there is a /etc/oracle-release file as well. If so, then you can be sure that Oracle Linux is running.
Sample output might be: Oracle Linux Server release 6.7
Other options
Next time when you are on a system and not sure what it is running, use this:
This shows you any files that might give a hint on the operating system version.
Related files
/etc/enterprise-release (older versions of OEL)
/etc/issue
/etc/issue.net
/etc/lsb-release
Keep learning
So you are interested in Linux security? Join the Linux Security Expert training program, a practical and lab-based training ground. For those who want to become (or stay) a Linux security expert.
Run automated security scans and increase your defenses. Lynis is an open source security tool to perform in-depth audits. It helps with system hardening, vulnerability discovery, and compliance.
Continue reading
Livepatch: Linux kernel updates without rebooting
How to secure a Linux system
The state of Linux security in 2017
Linux security myths
Leave a Reply Cancel reply
This site uses Akismet to reduce spam. Learn how your comment data is processed.
About Linux Audit
This blog is part of our mission: help individuals and companies, to scan and secure their systems. We simply love Linux security, system hardening, and questions regarding compliance.
Besides the blog, we have our security auditing tool Lynis. Open source, GPL, and free to use.
For those with enterprise needs, or want to audit multiple systems, there is an Enterprise version.
«One security solution to audit, harden, and secure your Linux/UNIX systems.»
Benefits:
Perform audits within a few minutes
Central management
Powerful reporting
Compliance checks (e.g. PCI DSS)
Additional plugins and more tests
Enjoy the articles!
Linux and UNIX security automation
Lynis is a free and open source security scanner. It helps with testing the defenses of your Linux, macOS, and Unix systems. Typical use-cases for this software include system hardening, vulnerability scanning, and checking compliance with security standards (PCI-DSS, ISO27001, etc).
Recent Posts
Contact
This blog is part of our mission to share valuable tips about Linux security. We are reachable via @linuxaudit
Company details
CISOfy De Klok 28, 5251 DN, Vlijmen, The Netherlands +31-20-2260055
Источник
Manage the Boot Kernel for Oracle Linux 8
Introduction
This tutorial describes how to set the default kernel of an Oracle Linux system from the command line. This tutorial is targeted at Oracle Linux 8 users, but the grubby command is also available on Oracle Linux 6 and Oracle Linux 7.
Background
By default, Oracle Linux systems are configured to boot the most recent kernel version first. In most cases, changing the default kernel is unnecessary.
However, the default kernel might not be the correct version to use in certain scenarios, such as the following:
The current kernel version might be incompatible with a particular hardware you are using.
Cases involving Unbreakable Enterprise Kernel (UEK) releases on the system
UEK releases are typically based on kernel versions that are newer than the Red Hat Compatible Kernel (RHCK) version on which an Oracle Linux release is based. Thus, the new UEK version becomes the default kernel, which is not the same as the Oracle Linux kernel.
If a UEK beta or technical preview release is installed on the system, the UEK kernel needs to be demoted to ensure that the kernel is used only if intentionally and manually selected as the boot kernel by an administrator.
A UEK kernel might need to be promoted because a specific software depends on it.
These examples and other similar cases would necessitate that you switch between kernel types.
In previous releases, setting the default kernel was performed by configuring the GRUB boot loader or by using other alternative commands. Now, however, you should preferrably use the grubby command to control and manage all of your boot requirements. This tool offers the benefit of being scriptable and can abstract bootloader configuration from the user.
Objectives
In this lab, you’ll learn how to:
determine the current loaded kernel
determine the default kernel
determine which kernel versions are available on the system
how to use grubby to manage kernels
What Do You Need?
Any Oracle Linux system that has the grubby package installed
(Hands-on Lab) Connect to the Compute Instance
Note: This step is specific to the Oracle provided free lab environment.
The Desktop environment will display before the instance(s) are ready. Deployment of this environment can take two to five minutes, depending on the number of resources and provisioning steps needed.
First, to access the lab compute instance(s), connect to the Oracle Cloud Console and copy the compute instance Public IP address.
Sign in to Oracle Cloud Console, and select your Compartment.
Click Instances.
Copy the Public IP to a temporary location (such as a text file) on your computer.
To copy, highlight the IP address with the mouse and press Ctrl+C.
Connect to the instance.
Where is the IP address copied from the Oracle Cloud Console.
Accept the ECDSA key fingerprint by typing yes at the prompt.
You are now connected to the compute instance for this lab.
If the connection fails with the Permission denied (publickey,gssapi-keyex,gssapi-with-mic) message, wait a bit longer for the provisioning process to complete and try making the ssh connection again.
Check available kernels
Several methods are available for checking which kernels are available on a system.
Using the rpm command
Note that the command output also includes other kernel related packages and can therefore be confusing.
Listing the kernels in the /boot directory
The command produces an accurate list of kernels available on the system. However, due to the way kernels are named, the kernel version that the system currently uses is not easily identifiable.
Using the grubby command on specific kernels or using the ALL option:
The command provides fuller information about the boot configuration associated with each kernel in the system’s /boot directory. The details are based on the GRUB title configuration.
In general, kernels are named to include the upstream version number and the distribution build numbering. The kernel names on Oracle Linux also include indications of whether or not they are standard RHCK or whether they are UEK based. Additionally, the names also identify their system architecture. For example, the el8 suffix would indicate an RHCK, while el8uek would indicate a UEK.
Check the current default kernel
To check which kernel is already configured as the current default kernel to use at boot, run:
To check which kernel is currently running on a system, run:
If the default kernel and the currently running kernel are not identical, the underlying reasons might be one of the following:
A newer kernel is installed, but the system has not been rebooted.
During a system reboot, an alternative kernel was manually selected to be the operative kernel.
The default kernel was manually updated but the system has not been rebooted after the update.
Change the default kernel
To switch to a different default kernel, run the following command. Make sure to specify the full path to the designated default kernel.
The change takes effect immediately and persists across system reboots.
The grubby command has additional boot arguments for configuring kernel and boot operations. Refer to the documentation for more information.
Change kernel command line boot parameters
Use the —update-kernel option to update a kenel entry in combination with —args to add new arguments or —remove-arguments to remove existing arguments. Multiple arguments can be specified for each option in a quoted space-separated list. You can add and remove arguments in the same operation.
To update a specific kernel, provide the —update-kernel option with the full path to the kernel that you wish to update. To update all kernel entries to use a specific kernel boot argument, you can set —update-kernel=ALL .
For the purpose of this tutorial you can update all kernel entries to change the loglevel and LANG arguments:
Use the grubby info=ALL command to check that the change is implemented across kernels:
Video Demonstrations
An introductory video that provides an overview of the kernel and underlying system architecture and which demonstrates switching kernel using the grubby command is provided at https://www.youtube.com/watch?v=a0zXGhzPRp8.
A more advanced video demonstration and tutorial is provided at https://www.youtube.com/watch?v=0dv87RFGcKI if you need more information on working with GRUB2 on Oracle Linux 8.
Note that this tutorial does not describe use of the grubby command and explains the underlying components that grubby interacts with. For most kernel management requirements on Oracle Linux, the grubby tool is sufficient.
Additional Information
More Learning Resources
Explore other labs on docs.oracle.com/learn or access more free learning content on the Oracle Learning YouTube channel. Additionally, visit education.oracle.com/learning-explorer to become an Oracle Learning Explorer.
For product documentation, visit Oracle Help Center.
We suggest you try the following to help find what you’re looking for:
Check the spelling of your keyword search.
Use synonyms for the keyword you typed, for example, try “application” instead of “software.”
Try one of the popular searches shown below.
Start a new search.
Oracle Linux is free to download, use and distribute and is provided in a variety of installation and deployment methods.
Installation media (ISO images) for Oracle Linux are freely available from Oracle Linux yum server or Oracle Software Delivery Cloud.
Individual RPM packages for released versions of Oracle Linux as well as update/errata packages can be obtained from the Oracle Linux yum server. Learn What’s New.
Follow the instructions to verify Oracle Linux downloads.
For troubleshooting and analysis of system workloads, you can use DTrace for Oracle Linux.
Developer Preview
Oracle Container Runtime for Docker and Oracle Container Service for use with Kubernetes have been frequently updated with preview builds available on the ol7_preview repository.
Developer Previews of Oracle Linux 7 and Oracle Linux 8 are periodically updated
An Oracle Linux 7 and Oracle Linux 8 Arm disk image for use on Raspberry Pi™ 4 Model B and Raspberry Pi™ 3 Model B/B+ hardware is available for developers who may not have access to alternate Arm hardware.
The developer preview releases are for development and test purposes only and are not covered by Oracle Linux support. Oracle does not recommended using preview releases in production. If you have any questions, please visit Oracle Linux Community.
Additional Downloads
Oracle Linux Docker images on the Docker Hub
Oracle Linux Vagrant Boxes
Pre-Built Developer VMs for Oracle VM VirtualBox for development and evaluation purposes
Thousands of EPEL packages, signed and built by Oracle, have been added to Oracle Linux yum server. Learn What’s New.
