Oracle related rants (and lots of off-topic stuff)…
I’ve just arrived at the Hotel in Estonia. The next two days are all work, then I’ve got a couple of days to look around.
I had a pretty early start this morning and I kept dozing off on the plane, so I feel pretty rubbish now. Hopefully I’ll get a decent night’s sleep then it’s all guns blazing.
Cheers
Tim…
I wrote a couple of articles against a beta version of Fedora 9 before I went on holiday. I did a run through against the final release of Fedora 9 today and they seem fine, so here they are:
The installation process doesn’t give you the option to turn off SELinux or the firewall. You can do it after the installation, so it’s just a small annoyance, but I don’t like it.
If you want to know my opinions on the distribution itself, read my post on Fedora 8. It’s six months later and there is still no visible sign of a direction for this distribution. I don’t think my opinion has changed.
Cheers
Tim…
After yet another post by someone whose database has crashed without running in archivelog mode and without having multiplexed redo logs, it makes me think it’s about time Oracle changed the default installation to include both these things.
Over the last few versions, Oracle have consistently made the database easier to install and use, but they still leave these gaping holes. Yes, archivelog mode is set if you choose to setup backups during the installation, but there’s nothing to stop you defaulting this setting even when backups are not initiated during the installation.
I realise some people will react by saying it’s up to the DBA to make this decision, but there are obviously lots of people out there that either don’t understand the issue, or don’t even know about it. It would seem sensible to me that Oracle install the product in the safest mode possible. Afterall, it’s no problem backing them out if you don’t need them.
I for one would rather have people complaining about disks filled with archived redo logs, than having unrecoverable databases.
Rant over. π
Cheers
Tim…
I’m a big fan of the Oracle documentation, but sometimes things go astray. A recent question by Aman Sharm about SQL sharing critera highlighted this…
In the 8iR3 manual, the decision process for finding matching SQL is listed as:
In the 9iR1 manual it was rewritten to include all the steps for identifying the match in a single bullet point:
The text of the statement is hashed. If there is no matching hash value, then the SQL statement does not currently exist in the shared pool, and a hard parse is performed.
If there is a matching hash value for an existing SQL statement in the shared pool, then Oracle compares the text of the matched statement to the text of the statement hashed to see if they are identical.
So the first line is like a summary of the whole bullet point, which is then expanded.
In the 9iR2 manual, this was reverted back to individual bullet points, but the author/editor must have assumed the initial summary line was a separate point, so a new step was introduced into the documentation of the process:
And this is the way it stayed from 9iR2 to 11gR1. π
I’ve raised a bug against the documentation, so it should get corrected now. π
Cheers
Tim…
I’ve just posted an article on SecureFiles in Oracle 11g. It looks like Oracle have done a pretty good job of improving LOBs in 11g. Depending on the LOB contents, and provided you can cope with the processing overhead, you can certainly save some serious space using the compression and deduplication options. Anyone who’s used Transparent Data Encryption (TDE) will recognize the encryption options.
I can’t see the old-style (BasicFile) LOBs lasting very long now this is in place. π
Cheers
Tim…
I spent yesterday looking at the Tablespace Encryption feature in Oracle 11g. If you’ve used the Transparent Data Encryption (TDE) feature in 10g release 2, you’ll see this is more of the same. The difference here is eveything in the tablespace is encrypted, rather than having to decide on a column-by-column basis. Just create the appropriate tablespace and Bob’s your uncle!
You may notice the article conveniently side-steps the Hardware Security Modules related functionality. I don’t have one so I can’t test it out. π
For most of the stuff I work on, encrypting all the columns in a table is overkill, but I guess there are some areas where this is a big priority. It’s good to know it’s there in case you ever need it. π
Cheers
Tim…
There’s some good stuff out on the net today:
Sorry to everyone I didn’t mention. π
Cheers
Tim…
Continuing my OCP 11g upgrade campaign, I’ve been looking at Fine-Grained Access to Network Services in Oracle Database 11g Release 1.
This represents a pretty major security improvement for Oracle 11g. In previous versions the all-or-nothing security associated with database callouts was a little ham-fisted to say the least.
On the down side, I think it will confuse a few people when they are upgrading existing databases, but it’s a small price to pay for the peace of mind.
Cheers
Tim…
I’ll be in Estonia on the 3rd & 4th of June doing a PL/SQL seminar. I’m guessing the details will be available on the Oracle Education siteΒ in the next day or two.
Cheers
Tim…
PS. If I get any more dates I’m printing a “World Tour” T shirt. π