Tag: Oracle

Is read-only access to production systems safe?

There is an interesting thread on the Dizwell Forum about access to production systems using tools like TOAD. Of course, this begs the question, is there such a thing as “safe” read-only access to production data?

If you are allowing read-only access to tables on a production system, you are also allowing record and table locking. If you don’t believe me, take a look at this:

tim_hall@dev1> CONN sys/????@db10g AS SYSDBA
Connected.
sys@db10g> CREATE USER test_user1 IDENTIFIED BY test_user1 QUOTA UNLIMITED ON USERS;

User created.

sys@db10g> GRANT CONNECT, CREATE TABLE TO test_user1;

Grant succeeded.

sys@db10g> CREATE USER test_user2 IDENTIFIED BY test_user2 QUOTA UNLIMITED ON USERS;

User created.

sys@db10g> GRANT CONNECT TO test_user2;

Grant succeeded.

sys@db10g> CONN test_user1/test_user1@db10g
Connected.
test_user1@db10g> CREATE TABLE test_tab1 (
2    id  NUMBER
3  );

Table created.

test_user1@db10g> INSERT INTO test_tab1 (id) VALUES (1);

1 row created.

test_user1@db10g> GRANT SELECT ON test_tab1 TO test_user2;

Grant succeeded.

test_user1@db10g> CONN test_user2/test_user2@db10g
Connected.
test_user2@db10g> DECLARE
2    l_id  test_user1.test_tab1.id%TYPE;
3  BEGIN
4    SELECT id
5    INTO   l_id
6    FROM   test_user1.test_tab1
7    WHERE  id = 1
8    FOR UPDATE;
9
10    ROLLBACK;
11  END;
12  /

PL/SQL procedure successfully completed.

test_user2@db10g> LOCK TABLE test_user1.test_tab1 IN EXCLUSIVE MODE;

Table(s) Locked.

test_user2@db10g> ROLLBACK;

Rollback complete.

test_user2@db10g>

Looks like the SELECT privilege is not so safe after all 🙁

Of course, you don’t need direct access to the tables. You could always provide access to the data via APIs, but that’s not what your average TOAD user wants to hear!

Cheers

Tim…

Converting Documents to Highlighted HTML using Oracle Text…

I had a question on my forum about converting documents stored in BLOBs to HTML with highlighted search terms. On reading this my instant reaction was, “I don’t have a clue!”, but it’s actually quite easy using the “CTX_DOC.MARKUP” procedure. Here’s a simple example:

https://oracle-base.com/articles/10g/ctx_doc_markup.php

Cheers

Tim…

Oracle OpenWorld and famous namesake…

One of the perks of being an Oracle ACE is getting a free pass to Oracle OpenWorld in October. Fun, fun, fun! See you in San Francisco 🙂

I noticed today that there is a famous Tim Hall from Shropshire (my original county), seen here. I must outdo him by blogging from space, or something like that 🙂

Cheers

Tim…

Should Oracle charge for patches?

I can understand Oracle charging for support and product upgrades, like 9i to 10g. I can even see the point of charging for releases upgrades, like 10gR1 to 10gR2. What I think is a little cheeky is to charge people for regular patchsets.

This line of thought came about because of a post on the Dizwell Forum, where someone mentioned they were running a production system without support. This person is working with 9.2.0.1.0 because they don’t have access to 9.2.0.7.0 as a result of not having a support and updates contract. Personally, I think this is more than a little mean of Oracle. Afterall, these patchsets are only fixing bugs in the product that was bought in good faith. Even Microsoft don’t charge for basic Windows Updates, only for version upgrades.

Personally, I believe patchsets on an existing product should be free to those who have a product license. Access to new releases and new product versions could still be restricted.

I just hope I’m never put in th same position as this guy!

Cheers

Tim…

OCFS2…

I’m nearing the end of my “I wonder what RAC is like on other platforms?” phase. I ran through a basic setup of a cluster file system using OCFS2, just to prove it worked:

OCFS2 On Linux

As I say in the article, the only reason to use it as far as I can see is to provide a shared location or UTL_FILE and external table operations. I can’t see the point in using it for the OCR location or voting disk as raw devices work fine and it’s not recommended for sharing datafiles…

I guess it’s nice to know it’s there if I ever need it 🙂

Cheers

Tim…

ASM with ASMLib or Raw Devices?

I’ve been trying to figure out if it’s better to run ASM on Linux using ASMLib or raw devices. Some of the Oracle documentation claims ASMLib gives better performance that raw devices with 10g Release 2, while other sources claim it only affects candidate disk discovery time…

Whilst setting up a test I wrote this article:

ASM using ASMLib and Raw Devices

I’m sure the configuration information will be useful to others, but my first performance test only convinced me that using VMware on my kit at home is pointless for performance tests. You don’t say!!! 🙂

Cheers

Tim…

FC5 Update… Again…

Over the last few weeks I’ve received lots of comments relating to the Oracle 10gR2 on FC5 issue. Recently, most of these have been people commenting on the success of the installation. As a result, I revisited the article based on all the comments and made the following changes:

  • There was a typo on my amendment on the gennttab script. It’s now corrected.
  • I originally used the source rather than the binary of the openmotif21 package. I now use the binary.
  • I was originally installing from an early download of 10gR2, the one that extracts to give a “./db/Disk1/runInstaller” structure. I downloaded a later release that extracts to “./database/runInstaller”. I now use this later release.

I ran through the installation again this morning and it worked perfectly. I don’t know which of the three changes made the difference and to be totally frank, I don’t care. So as it stands, the installation works fine and I hope this is the last time I’ll have to use FC5.

Thanks to everyone who helped in the production of the final article. All your comments were appreciated. 🙂

Cheers

Tim…

PS. The document has been released, so it is now listed as a new article. You gotta laugh 🙂