Monday, February 20, 2012

Installing NFS on CentOS 6.2

This is a how to install the NFS service on a Linux CentOS 6.2 box and making it accessible to others. The scenario is the following:
  • Grant read-only access to the /home/public directory to all networks
  • Grant read/write access to the /home/common directory to all networks 
At the end of this guide you will get:
  • A running NFS server with various LAN shared directories
  • A active set of firewall rules allowing the access to NFS ports
  • A permanently mounted NFS shared on a CentOS / Ubuntu client     
I assume you already have:

  • a fresh running Linux CentOS 6.2 server 
  • a sudoer user, named bozz on this guide
  • an accessible RPM repository / mirror
  • a Linux client with CentOS / Ubuntu

Steps

  1. Login as bozz user on the server
  2. Check if rpcbind is installed:
  3. $ rpm -q rpcbind
    rpcbind-0.2.0-8.el6.x86_64
    
    if not, install it:
    $ sudo yum install rpcbind
    
  4. Install NFS-related packages:
  5. $ sudo yum install nfs-utils nfs-utils-lib
    
  6. Once installed, configure the nfs, nfslock and rpcbind to run as daemons:
  7. $ sudo chkconfig --level 35 nfs on
    $ sudo chkconfig --level 35 nfslock on 
    $ sudo chkconfig --level 35 rpcbind on
    
    then start the rpcbind and nfs daemons:
    $ sudo service rpcbind start
    $ sudo service nfslock start 
    $ sudo service nfs start 
    
    NFS daemons
    • rpcbind: (portmap in older versions of Linux) the primary daemon upon which all the others rely, rpcbind manages connections for applications that use the RPC specification. By default, rpcbind listens to TCP port 111 on which an initial connection is made. This is then used to negotiate a range of TCP ports, usually above port 1024, to be used for subsequent data transfers. You need to run rpcbind on both the NFS server and client. 
    • nfs: starts the RPC processes needed to serve shared NFS file systems. The nfs daemon needs to be run on the NFS server only. 
    • nfslock: Used to allow NFS clients to lock files on the server via RPC processes. The nfslock daemon needs to be run on both the NFS server and client.

  8. Test whether NFS is running correctly with the rpcinfo command. You should get a listing of running RPC programs that must include mountd, portmapper, nfs, and nlockmgr:

  9. $ rpcinfo -p localhost
       program vers proto   port  service
        100000    4   tcp    111  portmapper
        100000    3   tcp    111  portmapper
        100000    2   tcp    111  portmapper
        100000    4   udp    111  portmapper
        100000    3   udp    111  portmapper
        100000    2   udp    111  portmapper
        100024    1   udp  40481  status
        100024    1   tcp  49796  status
        100011    1   udp    875  rquotad
        100011    2   udp    875  rquotad
        100011    1   tcp    875  rquotad
        100011    2   tcp    875  rquotad
        100003    2   tcp   2049  nfs
        100003    3   tcp   2049  nfs
        100003    4   tcp   2049  nfs
        100227    2   tcp   2049  nfs_acl
        100227    3   tcp   2049  nfs_acl
        100003    2   udp   2049  nfs
        100003    3   udp   2049  nfs
        100003    4   udp   2049  nfs
        100227    2   udp   2049  nfs_acl
        100227    3   udp   2049  nfs_acl
        100021    1   udp  32769  nlockmgr
        100021    3   udp  32769  nlockmgr
        100021    4   udp  32769  nlockmgr
        100021    1   tcp  32803  nlockmgr
        100021    3   tcp  32803  nlockmgr
        100021    4   tcp  32803  nlockmgr
        100005    1   udp    892  mountd
        100005    1   tcp    892  mountd
        100005    2   udp    892  mountd
        100005    2   tcp    892  mountd
        100005    3   udp    892  mountd
        100005    3   tcp    892  mountd
    

  10. The /etc/exports file is the main NFS configuration file, and it consists of two columns. The first column lists the directories you want to make available to the network. The second column has two parts. The first part lists the networks or DNS domains that can get access to the directory, and the second part lists NFS options in brackets. Edit /etc/exports and append the desired shares:
  11. $ sudo nano /etc/exports
    
    then append:
    /home/public *(ro,sync,all_squash)
    /home/common *(rw,sync,all_squash)
    
    • /home/public: directory to share  with read-only access to all networks
    • /home/common: directory to share with read/write access to all networks
    • *: allow access from all networks
    • ro: read-only access
    • rw: read/write access 
    • sync: synchronous access 
    • root_squash: prevents root users connected remotely from having root privileges and assigns them the user ID for the user nfsnobody. This effectively "squashes" the power of the remote root user to the lowest local user, preventing unauthorized alteration of files on the remote server. Alternatively, the no_root_squash option turns off root squashing. To squash every remote user, including root, use the all_squash option. To specify the user and group IDs to use with remote users from a particular host, use the anonuid and anongid options, respectively. In this case, a special user account can be created for remote NFS users to share and specify (anonuid=,anongid=), where is the user ID number and is the group ID number.

  12. Create the directories to be published with the correct permissions:
  13. $ sudo mkdir -p /home/public
    $ sudo chown nfsnobody:nfsnobody /home/public
    $ sudo mkdir -p /home/common
    $ sudo chown nfsnobody:nfsnobody /home/common
    
    it should end like this:
    $ ls -l /home/
    ...
    drwxr-xr-x. 2 nfsnobody nfsnobody  4096 Feb 20 12:55 common
    drwxr-xr-x. 7 nfsnobody nfsnobody  4096 Feb 17 14:44 public
    
  14. [OPTIONAL] Allow bozz user to locally write on the created directories by appending it  to nfsnobody group and granting write permissions to the group:
  15. $ sudo usermod -a -G nfsnobody bozz
    $ sudo chmod g+w /home/public
    $ sudo chmod g+w /home/common
    
    it should end like this:
    $ ls -l /home/
    ...
    drwxrwxr-x. 2 nfsnobody nfsnobody  4096 Feb 20 12:40 common
    drwxrwxr-x. 7 nfsnobody nfsnobody  4096 Feb 17 14:44 public
    
  16. Security issues. To allow remote access some firewall rules and other NFS settings must be changed. You need to open the following ports:
    • TCP/UDP 111 - RPC 4.0 portmapper
    • TCP/UDP 2049 - NFSD (nfs server)
    • Portmap static ports, Various TCP/UDP ports defined in /etc/sysconfig/nfs file.
    the portmapper assigns each NFS service to a port dynamically at service startup time, but dynamic ports cannot be protected by iptables. First, you need to configure NFS services to use fixed ports. Edit /etc/sysconfig/nfs, enter:
    $ sudo nano /etc/sysconfig/nfs
    
    and set:
    LOCKD_TCPPORT=32803
    LOCKD_UDPPORT=32769
    MOUNTD_PORT=892
    RQUOTAD_PORT=875
    STATD_PORT=662
    STATD_OUTGOING_PORT=2020
    
    then restart nfs daemons:
    $ sudo service rpcbind restart
    $ sudo service nfs restart
    
    update iptables rules by editing /etc/sysconfig/iptables, enter:
    $ sudo nano /etc/sysconfig/iptables
    and append the following rules:
    -A INPUT -s 0.0.0.0/0 -m state --state NEW -p udp --dport 111 -j ACCEPT
    -A INPUT -s 0.0.0.0/0 -m state --state NEW -p tcp --dport 111 -j ACCEPT
    -A INPUT -s 0.0.0.0/0 -m state --state NEW -p tcp --dport 2049 -j ACCEPT
    -A INPUT -s 0.0.0.0/0  -m state --state NEW -p tcp --dport 32803 -j ACCEPT
    -A INPUT -s 0.0.0.0/0  -m state --state NEW -p udp --dport 32769 -j ACCEPT
    -A INPUT -s 0.0.0.0/0  -m state --state NEW -p tcp --dport 892 -j ACCEPT
    -A INPUT -s 0.0.0.0/0  -m state --state NEW -p udp --dport 892 -j ACCEPT
    -A INPUT -s 0.0.0.0/0  -m state --state NEW -p tcp --dport 875 -j ACCEPT
    -A INPUT -s 0.0.0.0/0  -m state --state NEW -p udp --dport 875 -j ACCEPT
    -A INPUT -s 0.0.0.0/0  -m state --state NEW -p tcp --dport 662 -j ACCEPT
    -A INPUT -s 0.0.0.0/0 -m state --state NEW -p udp --dport 662 -j ACCEPT
    
    restart iptables daemon:
    $ sudo service iptables restart
    
  17. Mount NFS shared directories: Install client NFS packages first:
  18.   on Ubuntu client:
    $ sudo apt-get install nfs-common
    
    on CentOS client:
    $ sudo yum install nfs-utils nfs-utils-lib
    
    inquiry for the list of all shared directories:
    $ showmount -e SERVERADDRESS
    
    mount server's /home/public on client's /public:
    $ sudo mkdir -p /public
    $ sudo mount SERVERADDRESS:/home/public /public
    $ df -h
    
    mount server's /home/common on client's /common:
    $ sudo mkdir -p /common
    $ sudo mount SERVERADDRESS:/home/common /common
    $ df -h
    
  19. Mount NFS automatically after reboot on the client. Edit /etc/fstab, enter:
  20. $ sudo nano /etc/fstab
    
    append the following line:
    #Directory                   Mount Point    Type   Options       Dump   FSCK
    SERVER_IP_ADDRESS:/home/public /public nfs hard 0 0
    SERVER_IP_ADDRESS:/home/common /common nfs hard 0 0
    
    to test the correctness of /etc/fstab before restarting, you can try to manually mount /public and /common:
    $ sudo mount /public
    $ sudo mount /common

References

Monday, February 13, 2012

The Parking Permit Demo (5)

Here I let you the episodes #7 - #10 of The Parking Permit Demo with Oracle BPM/SOA suite.

pp-07_Defining_Schema_Type_n_Element_for_ParkingPermitReply
  • Defining XSD complexType & element for replies from verification services, naming it ParkingPermitReply

pp-08_Defining_WS_Messages_based_on_existing_Schema_Elements
  • Creating two WSDL messages shared among the verification services, naming them ParkingPermitApplicationMsg & ParkingPermitReplyMsg
  • Basing the message parts on existing XSD elements ParkingPermitApplication & ParkingPermitReply respectively

pp-09_Defining_Verification_Services_Interfaces_via_PortTypes__Part1
  • Creating a portType for the Vehicle Verification Service, naming it VehicleOwnershipVerificationPortType, defining a single operation & calling it verifyVehicleOwnership
  • Setting the operation type (pattern) to Request/Response with input message ParkingPermitApplicationMsg and output message ParkingPermitReplyMsg

pp-10_Defining_Verification_Services_Interfaces_via_PortTypes__Part2
  • Creating a portType for the Electoral Register Verification Service, naming it ElectoralRegisterVerificationPortType, verifyRegisterEligibility.
  • Defining a single operation & calling it
  • Setting the operation type (pattern) to Request/Response, reusing the input message ParkingPermitApplicationMsg and the output message ParkingPermitReplyMsg
  • Creating a portType for the Residence Verification Service, naming it ResidenceVerificationPortType, verifyResidenceElegibility.
  • Defining a single operation 
  • Setting the operation type (pattern) to Request/Response, reusing the input message ParkingPermitApplicationMsg and the output message ParkingPermitReplyMsg


Thursday, February 9, 2012

What is the size of CentOS repository?

How do we know the size of CentOS repository before download it all? I'm sure there are many ways to do that by using yum / yast2 or other tool.
I'll try to achieve the same using "simple" commands presented in almost any Linux distribution. I let you here the script. It's not 100% perfect, in fact isn't, but I think is a nice starting point, feel free to improve it.
The script can be possible applied to RHEL, Oracle Linux and Fedora but I haven't test it against such distros.  

Enjoy it!


I got the following results:

Summary [Feb, 9 2012] (Considering only the x86_64 architecture)

DISTRO SUMMARY http://mirror.centos.org/centos 5.7 :  ~ 11 GB
DISTRO SUMMARY http://mirror.centos.org/centos 6.2 :  ~ 10 GB



TOTAL SIZE: ~22 GB


Wednesday, February 8, 2012

What are the size of Ubuntu and Debian repositories?

Before mirroring a complete Ubuntu / Debian repository on your hard drive, you want for sure have an estimation of the "weight" of all packages.

This script computes the total size of various Debian-based repositories by means of downloading the Packages.gz and making a sum of the size of every package. Of course, there are many shared packages between different versions of the same Linux distro. So this script will compute the max possible size.

Enjoy it!

I got the following results:..

Summary [Feb 9, 2012]

UBUNTU TOTAL SIZE = 466993 MB [456 GB] *

DEBIAN TOTAL SIZE = 184712 MB [180 GB] **
DEBIAN-SECURITY TOTAL SIZE = 22148 MB [21 GB] **
DEBIAN-VOLATILE TOTAL SIZE = 489 MB [0 GB]  **

TOTAL SIZE: ~658 GB

* Considering lucid, maverick, natty, oneiric and precise, with i386 and amd64 architectures, and the components main, multiverse, restricted and universe
** Considering  lenny and squeeze with i386, amd64, armel and arm architectures, and the components main, contrib and non-free

Booting Oracle 11g R2 Database Server on CentOS 6.2

This is a how to autostart the Oracle 11g R2 Database Server on CentOS 6.2. I assume you have done the following:

  1. Install an Oracle-ready CentOS 6.2 Linux box
  2. Install the Oracle 11g R2 Database Server on the CentOS 6.2 Linux box
  3. Configure a network listener for Oracle 11g R2 Database Server on the CentOS 6.2 Linux box
  4. Create a fresh Oracle 11g R2 database on the CentOS 6.2 Linux box 

So, it's time to run the three installed components as Linux daemons. These components are: listener, database and enterprise manager. The main programs concerning the start and stop tasks for these components can be found at $ORACLE_HOME/bin, and they are:

  • listener: lsnrctl {start|stop|...}
  • database: dbstart / dbshut
  • ent. manager: emctl {start|stop|...}


  1. Login as the bozz user (a sudoer)  in the server and create the archive /etc/init.d/oracle with the following content:
  2. #!/bin/bash
    
    # oracle: Start/Stop Oracle Database 11g R2
    #
    # chkconfig: 345 90 10
    # description: The Oracle Database Server is an RDBMS created by Oracle Corporation
    #
    # processname: oracle
    
    . /etc/rc.d/init.d/functions
    
    LOCKFILE=/var/lock/subsys/oracle
    ORACLE_HOME=/opt/app/oracle/product/11.2.0/db_1/
    ORACLE_USER=oracle
    
    case "$1" in
    'start')
       if [ -f $LOCKFILE ]; then
          echo $0 already running.
          exit 1
       fi
       echo -n $"Starting Oracle Database:"
       su - $ORACLE_USER -c "$ORACLE_HOME/bin/lsnrctl start"
       su - $ORACLE_USER -c "$ORACLE_HOME/bin/dbstart $ORACLE_HOME"
       su - $ORACLE_USER -c "$ORACLE_HOME/bin/emctl start dbconsole"
       touch $LOCKFILE
       ;;
    'stop')
       if [ ! -f $LOCKFILE ]; then
          echo $0 already stopping.
          exit 1
       fi
       echo -n $"Stopping Oracle Database:"
       su - $ORACLE_USER -c "$ORACLE_HOME/bin/lsnrctl stop"
       su - $ORACLE_USER -c "$ORACLE_HOME/bin/dbshut $ORACLE_HOME"
       su - $ORACLE_USER -c "$ORACLE_HOME/bin/emctl stop dbconsole"
       rm -f $LOCKFILE
       ;;
    'restart')
       $0 stop
       $0 start
       ;;
    'status')
       if [ -f $LOCKFILE ]; then
          echo $0 started.
          else
          echo $0 stopped.
       fi
       ;;
    *)
       echo "Usage: $0 [start|stop|status]"
       exit 1
    esac
    
    exit 0
    
    
  3. First, ensure that the init.d script can be executed manually:
  4. $ sudo chmod +x /etc/init.d/oracle
    $ sudo /etc/init.d/oracle start 
    
    if so, then stop it:
    $ sudo /etc/init.d/oracle stop
    
  5. Use chkconfig to register the init.d script on runlevels 3, 4 and 5:
    $ sudo chkconfig --add oracle
    
    then verify if is marked as on in the runleves 3, 4 and 5:
    $ chkconfig --list oracle
    oracle             0:off    1:off    2:off    3:on    4:on    5:on    6:off
    
  6. Reboot and enjoy!

Monday, February 6, 2012

Configuring a network listener for Oracle on CentOS 6.2

You require to configure and run a network listener before creating a database with the Oracle's Database Configuration Assistant (dbca) tool. This is a how to configure such a listener.

I assume you already install a Oracle 11g Database Server on CentOS 6.2 with SSH X11 Forwarding and you are using a Linux client with a Desktop Environment like Gnome or KDE.
  1. Login on the server using oracle user with SSH X11 Forwarding:
  2. $ ssh -Y oracle@SERVER
    
  3. You already had the $ORACLE_HOME/bin on the PATH environment variable (see ~/.bash_profile here) so you can issue:
  4. $ netca
  5. Choose Listener Configuration on the Welcome panel:

  6. Select Add as the action:

  7. Type a listener name, I recommend the default  "LISTENER":

  8. Select protocols among the available, I choose TCP only:

  9. Choose a listening port, I recommend the default "1521" but you can change it if you want. NOTE: Remember to open this port on iptables if you want remote database access, otherwise you won't be able to use it:

  10. On More Listeners panels, choose No.
  11. If you finish gracefully the wizard, you should be able to see this on the standard output. Observe that the listener is running.
  12. $ netca 
    
    Oracle Net Services Configuration:
    Configuring Listener:LISTENER
    Listener configuration complete.
    Oracle Net Listener Startup:
        Running Listener Control: 
          /opt/app/oracle/product/11.2.0/db_1/bin/lsnrctl start LISTENER
        Listener Control complete.
        Listener started successfully.
    Oracle Net Services configuration successful. The exit code is 0
    
    you can manually stop the listener by issuing:
    $ lsnrctl stop LISTENER
    
      then start the listener by:
    $ lsnrctl start LISTENER
    
    and check the listener status:
    $ lsnrctl status LISTENER
    LSNRCTL for Linux: Version 11.2.0.1.0 - Production on 06-FEB-2012 16:53:04
    
    Copyright (c) 1991, 2009, Oracle.  All rights reserved.
    
    Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=myserver)(PORT=1521)))
    STATUS of the LISTENER
    ------------------------
    Alias                     LISTENER
    Version                   TNSLSNR for Linux: Version 11.2.0.1.0 - Production
    Start Date                06-FEB-2012 16:49:47
    Uptime                    0 days 0 hr. 3 min. 17 sec
    Trace Level               off
    Security                  ON: Local OS Authentication
    SNMP                      OFF
    Listener Parameter File   /opt/app/oracle/product/11.2.0/db_1/network/admin/listener.ora
    Listener Log File         /opt/app/oracle/diag/tnslsnr/soabpm/listener/alert/log.xml
    Listening Endpoints Summary...
      (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=soabpm)(PORT=1521)))
    The listener supports no services
    The command completed successfully
    
    
    or verify if the listener is alive and locally reachable via TNS ping:
    $ tnsping localhost 1521
    
    TNS Ping Utility for Linux: Version 11.2.0.1.0 - Production on 06-FEB-2012 16:55:34
    
    Copyright (c) 1997, 2009, Oracle.  All rights reserved.
    
    Used parameter files:
    
    Used HOSTNAME adapter to resolve the alias
    Attempting to contact (DESCRIPTION=(CONNECT_DATA=(SERVICE_NAME=))(ADDRESS=(PROTOCOL=TCP)(HOST=127.0.0.1)(PORT=1521)))
    OK (0 msec)
    
    ...
    OK (0 msec)
    
    to ensure the same thing remotely you must issue. NOTE: Remember to configure iptables to allow remote access.  
    $ tnsping myserver 1521
    
    
    NOTE: Remember you must a have a running listener before creating a database.
  13. One final step is to add the ORACLE_HOME_LISTNER environment variable to oracle's ~/.bash_profile. Login to the server as oracle user and edit:
  14. $ nano ~/.bash_profile
    
    then append:
    export ORACLE_HOME_LISTNER=LISTENER
    
    at the end the ~/.bash_profile archive should look like:
    # .bash_profile
    
    # Get the aliases and functions
    if [ -f ~/.bashrc ]; then
     . ~/.bashrc
    fi
    
    # User specific environment and startup programs
    PATH=$PATH:$HOME/bin
    
    umask 022
    
    export TMPDIR=$TMP
    export ORACLE_BASE=/opt/app/oracle
    export ORACLE_HOME=$ORACLE_BASE/product/11.2.0/db_1
    export LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr/lib
    export PATH=$ORACLE_HOME/bin:$PATH
    
    # The SID for a database, See http://eduardo-lago.blogspot.com/2012/02/creating-new-oracle-11g-r2-database-on.html 
    export ORACLE_SID=demo 
    export ORACLE_HOME_LISTNER=LISTENER
    

What to do next?

Creating a new Oracle 11g R2 Database on CentOS 6.2

Once you installed an Oracle 11g R2 Database Server on CentOS 6.2 the next step is to create a new empty and fresh database for your own use. You must have a running listener before creating a database.

I assume you are using a Linux client (CentOS, Ubuntu, ...) with a desktop environment installed  (Gnome, KDE, ...).

The steps are straightforward and I gonna choose a simple deployment configuration.

  1. Login on the server with oracle user with SSH X11 Forwarding:
  2. $ ssh -Y oracle@SERVER
    
  3. You already had the $ORACLE_HOME/bin on the PATH environment variable (see ~/.bash_profile here) so you can issue:
  4. $ dbca
    
  5. An X11 windows should be launched on your Linux desktop, on the Operations panel choose "Create a database":
  6. Select "General Purpose or transaction Processing" on the Database Templates panel:
  7. On Database Identification Panel put a Global Database Name "demo.home.dev" and Oracle System Identifier (SID) "demo". NOTE: on this example, I used "demo.home.dev" as the global database name and "demo" for the SID, but I recommend to let it as simple as possible and choose "demo" for both:
  8. On Management Options panel check "Configure Enterprise Manager" and "Configure Database Control for local management"
  9. On Database Credentials panel I choose "Use the Same Administrative Password for All Accounts" but you can make a different choice and set each password individually:
  10. On the Storage Options panel I choose "File System":
  11. I let the Database File Locations with the defaults:
  12. Also the default settings on Recovery Configuration:
  13.  On database content I didn't touch anything:
  14. You can tweak the database Initialization Parameters according to your system configuration and usage scenario:
  15. On Security Settings panel I recommend to use the enhanced 11g default security as well:
  16. I also enabled the Automatic Maintenance Tasks at certain schedule:
  17. I used defaults Database Storage options:
  18. On Creation Options panel don't forget to check the Create Database and optionally check Save as Database Template if you want to reuse this settings further:
  19. You should be able to see an install progress like this:
  20. An finally a summary screen like this:
  21. Once finished you should had a fresh empty database.

  22. Finnally add the ORACLE_SID environment variable to oracle's ~/.bash_profile. Login to the server as oracle user and edit:
  23. $ nano ~/.bash_profile
    
    
    then append:
    export ORACLE_SID=demo
    
    
    at the end the ~/.bash_profile archive should look like:
    # .bash_profile
    
    # Get the aliases and functions
    if [ -f ~/.bashrc ]; then
     . ~/.bashrc
    fi
    
    # User specific environment and startup programs
    
    PATH=$PATH:$HOME/bin
    
    export PATH
    
    umask 022
    
    export TMPDIR=$TMP
    export ORACLE_BASE=/opt/app/oracle
    export ORACLE_HOME=$ORACLE_BASE/product/11.2.0/db_1
    export LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr/lib
    export PATH=$ORACLE_HOME/bin:$PATH
    
    export ORACLE_SID=demo
    export ORACLE_HOME_LISTNER=LISTENER
    
    
  24. DON'T FORGET to set the recently created database in autostart mode at /etc/oratab. Edit with oracle user:
  25. $ nano /etc/oratab
    
    and it should look like. Notice the red Y:
    # This file is used by ORACLE utilities.  It is created by root.sh
    # and updated by the Database Configuration Assistant when creating
    # a database.
    
    # A colon, ':', is used as the field terminator.  A new line terminates
    # the entry.  Lines beginning with a pound sign, '#', are comments.
    #
    # Entries are of the form:
    #   $ORACLE_SID:$ORACLE_HOME::
    #
    # The first and second fields are the system identifier and home
    # directory of the database respectively.  The third filed indicates
    # to the dbstart utility that the database should , "Y", or should not,
    # "N", be brought up at system boot time.
    #
    # Multiple entries with the same $ORACLE_SID are not allowed.
    #
    #
    fresh:/opt/app/oracle/product/11.2.0/db_1:Y
    
  26. One final thing to do is to test the 3 main components installed: listener, database and enterprise manager. Login as oracle user and issue:
  27. $ lsnrctl start 
    
    LSNRCTL for Linux: Version 11.2.0.1.0 - Production on 08-FEB-2012 16:44:03
    
    ... 
    The command completed successfully
    
    
    then run. (NOTE: you must have the autostart mode for the database. See previous step):
    $ dbstart $ORACLE_HOME
    Processing Database instance "fresh": log file /opt/app/oracle/product/11.2.0/db_1/startup.log
    ...
    
    and finally the Enterprise Manager:
    $ emctl start dbconsole
    Oracle Enterprise Manager 11g Database Control Release 11.2.0.1.0 
    Copyright (c) 1996, 2009 Oracle Corporation.  All rights reserved.
    https://SERVERNAME:1158/em/console/aboutApplication
    Starting Oracle Enterprise Manager 11g Database Control ......... started. 
    ...
    
    
  28. To verify if you can connect to the database, on the server issue the following command and enter the password supplied on the Database Credentials panel:

  29. $ sqlplus sys@demo AS SYSDBA
    SQL*Plus: Release 11.2.0.1.0 Production on Mon Feb 6 17:36:28 2012
    
    Copyright (c) 1982, 2009, Oracle.  All rights reserved.
    
    Enter password: 
    
    Connected to:
    Oracle Database 11g Enterprise Edition Release 11.2.0.1.0 - 64bit Production
    With the Partitioning, OLAP, Data Mining and Real Application Testing options
    
    SQL> 
    
    then issue the following query:
    SQL> select * from dual;  
    
    D
    -
    X
    
    
  30. To check if the listener, database and enterprise manager are running, open a browser at the URL: https://SERVERNAME:1158/em/console/aboutApplication. NOTE: Remember to open this port on iptables if you want remote database access, otherwise you won't be able to use it.

What to do next?