|
|
五、修改/etc/security/limits.conf和 /etc/pam.d/login和/etc/profile 这个在OCM环境已经配置好。
参考官方文档:http://docs.oracle.com/cd/B19306_01/install.102/b14203/prelinux.htm
To increase the shell limits:
- Add the following lines to the /etc/security/limits.conf file:
oracle soft nproc 2047 oracle hard nproc 16384 oracle soft nofile 1024 oracle hard nofile 65536
- Add or edit the following line in the /etc/pam.d/login file, if it does not already exist:
session required /lib/security/pam_limits.so
- Depending on the oracle user's default shell, make the following changes to the default shell startup file:
- For the Bourne, Bash, or Korn shell, add the following lines to the /etc/profile file (or the fileon SUSE systems)/etc/profile.local:
if [ $USER = "oracle" ]; then if [ $SHELL = "/bin/ksh" ]; then ulimit -p 16384 ulimit -n 65536 else ulimit -u 16384 -n 65536 fi fi
- For the C shell (csh or tcsh), add the following lines to the /etc/csh.login file (or the file on SUSE systems)/etc/csh.login.local:
if ( $USER == "oracle" ) then limit maxproc 16384 limit descriptors 65536 endif
- Repeat this procedure on all other nodes in the cluster.
------------------------------------------------------------------------------------------------------------------------------------------------------------------------我的修改如下:
rac1节点
[iyunv@rac1 ~]# cp /etc/security/limits.conf /etc/security/limits.conf.bak[iyunv@rac1 ~]# vi /etc/security/limits.conf# /etc/security/limits.conf##Each line describes a limit for a user in the form:##<domain> <type> <item> <value>##Where:#<domain> can be:# - an user name# - a group name, with @group syntax# - the wildcard *, for default entry# - the wildcard %, can be also used with %group syntax,# for maxlogin limit##<type> can have the two values:# - "soft" for enforcing the soft limits# - "hard" for enforcing hard limits##<item> can be one of the following:# - core - limits the core file size (KB)# - data - max data size (KB)# - fsize - maximum filesize (KB)# - memlock - max locked-in-memory address space (KB)# - nofile - max number of open files# - rss - max resident set size (KB)# - stack - max stack size (KB)# - cpu - max CPU time (MIN)# - nproc - max number of processes# - as - address space limit# - maxlogins - max number of logins for this user# - maxsyslogins - max number of logins on the system# - priority - the priority to run user process with# - locks - max number of file locks the user can hold# - sigpending - max number of pending signals# - msgqueue - max memory used by POSIX message queues (bytes)# - nice - max nice priority allowed to raise to# - rtprio - max realtime priority##<domain> <type> <item> <value>#
#* soft core 0#* hard rss 10000#@student hard nproc 20#@faculty soft nproc 20#@faculty hard nproc 50#ftp hard nproc 0#@student - maxlogins 4
oracle soft nproc 2047oracle hard nproc 16384oracle soft nofile 1024oracle hard nofile 65536"/etc/security/limits.conf" 58L, 1975C written[iyunv@rac1 ~]# cp /etc/pam.d/login /etc/pam.d/login.bak[iyunv@rac1 ~]# vi /etc/pam.d/login#%PAM-1.0auth [user_unknown=ignore success=ok ignore=ignore default=bad] pam_securetty.soauth include system-authaccount required pam_nologin.soaccount include system-authpassword include system-auth# pam_selinux.so close should be the first session rulesession required pam_selinux.so closesession optional pam_keyinit.so force revokesession required pam_loginuid.sosession include system-authsession optional pam_console.so# pam_selinux.so open should only be followed by sessions to be executed in the user contextsession required pam_selinux.so opensession required /lib/security/pam_limits.so~~~~~~~"/etc/pam.d/login" 15L, 695C written[iyunv@rac1 ~]#
[iyunv@rac1 ~]# cp /etc/profile /etc/profile.bak[iyunv@rac1 ~]# vi /etc/profile# /etc/profile
# System wide environment and startup programs, for login setup# Functions and aliases go in /etc/bashrc
pathmunge () { if ! echo $PATH | /bin/egrep -q "(^|:)$1($|:)" ; then if [ "$2" = "after" ] ; then PATH=$PATH:$1 else PATH=$1:$PATH fi fi}
# ksh workaroundif [ -z "$EUID" -a -x /usr/bin/id ]; then EUID=`id -u` UID=`id -ru`fi
# Path manipulationif [ "$EUID" = "0" ]; then pathmunge /sbin pathmunge /usr/sbin pathmunge /usr/local/sbinfi
# No core files by defaultulimit -S -c 0 > /dev/null 2>&1
if [ -x /usr/bin/id ]; then USER="`id -un`" LOGNAME=$USER MAIL="/var/spool/mail/$USER"fi
HOSTNAME=`/bin/hostname`HISTSIZE=1000
if [ -z "$INPUTRC" -a ! -f "$HOME/.inputrc" ]; then INPUTRC=/etc/inputrcfi
export PATH USER LOGNAME MAIL HOSTNAME HISTSIZE INPUTRC
for i in /etc/profile.d/*.sh ; do if [ -r "$i" ]; then if [ "$PS1" ]; then . $i else . $i >/dev/null 2>&1 fi fidone
unset iunset pathmunge
if [ $USER = "oracle" ]; then if [ $SHELL = "/bin/ksh" ]; then ulimit -p 16384 ulimit -n 65536 else ulimit -u 16384 -n 65536 fifi"/etc/profile" 74L, 1234C written[iyunv@rac1 ~]
---------------------------------------------------------------------------------------------------------------------rac2节点:
[iyunv@rac2 ~]# cp /etc/security/limits.conf /etc/security/limits.conf.bak[iyunv@rac2 ~]# vi /etc/security/limits.conf # /etc/security/limits.conf##Each line describes a limit for a user in the form:##<domain> <type> <item> <value>##Where:#<domain> can be:# - an user name# - a group name, with @group syntax# - the wildcard *, for default entry# - the wildcard %, can be also used with %group syntax,# for maxlogin limit##<type> can have the two values:# - "soft" for enforcing the soft limits# - "hard" for enforcing hard limits##<item> can be one of the following:# - core - limits the core file size (KB)# - data - max data size (KB)# - fsize - maximum filesize (KB)# - memlock - max locked-in-memory address space (KB)# - nofile - max number of open files# - rss - max resident set size (KB)# - stack - max stack size (KB)# - cpu - max CPU time (MIN)# - nproc - max number of processes# - as - address space limit# - maxlogins - max number of logins for this user# - maxsyslogins - max number of logins on the system# - priority - the priority to run user process with# - locks - max number of file locks the user can hold# - sigpending - max number of pending signals# - msgqueue - max memory used by POSIX message queues (bytes)# - nice - max nice priority allowed to raise to# - rtprio - max realtime priority##<domain> <type> <item> <value>#
#* soft core 0#* hard rss 10000#@student hard nproc 20#@faculty soft nproc 20#@faculty hard nproc 50#ftp hard nproc 0#@student - maxlogins 4
oracle soft nproc 2047oracle hard nproc 16384oracle soft nofile 1024oracle hard nofile 65536"/etc/security/limits.conf" 58L, 1975C written[iyunv@rac2 ~]# cp /etc/pam.d/login /etc/pam.d/login.bak[iyunv@rac2 ~]# vi /etc/pam.d/login#%PAM-1.0auth [user_unknown=ignore success=ok ignore=ignore default=bad] pam_securetty.soauth include system-authaccount required pam_nologin.soaccount include system-authpassword include system-auth# pam_selinux.so close should be the first session rulesession required pam_selinux.so closesession optional pam_keyinit.so force revokesession required pam_loginuid.sosession include system-authsession optional pam_console.so# pam_selinux.so open should only be followed by sessions to be executed in the user contextsession required pam_selinux.so opensession required /lib/security/pam_limits.so~~~~~~~"/etc/pam.d/login" 15L, 695C written[iyunv@rac2 ~]#
[iyunv@rac2 ~]# cp /etc/profile /etc/profile.bak[iyunv@rac2 ~]# vi /etc/profile# /etc/profile
# System wide environment and startup programs, for login setup# Functions and aliases go in /etc/bashrc
pathmunge () { if ! echo $PATH | /bin/egrep -q "(^|:)$1($|:)" ; then if [ "$2" = "after" ] ; then PATH=$PATH:$1 else PATH=$1:$PATH fi fi}
# ksh workaroundif [ -z "$EUID" -a -x /usr/bin/id ]; then EUID=`id -u` UID=`id -ru`fi
# Path manipulationif [ "$EUID" = "0" ]; then pathmunge /sbin pathmunge /usr/sbin pathmunge /usr/local/sbinfi
# No core files by defaultulimit -S -c 0 > /dev/null 2>&1
if [ -x /usr/bin/id ]; then USER="`id -un`" LOGNAME=$USER MAIL="/var/spool/mail/$USER"fi
HOSTNAME=`/bin/hostname`HISTSIZE=1000
if [ -z "$INPUTRC" -a ! -f "$HOME/.inputrc" ]; then INPUTRC=/etc/inputrcfi
export PATH USER LOGNAME MAIL HOSTNAME HISTSIZE INPUTRC
for i in /etc/profile.d/*.sh ; do if [ -r "$i" ]; then if [ "$PS1" ]; then . $i else . $i >/dev/null 2>&1 fi fidone
unset iunset pathmunge
if [ $USER = "oracle" ]; then
if [ $SHELL = "/bin/ksh" ]; then
ulimit -p 16384
ulimit -n 65536
else
ulimit -u 16384 -n 65536
fi
fi"/etc/profile" 74L, 1234C written[iyunv@rac2 ~]#
----------------------------------------------------------------------------------------------------------------------------------------------
版权声明:本文为博主原创文章,未经博主允许不得转载。 |
|
QQ群⑧:
窥视卡
雷达卡
发表于 2015-11-9 11:51:07
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡