Installation Instructions For The Project Database 1. System Requirements These system requirements are based on what has been tested using the prototype. Using software components other than what is stated here is an unknown and thus not guaranteed to work. - Solaris 2.4 (through kernel patch 37) - Oracle RDBMS 7.3.2 - Apache 1.1 Web Server - SSLeay overlay for Apache 1.1 - Athena components - Project Database application software We will discuss in more detail issues relating to all of the above except Solaris 2.4 and the Athena components. Solaris and Athena installation will be discussed in a separate document. 2. Oracle RDBMS This application requires the use of Oracle 7.3.2 due to its usage of the Oracle web application developer toolkit (a collection of stored procedures to facilitate dynamic generation of web pages from Oracle stored procedures). This installation assumes a system with 5 disks which are used as follows: 1 disk for os /u1 - for oracle product binaries (1 disk) /u2 - oracle database data (1 disk) Redo logs, system, temp /u3 - oracle database data (1 disk) Redo logs, tablespaces with small tables or infrequently used/modified tables /u4 - oracle database data (large records, more frequently accessed) /u5 - oracle archived redo logs, rollback (1 disk) 2a. Pre-installation Steps Perform the pre-installation setup as indicated in the Oracle Installation for Solaris Guide. This includes reconfiguring the kernel shared memory and semaphore parameters, as well as adding an oracle user account and dba group. Kernel configuration parameters are stored in /etc/system. The following values are recommended shared memory and semaphore parameters for Oracle: set semsys:seminfo_semmni=70 set semsys:seminfo_semmns=200 set shmsys:shminfo_shmmax=8388608 set shmsys:shminfo_shmmni=100 set shmsys:shminfo_shmseg=10 set shmsys:shminfo_shmmin=1 2a.1 Create The OFA directory structure Login to Solaris as the oracle user and create the following directories for the database files: /u1/app/oracle/admin/pdb /u1/app/oracle/product/7.3.2 /u1/oradata/pdb /u2/oradata/pdb /u3/oradata/pdb /u4/oradata/pdb /u5/oradata/pdb /u5/app/oracle/admin/pdb/arch 2a.2 STEPS FOR ATHENA MACHINES If your host system will run as an athena workstation, then you must perform the following additional pre-installation steps. - Add oracle account. The oracle user account must be added as follows: - add oracle user account to /etc/passwd as you would do normally. Run pwconv to update the shadow file. - copy the oracle user account info from /etc/passwd to /etc/passwd.local. - copy /etc/shadow to /etc/shadow.local - Add dba group information. This must be added to both /etc/group and /etc/group.local - add AFS mystery groups to group file issue the following command: id -a If the output shows one or more groups which have no mapping to an actual group name, then you must create corresponding dummy groups in the /etc/group and /etc/group.local files For example: % id -a uid=3097(delgado) gid=101(oraweb) groups=101(oraweb),100(dba),323391, 324419 You would add the following to the /etc/group and /etc/group.local files dummy1:323391:oracle, delgado dummy2:324419:oracle, delgado - Use ksh - you may want to consider using ksh or sh as your shell during the installation. We have had problems in the past with the Oracle installer using the tsh shell. 2b. Install Oracle Products Set the following Oracle environment variables: ORACLE_HOME = /u1/app/oracle/product/7.3.2 ORACLE_BASE = /u1/app/oracle ORACLE_SID = pdb DO NOT HAVE THE ORACLE INSTALLER CREATE THE DATABASE FOR YOU. Install the following Oracle Products: - Oracle RDBMS - PL/SQL - server manager - SQLPlus 2C. Database Configuration We provide scripts to create the database, so do not have the oracle installer create a database for you. You may edit the crdb.sql script to change the locations of any of the database files prior to running the script. Our configuration is setup as follows: Control files are mirrored on 3 disks. Redo logs: mirrored, 3 groups with 2 members each. Rollbacks: 4 segments, 16k blocks. Database Block size = 8K (we are storing lots of variable text records). 1. COPY THE PROJECT DATABASE CONFIG FILES TO YOUR LOCAL HOST a. create the following oracle-owned directories: /u1/app/oracle/admin/pdb/pfile /u1/app/oracle/admin/pdb/cdump /u1/app/oracle/admin/pdb/bdump /u1/app/oracle/admin/pdb/udump b. copy the files in /mit/project-db/src/pfile to /u1/app/oracle/admin/pdb/pfile (you may customize the pfile/* at this point) c. startup the oracle instance. svrmgrl> connect internal; svrmgrl> startup nomount pfile=/u1/app/oracle/admin/pdb/pfile/initpdb.ora; (or startup nomount if exists symbolic link between the pfile above and /u1/app/oracle/product/7.3.2/dbs/initpdb.ora and ORACLE_SID is pdb) 2. CREATE THE PROJECT DATABASE Run the following script to create the database: svrmgrl> /mit/project-db/src/schema/crdb.sql This script creates the database, rollback segments application tablespaces, and loads the necessary rdbms packages into the database. ( on ops-5 crdb is cutomized so it is in /u1/app/oracle/admin/pdb/create/crdb.sql) 2D. Post installation Steps CREATE APPLICATION-SPECIFIC ORACLE ACCOUNTS 2D.1 Make a private copy of the /mit/project-db/src/schema/crusers.sql script. Edit the script to change the passwords for the user accounts. (have same passwd in /var/oracle-web/.ora*login) 2D.2 Run your copy of crusers.sql (after connecting internal) This script creates application database users and roles, loads the application schema and packages, and grants execute access on the packages to the application roles. 2D.3 run /mit/project-db/src/schema/superusers.sql as internal PRIME THE DATABASE WITH SOME DATA (test data) The following script populates some of the base tables with some data to define values for objects such as mit process names, process directors, etc: connect pdb/xxxx /mit/project-db/src/pl-sql/data.sql /mit/project-db/src/pl-sql/test.sql START AUTOMATIC REDO LOG ARCHIVING As internal, shutdown the database. 1. Edit the initpd.ora file and uncomment the following line: #log_archive_start = true # if you want automatic archiving 2. Restart the Oracle instance 3. As internal or sys issue the following: alter database set archivelog mode true; alter database backup control file to trace. 3. Install the Apache/SSL Web Server There is a binary version of Apache 1.1 with SSL available in the oracle-web locker. This is what the system has been tested with, and this is what we recommend that you use. 3.a Create the following directories owned by root with the following access permissions: directory group mode /var/httpsd oraweb 755 /var/htdocs oraweb 775 /var/httpsd/cgi-bin oraweb 770 /var/httpsd/conf oraweb 750 /var/ssl oraweb 710 /var/ssl/bin oraweb 750 /var/ssl/certs oraweb 750 /var/ssl/lib oraweb 750 /var/ssl/private oraweb 750 3.b Install the Apache 1.1 Web Server The Apache 1.1 Web Server (with SSL) binary is located in the following directory: /mit/oracle-web/apache-ssl/ The corresponding configuration files for the httpsd binary are located in: /mit/oracle-web/conf Copy these files to /var/httpsd/conf: cp *.conf /var/httpsd/conf; chmod /var/httpsd/conf/*.conf 750; The ssleay-related binaries and configuration files are located in: /mit/oracle-web/apache-ssl/ssleay-bin. Copy these to /var/ssl on the web server host. 3.c Generate certificate request for Web Server. (see instructions on http://web.mit.edu/tps/www/working/ssl.html) or cd /var/ssl/bin CA.sh -newreq (save or remember the pem pass phrase you typed in) cut and paste cert request and mail to jis intall private key in /var/ssl/private 3.d Install MIT CA and Web Server certificates 3.e Edit the /var/https/conf/httpd.conf file to define the name of you machine and the user id and group id for the httpd daemon to run as. 3.f Start Apache Web Server The apache web server cannot successfully be started until you have installed the certificate for the Web Server. You will also be prompted for a pem phrase when the server starts. This is the same pem pass phrase you typed in when runnining "newreq". 4. Install the DB-CGI program 4.a Create the following db-cgi directories with the indicated access permissions. directory owner group mode /var/oracle-web root dba 770 4.b Install the db.cgi program The db.cgi program is located in the following directory: /mit/oracle-web/owcgi/db.cgi Copy db.cgi to /var/httpsd/cgi-bin : cp db.cgi /var/httpsd/cgi-bin chmod /var/httpsd/cgi-bin/db.cgi 755. 4.c Create oramaint password file Create password files for the oramaint user account int the /var/oracle-web directory. The file should be name .oramaintlogin and it should have the following format: /