Wednesday, 26 June 2013

SETTING UP CRON JOBS IN UNIX AND SOLARIS

SETTING UP CRON JOBS IN UNIX AND SOLARIS

Cron is a unix, solaris utility that allows tasks to be automatically run in the background at regular intervals by the cron daemon. These tasks are often termed as cron jobs in unix , solaris.  Crontab (CRON TABle) is a file which contains the schedule of cron entries to be run and at specified times.
This document covers following aspects of Unix cron jobs
1. Crontab Restrictions
2. Crontab Commands
3. Crontab file – syntax
4. Crontab Example
5. Crontab Environment
6. Disable Email
7. Generate log file for crontab activity
1. Crontab Restrictions
You can execute crontab if your name appears in the file /usr/lib/cron/cron.allow. If that file does not exist, you can use
crontab if your name does not appear in the file /usr/lib/cron/cron.deny.
If only cron.deny exists and is empty, all users can use crontab. If neither file exists, only the root user can use crontab. The allow/deny files consist of one user name per line.
2. Crontab Commands
export EDITOR=vi ;to specify a editor to open crontab file.
crontab -e    Edit your crontab file, or create one if it doesn’t already exist.
crontab -l      Display your crontab file.
crontab -r      Remove your crontab file.
crontab -v      Display the last time you edited your crontab file. (This option is only available on a few systems.)
3. Crontab file
Crontab syntax :
A crontab file has five fields for specifying day , date and time followed by the command to be run at that interval.
*     *     *   *    *        command to be executed
-     -     -   -    -
|     |     |   |    |
|     |     |   |    +----- day of week (0 - 6) (Sunday=0)
|     |     |   +------- month (1 - 12)
|     |     +--------- day of        month (1 - 31)
|     +----------- hour (0 - 23)
+------------- min (0 - 59)
* in the value field above means all legal values as in braces for that column.
The value column can have a * or a list of elements separated by commas. An element is either a number in the ranges shown above or two numbers in the range separated by a hyphen (meaning an inclusive range). Notes
A. ) Repeat pattern like /2 for every 2 minutes or /10 for every 10 minutes is not supported by all operating systems. If you try to use it and crontab complains it is probably not supported.
B.) The specification of days can be made in two fields: month day and weekday. If both are specified in an entry, they are cumulative meaning both of the entries will get executed .
4. Crontab Example
A line in crontab file like below removes the tmp files from /home/someuser/tmp each day at 6:30 PM.
30     18     *     *     *         rm /home/someuser/tmp/*
Changing the parameter values as below will cause this command to run at different time schedule below :

min
hour
day/month
month
day/week
Execution time
30
0
1
1,6,12
*
– 00:30 Hrs  on 1st of Jan, June & Dec.

0
20
*
10
1-5
–8.00 PM every weekday (Mon-Fri) only in Oct.

0
0
1,10,15
*
*
– midnight on 1st ,10th & 15th of month

5,10
0
10
*
1
– At 12.05,12.10 every Monday & on 10th of every month
:
 
Note : If you inadvertently enter the crontab command with no argument(s), do not attempt to get out with Control-d. This removes all entries in your crontab file. Instead, exit with Control-c.
5. Crontab Environment
cron invokes the command from the user’s HOME directory with the shell, (/usr/bin/sh).
cron supplies a default environment for every shell, defining:
HOME=user’s-home-directory
LOGNAME=user’s-login-id
PATH=/usr/bin:/usr/sbin:.
SHELL=/usr/bin/sh
Users who desire to have their .profile executed must explicitly do so in the crontab entry or in a script called by the entry.
6. Disable Email
By default cron jobs sends a email to the user account executing the cronjob. If this is not needed put the following command At the end of the cron job line .
>/dev/null 2>&1
7. Generate log file
To collect the cron execution execution log in a file :

30 18 * * * rm /home/someuser/tmp/* > /home/someuser/cronlogs/clean_tmp_dir.log

Audit Trails in oracle database



            Audit Trails in oracle database

Auditing Trails Records are stored in two ways

1) Database Table (sys.aud$)

2) OS Directory (audit_file_dest)

Option 1 : If we use DB table to store auditing records Performance will be degrade, Because these tables are under SYSTEM Tablespace by default, also we can move this sys.aud$ table to dedicated tablespace for this we need to create new Tablespace. Oracle recommends to use OS Directory to store Audit Trail Records.

Table Growth: The Audit Trails table growth depends on what are the Auditing are enabled, for example: If whenever a table has been altered, updated, inserted or deleted.

SQL> AUDIT ALTER, GRANT, INSERT, UPDATE, DELETE

    ON DEFAULT;

 Purging Audit Trails Table: The purging Audit Trails Records in the tables can be manually purge or automatic purge.

Option 2: If we use OS Directory to store auditing records there will not be any performance issue also easy to manage those log files, we can define its size and age. Purging also enabled as automatic purging.

Our Plan:

As per Oracle recommendation we will implement OS Directory to store these Audit Trail Records.

Procedure:

1) Modify the initialization file for enabling Audit trail.

2) Set the Audit file destination in initialization file.

3) Define the Size of its log file.

4) Define days to create new log file.

5) Define Purging days for automatic purging.

6) Define Audit Trails in Database.

7) Bounce the Database.

8) Create new pfile from spfile.

Step 1: Modify the initialization file for enabling Audit trail.

SQL> ALTER SYSTEM SET audit_trail=os SCOPE=SPFILE;

System altered.

SQL> ALTER SYSTEM SET AUDIT_SYS_OPERATIONS=TRUE SCOPE=SPFILE;

System altered.

Step 2: Set the Audit file destination in initialization file.

#Default Location is $ORACLE_HOME/rdbms/audit

If we like to change to location for log files the below command will change its location.

SQL> ALTER SYSTEM SET audit_file_dest=/backup/Audit_Trails/ SCOPE=SPFILE;

System altered.

Note : some latest it will work otherwise need to edit on pfile , bounce Database using new audit_file_dest=’<new location >’.

Step 3: Define the Size of its log file.

If we like to create new file after reaching 100MB, the following procedure calls new log file after reaching 100MB.

BEGIN

DBMS_AUDIT_MGMT.SET_AUDIT_TRAIL_PROPERTY(

       audit_trail_type => DBMS_AUDIT_MGMT.AUDIT_TRAIL_OS,

       audit_trail_property  =>  DBMS_AUDIT_MGMT.OS_FILE_MAX_SIZE,

       audit_trail_property_value =>  102400 /* 100MB*/ );

END;

/

Step 4: Define days to create new log file.

If we like to create new file after one day, the following procedure calls new file after 1 day.

BEGIN

DBMS_AUDIT_MGMT.SET_AUDIT_TRAIL_PROPERTY(

       audit_trail_type => DBMS_AUDIT_MGMT.AUDIT_TRAIL_OS,

       audit_trail_property  =>  DBMS_AUDIT_MGMT.OS_FILE_MAX_AGE,

       audit_trail_property_value  =>  1 /* days */);

END;

/

Step 5: Define Purging days for automatic purging.

If we like to purge all Auditing Records after 7 days, the following procedure will purge after 7days once.

BEGIN

  DBMS_AUDIT_MGMT.CREATE_PURGE_JOB (

   AUDIT_TRAIL_TYPE            => DBMS_AUDIT_MGMT.AUDIT_TRAIL_OS,

   AUDIT_TRAIL_PURGE_INTERVAL  => 168,

   AUDIT_TRAIL_PURGE_NAME      => 'Standard_Audit_Trail_PJ',

   USE_LAST_ARCH_TIMESTAMP     => FALSE );

END;

/

Step 6: Define Audit Trails in Database.

To protect unauthorized access of all Table, we will Audit any Create, Alter, Update and Delete on all tables using the following query,

SQL> AUDIT DELETE ANY TABLE, ALTER ANY TABLE, CREATE ANY TABLE, UPDATE ANY TABLE BY SYS,APPS;

Step 7: Bounce the Database.

SQL>SHUTDOWN IMMEDIATE

SQL>STARTUP

Step 8: create new pfile from spfile

SQL > CREATE PFILE FROM SPFILE;