Control Compliance Suite Troubleshooting Oracle Asset Import on Linux via Agentless

book

Article ID: 171705

calendar_today

Updated On:

Products

Control Compliance Suite Exchange Control Compliance Suite Unix Control Compliance Suite Windows

Issue/Introduction

You want to import an Oracle database in to Control Compliance Suite (CCS).

Cause

A variety of reasons can cause an import to not return any databases.

Could be the user does not have the needed permissions.
Or that the database or listener are not running, or listed as a running process.

Environment

CCS 11.x or 12x

Resolution

First you will want to enable verbose logging and TECH204604 and TECH115909.

When you configure an Asset Import job and select "Network" for the source, you will need to "Scope" it to an already imported Asset (such as RHEL Linux)
Be sure to refer to our Support Matrix for supported OSs and Databases.

The OS credential configured for the asset you scope to will need elevated permissions in order to find all the details about the database(s) to import them.
 

  1. Run the import job after verbose logging as been enabled on the CCS Manager(s).
  2. Once it finishes refer to the following log file C:\ProgramData\Symantec.CSM\Logs\CCSManager\DCInfra\BvCURDCCore.log

 

First thing you will want to look for is something like this

  • CF|     EDC|     8A4|"blade|BvCUCommandWrap|  819| 5/16/2018| 8: 9:47:464|Audit:Command executed:  ps -eo "pid,args" |  grep pmon |  grep -v "grep" | while read Instances; do instanceID=$(echo $Instances |  egrep  -o '\b([0-9]+)\b'); instanceName=$(echo $Instances |  awk -F" " '{print $2}'); OraHome=$( ls -llad /proc/$instanceID/exe |  awk -F"->" '{print$2}'); echo $instanceName=$OraHome; done

  • D1|     EDC|     4A4|"blade|BvCUCommandWrap|  811| 5/16/2018| 8: 9:47:526|Audit:CommandOutput:ora_pmon_orcl= /opt/oracle/app/oracle/product/11.2.0/dbhome_1/bin/oracle

    ora_pmon_DBName1= /opt/oracle/app/oracle/product/11.2.0/dbhome_1/bin/oracle

 

If that CommandOutput does not show anything, it is recommended to log in to the target system as the user configured in CCS, then manually run the command.
Chances are either there are no databases running or the user does not have permission to "ls -llad /proc/$instanceID/exe", as files in /proc usually require elevated permissions to access. Most of that command resolves around finding the $instanceID variable.
If that came back ok, then the next command to look for is.
 
  • 140|     EDC|     4A4|"blade|BvCUCommandWrap|  819| 5/16/2018| 8: 9:54:432|Audit:Command executed: ps -eo pid,command |  grep tnslsnr | grep -v "grep" | awk -F' ' '{print $1":"$2":"$3}' 

  • 142|     EDC|     4A4|"blade|BvCUCommandWrap|  811| 5/16/2018| 8: 9:54:448|Audit:CommandOutput:3499:/opt/oracle/app/oracle/product/11.2.0/dbhome_1/bin/tnslsnr:LISTENER

 

Again if there is no output it is recommended to connect to the asset and look at why. Is the listener running? As that is the next command we look at next.
In the previous command we found that the name of the listener is "LISTENER" this can be anything, which is why we get it from the list of processes running.

 

  • 1AC|     EDC|     4A4|"blade|BvCUCommandWrap|  819| 5/16/2018| 8:10: 1:323|Audit:Command executed:export ORACLE_HOME=/opt/oracle/app/oracle/product/11.2.0/dbhome_1; /opt/oracle/app/oracle/product/11.2.0/dbhome_1/bin/lsnrctl status LISTENER

  • 1AE|     EDC|     4A4|"blade|BvCUCommandWrap|  811| 5/16/2018| 8:10: 1:354|Audit:CommandOutput:

  • LSNRCTL for Linux: Version 11.2.0.1.0 - Production on 16-MAY-2018 09:10:06

  • Copyright (c) 1991, 2009, Oracle.  All rights reserved.

  • Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1521)))

  • STATUS of the LISTENER

  • ------------------------

  • Alias                     LISTENER

  • Version                   TNSLSNR for Linux: Version 11.2.0.1.0 - Production

  • Start Date                09-MAY-2018 05:51:15

  • Uptime                    7 days 3 hr. 18 min. 51 sec

  • Trace Level               off

  • Security                  ON: Local OS Authentication

  • SNMP                      OFF

  • Listener Parameter File   /opt/oracle/app/oracle/product/11.2.0/dbhome_1/network/admin/listener.ora

  • Listener Log File         /opt/oracle/app/oracle/diag/tnslsnr/HOSTNAME/listener/alert/log.xml

  • Listening Endpoints Summary...

  •   (DESCRIPTION=(ADDRESS=(PROTOCOL=ipc)(KEY=EXTPROC1521)))

  •   (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=hostname.fqdn.local)(PORT=1521)))

  • Services Summary...

  • Service "DBName1" has 1 instance(s).

  •   Instance "DBName1", status READY, has 1 handler(s) for this service...

  • Service "DBName1XDB" has 1 instance(s).

  •   Instance "DBName1", status READY, has 1 handler(s) for this service...

  • Service "orcl.fqdn.local" has 1 instance(s).

  •   Instance "orcl", status READY, has 1 handler(s) for this service...

  • Service "orclXDB.fqdn.local" has 1 instance(s).

  •   Instance "orcl", status READY, has 1 handler(s) for this service...

  • The command completed successfully

 

 

 

Then we look for a specific file and try to access it/read the contents. As you can see we are looking in the /etc/passwd file, again permissions could be an issue.

  • 2DF|     EDC|     4A4|"blade|BvCUCommandWrap|  819| 5/16/2018| 8:10: 8:854|Audit:Command executed:LC_TIME=POSIX;export LC_TIME;for var in /etc/passwd /opt/oracle/app/oracle/product/11.2.0/dbhome_1/inventory/ContentsXML/comps.xml; do echo "$var"  | egrep -v "(/\.\.?(/|$))|(^\.$)|(^\.\.$)" ;  done  |  sed -e "s:[ \t\"']:\\\&:g"  | xargs ls -a1 | awk '{ dn1 = ""; do { ln = $0; if ("" == ln || "." == ln || ".." == ln) continue; if(substr(ln, length(ln) , 1) == ":") { dn1 = substr(ln, 1, length(ln) - 1); gsub("[/]+", "/", dn1); printf ("%s\n", dn1); if (0 == match(dn1, "/$"))dn1 = dn1 "/"; } else { gsub("[/]+", "/", ln); if (substr(ln, 1, 1) == "/") printf ("%s\n", ln);  else printf ("%s%s\n", dn1, ln); } } while (getline > 0); }' |  sed -e "s:[ \t\"']:\\\&:g"  |  xargs  ls -land 

  • 2E1|     EDC|     4A4|"blade|BvCUCommandWrap|  811| 5/16/2018| 8:10: 8:917|Audit:CommandOutput:-rw-r--r--. 1    0    0   2716 Jan 31  2017 /etc/passwd

  • -rw-rw----. 1 1001 1001 409258 Jan 31  2017 /opt/oracle/app/oracle/product/11.2.0/dbhome_1/inventory/ContentsXML/comps.xml

 

 

 

  • 2FB|     EDC|     4A4|"blade|BvCUCommandWrap|  819| 5/16/2018| 8:10: 9: 11|Audit:Command executed:file "/opt/oracle/app/oracle/product/11.2.0/dbhome_1/inventory/ContentsXML/comps.xml" </dev/null 

  • 2FD|     EDC|     4A4|"blade|BvCUCommandWrap|  811| 5/16/2018| 8:10: 9:104|Audit:CommandOutput:/opt/oracle/app/oracle/product/11.2.0/dbhome_1/inventory/ContentsXML/comps.xml: XML 1.0 document, ASCII text, with very long lines

 

  • 304|     EDC|     4A4|"blade|BvCUCommandWrap|  819| 5/16/2018| 8:10: 9:120|Audit:Command executed:test -r "/opt/oracle/app/oracle/product/11.2.0/dbhome_1/inventory/ContentsXML/comps.xml" </dev/null  && echo "File is readable"

  • 306|     EDC|     4A4|"blade|BvCUCommandWrap|  811| 5/16/2018| 8:10: 9:120|Audit:CommandOutput:File is readable

 

  • 30D|     EDC|     4A4|"blade|BvCUCommandWrap|  819| 5/16/2018| 8:10: 9:120|Audit:Command executed:cat -vt /opt/oracle/app/oracle/product/11.2.0/dbhome_1/inventory/ContentsXML/comps.xml </dev/null

  • 30F|     EDC|     4A4|"blade|BvCUCommandWrap|  811| 5/16/2018| 8:10: 9:261|Audit:CommandOutput:<?xml version="1.0" standalone="yes" ?>

  • <!-- Copyright (c) 1999, 2009, Oracle. All rights reserved. -->

  • <!-- Do not modify the contents of this file by hand. -->

  • <PRD_LIST>

  • <TL_LIST>

  • <COMP NAME="oracle.server" VER="11.2.0.1.0" BUILD_NUMBER="0" REP_VER="0.0.0.0.0" RELEASE="Production"

  • INV_LOC="Components/oracle.server/11.2.0.1.0/1/" LANGS="en" XML_INV_LOC="Components21/oracle.server/11.2.0.1.0/" ACT_INST_VER="11.2.0.1.0"

  • DEINST_VER="11.2.0.0.0" INSTALL_TIME="2017.Jan.31 07:11:34 MST" INST_LOC="/opt/oracle/app/oracle/product/11.2.0/dbhome_1/oracle.server">

  •    <EXT_NAME>Oracle Database 11g</EXT_NAME>

  •    <DESC>Installs an optional preconfigured starter database, product options, management tools, networking services, utilities, and basic client software for an Oracle

  • Database server. This option also supports Automatic Storage Management database configuration.</DESC>

  •    <DESCID>COMPONENT_DESC</DESCID>

  •    <STG_INFO OSP_VER="10.2.0.0.0"/>

  •    <CMP_JAR_INFO>

  •       <INFO NAME="filemapObj" VAL="Components/oracle/server/v11_2_0_1_0/filemap.xml"/>

  •       <INFO NAME="helpDir" VAL="Components/oracle/server/v11_2_0_1_0/help/"/>

  •       <INFO NAME="actionsClass" VAL="Components.oracle.server.v11_2_0_1_0.CompActions"/>

  •       <INFO NAME="resourceClass" VAL="Components.oracle.server.v11_2_0_1_0.resources.CompRes"/>

  •       <INFO NAME="identifiersXML" VAL="Components/oracle/server/v11_2_0_1_0/identifiers.xml"/>

  •       <INFO NAME="contextClass" VAL="Components.oracle.server.v11_2_0_1_0.CompContext"/>

  •       <INFO NAME="fastCopyLogXML" VAL="Components/oracle/server/v11_2_0_1_0/fastCopyLog.xml"/>

  •    </CMP_JAR_INFO>

  •    <LOC_INFO INST_DFN_LOC="../Scripts" JAR_NAME="install2.jar"/>

  •    <BOOK NAME="oracle.server.hs"/>

  •    <PRE_REQ DEF="F"/>

  •    <PROD_HOME DEF="F"/>

  •    <LANG_IDX_MAP>

  •       <LANG LIST="en fr ar bn pt_BR bg fr_CA ca hr cs da nl ar_EG en_GB et fi de el iw hu is in it ja ko es lv lt ms es_MX no pl pt ro ru zh_CN sk sl es_ES sv th zh_TW tr

  • uk vi"/>

  •       <LANGSET IDX="1" BITSET="{0, 1, 2, 3, 4, 5, 

 

Once you see the contents of that file in the log file, you should see your database imported in to CCS.