themeeper1
asked on
Oracle constantly making audit logs
I'm on Oracle 11.2.02 and recently our AIX admins have been saying they've been getting constant audits of failed make directories under my oracle diag home. Has anyone ran into this problem? The directory it keeps on trying to make already exists so the mkdirs actually fail. Below is a snippet of what the AIX admin's audit looks like. Anyone input/advice is greatly appreciated!
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
mode: 755 dir: /server1/oracle/diag/rdbms
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
mode: 755 dir: /server1/oracle/diag/rdbms
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
mode: 755 dir: /server1/oracle/diag/rdbms
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
mode: 755 dir: /server1/oracle/diag/rdbms
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
mode: 755 dir: /server1/oracle/diag/rdbms
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
mode: 755 dir: /server1/oracle/diag/rdbms
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
mode: 755 dir: /server1/oracle/diag/rdbms
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
mode: 755 dir: /server1/oracle/diag/rdbms
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
mode: 755 dir: /server1/oracle/diag/rdbms
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
mode: 755 dir: /server1/oracle/diag/rdbms
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
mode: 755 dir: /server1/oracle/diag/rdbms
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
mode: 755 dir: /server1/oracle/diag/rdbms
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
mode: 755 dir: /server1/oracle/diag/rdbms
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
mode: 755 dir: /server1/oracle/diag/rdbms
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
mode: 755 dir: /server1/oracle/diag/rdbms
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
mode: 755 dir: /server1/oracle/diag/rdbms
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
mode: 755 dir: /server1/oracle/diag
Wed Jan 16 14:26:19 2013 FILE_Mode OK userj 16842998 1 69927151
mode: 775 filename /server1/oracle/diag
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
mode: 755 dir: /server1/oracle/diag/rdbms
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
mode: 755 dir: /server1/oracle/diag/rdbms
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
mode: 755 dir: /server1/oracle/diag/rdbms
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
mode: 755 dir: /server1/oracle/diag/rdbms
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
mode: 755 dir: /server1/oracle/diag/rdbms
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
mode: 755 dir: /server1/oracle/diag/rdbms
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
mode: 755 dir: /server1/oracle/diag/rdbms
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
mode: 755 dir: /server1/oracle/diag/rdbms
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
mode: 755 dir: /server1/oracle/diag/rdbms
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
mode: 755 dir: /server1/oracle/diag/rdbms
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
mode: 755 dir: /server1/oracle/diag/rdbms
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
mode: 755 dir: /server1/oracle/diag/rdbms
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
mode: 755 dir: /server1/oracle/diag/rdbms
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
mode: 755 dir: /server1/oracle/diag/rdbms
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
mode: 755 dir: /server1/oracle/diag/rdbms
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
mode: 755 dir: /server1/oracle/diag/rdbms
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
mode: 755 dir: /server1/oracle/diag/rdbms
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
mode: 755 dir: /server1/oracle/diag
Wed Jan 16 14:26:19 2013 FILE_Mode OK userj 16842998 1 69927151
mode: 775 filename /server1/oracle/diag
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
mode: 755 dir: /server1/oracle/diag/rdbms
Wed Jan 16 14:26:19 2013 FS_Mkdir FAIL userj 16842998 1 69927151
David VanZandt
Have userj test in the script that if the directory exists, skip it. However, the permissions suggest s/he is trying to recreate part of the ORACLE BASE tables -- if so, s/b as oracle.
ASKER
That directory already exists so it technically skips it but for some reason Oracle isn't recognizing that that directory exists.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Mrjoltcola - I agree this is a normal OS audit but these failed mkdirs occur 10 or 15 times every second. I've tailed the log and it's just flying by.
dvz - I asked oracle support, but they weren't able to provide any clear reason why or how to stop this.
dvz - I asked oracle support, but they weren't able to provide any clear reason why or how to stop this.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Yeah I did a database trace and didn't find anything.
It's really odd because these failed mkdirs are being generated every second. It's almost as if Oracle doesn't realize this directory exists. Is there some parameter where I can check to see if oracle recognizes the directory as being valid or registered? Thanks for all the input I've received.
It's really odd because these failed mkdirs are being generated every second. It's almost as if Oracle doesn't realize this directory exists. Is there some parameter where I can check to see if oracle recognizes the directory as being valid or registered? Thanks for all the input I've received.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.