Forum OpenACS Development: Re: Fresh install of OpenACS 5.10 on Oracle 19c

Collapse
10: Re: Fresh install of OpenACS 5.10 on Oracle 19c (response to 9)
Posted by Raul Rodriguez on 10/23/22 01:56 AM
Has anyone found a way to use encryption to replace the use of plain text oracle database password in the config file?

Thank you

Collapse
11: Re: Fresh install of OpenACS 5.10 on Oracle 19c (response to 10)
Posted by Gustaf Neumann on 10/29/22 12:36 PM
I don't know anybody, who is manages a large Oracle instance (maybe Brian Fenton, Andrew Piskorski?), but by googling around I found just the secure external password store [1], which you have probably found as well. Not sure, if this is an add-on product. Would this be an option for you?

Normally, configuration files are kept at a secure place, but certainly, it is better, when passwords are never stored as plain text. Sometimes, it is an option to remove the password from the DB and only allow access from certain IP addresses (restricted IP address is highly common).

One more possibility would be to create e.g. an encryption key (e.g. as a PEM file), keep this in a safe place, get the key from there with e.g. ns_crypto API and decipher the encrypted password on the fly. One can save the call with the encrypted value in the configuration file, which can be programmatically decrypted at start time). But of course, when the key file is not kept safely, this does not help.

All the best
-g

[1] https://docs.oracle.com/cd/B19306_01/network.102/b14266/cnctslsh.htm#g1033548

Collapse
12: Re: Fresh install of OpenACS 5.10 on Oracle 19c (response to 11)
Posted by Raul Rodriguez on 12/21/22 10:14 PM
I was reviewing the logs and found 'errno 11'. Does anyone have any information on this?

Thank you

[04/Dec/2022:17:57:57][13704.7fe68a1e4700][-conn:oacs-5-10-0:default:0:18-] Debug(request): end GET /resources/acs-templating/forms
.css HTTP/1.1
[04/Dec/2022:17:57:57][13704.7fe68a1e4700][-conn:oacs-5-10-0:default:0:18-] Debug(ns:driver): NsGetRequest got the pre-parsed reque
st GET /resources/acs-subsite/action-link-marker.png HTTP/1.1 from the driver
[04/Dec/2022:17:57:57][13704.7fe6889e1700][-writer1-] Debug(ns:driver): ### Writer poll collect 0x7fe661bd3e80 size 14181 streaming
0 rateLimit 0
[04/Dec/2022:17:57:57][13704.7fe6889e1700][-writer1-] Debug(ns:driver): ### Writer final pollTimeout -1
[04/Dec/2022:17:57:57][13704.7fe6889e1700][-writer1-] Debug(ns:driver): Socket of pool '' is writable, writer limit 0 nsent 0
[04/Dec/2022:17:57:57][13704.7fe67bfff700][-writer0-] Debug(ns:driver): ### Writer poll collect 0x7fe661bd4080 size 1851 streaming
0 rateLimit 0
[04/Dec/2022:17:57:57][13704.7fe67bfff700][-writer0-] Debug(ns:driver): ### Writer final pollTimeout -1
[04/Dec/2022:17:57:57][13704.7fe67bfff700][-writer0-] Debug(ns:driver): Socket of pool '' is writable, writer limit 0 nsent 0
[04/Dec/2022:17:57:57][13704.7fe67bfff700][-writer0-] Debug(ns:driver): ### Writer 0x7fe661bd4080 can write to client fd 14 (trigge
r 0) streaming 000000 size 1851 nsent 0 bufsize 349
[04/Dec/2022:17:57:57][13704.7fe67bfff700][-writer0-] Debug(ns:driver): ### WriterReadFromSpool [0]: fd 27 tosend 1502 files 0
[04/Dec/2022:17:57:57][13704.7fe67bfff700][-writer0-] Debug(ns:driver): ### WriterReadFromSpool 0x7fe661bd4080 1030000 leftover 349
offset 0
[04/Dec/2022:17:57:57][13704.7fe67bfff700][-writer0-] Debug(ns:driver): Writer 0x7fe661bd4080 done OK (size 0) => RELEASE
[04/Dec/2022:17:57:57][13704.7fe67bfff700][-writer0-] Debug(ns:driver): WriterSockRelease 0x7fe661bd4080 refCount 0 keep 1
[04/Dec/2022:17:57:57][13704.7fe67bfff700][-writer0-] Debug(ns:driver): Writer: closed sock 14, file fd 27, error 0/0, sent=1851, f
lags=1030000
[04/Dec/2022:17:57:57][13704.7fe67bfff700][-writer0-] Debug(ns:driver): NsSockClose sockPtr 0x7fe67400ab40 (14) keep 1
[04/Dec/2022:17:57:57][13704.7fe67bfff700][-writer0-] Debug(ns:driver): NsSockClose calls RequestFree
[04/Dec/2022:17:57:57][13704.7fe67bfff700][-writer0-] Debug(ns:driver): === RequestFree cleans 0x7fe63906e170 (avail 0 keep 1 lengt
h 0 contentLength 0)
[04/Dec/2022:17:57:57][13704.7fe67bfff700][-writer0-] Debug(ns:driver): RequestFree does not call Ns_ResetRequest on 0x7fe63906e178
[04/Dec/2022:17:57:57][13704.7fe67bfff700][-writer0-] Debug(ns:driver): === Push request structure 0x7fe63906e170 in (to pool)
[04/Dec/2022:17:57:57][13704.7fe67bfff700][-writer0-] Debug(ns:driver): ### Writer final pollTimeout 30000
[04/Dec/2022:17:57:57][13704.7fe6889e1700][-writer1-] Debug(ns:driver): ### Writer 0x7fe661bd3e80 can write to client fd 24 (trigge
r 0) streaming 000000 size 14181 nsent 0 bufsize 350
[04/Dec/2022:17:57:57][13704.7fe6889e1700][-writer1-] Debug(ns:driver): ### WriterReadFromSpool [0]: fd 26 tosend 13831 files 0
[04/Dec/2022:17:57:57][13704.7fe6889e1700][-writer1-] Debug(ns:driver): ### WriterReadFromSpool 0x7fe661bd3e80 1030000 leftover 350
offset 0
[04/Dec/2022:17:57:57][13704.7fe6891e2700][-driver:nssock:0-] Debug(ns:driver): === PollWait returned 1, trigger[0] 1
[04/Dec/2022:17:57:57][13704.7fe6891e2700][-driver:nssock:0-] Debug(ns:driver): setting keepwait 5.000000 for socket 14
[04/Dec/2022:17:57:57][13704.7fe6891e2700][-driver:nssock:0-] Debug(ns:driver): === PollWait returned 1, trigger[0] 0
[04/Dec/2022:17:57:57][13704.7fe6891e2700][-driver:nssock:0-] Debug(ns:driver): Peer has closed 0x7fe67400ab40
[04/Dec/2022:17:57:57][13704.7fe6891e2700][-driver:nssock:0-] Debug(ns:driver): SockRelease reason SOCK_CLOSE err 0 (sock 14)
[04/Dec/2022:17:57:57][13704.7fe6889e1700][-writer1-] Debug(ns:driver): Writer 0x7fe661bd3e80 continue OK (size 5989) => PUSH
[04/Dec/2022:17:57:57][13704.7fe6889e1700][-writer1-] Debug(ns:driver): ### Writer poll collect 0x7fe661bd3e80 size 5989 streaming
0 rateLimit 0
[04/Dec/2022:17:57:57][13704.7fe6889e1700][-writer1-] Debug(ns:driver): ### Writer final pollTimeout -1
[04/Dec/2022:17:57:57][13704.7fe6889e1700][-writer1-] Debug(ns:driver): ### Writer 0x7fe661bd3e80 reached POLLHUP fd 24
[04/Dec/2022:17:57:57][13704.7fe6889e1700][-writer1-] Debug(ns:driver): Writer 0x7fe661bd3e80 fd 24 release, not OK (status -2) =>
RELEASE
[04/Dec/2022:17:57:57][13704.7fe6889e1700][-writer1-] Debug(ns:driver): WriterSockRelease 0x7fe661bd3e80 refCount 0 keep 1
[04/Dec/2022:17:57:57][13704.7fe6889e1700][-writer1-] Debug(ns:driver): Writer: closed sock 24, file fd 26, error -2/0, sent=8192,
flags=1030000
[04/Dec/2022:17:57:57][13704.7fe6889e1700][-writer1-] Debug(ns:driver): NsSockClose sockPtr 0x7fe67400ad00 (24) keep 0
[04/Dec/2022:17:57:57][13704.7fe6889e1700][-writer1-] Debug(ns:driver): NsSockClose calls RequestFree
[04/Dec/2022:17:57:57][13704.7fe6889e1700][-writer1-] Debug(ns:driver): === RequestFree cleans 0x7fe638709550 (avail 0 keep 0 lengt
h 0 contentLength 0)
[04/Dec/2022:17:57:57][13704.7fe6889e1700][-writer1-] Debug(ns:driver): RequestFree does not call Ns_ResetRequest on 0x7fe638709558
[04/Dec/2022:17:57:57][13704.7fe6889e1700][-writer1-] Debug(ns:driver): === Push request structure 0x7fe638709550 in (to pool)
[04/Dec/2022:17:57:57][13704.7fe6889e1700][-writer1-] Debug(ns:driver): ### Writer final pollTimeout 30000
[04/Dec/2022:17:57:57][13704.7fe6891e2700][-driver:nssock:0-] Debug(ns:driver): === PollWait returned 1, trigger[0] 1
[04/Dec/2022:17:57:57][13704.7fe6891e2700][-driver:nssock:0-] Debug(ns:driver): SockRelease reason SOCK_CLOSE err 11 (sock -1)
[04/Dec/2022:17:57:57][13704.7fe6891e2700][-driver:nssock:0-] Debug(ns:driver): SockRelease bypasses SockClose, since we have an invalid socket
[04/Dec/2022:17:57:57][13704.7fe6891e2700][-driver:nssock:0-] Debug(ns:driver): DRIVER SockRelease: errno 11 drvPtr->closewait 2.000000
[04/Dec/2022:17:57:57][13704.7fe68a1e4700][-conn:oacs-5-10-0:default:0:19-] Dev: config: ns/server/oacs-5-10-0/acs:ExcludedFiles value= (string)
[04/Dec/2022:17:57:57][13704.7fe68a1e4700][-conn:oacs-5-10-0:default:0:19-] Dev: config: ns/server/oacs-5-10-0/acs:ResourcesExpireInterval value= (string)
[04/Dec/2022:17:57:57][13704.7fe68a1e4700][-conn:oacs-5-10-0:default:0:19-] Debug(ns:driver): NsWriterQueue: size 181 bufs (nil) (0) flags 1030000 stream 000000 chan (nil) fd 14 thread 2
[04/Dec/2022:17:57:57][13704.7fe68a1e4700][-conn:oacs-5-10-0:default:0:19-] Debug(ns:driver): NsWriterQueue: file is too small(181 < 1024)
Collapse
13: Re: Fresh install of OpenACS 5.10 on Oracle 19c (response to 12)
Posted by Gustaf Neumann on 12/22/22 03:32 AM
Management summary: nothing to worry

What you spotted is not an error, but an error status shown in debug mode. You should only activate Debug(ns:driver) when modifying the driver source code, or when you are in deep trouble.

The error code 11 stands for EAGAIN on Linux system and means "there is no data available right now, but you might try again later". It is quite common that web clients terminate their connections ungracefully (e.g. users not waiting for a page to be loaded completely, and clicking on the next page).