svnsync: path not present

I had mirror repository synchronization broken due to various config changes on master and when I tried to resync it all, it appeared with error message “path not present…”, it was always specific commit failing, even if I tried to reverse some of last commits
(you can do it by setting properties on revision 0 + deleting unneeded revs/revprops files from repository itself, remember also to modify current file in root of repository – NOT in checkout version, but raw SVN format on server)

When I tried tor inspect for that specific directory in last synced state

svn list -R /u01/svn/repo | grep "..." | grep "..."

It turns out directory did not exist though it should exist as it was created thousands revisions ago… So I checked on original server number of revision when directory was created and it turned out it was created 1k revisions ago… so had to roll back mirror repository to that state. It was necessary to delete last 1k revisions from mirror source repository, modify current, set properties to that revision and sync from it again… it worked, though it needed much “hacking” around.

cd repo/db/revs( or revprops)/
find . -name "1157**" -type f -delete
find . -name "1158**" -type f -delete
find . -name "1159**" -type f -delete
svn propset --revprop -r0 svn:sync-currently-copying 115700 file:///u01/svn/${svnRepo}
svn propset --revprop -r0 svn:sync-last-merged-rev 115699 file:///u01/svn/${svnRepo}
svnsync sync --username=${username} --password=${password} --steal-lock file:///u01/svn/${svnRepo}

apache and svn: couldn’t match subdir after special_uri

Interesting case, I had some ProxyPassMatch directives in Apache config like this:

...
  ProxyPassMatch  ^/svn(/DPiWO/)(.*)$ https://svn.pl/svn$1/$2
  ProxyPassMatch  ^/svn(/DPO/)(.*)$ https://svn.pl/svn$1/$2
  ProxyPassMatch  ^/svn(/DPZSI/)(.*)$ https://svn.pl/svn$1/$2
  ProxyPassMatch  ^/svn(/DRIT_ZA/)(.*)$ https://svn.pl/svn$1/$2
  ProxyPassMatch  ^/svn(/DSP_Bid/)(.*)$ https://svn.pl/svn$1/$2
  ProxyPassMatch  ^/svn(/dwwe/)(.*)$ https://svn.pl/svn$1/$2
...

There was weird problem with TortoiseSVN when accessing / root of repository, it worked fine in browser though. I was getting 500 internal server error and in logs I had message from title. Turns out correct syntax is one without slash at the end

  ProxyPassMatch  ^/svn(/DSP_Bid)(.*)$ https://svn.pl/svn$1/$2
  ProxyPassMatch  ^/svn(/dwwe)(.*)$ https://svn.pl/svn$1/$2

But that rendered other problem! If we had repos with similar names (whole name of one repo was begin of other repo name)

  ProxyPassMatch  ^/svn(/repo)(.*)$ https://svn.pl/svn$1/$2
  ProxyPassMatch  ^/svn(/reponame)(.*)$ https://svn.pl/svn$1/$2

It redirected request for “reponame” to “repo/name” and rendered 404 error… Apache goes top down for matching regexp rule so you need to take care of proper order so that longer names appear first like that

  ProxyPassMatch  ^/svn(/reponame)(.*)$ https://svn.pl/svn$1/$2
  ProxyPassMatch  ^/svn(/repo)(.*)$ https://svn.pl/svn$1/$2

aix – increase paging space

I was running low on memory on some DB host, from logs I’ve seen

07:41:40  The operating system is low on virtual memory paging space and the
database server is at risk of being shut down.  Look at the operating
system message log for more information.

To increase size of default paging size in AIX (hd6)

root@zsidb07:// >lsps -a
Page Space      Physical Volume   Volume Group    Size %Used Active  Auto  Type Chksum
hd6             hdisk1            rootvg         512MB     4   yes   yes    lv     0
root@zsidb07:// >chps -s 8 hd6
root@zsidb07:// >lsps -a
Page Space      Physical Volume   Volume Group    Size %Used Active  Auto  Type Chksum
hd6             hdisk1            rootvg        1024MB     2   yes   yes    lv     0

lc_ctype: cannot change locale (en_us.utf8-8)

-bash: warning: setlocale: LC_CTYPE: cannot change locale (en_US.UTF-8): No such file or directory
-bash: warning: setlocale: LC_COLLATE: cannot change locale (en_US.UTF-8): No such file or directory
-bash: warning: setlocale: LC_MESSAGES: cannot change locale (en_US.UTF-8): No such file or directory
-bash: warning: setlocale: LC_NUMERIC: cannot change locale (en_US.UTF-8): No such file or directory
-bash: warning: setlocale: LC_TIME: cannot change locale (en_US.UTF-8): No such file or directory

This weird messages were appearing as I logged into host…. really strange since I was following normal installation procedure and other VMs were working properly. Anyway what has fixed it was:

[root@bastion01 ~]# localedef --no-archive -i en_US -f UTF-8 en_US.UTF-8
[root@bastion01 ~]# localedef --help
Usage: localedef [OPTION...] NAME
  or:  localedef [OPTION...] [--add-to-archive|--delete-from-archive] FILE...
  or:  localedef [OPTION...] --list-archive [FILE]
Compile locale specification

 Input Files:
  -f, --charmap=FILE         Symbolic character names defined in FILE
  -i, --inputfile=FILE       Source definitions are found in FILE
  -u, --repertoire-map=FILE  FILE contains mapping from symbolic names to UCS4
                             values

 Output control:
  -c, --force                Create output even if warning messages were issued

      --old-style            Create old-style tables
      --posix                Be strictly POSIX conform
      --prefix=PATH          Optional output file prefix
      --quiet                Suppress warnings and information messages
  -v, --verbose              Print more messages

 Archive control:
      --add-to-archive       Add locales named by parameters to archive
  -A, --alias-file=FILE      locale.alias file to consult when making archive
      --delete-from-archive  Remove locales named by parameters from archive
      --list-archive         List content of archive
      --no-archive           Don't add new data to archive
      --replace              Replace existing archive content

  -?, --help                 Give this help list
      --usage                Give a short usage message
  -V, --version              Print program version

implementing stig rules to auditd

STIG standard and the NSA Guides are the configuration standards for DOD IA and IA-enabled devices/systems. Since 1998, DISA has played a critical role enhancing the security posture of DoD’s security systems by providing the Security Technical Implementation Guides (STIGs). The STIGs contain technical guidance to “lock down” information systems/software that might otherwise be vulnerable to a malicious computer attack.

Put configuration below to your /etc/auditd/rules.d/audit.rules and restart/reboot host (depends if your current configuration is immutable), I commented out time part since it was making too much noise with ntpd.


## Remove any existing rules
-D

## Buffer Size
## Feel free to increase this if the machine panic's
-b 8192

## Failure Mode
## Possible values are 0 (silent), 1 (printk, print a failure message),
## and 2 (panic, halt the system).
-f 1

### STIG Implementation

## Things that could affect time - too noisy!!!
#-a always,exit -F arch=b32 -S adjtimex,settimeofday,stime -F key=time-change
#-a always,exit -F arch=b64 -S adjtimex,settimeofday -F key=time-change
#-a always,exit -F arch=b32 -S clock_settime -F a0=0x0 -F key=time-change
#-a always,exit -F arch=b64 -S clock_settime -F a0=0x0 -F key=time-change
# Introduced in 2.6.39, commented out because it can make false positives
#-a always,exit -F arch=b32 -S clock_adjtime -F key=time-change
#-a always,exit -F arch=b64 -S clock_adjtime -F key=time-change
#-w /etc/localtime -p wa -k time-change

## Things that affect identity
-w /etc/group -p wa -k identity
-w /etc/passwd -p wa -k identity
-w /etc/gshadow -p wa -k identity
-w /etc/shadow -p wa -k identity
-w /etc/security/opasswd -p wa -k identity

## Things that could affect system locale
-a always,exit -F arch=b32 -S sethostname,setdomainname -F key=system-locale
-a always,exit -F arch=b64 -S sethostname,setdomainname -F key=system-locale
-w /etc/issue -p wa -k system-locale
-w /etc/issue.net -p wa -k system-locale
-w /etc/hosts -p wa -k system-locale
-w /etc/hostname -p wa -k system-locale
-a always,exit -F dir=/etc/NetworkManager/ -F perm=wa -F key=system-locale

## Things that could affect MAC policy
-a always,exit -F dir=/etc/selinux/ -F perm=wa -F key=MAC-policy

## Things that could affect MAC policy
-a always,exit -F dir=/etc/selinux/ -F perm=wa -F key=MAC-policy


## (GEN002900: CAT III) The IAO will ensure audit files are retained at
## least one year; systems containing SAMI will be retained for five years.
##
## Site action - no action in config files

## (GEN002920: CAT III) The IAO will ensure audit files are backed up
## no less than weekly onto a different system than the system being
## audited or backup media.
##
## Can be done with cron script

## (GEN002700: CAT I) (Previously – G095) The SA will ensure audit data
## files have permissions of 640, or more restrictive.
##
## Done automatically by auditd

## (GEN002720-GEN002840: CAT II) (Previously – G100-G106) The SA will
## configure the auditing system to audit the following events for all
## users and root:
##
## - Logon (unsuccessful and successful) and logout (successful)
##
## Handled by pam, sshd, login, and gdm
## Might also want to watch these files if needing extra information
#-w /var/log/tallylog -p wa -k logins
#-w /var/run/faillock/ -p wa -k logins
#-w /var/log/lastlog -p wa -k logins


##- Process and session initiation (unsuccessful and successful)
##
## The session initiation is audited by pam without any rules needed.
## Might also want to watch this file if needing extra information
#-w /var/run/utmp -p wa -k session
#-w /var/log/btmp -p wa -k session
#-w /var/log/wtmp -p wa -k session

##- Discretionary access control permission modification (unsuccessful
## and successful use of chown/chmod)
-a always,exit -F arch=b32 -S chmod,fchmod,fchmodat -F auid>=1000 -F auid!=4294967295 -F key=perm_mod
-a always,exit -F arch=b64 -S chmod,fchmod,fchmodat -F auid>=1000 -F auid!=4294967295 -F key=perm_mod
-a always,exit -F arch=b32 -S lchown,fchown,chown,fchownat -F auid>=1000 -F auid!=4294967295 -F key=perm_mod
-a always,exit -F arch=b64 -S chown,fchown,lchown,fchownat -F auid>=1000 -F auid!=4294967295 -F key=perm_mod
-a always,exit -F arch=b32 -S setxattr,lsetxattr,fsetxattr,removexattr,lremovexattr,fremovexattr -F auid>=1000 -F auid!=4294967295 -F key=perm_mod
-a always,exit -F arch=b64 -S setxattr,lsetxattr,fsetxattr,removexattr,lremovexattr,fremovexattr -F auid>=1000 -F auid!=4294967295 -F key=perm_mod

##- Unauthorized access attempts to files (unsuccessful)
-a always,exit -F arch=b32 -S open,creat,truncate,ftruncate,openat,open_by_handle_at -F exit=-EACCES -F auid>=1000 -F auid!=4294967295 -F key=access
-a always,exit -F arch=b32 -S open,creat,truncate,ftruncate,openat,open_by_handle_at -F exit=-EPERM -F auid>=1000 -F auid!=4294967295 -F key=access
-a always,exit -F arch=b64 -S open,truncate,ftruncate,creat,openat,open_by_handle_at -F exit=-EACCES -F auid>=1000 -F auid!=4294967295 -F key=access
-a always,exit -F arch=b64 -S open,truncate,ftruncate,creat,openat,open_by_handle_at -F exit=-EPERM -F auid>=1000 -F auid!=4294967295 -F key=access

##- Use of print command (unsuccessful and successful)

##- Export to media (successful)
## You have to mount media before using it. You must disable all automounting
## so that its done manually in order to get the correct user requesting the
## export
-a always,exit -F arch=b32 -S mount -F auid>=1000 -F auid!=4294967295 -F key=export
-a always,exit -F arch=b64 -S mount -F auid>=1000 -F auid!=4294967295 -F key=export

##- System startup and shutdown (unsuccessful and successful)

##- Files and programs deleted by the user (successful and unsuccessful)
-a always,exit -F arch=b32 -S unlink,unlinkat,rename,renameat -F auid>=1000 -F auid!=4294967295 -F key=delete
-a always,exit -F arch=b64 -S unlink,unlinkat,rename,renameat -F auid>=1000 -F auid!=4294967295 -F key=delete

##- All system administration actions
##- All security personnel actions
##
## Look for pam_tty_audit and add it to your login entry point's pam configs.
## If that is not found, use sudo which should be patched to record its
## commands to the audit system. Do not allow unrestricted root shells or
## sudo cannot record the action.
-w /etc/sudoers -p wa -k actions
-w /etc/sudoers.d/ -p wa -k actions

## Monitor usage of commands to change power state
-w /sbin/shutdown -p x -k power
-w /sbin/poweroff -p x -k power
-w /sbin/reboot -p x -k power
-w /sbin/halt -p x -k power

# extra rules

-w /usr/bin/passwd -p x -k passwd_modification
-w /usr/bin/sudo -p x -k priv_esc
-w /usr/sbin/addgroup -p x -k group_modification
-w /usr/sbin/adduser -p x -k user_modification
-w /usr/sbin/groupadd -p x -k group_modification
-w /usr/sbin/groupmod -p x -k group_modification
-w /usr/sbin/stunnel -p x -k stunnel
-w /usr/sbin/useradd -p x -k user_modification
-w /usr/sbin/usermod -p x -k user_modification
-w /var/log/faillog -p wa -k login
-w /var/log/lastlog -p wa -k login
-w /var/log/tallylog -p wa -k login
-w /var/spool/cron/crontabs/ -k cron
-w /var/www -p wa

-w /etc/cron.weekly/ -p wa -k cron                                                                                                                                                                                                                                   [50/9124]
-w /etc/group -p wa
-w /etc/group -p wa -k etcgroup
-w /etc/gshadow -k etcgroup
-w /etc/hosts -p wa -k hosts
-w /etc/init.d/ -p wa -k init
-w /etc/init/ -p wa -k init
-w /etc/inittab -p wa -k init
-w /etc/issue.net -p wa -k etcissue
-w /etc/issue -p wa -k etcissue
-w /etc/ld.so.conf -p wa -k libpath
-w /etc/libaudit.conf -p wa -k auditconfig
-w /etc/localtime -p wa -k localtime
-w /etc/login.defs -p wa -k login
-w /etc/modprobe.conf -p wa -k modprobe
-w /etc/network/ -p wa -k network
-w /etc/pam.d/ -p wa -k pam
-w /etc/passwd -p wa
-w /etc/passwd -p wa -k etcpasswd
-w /etc/postfix/ -p wa -k mail
-w /etc/securetty -p wa -k login
-w /etc/security/limits.conf -p wa  -k pam
-w /etc/security/namespace.conf -p wa -k pam
-w /etc/security/namespace.init -p wa -k pam
-w /etc/security/opasswd -k opasswd
-w /etc/security/pam_env.conf -p wa -k pam
-w /etc/shadow -k etcpasswd
-w /etc/shadow -p wa
-w /etc/ssh/sshd_config -k sshd
-w /etc/sudoers -p rw -k priv_esc
-w /etc/sudoers -p wa
-w /etc/sysctl.conf -p wa -k sysctl

-a always,exit -F arch=b32 -S chmod,fchmod,fchmodat -F auid>=1000 -F auid!=4294967295 -F key=perm_mod
-a always,exit -F arch=b32 -S lchown,fchown,chown,fchownat -F auid>=1000 -F auid!=4294967295 -F key=perm_mod
-a always,exit -F arch=b32 -S mount -F auid>=1000 -F auid!=4294967295 -F key=export
-a always,exit -F arch=b32 -S open,creat,truncate,ftruncate,openat,open_by_handle_at -F exit=-EACCES -F auid>=1000 -F auid!=4294967295 -F key=access
-a always,exit -F arch=b32 -S open,creat,truncate,ftruncate,openat,open_by_handle_at -F exit=-EPERM -F auid>=1000 -F auid!=4294967295 -F key=access
-a always,exit -F arch=b32 -S sethostname,setdomainname -F key=system-locale
-a always,exit -F arch=b32 -S setxattr,lsetxattr,fsetxattr,removexattr,lremovexattr,fremovexattr -F auid>=1000 -F auid!=4294967295 -F key=perm_mod
-a always,exit -F arch=b32 -S unlink,unlinkat,rename,renameat -F auid>=1000 -F auid!=4294967295 -F key=delete
-a always,exit -F arch=b64 -S chmod,fchmod,fchmodat -F auid>=1000 -F auid!=4294967295 -F key=perm_mod
-a always,exit -F arch=b64 -S chown,fchown,lchown,fchownat -F auid>=1000 -F auid!=4294967295 -F key=perm_mod
-a always,exit -F arch=b64 -S mount -F auid>=1000 -F auid!=4294967295 -F key=export
-a always,exit -F arch=b64 -S open,truncate,ftruncate,creat,openat,open_by_handle_at -F exit=-EACCES -F auid>=1000 -F auid!=4294967295 -F key=access
-a always,exit -F arch=b64 -S open,truncate,ftruncate,creat,openat,open_by_handle_at -F exit=-EPERM -F auid>=1000 -F auid!=4294967295 -F key=access
-a always,exit -F arch=b64 -S sethostname,setdomainname -F key=system-locale
-a always,exit -F arch=b64 -S setxattr,lsetxattr,fsetxattr,removexattr,lremovexattr,fremovexattr -F auid>=1000 -F auid!=4294967295 -F key=perm_mod
-a always,exit -F arch=b64 -S unlink,unlinkat,rename,renameat -F auid>=1000 -F auid!=4294967295 -F key=delete

-a always,exit -F path=/usr/sbin/suexec -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged
-a always,exit -F path=/usr/sbin/useradd -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged
-a always,exit -F path=/usr/sbin/userdel -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged
-a always,exit -F path=/usr/sbin/usermod -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged
-a always,exit -F path=/usr/sbin/newusers -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged
-a always,exit -F path=/usr/sbin/groupadd -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged
-a always,exit -F path=/usr/sbin/groupdel -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged
-a always,exit -F path=/usr/sbin/groupmod -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged
-a always,exit -F path=/usr/sbin/semanage -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged
-a always,exit -F path=/usr/sbin/usernetctl -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged
-a always,exit -F path=/usr/sbin/ccreds_validate -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged
-a always,exit -F path=/usr/sbin/userhelper -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged
-a always,exit -F path=/usr/libexec/openssh/ssh-keysign -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged
-a always,exit -F path=/usr/bin/Xorg -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged
-a always,exit -F path=/usr/bin/rlogin -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged
-a always,exit -F path=/usr/bin/sudoedit -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged
-a always,exit -F path=/usr/bin/at -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged
-a always,exit -F path=/usr/bin/rsh -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged
-a always,exit -F path=/usr/bin/gpasswd -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged
-a always,exit -F path=/usr/bin/kgrantpty -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged
-a always,exit -F path=/usr/bin/crontab -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged
-a always,exit -F path=/usr/bin/sudo -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged
-a always,exit -F path=/usr/bin/staprun -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged
-a always,exit -F path=/usr/bin/rcp -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged
-a always,exit -F path=/usr/bin/passwd -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged
-a always,exit -F path=/usr/bin/chsh -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged
-a always,exit -F path=/usr/bin/chfn -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged
-a always,exit -F path=/usr/bin/chage -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged
-a always,exit -F path=/usr/bin/setfacl -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged
-a always,exit -F path=/usr/bin/chacl -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged
-a always,exit -F path=/usr/bin/chcon -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged
-a always,exit -F path=/usr/bin/newgrp -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged
-a always,exit -F path=/usr/bin/newrole -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged
-a always,exit -F path=/usr/bin/kpac_dhcp_helper -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged

#2.6.2.4.10 Ensure auditd Collects Information on Exporting to Media (successful)
-a always,exit -F arch=b32 -S mount -F auid>=500 -F auid!=4294967295 -k export
-a always,exit -F arch=b64 -S mount -F auid>=500 -F auid!=4294967295 -k export

#2.6.2.4.11 Ensure auditd Collects Files Deletion Events by User (successful and unsuccessful)
-a always,exit -F arch=b32 -S unlink -S rmdir -S unlinkat -S rename -S renameat -F auid>=500 -F auid!=4294967295 -k delete
-a always,exit -F arch=b64 -S unlink -S rmdir -S unlinkat -S rename -S renameat -F auid>=500 -F auid!=4294967295 -k delete
-a always,exit -F arch=b32 -S rmdir -S unlink -S unlinkat -S rename -S renameat -F auid=0 -k delete
-a always,exit -F arch=b64 -S rmdir -S unlink -S unlinkat -S rename -S renameat -F auid=0 -k delete

#2.6.2.4.12 Ensure auditd Collects System Administrator Actions
-w /etc/sudoers -p wa -k actions

#2.6.2.4.13 Make the auditd Configuration Immutable
-w /sbin/insmod -p x -k modules
-w /sbin/rmmod -p x -k modules
-w /sbin/modprobe -p x -k modules
-a always,exit -F arch=b32 -S init_module -S delete_module -k modules
-a always,exit -F arch=b64 -S init_module -S delete_module -k modules

#2.6.2.4.14 Make the auditd Configuration Immutable
-e 2

ansible – debugging variables (module, environment etc.)

# Module Variables ("vars"):
- debug: var={{ vars | to_nice_json }} 
# Environment Variables ("environment"):
- debug: var={{ environment | to_nice_json }} 
# Group Names Variables ("group_names"):
- debug: var={{ group_names | to_nice_json }}
# Group Variables ("groups"):
- {{ groups | to_nice_json }}
# Host Variables ("hostvars"):
- {{ hostvars | to_nice_json }}

syscall name unknown: stime

That’s because this syscall is only for x32

[root@app-test01 lynis]# ausyscall --dump i686 | grep stime
25      stime
[root@app-test01 lynis]# ausyscall --dump x64 | grep stime
[root@app-test01 lynis]#

Define audit rule as follows

-a always,exit -F arch=b32 -S stime
-a exit,always -F arch=b32 -S setrlimit (example for syscall that's available in both archs)
-a exit,always -F arch=b64 -S setrlimit

oracle – setting environment

Some snippets to help setting up nice terminal for oracle user

[oracle@+ASM /home/oracle]$ cat login.sql
set pages 80
set lines 200
set linesize 800
set pau "But wait! There is more..."
set time on
set ver off
set feed on
set serveroutput on
-- supress the blank line after a wrapped record.
set recsep off
set sqlprompt "'['_user'@'_connect_identifier'] SQL> '"
set termout on
-- supress the trailing blanks in long fields, both on
-- screen and in the spool file
set trimout on
set trimspool on
set long 10000000
set longchunksize 120

cat .bashrc
# User specific aliases and functions
. /home/oracle/setenv.sh

[oracle@+ASM /home/oracle]$ cat setenv.sh
echo "[$(date +'%H:%M %d-%m-%Y')] Setting Oracle environment..."

export ORACLE_BASE=/u01/app/oracle
export ORACLE_HOME=/u01/app/oracle/product/db_1
export PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin:/u01/app/oracle/product/db_1/bin
export NLS_LANG=AMERICAN_AMERICA.EE8MSWIN1250
export NLS_DATE_FORMAT=DD_MON_YYYY_HH24:MI:SS
export ORA_DB_UNQ_NAME=dummy

aInstances[1]=""
aInstances[2]="+ASM"
unset ORACLE_SID
echo ""
echo "Select ORACLE_SID to use..."
echo "1 - EMPTY (no SID)"
echo "2 - +ASM"
read x
case $x in
     [1])export ORACLE_SID=${aInstances[$x]};;
     [2])export ORACLE_SID=${aInstances[$x]};;
esac

export PS1='\e[38;5;196m[$LOGNAME\e[m'@'\e[38;5;82m$ORACLE_SID\e[m `pwd`]$ '


if [[ "${ORACLE_SID}" == "+ASM" ]]
then
    export ORACLE_BASE=/u01/app/grid
    export ORACLE_HOME=/u01/app/grid/product/asm
    export ORACLE_SID=+ASM
    export NLS_LANG=AMERICAN_AMERICA.EE8MSWIN1250
    export NLS_DATE_FORMAT=DD_MON_YYYY_HH24:MI:SS
    export PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin:/u01/app/grid/product/asm/bin
fi

# aliases:
alias asmcmd='rlwrap asmcmd -p'
alias rsqlasm='rlwrap sqlplus / as sysasm'
alias sqlplus='rlwrap sqlplus'
alias rman='rlwrap rman'
alias sid='. oraenv'
alias sqlp='sqlplus'
alias sqlsys='rlwrap sqlplus "/ as sysdba"'
alias dbh='cd $ORACLE_HOME'
alias dbb='cd $ORACLE_BASE'
alias c='clear'
alias asmalert='tail -200f $ORACLE_BASE/diag/asm/+asm/+ASM/trace/alert_+ASM.log'
alias talert='tail -200f $ORACLE_BASE/diag/rdbms/$ORA_DB_UNQ_NAME/$ORACLE_SID/trace/alert_$ORACLE_SID.log'
alias rsql='rlwrap sqlplus / as sysdba'