3DEXPERIENCE | 3DSwym BIOVIA Laboratory Informatics
EN
|
Log in
Running the BIOVIA Direct Oracle Listener from a non-privileged account with Oracle 19c on the Linux platform

DB

Background

As of version 2017, BIOVIA Direct requires to run a separate Oracle listener that will invoke the Oracle extproc process as a loader for the actual BIOVIA Direct library. The extproc process is spawned from the listener process and therefore runs from the same OS account as the listener. While Oracle and its listeners are typically started from the OS account that owns the Oracle software, BIOVIA recommends to start the particular BIOVIA Direct listener from an OS account that is neither the owner of the Oracle software nor a member of the standard oinstall group. A candidate for such an OS account is the account that owns the BIOVIA software, e.g. 'biovia'. This way, the extproc process that is invoked from the Direct listener can do only little harm to the Oracle system in case something goes wrong in this process.

The BIOVIA Direct Installation and Configuration Guide Guide for Linux includes a chapter 'Prepare the EXTPROC Listener to Run from a Non-privileged Operating System Account' that describes the general steps to run the Direct listener from an account different from the Oracle software owner. On the Linux platform, recent Oracle 19c versions appear to have introduced slight changes in access permissions which require additional configuration steps when you want to run the Direct listener from a non-privileged OS account. 

Solution

Set the logfile path for the Direct listener

Follow this step as part of the standard 'listener.ora' modification when installing BIOVIA Direct. 
When running the Direct listener from an account other than the Oracle software owner, the listener will fail to write its logfile to the default location within the standard Oracle paths due to missing write permissions. You therefore have to add an entry to the Direct listener configuration in the listener.ora file that sets the logfile location for the listener to a path that is writable for the non-privileged user. For instance, if you are running the listener from the 'biovia' account, the log directory path could point to a directory in the home directory of the 'biovia' user. The entry in the listener.ora file could then look like this:

LOG_DIRECTORY_DIRECT2021 = /home/biovia/Direct2021_Listener_Log_Directory

The DIRECT2021 substring in LOG_DIRECTORY_DIRECT2021 must exactly match the listener name of your BIOVIA Direct version.

Fix an issue with the file permissions on the Oracle extproc executable

As noted above, the Direct listener spawns a process named 'extproc' which is an instance of the Oracle 'extproc' executable located in \\\$ORACLE_HOME/bin. With recent Oracle 19c versions, the permissions on this executable include the SETGID:

[oracle@myserver bin]\\\$ pwd
/opt/database/oracle/product/19c/bin
[oracle@myserver bin]\\\$ ls -l extproc
-rwxr-s--x 1 oracle oinstall 205016 Feb 9 2021 extproc
[oracle@myserver bin]\\\$

This SETGID prevents the invocation of the process from the Direct listener when the listener is started from the non-privileged user. You typically will see an error 'ORA-06520: PL/SQL: Error loading external library' during the installation of Direct or when running the 'mdltestlistener.sql' script (Note: this error is rather generic and can also occur with other configuration errors).

To resolve the problem follow one of these three options:

Option A) Follow this step as part of the standard 'listener.ora' modification when installing BIOVIA Direct. Start with making a copy of the 'extproc' program. Important: do not start the name of the copy with 'extproc' as for some reason Oracle will then revert to using the original program name. Make sure that the copy gets 751 permissions:

[oracle@myserver bin]\\\$ pwd
/opt/database/oracle/product/19c/bin
[oracle@myserver bin]\\\$ cp extproc direct_extproc
[oracle@myserver bin]\\\$ chmod 751 direct_extproc
[oracle@myserver bin]\\\$ ls -al direct_extproc
-rwxr-x--x 1 oracle oinstall 205016 Aug 13 03:46 direct_extproc

Then open the listener.ora file in an editor and locate the SID_LIST_DIRECTXXXX block entry that matches your Direct version, for instance for Direct 2021:

SID_LIST_DIRECT2021 =
  (SID_LIST =
    (SID_DESC =
       (SID_NAME = PLSExtProc_DIRECT2021)
       (ORACLE_HOME = /opt/database/oracle/product/19c)
       (PROGRAM = extproc)
       (ENVS = "EXTPROC_DLLS=ANY,LD_LIBRARY_PATH=/opt/BIOVIA/direct2021/bin19")
    )
  )

In the (PROGRAM = extproc) line, replace extproc with the name of the copy you created in the step before:

SID_LIST_DIRECT2021 =
  (SID_LIST =
    (SID_DESC =
      (SID_NAME = PLSExtProc_DIRECT2021)
      (ORACLE_HOME = /opt/database/oracle/product/19c)
      (PROGRAM = direct_extproc)
      (ENVS = "EXTPROC_DLLS=ANY,LD_LIBRARY_PATH=/opt/BIOVIA/direct2021/bin19")
    )
  )

Save the file and continue the installation of Direct.

Option B) Just change the original permissions on the 'extproc' program from 2751 to 751.

[oracle@myserver bin]\\\$ pwd
/opt/database/oracle/product/19c/bin
[oracle@myserver bin]\\\$ ls -al extproc
-rwxr-s--x 1 oracle oinstall 205016 Feb  9  2021 extproc
[oracle@myserver bin]\\\$ chmod 751 extproc
[oracle@myserver bin]\\\$ ls -al extproc
-rwxr-x--x 1 oracle oinstall 205016 Feb  9  2021 extproc

This option is easy to implement and can quickly be reverted; no additional steps are required in the listener configuration. The downside is that you change a standard file permission as set by Oracle.


Option C) Add the 'biovia' user to the 'oinstall' group. BIOVIA recommends to NOT use this option as it brakes the additional security that you gained when running the listener from the non-privileged account. 

About 3DEXPERIENCE Platform Terms Of Use Privacy Policy Cookies