Since Oracle 11g, RDBMS diagnostic data has been reorganized and is stored inside a common directory structure, the Automatic Diagnostic Repository (ADR). An ADR is a centralized directory structure where one can find trace files, alert messages, incident dumps, core files, etc. And a comand line tool ADRCI can be used to mange this repository. A few days ago, I wrote another post regarding using ADRCI to do housekeeping work.
With a RAC envrionment, ususally you run ADRCI from two user levels: grid and oracle to manage the repository for GI level (including ASM, GIMR/MGMTDB, listener etc.) and RDBMS. That would work well for most of ADR homes. However I’ve noticed there are a few ADR homes (directories) under ADR base which are created by the user “root”. See below that the directory “user_root” under diag/asm and diag/asmtool belongs the user “root”
ADR base = "/u01/app/oracle" adrci> show homes ADR Homes: diag/asm/user_root/host_1420761839_82 diag/asmtool/user_root/host_1420761839_82 diag/rdbms/saprod/APROD1 diag/rdbms/aprod/APROD1 diag/clients/user_oracle/host_1420761839_82 [oracle@joeoda001 ~]$ ls -ld /u01/app/oracle/diag/asmtool/user_root drwxr-xr-x 3 root root 4096 Apr 29 13:02 /u01/app/oracle/diag/asmtool/user_root
In this case, running ADRCI from the user “grid” or “oracle” to manage them will throw some permission errors. For example:
adrci> show version schema DIA-48251: Failed to open relation due to following error DIA-48122: error with opening the ADR block file [/u01/app/oracle/diag/asm/user_root/host_1420761839_82/metadata/ADR_CONTROL.ams]  DIA-27041: Message 27041 not found; product=RDBMS; facility=DIA Linux-x86_64 Error: 13: Permission denied Additional information: 9 [oracle@joeoda001 ~]$ ls -lrt /u01/app/oracle/diag/asm/user_root/host_1420761839_82/metadata/ADR_CONTROL.ams -rw-r----- 1 root root 65536 Apr 29 13:02 /u01/app/oracle/diag/asm/user_root/host_1420761839_82/metadata/ADR_CONTROL.ams
The file in the above example has the permission of 640 which prevents other users from reading it.
I am not sure which process from ASM generates files there. But apparently that process running as the user “root”. So to manage such ADR homes, I can see two options here:
- run ADRCI as the user root.
- change the file permissions from 640 to 644 at least to let other users like grid or oracle can read it. Or further allow the write/execute access if needed.
- Understanding Automatic Diagnostic Repository (Doc ID 422893.1)
- DIA-48122: Error Opening The Adr Block File ./Metadata/Incident.Ams]  (Doc ID 889714.1)
- NET Client Traces Generated In $ADR_BASE/oradiag_/diag/clients/ Directory (Doc ID 1545533.1)