OPatch needs exec option on /tmp

I was installing Oracle 12c release 1 on a Oracle Linux 6 system yesterday and it failed when patching Oracle with PSU#190716. I’ve done this many times and haven’t seen any issues.

In the log, it showed following errors:

Start OOP by Prereq process.
 Launch OOP…

 /opt/oracle/121020/OPatch/opatch: line 1397: /tmp/oracle-home-160383738077277/OPatch/opatch: Permission denied
 /opt/oracle/121020/OPatch/opatch: line 1397: exec: /tmp/oracle-home-160383738077277/OPatch/opatch: cannot execute: Permission denied

Permission denied, that sounds strange. My first thought was to check the permission on “/opt/oracle/121020/OPatch/opatch” and “/tmp/oracle-home-160383738077277/OPatch/opatch“. They both looked good. The ownerships are also good with “oracle:oinstall“.

When I ran the command directly, I got the same error:

[oracle@EIOL6DB01 ~]$ /tmp/oracle-home-160383738077277/OPatch/opatch
 -bash: /tmp/oracle-home-160383738077277/OPatch/opatch: Permission denied

Because I’ve done exactly the same installation before without any issues, it looked like there is something special on this system to me. As a test, I created an empty bash file and got the same error.

root@EIOL6DB01:~# cd /tmp
root@EIOL6DB01:/tmp# touch a.bash
root@EIOL6DB01:/tmp# chmod 777 a.bash

root@EIOL6DB01:/tmp# ./a.bash
-bash: ./a.bash: Permission denied

Now it’s clear that the “/tmp” partition doesn’t have the execution permission. That’s because this Linux system has been secured

root@EIOL6DB01:/tmp# mount |grep /tmp
 /dev/sda6 on /tmp type ext4 (rw,noexec,nosuid,nodev,relatime)

To workaround it, we can just re-mount “/tmp” with exec option. After the installation, re-mount “/tmp” without any option, it will read options from /etc/fstab and have “noexec” option back.

mount -o remount, exec /tmp

There is actually another workaround to set up temp directory for JAVA somewhere else if you don’t have root access to remount “/tmp”. It is mentioned in Oracle Support article opatch: line 1397: /tmp/oracle-home-/OPatch/opatch: Permission denied” (Doc ID 2570004.1)

export _JAVA_OPTIONS="-Djava.io.tmpdir=<local path>"
Eg: export _JAVA_OPTIONS="-Djava.io.tmpdir=/scratch/tmp"
Advertisement

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s