AnsweredAssumed Answered

Oracle - sudo alternative

Question asked by Viktors Advocate on Mar 19, 2019
Latest reply on Mar 20, 2019 by Viktors

Hi!

 

We have a case when sudo rights for Oracle scanning are not possible (internal security).

 

We tried to get the Oracle database info by not using sudo but defining the necessary snow commands in sudoers file (based on technical requirements):

awk, crontab, dmesg, dmidecode, dnsdomainname, env, findmnt, grep, ifconfig, last, ldconfig, lspci, modprobe, mount, ps, rpm, sed, sh, systemd-detect-virt, uname, wc, yes


We could not add these commands as they don't exist in OL7:

java
javac
dsconfig
httpd
lsb_release
proc

But the scan result is:

Scanning for Oracle data;;;; Information for an Oracle database instance couldn't be collected. SID=XXXXXX


We have also added the logs in the attachment.
What went wrong? Why the scan was not successful?

 

Verbose log from sios.rotation:

2019-03-15T13:26:07+02:00; <-- Start -->;  Initializing;;;; Starting Snow Inventory Oracle Scanner 6.0.0+build-2018-09-13-rev-06c60e4847ce072c7c0f051fe6486620080b5758
2019-03-15T13:26:07+02:00; Trace;          Initializing; se.snow.oracleaudit.SnowOracleScanner; main;; No Parameters
2019-03-15T13:26:07+02:00; Trace;          Initializing; se.snow.oracleaudit.SnowOracleScanner; main;; Operating system: Linux - 4.1.12-112.14.11.el7uek.x86_64
2019-03-15T13:26:07+02:00; Trace;          Initializing; se.snow.oracleaudit.SnowOracleScanner; main;; Using config: /var/tmp/.cmdbdiscovery_2e86d7_salt/py2/salt/snowagent/snow-linux-oracle/snowagent.config
2019-03-15T13:26:07+02:00; Verbose;        Initializing; se.snow.common.JavaHelper; initiate;; Java version string = '1.8.0_201'
2019-03-15T13:26:07+02:00; Trace;          Initializing; se.snow.oracleaudit.SnowOracleScanner; main;; Java version: 8 update: 201 (1.8.0_201)
2019-03-15T13:26:07+02:00; Trace;          Initializing; se.snow.oracleaudit.SnowOracleScanner; main;; No SysLog
2019-03-15T13:26:07+02:00; Trace;          Initializing; se.snow.common.handlers.TempFilesHandler; <init>;; Temporary directory: /tmp/snow/sios/sios3261698993260458146/
2019-03-15T13:26:07+02:00; Verbose;        Initializing; se.snow.common.handlers.UnixShellHandler; validateShell;; Validating shell. - sh
2019-03-15T13:26:07+02:00; Verbose;        Initializing; se.snow.common.SystemHelper; findCommandOnSystem;; Command found: /bin/sh
2019-03-15T13:26:07+02:00; Verbose;        Initializing; se.snow.common.handlers.UnixShellHandler; validateShell;; Shell set to: /bin/sh
2019-03-15T13:26:07+02:00; Trace;          Initializing; se.snow.common.SystemHelper; executeCommandReturnValuesAsString;; Executing system command: [/bin/sh, -c, export LANG=C]
2019-03-15T13:26:07+02:00; Verbose;        Initializing; se.snow.common.SystemHelper; executeCommandReturnValuesAsString;; Output:
2019-03-15T13:26:07+02:00; Verbose;        Initializing; se.snow.common.handlers.UnixShellHandler; testAndSetExportVsSetenv;; Shell set to: /bin/sh - '' - '='
2019-03-15T13:26:07+02:00; Verbose;        Initializing; se.snow.common.handlers.UnixShellHandler; testAndSetExportVsSetenv;; export command used for setting environment variables.
2019-03-15T13:26:07+02:00; Trace;          Initializing; se.snow.common.handlers.JarFileHandler; fileExtraction;; Files exctracted from jar file
2019-03-15T13:26:07+02:00; Trace;          Initializing; se.snow.common.EncryptionHelper; decryptFiles;; Files to decrypt: 20
2019-03-15T13:26:07+02:00; Trace;          Initializing; se.snow.common.EncryptionHelper; decryptFiles;; Files have been decrypted.
2019-03-15T13:26:07+02:00; Verbose;        Initializing; se.snow.common.SystemHelper; findCommandOnSystem;; Command found: /bin/chmod
2019-03-15T13:26:07+02:00; Trace;          Initializing; se.snow.common.SystemHelper; executeCommandReturnValuesAsString;; Executing system command: [/bin/sh, -c, /bin/chmod o+r /tmp/snow/sios/sios3261698993260458146/*.sql]
2019-03-15T13:26:07+02:00; Verbose;        Initializing; se.snow.common.SystemHelper; executeCommandReturnValuesAsString;; Output:
2019-03-15T13:26:07+02:00; Verbose;        Initializing; se.snow.common.SystemHelper; executeCommandReturnValue;; Output: uid=9700(cmdbdiscovery) gid=9700(cmdbdiscovery) groups=9700(cmdbdiscovery)
2019-03-15T13:26:07+02:00; Trace;          Properties handling; se.snow.common.handlers.PropertiesHandler; <init>;; Could not load properties. /var/tmp/.cmdbdiscovery_2e86d7_salt/py2/salt/snowagent/snow-linux-oracle/data/sios.properties (No such file or directory)
2019-03-15T13:26:07+02:00; Verbose;        Scanning for Oracle data; se.snow.common.SystemHelper; findCommandOnSystem;; Command found: /bin/ps
2019-03-15T13:26:07+02:00; Verbose;        Scanning for Oracle data; se.snow.common.SystemHelper; findCommandOnSystem;; Command found: /bin/grep
2019-03-15T13:26:07+02:00; Verbose;        Scanning for Oracle data; se.snow.common.SystemHelper; findCommandOnSystem;; Command found: /bin/sed
2019-03-15T13:26:07+02:00; Trace;          Scanning for Oracle data; se.snow.oracleaudit.oracle.OracleUnixInstances; <init>;; Executing system command: [/bin/sh, -c, /bin/ps -eo 'pid,args' | /bin/grep '[o]ra_smon_' | /bin/sed 's/ora_smon_//' | /bin/grep -v /bin/sed]
2019-03-15T13:26:07+02:00; Verbose;        Scanning for Oracle data; se.snow.common.SystemHelper; executeCommandReturnListOfValues;; Output: 24271 XXXXX
2019-03-15T13:26:07+02:00; Trace;          Scanning for Oracle data; se.snow.common.SystemHelper; executeCommandReturnListOfValues;; Returned from system: 0
2019-03-15T13:26:07+02:00; Trace;          Scanning for Oracle data; se.snow.oracleaudit.oracle.OracleUnixInstances; <init>;; Oracle processes found:
2019-03-15T13:26:07+02:00; Trace;          Scanning for Oracle data; se.snow.oracleaudit.oracle.OracleUnixInstances; <init>;; SID: XXXXX - pid: 24271
2019-03-15T13:26:07+02:00; Trace;          Scanning for Oracle data; se.snow.oracleaudit.oracle.OracleUnixInstances; <init>;; Oracle instances collected.
2019-03-15T13:26:07+02:00; Trace;          Scanning for Oracle data; se.snow.common.OracleFileHelper; filterInstances;; Using all instances.
2019-03-15T13:26:07+02:00; Verbose;        Scanning for Oracle data; se.snow.common.SystemHelper; findCommandOnSystem;; Command found: /bin/ls
2019-03-15T13:26:07+02:00; Verbose;        Scanning for Oracle data; se.snow.common.SystemHelper; findCommandOnSystem;; Command found: /bin/sudo
2019-03-15T13:26:07+02:00; Trace;          Scanning for Oracle data; se.snow.common.SystemHelper; executeCommandReturnValuesAsString;; Executing system command: [/bin/sh, -c, /bin/sudo -S /bin/ls -l /proc/24271/cwd | /bin/sed 's+.*> ++g'| /bin/sed 's/....$//']
2019-03-15T13:26:09+02:00; Verbose;        Scanning for Oracle data; se.snow.common.SystemHelper; executeCommandReturnValuesAsString;; Output:
2019-03-15T13:26:09+02:00; Verbose;        Scanning for Oracle data; se.snow.common.SystemHelper; executeCommandReturnValuesAsString;; ErrorInformation:'We trust you have received the usual lecture from the local SystemAdministrator. It usually boils down to these three things:    #1) Respect the privacy of others.    #2) Think before you type.    #3) With great power comes great responsibility.[sudo] password for cmdbdiscovery: Sorry, try again.[sudo] password for cmdbdiscovery: sudo: 1 incorrect password attempt'
2019-03-15T13:26:09+02:00; Trace;          Scanning for Oracle data; se.snow.oracleaudit.oracle.impl.UnixOracleInstanceInfo; <init>;; ORACLE_HOME from process:
2019-03-15T13:26:09+02:00; Verbose;        Scanning for Oracle data; se.snow.common.SystemHelper; findCommandOnSystem;; Command found: /bin/tail
2019-03-15T13:26:09+02:00; Trace;          Scanning for Oracle data; se.snow.common.SystemHelper; executeCommandReturnValuesAsString;; Executing system command: [/bin/sh, -c, /bin/ps -p 24271 -o user | /bin/tail -1]
2019-03-15T13:26:09+02:00; Verbose;        Scanning for Oracle data; se.snow.common.SystemHelper; executeCommandReturnValuesAsString;; Output: oracle
2019-03-15T13:26:09+02:00; Trace;          Scanning for Oracle data; se.snow.oracleaudit.oracle.impl.UnixOracleInstanceInfo; <init>;; Unix user from oracle process: oracle
2019-03-15T13:26:09+02:00; Verbose;        Scanning for Oracle data; se.snow.common.FileHelper; fileCopy;; File copied from: /tmp/snow/sios/sios3261698993260458146/sqlnet.ora.unix -> /tmp/snow/sios/sios3261698993260458146/sqlnet.ora
2019-03-15T13:26:09+02:00; Verbose;        *None*; se.snow.oracleaudit.oracle.SqlPlusExecutor; doTheSqlPlusAction;; Tries to execute sqlplus
2019-03-15T13:26:09+02:00; Trace;          Scanning for Oracle data; se.snow.oracleaudit.oracle.OracleDbInfo; runSqlPlusWithRunningSessionData;; java.lang.StringIndexOutOfBoundsException: String index out of range: 0
2019-03-15T13:26:09+02:00; Trace;          Scanning for Oracle data; se.snow.oracleaudit.oracle.OracleDbInfo; runSqlPlusWithRunningSessionData;; [se.snow.oracleaudit.oracle.SqlPlusExecutor.getLoginForSqlplus(SqlPlusExecutor.java:128), se.snow.oracleaudit.oracle.SqlPlusExecutor.generateSqlplusCommand(SqlPlusExecutor.java:98), se.snow.oracleaudit.oracle.SqlPlusExecutor.doTheSqlPlusAction(SqlPlusExecutor.java:219), se.snow.oracleaudit.oracle.SqlPlusExecutor.trySqlplusConnection(SqlPlusExecutor.java:194), se.snow.oracleaudit.oracle.SqlPlusExecutor.trySqlplusConnections(SqlPlusExecutor.java:171), se.snow.oracleaudit.oracle.UnixSqlPlusExecutor.sqlPlusCheck(UnixSqlPlusExecutor.java:98), se.snow.oracleaudit.oracle.SqlPlusExecutor.execute(SqlPlusExecutor.java:52), se.snow.oracleaudit.oracle.OracleDbInfo.runSqlPlusWithRunningSessionData(OracleDbInfo.java:108), se.snow.oracleaudit.oracle.OracleDbInfo.getOracleDbInfo(OracleDbInfo.java:47), se.snow.oracleaudit.SnowOracleScanner.main(SnowOracleScanner.java:300)]
2019-03-15T13:26:09+02:00; ERROR;          Scanning for Oracle data;;;; Information for an Oracle database instance couldn't be collected. SID=XXXXX
2019-03-15T13:26:09+02:00; Info;           Scanning for Oracle data;;;; Inventory of oracle databases done.
2019-03-15T13:26:09+02:00; Trace;          Packing data; se.snow.common.handlers.SnowpackOutputHandler; <init>;; Using key with fingerprint: a5ce8b0285a3099b8747eaee16a076ee
2019-03-15T13:26:09+02:00; Trace;          Packing data; se.snow.xml.idp.IdpXmlHandler; writeXmlToSnowpack;; Snow XML (inv3x) file generated in snowpack file

 

BR,

Viktors

Outcomes