Saturday, December 18, 2010

Facebook : how to reduce the information overload

How much information feed is enough on Facebook (FB), or do we have to go through everyone's updates? I don't know, but from my experience this definitely is encroaching on my personal time. I am OK with FB as long as it does not intrude on my privacy and the quality time I need to have with my family. Honestly, it is waste of my time if my phone pops up a notification from a FB colleague who just posted an update such as "I just had a delicious ice cream" or "I am sitting at so-so airport" (yes this could be good for someone else). I don't care who my friends are friends with, it is quite annoying to have news feed filled with "x and y are now friends". I read on FB that there was a Firefox Browser add-on that could remove such updates from your stream, unfortunately the developer who wrote this was served with a legal notice. What the heck?

On the other hand, I am very interested in following updates on life and one's experience in handling circumstances or something new happening at someone's end etc. etc.. No social network has till date been able to categorize information and personalize it to that extent. We have to deal with such cases manually. I checked out few options to see how things work for filtering information that is being fed (or blasted) to me.

Under privacy settings, Facebook provides a setting as "Can See Wall Posts by Friends" that prevents postings on your wall from being broadcast to everyone. But unfortunately, this also prevents the first setting of allowing others to post on your wall. Facebook has linked both read and write in one privacy setting and therefore there is no clear way of blocking your own posts from going global or getting unwanted updates from other walls. I am kind of disappointed here.





The only viable alternative as of now is to mark "hide" a friend or a conversation topic as soon as you get an update from that person. When you click on the cross button for an update from a friend, following options are shown.

Hide this Post
Hide all by "Friend Name"


Now if your friend is just too much into blowing his/her own trumpet, you are well of by choosing the second option. If you just want to get rid of a post and what is going to be talked about thereafter on the same post, choose the first option. As per FB, the person or post being hidden is not updated of this action, so this is a call you take for what you want to go through. Another fact is that this option does not show up on mobile devices apps (the ones I have checked), so some effort is involved in logging on to a desktop and getting this done.

Get more details from http://www.facebook.com/help/?page=408


Quick Update : A third option "Hide all from Application_name" also popped up in the above list. This happens when you are trying to block a standard post from a news or application site. For instance, Daily Horoscope that is being fed to a friend of yours also gets shared with you. If you don't like it, use this one.

Sunday, September 12, 2010

PS3 gaming console firmware updates

PS3 runs XrossMediaBar OS, this is an extremely limited locked down Linux OS. PS3 is not just a Game player, it has been extended to work like a PC (prior to Version 3.21) and is geared for extreme multimedia usage. You can have all your picture, music and movie files stored on the internal disk and easily accessible when needed. Internet can be browsed and a keyboard can be connected to the device for easy interface.

Every new firmware update brings in new features and improves the performance of the device (though it does annoyingly remove some old features also). Latest firmware also gets rid of most bugs, support and dependency issues for the latest games. This note is to recommend and encourage readers having PS3 to update their consoles with latest version (read docs in case you are concerned about an existing feature getting disabled).

Saturday, April 10, 12:28 AM
PS3 comes with Wireless card and can easily be configured to connect with the home broadband router. My base version 2.5 could not recognize my home network and the Wireless settings were also not configurable.

Updated firmware version from 2.5. to 2.6. I did this by using a game CD that required minimum 2.6 (Bionic Commando to be precise). This can also be done by downloading the firmware and placing it in a memory stick (refer http://uk.playstation.com/ps3/support/network/detail/item48612/PlayStation-3-System-Software-updates/ for details).

This allowed me to use wireless LAN that was not visible earlier. I am not sure if earlier versions allowed wireless access, but for me the option was displayed only after installing firmware 2.6.

 Once wireless LAN was established, updating the system using the Internet installed the latest firmware version 3.21. This download is huge and ran overnight. This particular firmware removes the ability to install other OS on the PS3 system. Yes quite a few people had one more Linux flavour installed and used PS3 as PC.


Sun 12 Sep 2010 01:49:31 AM GST
Version 3.42 released on 07-Sep-10. Updated the firmware to the latest release. This is just a simple auto-install process and can also be triggered from menu Settings -> System Update.


Available Applications
Following features are available and in use on my PS3.
  • Gaming
  • Photo Gallery
  • Video Gallery
  • Music Gallery
  • Media Server access (can access my WD media disk using wireless router).
  • Video Editor and Uploader
  • Playstation Store online
  • Internet Browser and Search
  • "Life with Playstation" (provided dynamic web-based contents pertaining to time and location).
  • Gaming community message and chat access.
  • Facebook connect (this came through recently).

Happy gaming.

Saturday, September 11, 2010

Android 2.2 (Froyo) update with HTC Sense

Last week I received a request on my device (HTC Desire) to update the Android version from 2.1 to 2.2 (Froyo). This was surprising as I am currently situated in UAE region and my device belongs to south-east Asia region. It is even more surprising as this device is not supported by HTC in this region*.

All my early pursuit to manually update the device had failed as HTC did not allow the update download when I entered the device serial no on their site. Anyway auto-update request was welcoming on my HTC Desire model. Below is the list of differences I noticed after the update was applied.




Note, some of these may be a feature of HTC sense interface rather than the base android OS itself. Also note that I am highlighting features that I have found to be new on my device and are not picked up from any existing sources.

  • Keyboard now has a setup option that provides user dictionary to allow addition and deletion of personal words.  The control is available with user. All my before update fed custom words were lost. I need to rebuild now.
  • Recent apps window now show 8 entries of last used apps.
     
  • Video resolution 720p now available (1280x720)! This is wonderful and probably the most important feature. I did a sample video and verified the quality with old shots, excellent.
     
  • Torch light app available in menu. This gives you the ability to use your phone as a torch in darkness. The camera LED is used for this purpose.
     
  • New places app available in menu to quickly find places nearby to your current location.
     
  • For those using SEVEN app for receiving emails, the notification bar now actually shows the number of unread emails. This is possibly a feature of the app that has got activated after applying the patch. This does not apply to  the default clients for Google and HTC.
     
  • The HTC Friend stream widget now shows the "like this" and "comments" counter for each message received.
     
  • New app Voice Search available. Spoken words invoke the search engine and shows the results on screen. Keyboard has  a microphone button, short press invokes the settings, long press invokes the voice search software. This allows me to search the currently displayed text for specific word.
     
  • Portable Wi-Fi Hotspot app available. This converts the phone to a modem for a computer having wireless access. 3G network is used on the phone to browse the internet from the computer.
     
  • Android News and Weather app and widget available, along with the existing HTC news widget. I still prefer using Buzzbox app and widget for my feeds.
     
  • Apart from the existing Gallery app, a new Video Gallery app is available to display the Video titles on the device.
     
  • I don't have to enter the screen lock pattern if I activate the screen immediately after locking it. It is requested only after the phone screen is inactive for a specific time as set in the setup.
     
  • SMS app is more customized now. Shows word count as you type. There is an attachment option that allows attachment of audio, video, address book entry, calendar agenda or simply a file on the device.
     
  • Default gmail client, shows left and write arrows to shift between emails from the view screen. I don't recollect this option being there before the update.
     
  • New GPS navigation app showing up in menu.
     
  • Released good amount of free memory space. I had about 30MB left, after update 55MB is available.
     
  • Software installation can now be performanced on SD Card, this will remove the internal memory size limitation. The setup -> applications -> manage application view now displays 4 tabs and includes one for software installed on SD card.  

    From the manage application view, a particular app can be selected and moved to SD card. However not all app support this option at this time.

    Copying apps to SD card not only freed my internal memory but also occupied lesser size on SD card, this was surprising. For instance one app had installed space (no cache) showing as 15 MB, moving this reduced the size to about 2 MB!

    Setup -> applications -> running services has a new look providing more info on services and memory utilization.
     
  • Overall device performance has improved as compared to before update.
     
  • Apps listing shows Adobe Flash player 10.1 app also.
     
  • The market download tab shows an "update all" button. Clicking on this auto starts downloads of all available updates for installed apps, without prompting for more details.

    A new flag "Allow automatic updating" is available against each downloaded app in the market. Enabling this will keep the app auto updated.
     
  • New 2x2 market widget to quickly launch the app. This looked quite static to me, just more of a shortcut.

    The market app now shows two separate tabs as "About" and "Comment" for displaying details of an app.
 
* HTC Desire is available now in different retail outlets since last month, this was after I did the update.

Saturday, August 21, 2010

Touch Screen on phones : Capacitive or Resistive?

All touch screen phones look alike but there is a key catch in the technology that is being used underneath the screen. A touch screen can either be Capacitive in nature or Resistive. What is the difference?

Know this fact to make a wise decision when buying your next device. Also note that there are other lesser known screen technologies but these two dominate our gadget market as of this writing.

Technical Differences
A Resistive touch screen contains two electric conducting layers divided by a thin gap. As soon a we touch/press on the screen the two layers connect and this results in a voltage divide and the flow of electricity changes. This is registered as a touch.

A Capacitive touch screen consist of a single layer transparent conductor with electricity flowing. A human finger is also a conductor of electricity and carries electrostatic charge. So when a human finger touches the surface it results in electric signal interference. This is registered as a touch.

OK. That is as far as my understanding goes, don't ask me more on this!

Working Differences
A Resistive touch screen can be worked on with a stylus or some other pointing object. If you have long nails, this work too. As the name suggests, resistive screen require resistance or pressure to register a touch.

A Capacitive touch screen needs human body touch or some other similar conducting object. Long nails don't work and neither does most pointed objects. Capacitive will work well with soft touch (no pressure required). It is quite sensitive.

Resistive needs some pressure, it could be insensitive sometimes. I have found that Resistive sometimes fails to register a contact and this often needs a retry. So there are hits and misses here.

On the other hand, Capacitive screen may fail to register a touch if you have wet or sweaty fingers. So you need dry hands to have a more receptive screen.

Yes both screens can be fingerprint magnet, you can avoid this by using a good protective screen shield.


Which is better?
For human touch Capacitive screen are the best bet. Though they cost more than the Resistive ones. My recommendation is that if you plan to buy a touch screen phone, think Capacitive. The human experience is much more rich and interactive on this platform.

How to identify?
There is no visible way of differentiating the two, none that I know of. The only way is to use the surface and see how sensitive a device is to human touch. Before buying a device, go through the technical specification and identify the screen type.

Of the phones I have tried - iphone, HTC Hero, HTC Desire, Google Nexus etc. all come with capacitive screens. While Samsung Jet and some Nokia models are on Resistive screens. Devices that come with stylus are mostly Resistive. Devices that come with Google Android OS are mostly capacitive. Devices that come with Symbian OS are mostly Resistive.

Recently launched resistive screen devices make claims that the experience is as good as capacitive. Though both technology are evolving, I have found that swipe actions and virtual keyboard fair better on capacitive.

Tuesday, August 17, 2010

Oracle Apps : Adding custom text on Login and Home Page

Corporate Policy mandate that proper Notice and copyright information be provided in the Oracle Apps login page to ensure that users are made aware of their actions and what they are trying to access. Oracle Apps provides parameters to customize the login page and header information. I normally set the below minimum parameters at my sites.

Following changes will reflect once the Apache Server is restarted. Though some settings like the "Page Header Info (Hope page Brand)" may not require a restart.


Corporate Policy Message
A short Corporate policy text can be displayed on the login page. The profile parameter "Local Login Mask" (System name "FND_SSO_LOCAL_LOGIN_MASK") has the site level value of 32 by default. To add corporate message on login page, increase this value by 64 (this number stands for Corporate policy messaging).

32 + 64 = 96

Set the profile parameter "Local Login Mask" to 96. Navigate to the following link and change the value.

Responsibility : System Administrator -> Menu : Profile -> Function : Systems -> Query for "Local Login Mask" (Site-level)

Next Navigate to following link.
Responsibility : Application Developer -> Menu : Application -> Function : Messages -> Query for "FND_SSO_SARBANES_OXLEY_TEXT"

FND_SSO_SARBANES_OXLEY_TEXT parameter defaults to "Corporate Policy Message". Change the "Current Message Text" box value to display the right policy information to users. For example, "Statutory Notice: This is a confidential and privileged Enterprise system of <Company>. Access is restricted to <company> employees only." Keep this text short as the text does not wrap to the next line on the same page.


Page Header Info (Home Page Brand Area)
The top part of the page shows the Oracle Logo and also the label "E-Business Suite". The Label can be customized for business needs. Navigate to below link.

Responsibility : System Administrator -> Menu : Application -> Function : Function -> Query for "FWK_HOMEPAGE_BRAND"

FWK_HOMEPAGE_BRAND function is by default set to "E-Business Suite". This can be changed to "<Company> E-Business Suite (TEST or Production)". I prefer adding the Instance type so that users can differentiate between multiple instances by looking at this information. Note, this does not reflect in Application Manager and Workflow screens.

Oracle Note states that Message Parameter FND_SSO_EBIZ_SUITE needs to be set to allow Login page Brand change. I have however found that the above function change works for login page also. If it does not in your case, set this parameter also, the link to this parameter is as below.

Copyright Message
Navigate to following link.
Responsibility : Application Developer -> Menu : Application -> Function : Messages -> Query for "FND_SSO_COPYRIGHT_TEXT"

FND_SSO_COPYRIGHT_TEXT : This text is displayed at the bottom of login page and has legal importance. Defaults to "Copyright (c) YYYY, Oracle. All rights reserved." Can be changed to "Copyright (c) YYYY, Oracle. All rights reserved. Licensed to <company>, <Location>".


Login Page Customization
I set the following to customize the login Page information. Navigate to following link.
Responsibility : Application Developer -> Menu : Application -> Function : Messages -> Query for below parameters.

FND_SSO_WELCOME : This text is shown on the Login page header and also shows up as the page title. Defaults to "Login". Can be changed to "Oracle Apps Production Login". This information also gets prompted when adding the link to browser favorites.

FND_SSO_PASSWORD : This text is displayed against the Password field.
Defaults to "Password". I normally change this to "Enter your Password".

FND_SSO_EBIZ_SUITE : This text is displayed on the login page brand display area. Defaults to "E-Business suite". I prefer setting this same as the function value "FWK_HOMEPAGE_BRAND" (only if the function does not work for login page).


Forms Window Title Change
The Forms applet title is set using a profile parameter. Navigate to following link.
Responsibility : System Administrator -> Menu : Profile -> Function : System ->  Query for "Site Name" (Site-level)

Set "Site Name" to appropriate name along with the instance type. For example, "<Company> - <Production/Test>"


Reference
Metalink Note 468971.1

Saturday, August 14, 2010

Measuring the Internet line speed : Kbps Vs KBps?

This terminology is quite confusing for even IT guys. What is the speed of your broadband? What does it mean? Any hidden caveats here? This has been long told and we still forget the basics. Here is a recap again...

Kbps Vs KBps
First thing first. Understand the meaning of KBps and Kbps. The 2nd character "B" or "b" makes a world of difference. Capital 'B' stands for Bytes and a small 'b' stands for bits. 8 bits make 1 byte. So a 128KBps is much much faster than a 128Kbps (approximately about 8 times faster). These units are now common for Internet lines. Now we have Mbps and Gbps as things become faster

The rationality behind the two measurement units differ. For a person who is interested in understanding the download/upload speed of a connection it is more important to get an understanding on what scale is the internet line being measured in by your ISP. This would give an idea about how much time it would take for a 100MB data file to download or a 4GB DivX movie to come through. Note when we measure file sizes, we always talk about in bytes or multiple of bytes. We do not use bits per say. So when analyzing the speed of a line, try to compute in the same unit.

Here is an example, My ISP provides me a connection of 256 Kbps. That is Kilo bits per second.

-> 256 Kb
= 256 * 1024 bits
= 262144 bits
-> In bytes ?
= 262144/8 bytes
= 32768 bytes

-> In Kilobytes ?
= 32768/1024 KB
= 32 KB

So, if I have about 100MB data file to download, then it would take me about (100 * 1024)/32 = 3200 seconds = 53 minutes approximately (hold on.. this does not happen though, read further).

Now a days we have high speed lines that are being measured in Mbps. That is Mega bits per second. Using the same formula let look at an 8Mb line.

-> 8Mb
= 8 * 1024 Kb
= 8192 Kb
= 8388608 bits

-> In bytes ?
= 8388608/8 bytes
= 1048576 bytes

-> In Kilobytes ?
= 1048576/1024 KB
= 1024 KB

-> In MB?
=1024/1024 MB
= 1MB

So, if I have about 100MB data to download, then with this speed it would take 100/1 = 100 seconds = 1.6 minutes approximately.

Looking at the above calculation, one can safely conclude that whatever information is provided in b (bits) can be converted to B (bytes) by dividing it by 8. So you can bypass the above calculation headache and directly divide your bandwidth to get the right picture. For instance, 512Kbps = 512/8 = 64KBps


But it does not work in reality!!
Yes the next question is obvious. I never get a 256 Kbps download on my line even if it has this capacity. The download speed is always between 30-40Kbps. Check yours and you could have a similar condition. So my 100MB file actually takes me about 5-8 hours to download!! Ha. Few things to note here -

  • The broadband line you have subscribed to is part of a shared network that other users in the same data package are also using. So a group of users have to share the capacity of a line that your ISP is providing you. Hope your ISP did tell you about this, right?
     
  • The download/upload speed will greatly vary depending on the load on the shared network that you are part of. It could happen that your speed is much better at night because most users use it during the day. It Could also happen that you get a sudden bust of high speed connection because the broadband network is idle. It is also possible that the YouTube video you are trying to watch just does not seem to complete streaming for hours.
     
  • The ISP do have their own agenda to put a slab on the transfer speed so as to avoid over use by few individuals at the sake of others. So there is every possibility that your ISP has put a lock of 30/40Kbps download speed, though you are subscribed to a 256 Kbps line. Don't worry, your ISP will never tell you about this.
     
  • ISP will never guarantee you the speed of the line. They will only direct you on the current state and the charming numbers that will hike your imagination and lure you to take the plunge towards a more expensive data package. It is possible that as the number of users increase, the subscribed line can blow out of proportion giving you a speed equivalent to the old days classic Modems (I still love these).
     
  • In true network world, apart from the above there are few other jargon such as network latency and hops that also contribute to the transfer performance, I will keep this out for sake of clarity.
     
  • Hey Man, you are on internet! The virtual world that no one can control.

Are we getting cheated?
Yes and No.
Yes because most ISP do not give customers clarity on what they are offering (Customers don't ask for it either..).
No because you as an individual have not made yourself abreast of the latest trends and technical labels.
So it is 50-50.

None of the ISP I have come across has ever given me a clear picture in this area. No one has given me a clear indicator of how my speed would be. I do not want to know the speed of a website located some were on the web, I understand no one can guarantee that. All I want to know is how much time it would take to download a file from the ISP server to my desktop and if it can be guaranteed during my subscription. Sorry no takes here. You may say it doesn't matter, if my current speed is slow I will upgrade to the next package. Yep that is the catch. Can you guarantee that your ISP is not chocking your package bandwidth to compel you to move up to a higher valued package.


Any Good Moves?
I am on Linux and I have got ways and means to hike up my speed. Here are few that can be used on Windows and Other OS. Sorry I am no Windows/Mac expert. My experience is on Linux and below are just few tweaks that I have tried.

  • Apparently, the speed limit (if any) imposed on the line is on thread basis. I can download a file in multiple threads and achieve a speed of up to 200 Kbps on 256 Kbps line! A lot depends on from where the download is happening and what software is in use. For Window folks, check out the FDM (Free Download Manager) that replaces the default browser download software and allows use of threads.
     
  • Shutdown those junkie services and software that are automatically hogging your bandwidth. Try to put auto-updates download in a time slot where this does not interrupt with your activities. On Linux, I normally put this in manual mode and select the updates I want on a periodic basis. Yes Security alerts are immediately prompted and I do apply them ASAP.
     
  • Use BitTorrent supporting clients. BitTorrent is a protocol that creates a network mesh for file downloads. In this concept, every device connected in the mesh not only downloads the file, but also allows upload from it to other torrent connected clients. One file is split into numerous pieces and the Torrent client acts intelligently to identify the near by devices that can serve as download entities. Don't worry about the complexity of this protocol, just be aware that this will try to download in multiple threads and from multiple devices. For me, this option is not that fast in my region, but my download is reliable and I can start from where I stopped.

  • There are quite a few sites offering tips on improving internet performance. I suggest you try out some tips from reliable sources. For all you know, you may not require a higher data package and get quality speed on the existing bandwidth itself.


After Notes

  • By the way ISP is "Internet Service Provider".
     
  • And if you have guessed it, there is a difference between a lower case 'k' and an upper case 'K'. Lower case 'k' converts to exact 1000. Upper case converts to 1024. Yes this is one of the reason why you get 235 GB space when you buy a 250 GB hard disk. Since the difference is minor I am not too concerned with this right now.

Sunday, August 1, 2010

BeBook One ebook Reader Firmware update 2009

This note is for the BeBook One ebook reader only (2009 and earlier). This does not apply to BeBook bought in 2010 (there is a separate patch for this).

The latest firmware (version: 2.02NL.091127) patch for BeBook one can be downloaded from below link.

http://mybebook.com/a29/bebook-one-firmware/article_info.html

The installation process is not at all tedious.
  • Ensure that the BeBook is fully charged.
  • Download the patch
  • Unzip it into an SD Card that should not be more than 1GB in size (ensure this).
  • Take a backup of the data already present in internal memory. The patch will not erase the data but this is a safety measure.
  • Turn of the BeBook. Press and hold the power button on top.
  • Once the BeBook is shutdown, insert the SD Card into the slot.
  • Press and hold the Plus sign button (+) on the right side of the device followed by power button. This will turn on the BeBook reader and automatically take it to patch update mode.
  • Let the update finish (took about 5 minutes for me) and you will be prompted to restart.
  • Done.

The patch updates the following -
Update kernel
Update System
Update Logo
Update Parser App
Update Resource


picture shows the difference in versions before and after the update


Usable enhancements
I have found the following usable features -

Reflow of words
PDF files were badly handled. They were just shown as images and maximizing them just resulted in readjustment of the page. This patch now allows reflow of words, i.e., the words and sentences auto adjust to the screen size. Pressing the maximize button now actually increases the font size (and not the image itself) and resizes the text. I have found that I could maximize nine times, this is wonderful.

It also preserves individual document maximization settings. For instance I increased the font size of one document by 4 levels and another document by 2 levels. Both documents preserved their individual levels after I exited and returned back.

I used to recommend use of Mobipocket reader software to convert PDF to PRC files and then load it to ebook. With this patch, the BEbook reader offers excellent support for PDF format that can now be directly copied and read on the reader.

The old 3 mode maximize option is still supported for other formats. The firmware document also states that there are multiple level of maximization support for ePub format, haven't tried this.

Check the below images on how maximizing of same PDF page now looks like -

The earlier look
Maximizing perfectly resizes the pages content
Further Maximizing..
Further..


Search option
The patch now allows option to search using the provided numeric pad. A set of characters is represented by each physical button. The search will underline the words, pressing the next page button will take you to the next applicable entry. Exit search by pressing the backspace key.




Other enhancements
The firmware update document says that two modes are provided for pdf viewing (Adobe pdf default and XPDF). Besides Hyperlinks are also supported withing PDF document. I haven't tried these features.

There is also an option to track "Time & Date" using settings.



Well for me it is the PDF support and I am happy about it. Most of my technical manuals are available in PDF format and I can now refer these directly on my BeBook reader.

Enjoy..

Saturday, May 8, 2010

Backing up Linux system using BackupPC

Following is performed on Fedora 12 Linux on an Acer 3935 Notebook. This note is related to backing up a personal/office system using BackupPC software.

> Installation

simply issue the below command to instruct yum to download and install the required RPMs.

[amar@amar ~]$ sudo yum install backuppc


The installation process created a folder /etc/BackupPC/ for configuration files.
/var/lib/BackupPC - For runtime data folder. I modified this link to an external USB disk, details later.
/var/log/BackupPC - For logs.  I modified this link to an external USB disk, details later.
/usr/share/BackupPC - For scripts, libraries and documentation.


It also added a configuration file, BackupPC.conf,  for the Apache server under /etc/httpd/conf.d. This will allow BackupPC CGI interface for monitoring, accessing and configuring the software using a browser.


> New OS Users

It also created an OS user and group with the name "backuppc". The home directory is set as /var/lib/BackupPC/. Default user "apache" is also added to this new group (so apache user will have access to Backup PC system files). This user has "/sbin/nologin" set as login shell and Local password is locked, so no one can login with this user. the login will be used internally by the BackupPC tool.

[root@amar bin]# su backuppc
This account is currently not available.

Force logging is possible by explicitly providing the "-s" option. This may be required for running scripts for testing purpose.

[root@amar ~]# su -s /bin/bash backuppc
bash-4.0$ pwd


> Apache Configuration for the BackupPC tool
>> To allow access to the tool, a password file needs to be created for Apache login prompt. This is mentioned in the Apache server file created by the Backup PC. I issue the below command as root to create a web browser user called "backuppc".

[root@amar ~]# cd /etc/BackupPC/
[root@amar BackupPC]# ll
total 88
-rw-r-----. 1 backuppc backuppc 80952 2010-02-28 21:47 config.pl
-rw-r--r--. 1 backuppc backuppc  2209 2010-02-28 21:47 hosts
drwxr-xr-x. 2 backuppc backuppc  4096 2010-02-28 21:47 pc
[root@amar BackupPC]# htpasswd -c /etc/BackupPC/apache.users backuppc
New password:
Re-type new password:
Adding password for user backuppc
[root@amar BackupPC]# ll
total 92
-rw-r--r--. 1 root     root        23 2010-04-30 13:20 apache.users
-rw-r-----. 1 backuppc backuppc 80952 2010-02-28 21:47 config.pl
-rw-r--r--. 1 backuppc backuppc  2209 2010-02-28 21:47 hosts
drwxr-xr-x. 2 backuppc backuppc  4096 2010-02-28 21:47 pc


>> To allow access on URL from a name/IP that is other than the local IP 127.0.0.1, add it to the "allow" line /etc/httpd/conf.d/BackupPC.conf file. Changes are reflected without a service restart.

allow from 127.0.0.1 192.6.14.230


>> Set the following parameters to grant admin access to the above created user, in /etc/BackupPC/config.pl file.

$Conf{CgiAdminUserGroup} = 'backuppc';
$Conf{CgiAdminUsers}     = 'backuppc';


>> Restart the BackupPC Service after this change.
/etc/init.d/backuppc restart

>> To access the front-end using web browser, open Firefox and type in the local access URL with the BackupPC Alias. For me it is http://amar.padhi/BackupPC (note the alias is case sensitive).


> Moving my backup folder to external Linux disk

- Open the BackupPC URL in the browser and navigate to "Edit Config" menu from left side panel. Locate "TopDir" and "LogDir" parameters and modify these to point to the external USB disk folder.

- Next open command prompt and copy the all subfolder and files in /var/lib/BackupPC folder to the external disk location.

[root@amar ~]# cp -rpv /var/lib/BackupPC /media/PersoBKP/

- Note, the external hard disk cannot be on an NTFS or FAT32 File system as these are not supported for backup.


> sudo access for backuppc user

BackupPC Software on my system is prevented from using "root" user, it will use the dedicated backuppc user only. As backuppc user does not have access to read the complete file system, sudo access should be granted to allow this user to copy files. As root issue visudo command and add the following line in sudoers file. My preferred mode of copy on Linux is using "rsync" command.

backuppc  ALL=NOPASSWD: /usr/bin/rsync

Also comment out the below line in sudoers file (visudo)
#Defaults    requiretty


> Create a node for backup

Fire up the URL (mentioned above) to view the BackupPC administration page.  Click on "Edit Hosts" link and add your PC information there.
host = name of the local PC (or IP)
dhcp = click this if you are not having a static IP address on your machine
user = Name of the person who uses this machine, this is just reference data.

Click on the "Save" button to ensure that the data is committed. Once hosts are defined, the drop down list under the "Hosts" Panel entry will show them. Host specific setup can now be done by selecting the host from the drop down list. Select the local host name that was defined and click on "Edit Config" option. The displayed page will show subheadings such as - Xfer, Email, Backup settings and Schedule. Each of these can be modified to suite ones need.

>> Changing the Local PC backup calls
Click on "Xfer" button and change the required settings. I did the below for my local machine backup. Note, I am making use of sudo call to do the backup.

XferMethod  = rsync
RsyncClientPath = /usr/bin/rsync
RsyncClientCmd = /usr/bin/sudo $rsyncPath $argList+
RsyncClientRestoreCmd = /usr/bin/sudo $rsyncPath $argList+



> Folders that can be excluded

I exclude the following folders from backup, restoring these can actually create havoc on a running system.

/tmp
/proc
/mnt
/media
/sys


> Access from Command line

Login from root to backuppc user using following option

[root@amar ~]# su -s /bin/bash backuppc
bash-4.0$


Refer BackupPC documentation to identify commands that can be used in shell. For me, I prefer the browser access as it is convenient to manage multiple clients.


> First backup
From the browser, navigate to the host machine link and click on the "Star Full Backup" button. The first full backup may take lot of time if there is lot of data to be copied. The existing default schedule does a full backup every 7 days and an incremental backup every day, this can be changed if need be.


> Referred sites

http://www.unixmen.com/linux-tutorials/unix-tutorials/71-install-backuppc-server-in-centosrhelfedora
http://backuppc.sourceforge.net/faq/ssh.html

> Next


- Backing up Windows PC data on network.
- Restoration scenarios

Thursday, May 6, 2010

Massachusetts Data Privacy/Security Law basic points

Massachusetts state, USA, has enacted a new data privacy and security law which puts the burden on all database owners and custodians. Mentioned below are some facts that I could make out from their published document. This actually acts as a good input regarding some basic points that should be covered for security hardening.

- Any database or system that owns or licenses personal information about a resident of Massachusetts should be encrypted. Even the transmission of such data should be in encrypted form. This is regardless of what your business line is, if you store personal information you are legally obligated to protect that information. Failure to comply results in heavy fines.

- All laptop and portable devices carrying personal information should be encrypted. Some portable devices do not support industry standard encryption, these should be avoided. Password protecting data when storing it on the laptop and transmitting it wirelessly does not satisfy the encryption requirement ! Data must be altered into unreadable form and password protection only does not alter the condition of the data as required.

- Backup Tapes also have to encrypted.

- For systems holding personal information and connected to Internet, there must be a reasonably up-to-date firewall protection and operating system security patches.

- It is not best practice to send unencrypted personal information in an email. Alternative method should be used, such as establishing a secure website that requires safeguards such as a username/password to conduct transactions involving personal information.

- Onus lies on the business to ensure that enough education and training is provided to employees on the proper use of the computer security system and the importance of personal information security.


- Access to personal information should be authorized and monitored.












References :
www.mass.gov/Eoca/docs/idtheft/201CMR1700reg.pdf
http://datalossdb.org/statistics

Wednesday, February 10, 2010

TimeBox Management

Time boxing is a project management technique commonly used in software development projects. It is primarily meant for Rapid Application Development (RAD) environments with key focus being the time constraint.


Basically a project follows the Agile software development methodology, where in, the full scope is split into multiple smaller components, each component having its own timelines, budget and milestones. The aim is to achieve the prime objectives by continuously prioritizing and flexing requirements. The project is progressively elaborated as completing individual chunks gives better visibility and decision-making ability.

Though the scope is pre-determined, it is possible that the outcome could differ because of the adaptive approach. The ultimate outcome is the desired result that the users require.


The traditional project management approach involves three prime constraints - Time, Cost and scope (Quality may also be included optionally). This is termed the triple constraint factor of Project management. The scope is pre-determined and fixed at the start of the project. Time and cost are managed to ensure that the required scope is achieved. In case of inevitable circumstances deadlines may slip or project may be crashed or fast tracked to achieve the scope. With time box management, the deadline is what is fixed and the scope is modifiable as activities are accomplished.


The traditional approach would require a Project Manager to ensure that thorough analysis and planning is done to identify all deliverables and plan all activities and schedules to the bone. TimeBox management involves performing a reasonable level of planning and getting on with the actual work, a bit at a time. Things become clearer as each milestone is achieved and analyzed.


I believe most RAD software development have knowingly or unknowingly been using time box technique to keep user satisfied. So if the saying "Scope cannot be frozen" is applicable to your site, TimeBox management is the right tool.

There are TimeBox project management tools available but I haven't used any.
 
When performing IT Audit at a site, it important that the auditor understand what Project management methodology is being followed. TimeBox approach might give the impression that there is lot of scope creep, but then that would possibly be the reason why this approach is being taken.

Friday, February 5, 2010

Moving my site postings to Blogs

Hi Folks,
Thank you all for your continued support and feedback though the years. This is to update you that I am moving my website postings to blogs. This will allow me to achieve better control and meet the traffic needs. It will also allow you as readers to post comments on my blogs directly and carry out healthy debates. This also ensures that I am not invading your mail box without your consent (spam?).

To subscribe to one or more of my blogs, please read through this page. I am currently hosting Oracle, Oracle Apps, Linux, CISA and General IT blogs. Please note, you need to subscribe to continue receiving auto-updates. I will not be sending direct emails to individuals.


Below mentioned are the different blogs I write at.

Oracle blog - http://oracle-repo.blogspot.com/feeds/posts/default
This is the oldest blog I have been writing on for almost 10 years now. Deals with postings on Oracle Database administration, programming and Solutions Design.

Oracle Apps blog - http://oracleapps-repo.blogspot.com/feeds/posts/default
I had stopped this in between due to time constraints, decided to get it rolling again. If you work in or want to learn Apps, give this a try.

Linux blog - http://linux-repo.blogspot.com/feeds/posts/default
This is also one of the oldest blogs but I have written very few notes. I intend to gear up this area and provide readers with more postings on my experience with Linux and Open Source software.

CISA blog -  http://cisa-repo.blogspot.com/feeds/posts/default
I have started this blog to publish CISA related articles to aid aspirants with their examination studies and keep already certified folks in touch with the base.

General IT blog - http://amar-padhi.blogspot.com/feeds/posts/default
This is a general IT blog where I would be ranting on the extreme things I try out related to Technology, and general news on where IT is going.


What is RSS?
RSS stands for Real Simple Syndication. It basically is an internet service that allows updates on a site to be automatically pushed to all subscribers. The term used for such updates is "Feed". You as a reader decide on which site you want to stay connected with by subscribing to their feed. For instance, if you would like to receive regular news updates, you can choose from the hoards of news sites out there. All latest web publication get delivered to your RSS reader/client automatically.

There are many popular online Feed readers such as Google Reader, Yahoo reader, bloglines etc. Apart from this you can also use your email client as RSS reader. Most popular email clients such as Outlook, Thunderbird and Evolution very well support this feature.

New to RSS? Read further to start using and join millions of web users out there.


How to subscribe?

It is really simple. In order to receive updates from a site, you need two things - an RSS Reader and the site URL.

  • If you have an online RSS reader, open one or more of the above links in Internet browser and choose "Subscribe to this feed..". Provide your favorite reader.

  • If you want to receive updates in your mail box, right click on the "RSS Feed" entry in your Folder listing and subscribe. Provide the above URL to switch on the subscription.

How to configure email client?

As mentioned above most email clients come equipped with RSS Feed support. Here is a screenshot of how my Thunderbird Feed looks like. It is simple setup here.









Same can be achieved in Outlook client also. From the Tools Menu, click Account Settings. On the RSS Feed Tab press new and provide the above mentioned links.

Thursday, February 4, 2010

Segregation or Separation of Duties (SoD) vital to prevent Fraud

"In 2007, Japan-based electronics company NEC discovered a US $18 million fraud carried out by 18 people. “The fraudulent transactions involved the trading of intangible assets such as services and construction,” according to a May 31, 2007, CFO.com report. “The company explained that the fraud was not discovered for some time because the system enabled validation of the orders through confirmation by the same employees that made the orders.”
Above excerpt is from Institute of Internal Auditor's site, read more at http://www.theiia.org/intAuditor/itaudit/2009-articles/segregated-duties-in-fashion/ site.

The control required to prevent individuals from having conflicting functions is referred to as segregation of duties (SoD) or Separation of Duties.

CISA mandates that Management takes proper initiative to ensure SoD in all areas of work. This is a very vital Preventive Control to prevent Fraudulent activities and achieve better control on the laid down processes. The Approver should always be an entity not involved in the actual transaction. To that matter, even the IS auditor should be independent of the business (should not have any vested interest or gains, directly or indirectly). Any deviation from SoD should be well documented, communicated and proper compensatory controls built-in.

Wednesday, February 3, 2010

Installing Oracle Apps 11i on Linux (Part 2)

Install software
Trigger the rapidwiz installation

[oracle@amar rapidwiz]$ cd /home/oracle/app/product/Stage11i/startCD/Disk1/rapidwiz
[oracle@amar rapidwiz]$ ./rapidwiz


Change the database name from "VIS" to "vis" for lower case context names.


The log file path is displayed in the command prompt from where the rapidinstall was invoked.

[oracle@amar rapidwiz]$ Database logfile - /home/oracle/apps/visdb/9.2.0/appsutil/log/VIS_amar/12150705.log
While the process is running keep the running log file in the background to identify errors.

tail -f /home/oracle/apps/visdb/9.2.0/appsutil/log/VIS_amar/12150705.log


Once the database setup is over. The command window will display the application log file also.
Appltop logfile - /home/oracle/apps/visappl/admin/vis_amar/log/12160832.log

Now tail this to identify application installation related errors.

You may or may not encounter the below errors, but I have documented it here for reference purpose.

ERROR 1
Error encountered during the installation process in front-end :-
RW-50004: Error code received when running external process. Check log file for details. Running Database install driver for VIS instance.

Navigate to the log directory and check the log error. If you had the running log screen, you can see the error shown there. My log had the following error-

Statusstring Executing Command: InstantiateFile -d addbtmpl.drv
Cannot execute configure of environment for database ORACLE_HOME

    RW-50010: Error: - script has returned an error:   1
RW-50004: Error code received when running external process.  Check log file for details.
Running Database Install Driver for VIS instance


Also check the dbInstancecfg.log file in the same folder to find the last script that failed.
        

  [SETUP PHASE]
  AutoConfig could not successfully execute the following scripts:
    Directory: /home/oracle/apps/visdb/9.2.0/appsutil/install/VIS_amar
      afmkinit.sh             INSTE8_SETUP       127

AutoConfig is exiting with status 1

 

Metalink note 747424.1 has more details on this. Following steps were followed -

1. Edit the <9i RDBMS_ORACLE_HOME>/appsutil/bin/adgetlnxver.sh file as below
2. Alter  by replacing all occurances of LD_ASSUME_KERNEL with XD_ASSUME_KERNEL
3. Press the retry button in rapidwiz screen


ERROR 2

Cannot create control file for vis

    RW-50010: Error: - script has returned an error:   1
RW-50004: Error code received when running external process.  Check log file for details.
Running Database Install Driver for vis instance
Database Availability Check


Navigate to $ORACLE_HOME/appsutil/log// folder and open adcrdb_vis.txt. Following error may be present.

SQL> startup nomount;
ORA-27125: unable to create shared memory segment
Linux Error: 1: Operation not permitted


The solution given in metalink for settinv the "vm.disable_cap_mlock=1" in sysctl.conf file does not work for Fedora 12. Do the following instead -

cd $ORACLE_HOME/bin
mv oracle oracle.bin
cat >oracle <<"EOF"
#!/bin/bash

export DISABLE_HUGETLBFS=1
exec $ORACLE_HOME/bin/oracle.bin $@
EOF

chmod +x oracle

E.g :-
[oracle@amar bin]$ mv oracle oracle.bin
[oracle@amar bin]$ ls -lrt oracle*
-rwsr-s--x. 1 oracle oinstall 52987082 2009-12-16 16:27 oracleO
-rwsr-s--x. 1 oracle oinstall 52987082 2009-12-16 16:28 oracle.bin
[oracle@amar bin]$ cat >oracle <<"EOF"
> #!/bin/bash
> export DISABLE_HUGETLBFS=1
> exec $ORACLE_HOME/bin/oracle.bin $@
> EOF
[oracle@amar bin]$ more oracle
#!/bin/bash
export DISABLE_HUGETLBFS=1
exec $ORACLE_HOME/bin/oracle.bin $@
[oracle@amar bin]$ chmod +x oracle
[oracle@amar bin]$ ls -lrt oracle*
-rwsr-s--x. 1 oracle oinstall 52987082 2009-12-16 16:27 oracleO
-rwsr-s--x. 1 oracle oinstall 52987082 2009-12-16 16:28 oracle.bin
-rwxr-xr-x. 1 oracle oinstall       75 2009-12-16 20:26 oracle


Optionally, I also navigated down to $ORACLE_HOME/dbs folder and modified the initvis.ora file to reduce the size of following parameter. This is not required though.

pga_aggregate_target=200M

Retry the process again. If it does not work, abort the process and restart the rapidwiz again.
[oracle@amar rapidwiz]$ ./rapidwiz -restart
Specify the parameter file that you saved earlier during the first run. The runtime will autoselect all the parameters and continue from where it left.


Error 3
Statusstring Executing Command: InstantiateFile -d addbtmpl.drv

Unable to complete Instance Configuration

    RW-50010: Error: - script has returned an error:   1
RW-50004: Error code received when running external process.  Check log file for details.
Running Database Install Driver for vis instance

Navigate to the log directory and identify the latest generated files by timestamp. Open the installdbf.log file to find the last failed script. In my case it pointed to the afdbprf.sh. The log folder also had an error file with the name afdbprf.txt, which had the below error -

ERROR:
ORA-12541: TNS:no listener

Manually start the listener.

[oracle@amar 9.2.0]$ cd /home/oracle/apps/visdb/9.2.0
[oracle@amar 9.2.0]$ . ./vis_amar.env
[oracle@amar 9.2.0]$ lsnrctl status

LSNRCTL for Linux: Version 9.2.0.6.0 - Production on 16-DEC-2009 20:40:49

Copyright (c) 1991, 2002, Oracle Corporation.  All rights reserved.

Connecting to (ADDRESS=(PROTOCOL=tcp)(PORT=1521))
TNS-12541: TNS:no listener
 TNS-12560: TNS:protocol adapter error
  TNS-00511: No listener
   Linux Error: 111: Connection refused
[oracle@amar 9.2.0]$ lsnrctl start

LSNRCTL for Linux: Version 9.2.0.6.0 - Production on 16-DEC-2009 20:41:00

Copyright (c) 1991, 2002, Oracle Corporation.  All rights reserved.

Starting /home/oracle/apps/visdb/9.2.0/bin/tnslsnr: please wait...

TNSLSNR for Linux: Version 9.2.0.6.0 - Production
System parameter file is /home/oracle/apps/visdb/9.2.0/network/admin/vis_amar/listener.ora
Log messages written to /home/oracle/apps/visdb/9.2.0/network/log/listener.log
Listening on: (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=amar.jashanmal.ae)(PORT=1521)))

Connecting to (ADDRESS=(PROTOCOL=tcp)(PORT=1521))
STATUS of the LISTENER
------------------------
Alias                     LISTENER
Version                   TNSLSNR for Linux: Version 9.2.0.6.0 - Production
Start Date                16-DEC-2009 20:41:00
Uptime                    0 days 0 hr. 0 min. 0 sec
Trace Level               off
Security                  OFF
SNMP                      OFF
Listener Parameter File   /home/oracle/apps/visdb/9.2.0/network/admin/vis_amar/listener.ora
Listener Log File         /home/oracle/apps/visdb/9.2.0/network/log/listener.log
Listening Endpoints Summary...
  (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=amar.localdomain.com)(PORT=1521)))
The listener supports no services
The command completed successfully
[oracle@amar 9.2.0]$ lsnrctl status

LSNRCTL for Linux: Version 9.2.0.6.0 - Production on 16-DEC-2009 20:41:12

Copyright (c) 1991, 2002, Oracle Corporation.  All rights reserved.

Connecting to (ADDRESS=(PROTOCOL=tcp)(PORT=1521))
STATUS of the LISTENER
------------------------
Alias                     LISTENER
Version                   TNSLSNR for Linux: Version 9.2.0.6.0 - Production
Start Date                16-DEC-2009 20:41:00
Uptime                    0 days 0 hr. 0 min. 12 sec
Trace Level               off
Security                  OFF
SNMP                      OFF
Listener Parameter File   /home/oracle/apps/visdb/9.2.0/network/admin/vis_amar/listener.ora
Listener Log File         /home/oracle/apps/visdb/9.2.0/network/log/listener.log
Listening Endpoints Summary...
  (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=amar.localdomain.com)(PORT=1521)))
Services Summary...
Service "vis" has 1 instance(s).
  Instance "vis", status READY, has 1 handler(s) for this service...
The command completed successfully


Click on "retry" button.



ERROR 4
At the end of installation, most of the verification failed -

DBC File Check

   RW-00023: Error: - DBC file was not created:
      File = /home/oracle/apps/visappl/fnd/11.5.0/secure/vis_amar/vis.dbc

HTTP Check

   checking URL = http://amar.localdomain.com:8000
   RW-50015: Error: - Portal is not responding. The service might not have started on the port yet. Please check the service and use the retry button.

JSP Check

   checking URL = http://amar.localdomain.com:8000/OA_HTML/jsp/fnd/fndhelp.jsp?dbc=/home/oracle/apps/visappl/fnd/11.5.0/secure/vis_amar/vis.dbc
   RW-50015: Error: - JSP is not responding. The service might not have started on the port yet. Please check the service and use the retry button.

PHP Check

   checking URL = http://amar.localdomain.com:8000/OA_HTML/US/ICXINDEX.htm
   RW-50015: Error: - Login Page is not responding. The service might not have started on the port yet. Please check the service and use the retry button.


The logfile will give the exact files that are failing.

Some script is setting the LD_ASSUME_KERNEL from within APPS. On further digging, it was identified that the environment file /home/oracle/apps/visappl/vis_amar.env is setting this (it is internally calling some other script for this). Modify the file and add the below line at the end of the file to unset the parameter.

# 17-Dec-09 | Amar | unset the kernel par
unset LD_ASSUME_KERNEL



Login to sqlplus (from the database tier) and check data in FND_NODES table

SQL> select node_name,server_address from fnd_nodes;

NODE_NAME             |SERVER_ADDRESS
----------------------|------------------------------
AMAR                  |


Update the server_address, if empty, with the server IP.

SQL> update fnd_nodes set server_address = '192.6.14.230' where node_name = 'AMAR';

Set the midtier environment varialbles and run the adautoconfig.sh file.
[oracle@amar ~]$ . /home/oracle/apps/visora/8.0.6/vis_amar.env
[oracle@amar ~]$ . /home/oracle/apps/visappl/vis_amar.env
[oracle@amar ~]$ cd $COMMON_TOP/admin/scripts/vis_amar/
[oracle@amar vis_amar]$ ./adautocfg.sh

Above will fail for adgendbc.sh file continue. Change the variable again. Manually run the adgendbc.sh file to generate the dbc file.
[oracle@amar ~]$ cd /home/oracle/apps/viscomn/admin/install/vis_amar/
[oracle@amar vis_amar]$ ./adgendbc.sh apps apps Yes Yes Yes Yes


Review the generated dbc file to ensure that settings are correct. Now start other services also.

[amar@amar ~]$ su - oracle
Password:
[oracle@amar ~]$ . /home/oracle/apps/visora/8.0.6/vis_amar.env
[oracle@amar ~]$ . /home/oracle/apps/visappl/vis_amar.env
[oracle@amar ~]$ echo $ORACLE_HOME
/home/oracle/apps/visora/8.0.6
[oracle@amar ~]$ echo $APPL_TOP
/home/oracle/apps/visappl
[oracle@amar ~]$ echo $LD_ASSUME_KERNEL

[oracle@amar ~]$
[oracle@amar ~]$ cd $COMMON_TOP/admin/scripts/vis_amar
[oracle@amar vis_amar]$ ./adstpall.sh apps/apps &
[oracle@amar vis_amar]$ ./adstrtal.sh apps/apps &


Check logfile /home/oracle/apps/viscomn/admin/log/vis_amar/12171245.log for details

Exiting with status 2


The process this time started most of the services but 806 Listerner and Discoverer failed. Tail the above provided log file to verify this.


**Service Control Execution Report]**

  Service                                 Script         Status

  Oracle Apache Server vis_amar             adapcctl.sh      Started
  OracleTNSListener80APPS_vis_amar          adalnctl.sh      Failed
  OracleConcMgrvis_amar                     adcmctl.sh       Started
  OracleFormsServer-Forms60vis_amar         adfrmctl.sh      Started
  OracleReportServer-Rep60_vis              adrepctl.sh      Started
  Oracle Metrics Client vis_amar            adfmcctl.sh      Started
  Oracle Metrics Server vis_amar            adfmsctl.sh      Started
  Oracle Fulfillment Server vis_amar        jtffmctl.sh      Started
  Oracle Discoverer services vis_amar       addisctl.sh      Failed
  Oracle Restricted Apache Server vis_amar  adaprstctl.sh    Disabled
  Oracle Apache Server vis_amar for PL/SQL  adapcctl.sh      Disabled
  Oracle TCF SocketServer vis_amar          adtcfctl.sh      Disabled
  Oracle ICSM vis_amar                      ieoicsm.sh       Disabled
  Oracle iProcurement Bulk Loader vis_amar  icxblkctl.sh     Disabled

ServiceControl is exiting with status 2

Edit $AD_TOP/bin/adgetlnxver.sh and comment all LD_ASSUME_KERNEL lines, followed by unset option.
                #LD_ASSUME_KERNEL="2.4.21"
                #export LD_ASSUME_KERNEL
                unset LD_ASSUME_KERNEL

Run autoconfig again to rectify all links.


ERROR 5
Forms runtime is getting invoked with an error (from a windows client maching or Virtual Machine). Screen shows below error -

FRM-92050: Failed to connect to the Server: amar.jashanmal.ae:9000
Details...
Java Exception:
java.io.EOFException
at java.io.DataInputStream.readInt(Unknown Source)


Following error shows up in Apache error log -
"client denied by server configuration: /home/oracle/apps/viscomn/java/oracle/apps/fnd/formsClient/FormsLauncher.class"


Do a telnet to the port showing error (same machine).

[oracle@amar ~]$ telnet amar.localdomain.com 9000
Trying 192.6.14.130...
telnet: connect to address 192.6.14.130: Connection refused

 
Note 228610.1 applied here. Set the midtier environment variables and do the following -

[oracle@amar visappl]$ cd $FND_TOP/bin
[oracle@amar bin]$ ldd f60webmx | grep -i "not found"
                libXm.so.2.1 => not found

[oracle@amar bin]$ f60webmx
f60webmx: error while loading shared libraries: libXm.so.2.1: cannot open shared object file: No such file or directory


This is a motif library issue.
[oracle@amar bin]$ locate libXm.so.2.1
/home/oracle/apps/visora/8.0.6/lib/stubs/libXm.so.2.1
/home/oracle/apps/visora/iAS/lib/stubs/libXm.so.2.1

Download openmotif from http://www.motifzone.net/filebrowser, copy the rpm to the vislib library folder. Get the latest Fedora version that is 32-bit.

Extract the rpm to the vislib library folder we created earlier.
[root@amar vislib]# rpm2cpio openmotif-2.3.0-1.fc8.i386.rpm | cpio -idmv


Above creates a subfolder under by custom vislib/usr folder (/home/oracle/apps/vislib/usr/X11R6/lib). Navigate to this folder and create additional symbolic links.

ln -s libXm.so.4.0.0 libXm.so.2.1

Modify the LD_LIBRARY_PATH and test f60webmx again.

[oracle@amar bin]$ export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/home/oracle/apps/vislib/usr/X11R6/lib
[oracle@amar bin]$ f60webmx

No error is displayed now. To make the change permanent, let us change the original environmet files. Edit the following files and modify the LD_LIBRARY_PATH to include the new library folder.

/home/oracle/apps/visora/8.0.6/vis_amar.env

- restart the forms services.
[oracle@amar vis_amar]$ ./adfrmctl.sh start &
[oracle@amar vis_amar]$ ./adfmsctl.sh start &
[oracle@amar vis_amar]$ ./adfmcctl.sh start &


 
ERROR 6
Reports server error.  Note 404500.1 applied here.

[oracle@amar bin]$ pwd
/home/oracle/apps/visappl/fnd/11.5.0/bin

[oracle@amar bin]$ ./ar60run
./ar60run: relocation error: /home/oracle/apps/visora/8.0.6/network/jre11/lib/i686/native_threads/libjava.so: symbol __libc_wait, version GLIBC_2.0 not defined in file libc.so.6 with link time reference

[oracle@amar apps]$ adrelink.sh force=y "fnd ar60run"
..
/usr/lib/gcc/i686-redhat-linux/4.4.2/libgcc_s.so: undefined reference to `dl_iterate_phdr@GLIBC_2.2.4'
/usr/lib/gcc/i686-redhat-linux/4.4.2/libgcc_s.so: undefined reference to `__stack_chk_fail@GLIBC_2.4'
..

Download and apply patch 3006854 to create the /etc/libcwait.so file.

[root@amar 3006854]# pwd
/home/oracle/apps/vislib/3006854
[root@amar 3006854]# ls -lrt
total 8
-rw-rw-r--. 1 root root 1360 2005-03-18 16:03 README.txt
-rw-r--r--. 1 root root 1254 2005-03-18 16:11 rhel3_pre_install.sh
[root@amar 3006854]# pwd
/home/oracle/apps/vislib/3006854
[root@amar 3006854]# . ./rhel3_pre_install.sh
Applying patch...
Ensuring permissions are correctly set...
Done.
Patch successfully applied


Rerunning the adrelink.sh gave the same error as above, but directly calling the ar60run did not produce the error anymore. Copy the backup file (that would have been renamed by adrelink.sh) to its original state.

[oracle@amar bin]$ cp -pv ar60run.sav ar60run


After Note 
SeLinux issue
My SeLinux policy trapped al access to the libcwait.so file and the errors where displayed in the console.
SELinux is preventing /usr/libexec/fprintd from executing /etc/libcwait.so.
SELinux has denied the fprintd from executing /etc/libcwait.so.

SELinux is preventing /lib/dbus-1/dbus-daemon-launch-helper from executing /etc/libcwait.so.
SELinux has denied the dbus-daemon-lau from executing /etc/libcwait.so.

SELinux is preventing /usr/bin/xauth from executing /etc/libcwa.so.
SELinux has denied the xauth from executing /etc/libcwait.so.

SELinux is preventing /sbin/unix_chkpwd from executing /etc/libcwait.so.
SELinux has denied the unix_chkpwd from executing /etc/libcwait.so.

Rebooting the system prevent me from logging in, probably because selinux was blockign unix_chkpwd from proceeding. I popped in the recovery CD and used chroot to disable selinux. I rebooted and logged in and enabled selinux with above access being enabled.

I checked bugzilla and identified that some bugs are registered that are fixed in latest update of selinux-policy-3.6.32-56.fc12 that is available as of this time. I installed the latest version to verify if it works out.

[root@amar ~]# rpm -qa | grep -i selinux-policy
selinux-policy-3.6.32-41.fc12.noarch
selinux-policy-targeted-3.6.32-41.fc12.noarch

[root@amar ~]# yum install selinux-policy

[root@amar ~]# rpm -qa | grep -i selinux-policy
selinux-policy-3.6.32-56.fc12.noarch
selinux-policy-targeted-3.6.32-41.fc12.noarch

The above update did not entirely resolve the issue. So I decided to keep the SeLinux option disabled till further updates.

Discover Service
Discover service pukes error on startup. I have not done anything to fix this as this service is not used by me or my clients. However, if you need this service, give it some try. If it does not come up, send me a note and I will look it up at my end.

--- End of Note ---