监听报错 TNS-00525: Insufficient privilege for operation 11gR2 + 连接报错ORA-12537: TNS:connection closed

时间:2023-03-08 22:19:11

1.TNS-00525: Insufficient privilege for operation

Started with pid=
Listening on: (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=ora11g)(PORT=)))
Error listening on: (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1521)))
TNS-: TNS:permission denied
 TNS-: TNS:protocol adapter error
  TNS-: Insufficient privilege for operation
   Linux Error: : Operation not permitted
No longer listening on: (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=ora11g)(PORT=)))
-- :::
System parameter /grid/network/admin/listener.ora
Log messages written to /u01/app/grid/diag/tnslsnr/ora11g/listener/alert/log.xml
Trace information written to /u01/app/grid/diag/tnslsnr/ora11g/listener/trace/ora_30888_47191985552112.trc
Trace level is currently

检查/tmp/.oracle 和 /var/tmp/.oracle 这2个文件夹的属组是否正确,如果不正确,改为 chown -R grid:oinstall

2.在保证上面2个目录权限正确的情况下,连接报错ORA-12537: TNS:connection closed

[oracle@ora11g admin]$ tnsping 192.168.0.164/isc

TNS Ping Utility  - Production on -JUL- ::

Copyright (c) , , Oracle.  All rights reserved.

Used parameter files:
/u01/app/oracle/product//db_1/network/admin/sqlnet.ora

Used HOSTNAME adapter to resolve the alias
Attempting to contact (DESCRIPTION=(CONNECT_DATA=(SERVICE_NAME=isc))(ADDRESS=(PROTOCOL=TCP)(HOST=)))
OK ( msec)
[oracle@ora11g admin]$ sqlplus isc/isc@192.168.0.164/isc

SQL*Plus: Release  Production on Thu Jul  :: 

Copyright (c) , , Oracle.  All rights reserved.

ERROR:
ORA-: TNS:connection closed

Enter user-name:

tnsping正常,监听状态正常,但是连接报错ora-12537。

检查$ORACLE_HOME/bin/oracle的权限应该为6751

[oracle@ora11g admin]$ ls -la $ORACLE_HOME/bin/oracle
-rwxr-s--x  oracle asmadmin  Nov    /u01/app/oracle/product//db_1/bin/oracle
[oracle@ora11g admin]$  $ORACLE_HOME/bin/oracle
[oracle@ora11g admin]$ ls -la $ORACLE_HOME/bin/oracle
-rwsr-s--x  oracle asmadmin  Nov    /u01/app/oracle/product//db_1/bin/oracle

官方的解释:

Applies to:
Oracle Net Services - Version: 8.1.7.0 to 11.2.0.1 - Release: 8.1.7 to 11.2
Generic UNIX
Checked for relevance on 30-Apr-2010
Symptoms
Connection to the database server fails with ORA-12546 or ORA-12537

Local connections working fine but the connection via listener fails with ORA-12537 or ORA-12547

Cause
Permissions on oracle binary ( $ORACLE_HOME/bin/oracle ) are not set correctly.

Solution
The OS level error message in the listener log "Linux Error: 13: Permission denied" indicates that the listener was not able to hand off the connection to oracle processes or not able to spawn a new dedicated user process because of lack of permission at the OS level. To resolve the error -

1. Check and correct the permission on /var/tmp/.oracle directory. Permissions on this directory should be 777 with sticky bit set.
# chmod 01777 /var/tmp/.oracle

2. Check and correct permissions on $ORACLE_HOME/bin/oracle binary and make sure that it is set to 6751.
$ chmod 6751 $ORACLE_HOME/bin/oracle