Here’s a short little test that I worked up many years ago specifically for using for Linux SysOps candidates and I thought I would share it for anyone who would like to use it.  It measures a few things.  Firstly, of course, it tests for basic familiarity with Linux but more importantly, how well a candidate can follow instructions.  This is probably the most important trait to have where critical systems are involved and most of the operator actions are pre-scripted.  I have found the last part of the test on page 3 will identify detail-oriented candidates for you quite effectively and weed out the rest.  I’ve put it in PDF format so you can print it easily.

Click on the thumbnail below to download it.

Link for Linux Sys Ops test download
Click to download the Linux Sys Ops test (PDF format)

I’m sure the last part also can easily be adapted for other non-linux oriented roles that require good traits for focus, memory and precision.

I can post up the answer key, but really if you don’t already know the answers, you probably shouldn’t be administering this test!

Here’s the steps I had to take in order to add an encrypted listener in addition to the standard listener on an old Oracle instance.  Hopefully it may save you some time.. I had to futz around with it a bit until I got it going and then was able to deploy to some other servers in the same fashion:

STEP1 – – Go to the directory right above your “TNS_ADMIN” location.. typically it would be something like this:

cd /u01/product/11.2.0/dbhome_1/network/

STEP2 – – Create a new “admin2” directory

mkdir /u01/product/11.2.0/dbhome_1/network/admin2

STEP3 – –  Create new listener.ora and sqlnet.ora files in the new admin2 directory, and customize for your particular instance.  I arbitrarily picked port 11521 because it would be easy to remember for me.

####### listener.ora ########

SSL_CLIENT_AUTHENTICATION = FALSE

ENCRYPTED_LISTENER =
(DESCRIPTION_LIST =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = FQDN.DB.HOSTNAME)(PORT = 11521))
)
(DESCRIPTION =
(ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC11521))
)
)

ADR_BASE_ENCRYPTED_LISTENER = /u01
SECURE_REGISTER_LISTENER_PROD = (IPC)
####### sqlnet.ora ########

SQLNET.AUTHENTICATION_SERVICES= (BEQ, TCPS)
SQLNET.CRYPTO_CHECKSUM_TYPES_SERVER= (SHA1, MD5)
SSL_VERSION = 0
SQLNET.ENCRYPTION_SERVER = required
SSL_CLIENT_AUTHENTICATION = FALSE
SQLNET.CRYPTO_SEED = ‘SomeCrazyCryptoSeedWhateverYouWantHere’
SQLNET.ENCRYPTION_TYPES_SERVER= (AES256)
SSL_CIPHER_SUITES= (SSL_RSA_WITH_AES_256_CBC_SHA)
SQLNET.EXPIRE_TIME=60

STEP4 – – Next we will need to register the new listener to let the DB know about the regular one and the new encrypted one (or more if you’d like).  I’m doing this in the TNSNAMES.ORA file and calling it “ALL_LISTENERS”.

In my case this was located in the regular TNS_ADMIN home location: /u01/product/11.2.0/dbhome_1/network/admin/tnsnames.ora

#######
ALL_LISTENERS=
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = FQDN.DB.HOSTNAME)(PORT = 1521))
(ADDRESS = (PROTOCOL = TCP)(HOST = FQDN.DB.HOSTNAME)(PORT = 11521))
)
####

Then in SQLPLUS as the SYSDBA you will need to run:

SQL> ALTER SYSTEM SET LOCAL_LISTENER=ALL_LISTENERS;
———————————————————–
Note: You may have to stop everything and restart the DB at this point… but it may not be necessary.  I just did it to make sure everything was clean.

STEP5 – – Start up your standard listener first as usual:

lsnrctl start

Next follow this procedure in order to start the second encrypted listener:

cd /u01/product/11.2.0/dbhome_1/network/admin2
export TNS_ADMIN=`pwd`
lsnrctl start ENCRYPTED_LISTENER

After a minute or so you should be able to see that the listener status is READY, and has 1 handler(s) for this service by running the command:

lsnrctl status ENCRYPTED_LISTENER

Hopefully this is straight forward enough.  I hate reading Oracle docs and would rather just have an example cookbook approach, so if you are like me maybe you will appreciate this.

–Cheers!