1.

) Re-create and replace the password file, in order to log in to an Oracle Dat
abase Vault instance as a SYS user with SYSDBA privilege:
$ orapwd file=$ORACLE_HOME/dbs/orapwsid password=sys force=y nosysdba=n

Note:
The SYS connection as SYSDBA is disabled in a default Oracle Database Vault i
nstallation.
Without enabling SYSDBA, you cannot unlock DVSYS in Step 5 that follows.
362203.1 Interoperatibility notes
Applay latest patches
* 6880880 or the latest OPatch version.
* 6521934
* 6600051
* 7441176
* 7496636
* 7497678
2) Shut down the database:
For Single Instance:
SQL> CONNECT SYS AS SYSOPER
Enter password: SYS_password
SQL> SHUTDOWN

3) Re-link the Oracle database software with dv_off:

$ cd $ORACLE_HOME/rdbms/lib
$ make -f ins_rdbms.mk dv_off
$ cd $ORACLE_HOME/bin
$ relink oracle
4) Start the database:
For Single Instance:
$ sqlplus /nolog
SQL> CONNECT SYS AS SYSDBA
Enter password:SYS_password
SQL> STARTUP
5) Unlock the DVSYS account and set the password:
SQL> ALTER USER DVSYS ACCOUNT UNLOCK;
SQL> ALTER USER DVSYS IDENTIFIED BY DVSYS;
6) Disable the Oracle Database Vault triggers:
dvca -action disable
-service service_name
-owner_account DV_owner_account_name
[-logfile ./dvca.log]
[-nodecrypt]
Enter SYS password: sys_password
 Enter owner password: owner_password
7) Identify the Oracle Database Installation
/etc/oratab
8) Update Oracle Time Zone Definitions

SELECT version FROM v$timezone_file;

But Current Version is 13 so applay Latest Time zone patch
9) Set the ORACLE_HOME and ORACLE_SID Environment Variables
$ ORACLE_HOME=Oracle_home
$ ORACLE_SID=sid
$ export ORACLE_HOME ORACLE_SID
10) Stop All Processes
$ emctl stop dbconsole
$ isqlplusctl stop
$ lsnrctl stop
Shut down all database instances running in the Oracle home directory, where you
need to install the patch set.
Shut down all listeners running in the Oracle home directory, where you need to
install the patch set.
11) Installing the Oracle Database 10g Patch Set Interactively
Log in as the oracle user.
$ export DISPLAY=localhost:0.0
$ xhost + [fully_qualified_remote_host_name]
% cd patchset_directory/Disk1
% ./runInstaller

When prompted, run the $ORACLE_HOME/root.sh script as the root user

12) Postinstallation Tasks
Updating Oracle Time Zone Definitions
Upgrading Oracle Database 10g Release 10.2.0.x to Oracle Database 10g Release 10
.2.0.4
After you install the patch set, you must perform the following steps on every d
atabase associated with the upgraded Oracle home:

Note:
If you do not run the Oracle Database Upgrade Assistant as described in this sec
tion, then the following errors are displayed:
ORA-01092: ORACLE instance terminated.
ORA-39700: database must be opened with UPGRADE option
Log in as the Oracle software owner user.
Set the values for the environment variables $ORACLE_HOME, $ORACLE_SID and $PATH
.
For single-instance installations, if you are using Automatic Storage Management
, start the Automatic Storage Management instance.
For Oracle single-instance installations, start the listener as follows:
$ lsnrctl start
Run Oracle Database Upgrade Assistant either in the interactive or noninteractiv
e mode:
Interactive mode:
Enter the following command from the command prompt:
$ dbua
Complete the following steps displayed in the Oracle Database Upgrade Assistant
screen:
On the Welcome screen, click Next.
On the Databases screen, select the name of the Oracle Database that you want to
update, then click Next.

On the Recompile Invalid Objects screen, select the Recompile the invalid object
s at the end of upgrade option, then click Next.
If you have not taken the back up of the database earlier, on the Backup screen,
select the I would like to take this tool to backup the database option, stipul
ate the Path, then click Next.
On the Summary screen, check the summary, then click Finish.
On the End of Database Upgrade Assistant's Upgrade Results screen, click Close t
o exit from Oracle Database Upgrade Assistant.

Manually Upgrading a Release 10.2 Database

SQL> STARTUP UPGRADE
SQL> SPOOL upgrade_info.log
SQL> @?/rdbms/admin/utlu102i.sql
SQL> SPOOL OFF
SQL> SHUTDOWN IMMEDIATE
SQL> STARTUP
SQL> @?/rdbms/admin/utlrp.sql

$ rman catalog username/password@alias if using recovery catalog

In the case of a single instance, execute
emca -upgrade db
13) Running changePerm.sh Script on an Oracle Database Server Home
During patch set installation, all new files and directories are created with re
stricted access, by default. Users or third party applications with a different
group identifier from that of the database, which try to access client-side util
ities or libraries in the database home, will see permission errors when trying
to access these files or directories. Perform the following steps to change the
permissions:
Change to the install directory by using the following command:
$ cd $ORACLE_HOME/install
Run changePerm.sh and specify the patched server Oracle home location, before ac
cessing client-side utilities or libraries in the database home.

Enabling Oracle Database Vault

For installations with Oracle Database Vault, complete the following steps:
Restart the database:
For a single-instance database, use the following commands:
sqlplus SYS "AS SYSDBA"
Enter password:
SQL> shutdown immediate
SQL> STARTUP
Connect AS SYSDBA and run the following SQL statements:
SQL> DROP FUNCTION DVSYS.REALM_SDML_AUTHORIZED ;
SQL> DROP PROCEDURE DVSYS.SYNCHRONIZE_POLICY_FOR_OBJECT;
SQL> DECLARE
CURSOR stmt IS
SELECT u.name, o.name, r.pname
FROM user$ u, obj$ o, rls$ r
WHERE u.user# = o.owner#
AND r.obj# = o.obj#
AND bitand(r.stmt_type,65536) > 0;
object_schema VARCHAR2(32) := NULL;
object_name VARCHAR2(32) := NULL;
policy_name VARCHAR2(32) := NULL;
BEGIN
OPEN stmt;
LOOP
FETCH stmt INTO object_schema,
object_name,
policy_name;
EXIT WHEN stmt%NOTFOUND;
DBMS_RLS.DROP_POLICY(
'"'||object_schema||'"',
'"'||object_name||'"',
'"'||policy_name||'"');
END LOOP;
 CLOSE stmt;
END;
/
Run DVCA to reconfigure Database Vault. Use the following syntax:
$ORACLE_HOME/bin/dvca -action option -oh oracle_home -jdbc_str
jdbc_connection_string -owner_account DV_owner_account_name
[-acctmgr_account DV_account_manager_account_name]
[-logfile ./dvca.log] [-nodecrypt]
Where:
- action: The action to perform. option creates the Database Vault schema object
s, creates the DV_OWNER account and the optional DV_ACCTMGR account, and deploys
the Database Vault Administrator application.
- oh: The Oracle home for the database
- jdbc_str: The JDBC connection string used to connect to the database. For exam
ple, jdbc:oracle:oci:@orcl1, where orcl1 is the net service name in the tnsnames
.ora file ($ORACLE_HOME/network/admin/tnsnames.ora).
- owner_account: Oracle Database Vault Owner account name
- acctmgr_account: (Optional) Oracle Database Vault Account Manager user
- logfile: Optionally, specify a log file name and location. You can enter an ab
solute path or a path that is relative to the location of the $ORACLE_HOME/bin d
irectory
- nodecrypt: Reads plaintext passwords as passed on the command line. You must u
se this option if you are passing plaintext passwords to the command.

Note:
You are prompted to enter the SYS, Database Vault Owner, and Database Vault Acco
unt Manager passwords.

See Also:
Oracle Database Vault Installation Guide, 10g Release 2 (10.2) for Linux x86, Ap
pendix C "Running DVCA After Creating a Database Vault Database" for more option
s available with the dvca -action option command

Run Oracle Database Vault Configuration Assistant (DVCA) by using the dvca -acti
on enable option. This enables the Database Vault triggers. Use the following sy
ntax:
dvca -action enable
-service service_name
-owner_account DV_owner_account_name
[-logfile ./dvca.log]
[-nodecrypt]
Enter SYS password: sys_password
Enter owner password: owner_password
See Step 6 for details of the options used in the command.
Lock the DVSYS account. Use the following SQL statements:
SQL> CONNECT SYS "AS SYSDBA"
Enter password:
SQL> ALTER USER DVSYS ACCOUNT LOCK;
Shut down the database.
To stop a single-instance database, use the following commands:
sqlplus SYS "AS SYSDBA"
Enter password:
SQL> shutdown immediate
For an Oracle Real Application Clusters (RAC) database, use the following comman
d:
$ORACLE_HOME/bin/srvctl stop database -d db_name
Relink the Oracle executable to turn on the Oracle Database Vault option. Use th
e following commands:
cd $ORACLE_HOME/rdbms/lib
make -f ins_rdbms.mk dv_on
cd $ORACLE_HOME/bin
relink oracle
Note:
For an Oracle Real Application Clusters (RAC) database, you must repeat the prec
eding commands on all nodes.

Start the database.

For a single-instance database, use the following commands:
sqlplus SYS "AS SYSDBA"
Enter password:
SQL> startup
For an Oracle Real Application Clusters (RAC) database, use the following comman
d:
$ORACLE_HOME/bin/srvctl start database -d db_name
If you wish to disable connections with SYSDBA privileges, then re-create the pa
ssword file with the nosysdba=y and force=y flags. Use the following syntax:
orapwd file=$ORACLE_HOME/dbs/orapwSID password=password force=y nosysdba=y
Here SID is the Oracle system identifier (SID) of the database, and password is
the password for the SYS account.