This script is used for protect table from modification (read only) :
CREATE TRIGGER tab_readonly
BEFORE DELETE OR INSERT OR UPDATE
ON emp
FOR EACH ROW
BEGIN
RAISE_APPLICATION_ERROR(-20201, ‘Table Status: READ ONLY.’);
END;
This scripts can be used to recompile all invalid DB Object :
set heading off;
set feed off;
set pagesize 10000;
set wrap off;
set linesize 200;
set tab on;
set scan off;
set verify off;
–
SPOOL gen_inv_obj.sql;
select
decode (OBJECT_TYPE, ‘PACKAGE BODY’,
‘alter package ‘ || a.OWNER||’.'||OBJECT_NAME || ‘ compile body;’,
‘alter ‘ || OBJECT_TYPE || ‘ ‘ || a.OWNER||’.'||OBJECT_NAME || ‘
compile;’)
from dba_objects a,
(select max(level) order_number, object_id from public_dependency
connect by object_id = prior referenced_object_id
group by object_id) b
where A.object_id = B.object_id(+)
and STATUS = ‘INVALID’
and OBJECT_TYPE in (‘PACKAGE BODY’, ‘PACKAGE’, ‘FUNCTION’, ‘PROCEDURE’,'TRIGGER’, ‘VIEW’)
order by
order_number DESC,OBJECT_TYPE,OBJECT_NAME;
SPOOL off;
@gen_inv_obj.sql;
spool comp_all.tmp
select decode (OBJECT_TYPE, ‘PACKAGE BODY’,
‘alter package ‘ || OWNER ||’.'||OBJECT_NAME || ‘ compile body;’,
‘alter ‘ || OBJECT_TYPE || ‘ ‘ || OWNER||’.'||OBJECT_NAME || ‘ compile;’
)
from DBA_OBJECTS A,
SYS.ORDER_OBJECT_BY_DEPENDENCY B
where A.OBJECT_ID = B.OBJECT_ID (+)
and A.STATUS = ‘INVALID’
and A.OBJECT_TYPE in (‘PACKAGE BODY’,'PACKAGE’,'FUNCTION’,'PROCEDURE’,'TRIGGER’,'VIEW’)
order by B.DLEVEL desc,
A.OBJECT_TYPE,
A.OBJECT_NAME;
–
spool off;
set heading on;
set feed on;
set scan on;
set verify on;
–
@comp_all.tmp
Step by step Install oracle on linux RedHat :
———————————————————
Create the oracle user and main directory for oracle binary as folowing:
groupadd oinstall
groupadd dba
useradd -m -g oinstall -G dba oracle
mkdir -p /home/oracle/app/oracle
chown -R oracle:dba /home/oracle/app/oracle
chmod -R 775 /home/oracle/app/oracle
Modify the folowing OS kernel parameter :
——————————————————
cat >> /etc/sysctl.conf <<EOF
kernel.shmall = 2097152
kernel.shmmax = 536870912
kernel.shmmni = 4096
kernel.sem = 250 32000 100 128
fs.file-max = 65536
net.ipv4.ip_local_port_range = 1024 65000
EOF
/sbin/sysctl -p
cat >> /etc/security/limits.conf <<EOF
oracle soft nproc 2047
oracle hard nproc 16384
oracle soft nofile 1024
oracle hard nofile 65536
EOF
cat >> /etc/pam.d/login <<EOF
session required /lib/security/pam_limits.so
EOF
cat >> /etc/profile <<EOF
if [ \$USER = "oracle" ]; then
if [ \$SHELL = "/bin/ksh" ]; then
ulimit -p 16384
ulimit -n 65536
else
ulimit -u 16384 -n 65536
fi
umask 022
fi
EOF
cat >> /etc/csh.login <<EOF
if ( \$USER == “oracle” ) then
limit maxproc 16384
limit descriptors 65536
umask 022
endif
EOF
Exec the runInstaller.sh to install the oracle software .
The following scripts is used for alert monitoring in oracle database which is file location is on $ORACLE_BASE/admin/$DATABASE_NAME
CREATE TABLE SYS.ALERT_LOG
(
ALERT_DATE DATE,
ALERT_TEXT VARCHAR2(1200 BYTE)
)
TABLESPACE SYSTEM
PCTUSED 40
PCTFREE 10
INITRANS 1
MAXTRANS 255
STORAGE (
INITIAL 512K
MINEXTENTS 1
MAXEXTENTS UNLIMITED
PCTINCREASE 0
FREELISTS 1
FREELIST GROUPS 1
BUFFER_POOL DEFAULT
)
LOGGING
NOCOMPRESS
NOCACHE
NOPARALLEL
MONITORING;
–
– ALERT_LOG_IDX (Index)
–
CREATE INDEX SYS.ALERT_LOG_IDX ON SYS.ALERT_LOG
(ALERT_DATE)
LOGGING
TABLESPACE SYSTEM
PCTFREE 10
INITRANS 2
MAXTRANS 255
STORAGE (
INITIAL 512K
MINEXTENTS 1
MAXEXTENTS UNLIMITED
PCTINCREASE 0
FREELISTS 1
FREELIST GROUPS 1
BUFFER_POOL DEFAULT
)
NOPARALLEL;
DROP TABLE SYS.ALERT_LOG_DISK CASCADE CONSTRAINTS;
–
– ALERT_LOG_DISK (Table)
–
CREATE TABLE SYS.ALERT_LOG_DISK
(
TEXT VARCHAR2(2000 BYTE)
)
ORGANIZATION EXTERNAL
( TYPE ORACLE_LOADER
DEFAULT DIRECTORY BDUMP
ACCESS PARAMETERS
( records delimited by newline nologfile nobadfile
fields terminated by “&” ltrim
)
LOCATION (BDUMP:’alert_orcl.log’)
)
REJECT LIMIT UNLIMITED
NOPARALLEL
NOMONITORING;
set serveroutput on
declare
isdate number := 0;
start_updating number := 0;
rows_inserted number := 0;
alert_date date;
max_date date;
alert_text alert_log_disk.text%type;
begin
/* find a starting date */
select max(alert_date) into max_date from alert_log;
if (max_date is null) then
max_date := to_date(‘01-jun-2008′, ‘dd-mon-yyyy’);
end if;
for r in (
select substr(text,1,180) text from alert_log_disk
where text not like ‘%offlining%’
and text not like ‘ARC_:%’
and text not like ‘%LOG_ARCHIVE_DEST_1%’
and text not like ‘%Thread 1 advanced to log sequence%’
and text not like ‘%Current log#%seq#%mem#%’
and text not like ‘%Undo Segment%lined%’
and text not like ‘%alter tablespace%back%’
and text not like ‘%Log actively being archived by another process%’
and text not like ‘%alter database backup controlfile to trace%’
and text not like ‘%Created Undo Segment%’
and text not like ‘%started with pid%’
and text not like ‘%ORA-12012%’
and text not like ‘%ORA-06512%’
and text not like ‘%ORA-000060:%’
and text not like ‘%coalesce%’
and text not like ‘%Beginning log switch checkpoint up to RBA%’
and text not like ‘%Completed checkpoint up to RBA%’
and text not like ‘%specifies an obsolete parameter%’
and text not like ‘%BEGIN BACKUP%’
and text not like ‘%END BACKUP%’
)
loop
isdate := 0;
alert_text := null;
select count(*) into isdate
from dual
where substr(r.text, 21) in (‘2003′,’2004′,’2005′,’2006′,’2007′,’2008′)
and r.text not like ‘%cycle_run_year%’;
if (isdate = 1) then
select to_date(substr(r.text, 5),’Mon dd hh24:mi:ss rrrr’)
into alert_date
from dual;
if (alert_date > max_date) then
start_updating := 1;
end if;
else
alert_text := r.text;
end if;
if (alert_text is not null) and (start_updating = 1) then
insert into alert_log values (alert_date, substr(alert_text, 1, 180));
rows_inserted := rows_inserted + 1;
commit;
end if;
end loop;
sys.dbms_output.put_line(‘Inserting after date ‘||to_char(max_date, ‘MM/DD/RR HH24:MI:SS’));
sys.dbms_output.put_line(‘Rows Inserted: ‘||rows_inserted);
commit;
end;
/
These script is used to check whether any blocking proses in query process :
SELECT /*+ CHOOSE */
bs.username “Blocking User”,
bs.username “DB User”,
ws.username “Waiting User”,
bs.sid “SID”,
ws.sid “WSID”,
bs.serial# “Serial#”,
bs.sql_address “address”,
bs.sql_hash_value “Sql hash”,
bs.program “Blocking App”,
ws.program “Waiting App”,
bs.machine “Blocking Machine”,
ws.machine “Waiting Machine”,
bs.osuser “Blocking OS User”,
ws.osuser “Waiting OS User”,
bs.serial# “Serial#”,
ws.serial# “WSerial#”,
DECODE(wk.TYPE,
‘MR’, ‘Media Recovery’, ’RT’, ‘Redo Thread’, ’UN’, ‘USER Name’,
‘TX’, ‘Transaction’, ’TM’, ‘DML’, ’UL’, ‘PL/SQL USER LOCK’,
‘DX’, ‘Distributed Xaction’, ‘CF’, ‘Control FILE’, ’IS’, ‘Instance State’,
‘FS’, ‘FILE SET’, ‘IR’, ‘Instance Recovery’, ’ST’, ‘Disk SPACE Transaction’,
‘TS’, ‘Temp Segment’, ‘IV’, ‘Library Cache Invalidation’,
‘LS’, ‘LOG START OR Switch’, ’RW’, ‘ROW Wait’,'SQ’, ‘Sequence Number’,
‘TE’, ‘Extend TABLE’, ‘TT’, ‘Temp TABLE’, wk.TYPE) lock_type,
DECODE(hk.lmode, 0, ‘None’, 1, ‘NULL’, 2, ‘ROW-S (SS)’, 3, ‘ROW-X (SX)’,
4, ‘SHARE’, 5, ‘S/ROW-X (SSX)’, 6, ‘EXCLUSIVE’, TO_CHAR(hk.lmode)) mode_held,
DECODE(wk.request, 0, ‘None’, 1, ‘NULL’, 2, ‘ROW-S (SS)’, 3, ‘ROW-X (SX)’,
4, ‘SHARE’, 5, ‘S/ROW-X (SSX)’, 6, ‘EXCLUSIVE’, TO_CHAR(wk.request)) mode_requested,
TO_CHAR(hk.id1) lock_id1,
TO_CHAR(hk.id2) lock_id2,
DECODE(hk.block, 0, ‘NOT Blocking’, /* Not blocking any other processes */
1, ‘Blocking’, /* This lock blocks other processes */
2, ‘Global’, /* This lock is global, so we can’t tell */
TO_CHAR(hk.block)) blocking_others
FROM
v$lock hk, v$session bs,
v$lock wk, v$session ws
WHERE
hk.block = 1
AND hk.lmode != 0
AND hk.lmode != 1
AND wk.request != 0
AND wk.TYPE (+) = hk.TYPE
AND wk.id1 (+) = hk.id1
AND wk.id2 (+) = hk.id2
AND hk.sid = bs.sid(+)
AND wk.sid = ws.sid(+)
and (bs.username is not null) and (bs.username<>’SYSTEM’) and (bs.username<>’SYS’)
ORDER BY 1
The two methods listed below should only be used as a last resort and will remove all Oracle software allowing a reinstall. If you make any mistakes they can be quite destructive so be careful.
In the past I’ve had many problems uninstalling all Oracle products from Windows systems. Here’s my last resort method:
regedit.exe and delete the HKEY_LOCAL_MACHINE/SOFTWARE/ORACLE key. This contains registry entires for all Oracle products.HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/Ora*C:\Oracle directory, or whatever directory is your ORACLE_BASE.C:\Program Files\Oracle directory.c:\temp directory.At this point your machine will be as clean of Oracle components as it can be without a complete OS reinstall.
Remember, manually editing your registry can be very destructive and force an OS reinstall so only do it as a last resort.
Uninstalling all products from UNIX is a lot more consistent. If you do need to resort to a manual uninstall you should do something like:
· # oemctl stop oms user/password · # agentctl stop # lsnrctl stop
Alternatively you can kill them using the kill -9 pid command as the root user.
· # cd $ORACLE_HOME # rm -Rf *
· # cd $ORACLE_BASE # rm -Rf admin doc jre o*
# rm /etc/oratab /etc/emtab
If you want to install the Oracle 9i Java Virtual Machine, you have to run the following Scripts as user SYS. Using the database configuration assistant, this scripts will be executed.
Requirements
Make sure, your INIT.ORA Paramaters SHARED_POOL_SIZE
and JAVA_POOL_SIZE are big enough. We have successfully installed the 9i JVM with the following settings on a Windows 2000 server.
shared_pool_size = 200000000
java_pool_size = 100000000
Script to Install 9i JVM
Note, that Oracle Home is: D:\Ora9i
sqlplus /nolog
connect sys/…. as sysdba;
– Setup a database for running Java and the ORB
@D:\Ora9i\javavm\install\initjvm.sql;
– INITialize (load) XML components in JServer
@D:\Ora9i\xdk\admin\initxml.sql;
– Loads NCOMP’ed XML Parser
@D:\Ora9i\xdk\admin\xmlja.sql;
– Loads the XMLSQL Utility (XSU) into the database.
@D:\Ora9i\rdbms\admin\catxsu.sql;
– Install the Oracle Servlet Engine (OSE)
@D:\Ora9i\javavm\install\init_jis.sql D:\Ora9i;
– Adds the set of default end points to the server
– with hardcoded values for the admin service
@D:\Ora9i\javavm\install\jisaephc.sql D:\Ora9i;
– Turn on J Accelerator
@D:\Ora9i\javavm\install\jisja.sql D:\Ora9i;
– Register EJB\Corba Dynamic Registration Endpoint
@D:\Ora9i\javavm\install\jisdr.sql 2481 2482;
– Init Java server pages ???
@D:\Ora9i\jsp\install\initjsp.sql;
– Turn on J Accelerator for JSP libs
@D:\Ora9i\jsp\install\jspja.sql;
– Script used to load AQ\JMS jar files into the database
@D:\Ora9i\rdbms\admin\initjms.sql;
– Load RepAPI server classes and publish ‘repapi’ obj
@D:\Ora9i\rdbms\admin\initrapi.sql;
– Loads sql, objects, extensibility and xml related java
@D:\Ora9i\rdbms\admin\initsoxx.sql;
– Loads appctxapi.jar for JavaVm enabled
– Database.Called by jcoreini.tsc
@D:\Ora9i\rdbms\admin\initapcx.sql;
– Script used to load CDC jar files into the database
@D:\Ora9i\rdbms\admin\initcdc.sql;
– Loads the Java stored procedures as required by the
– Summary Advisor.
@D:\Ora9i\rdbms\admin\initqsma.sql;
– Initialize sqlj type feature in 9i db
@D:\Ora9i\rdbms\admin\initsjty.sql;
– Load java componenets for AQ HTTP Propagation
@D:\Ora9i\rdbms\admin\initaqhp.sql;
Folowing an example how to delete duplicate row in table :
DELETE from address A
WHERE (A.name, A.vorname, A.birth) IN
(SELECT B.name, B.vorname, B.birth FROM address B
WHERE A.name = B.name AND A.vorname = B.vorname
AND A.birth = B.birth AND A.rowid > B.rowid);
Create partitioned table.
CREATE TABLE big_table2 (
id NUMBER(10),
created_date DATE,
lookup_id NUMBER(10),
data VARCHAR2(50)
)
PARTITION BY RANGE (created_date)
(PARTITION big_table_2007 VALUES LESS THAN (MAXVALUE));
– Add new keys, FKs and triggers.
ALTER TABLE big_table2 ADD (
CONSTRAINT big_table_pk2 PRIMARY KEY (id)
);
CREATE INDEX bita_created_date_i2 ON big_table2(created_date) LOCAL;
CREATE INDEX bita_look_fk_i2 ON big_table2(lookup_id) LOCAL;
ALTER TABLE big_table2 ADD (
CONSTRAINT bita_look_fk2
FOREIGN KEY (lookup_id)
REFERENCES lookup(id)
);With this destination table in place we can start the conversion.
EXCHANGE PARTITION
We now switch the segments associated with the source table and the partition in the destination table using the EXCHANGE PARTITION syntax.
ALTER TABLE big_table2
EXCHANGE PARTITION big_table_2007
WITH TABLE big_table
WITHOUT VALIDATION
UPDATE GLOBAL INDEXES;The exchange operation should not be affected by the size of the segments involved.
Once this is complete we can drop the old table and rename the new table and all it’s constraints.
DROP TABLE big_table;
RENAME big_table2 TO big_table;
ALTER TABLE big_table RENAME CONSTRAINT big_table_pk2 TO big_table_pk;
ALTER TABLE big_table RENAME CONSTRAINT bita_look_fk2 TO bita_look_fk;
ALTER INDEX big_table_pk2 RENAME TO big_table_pk;
ALTER INDEX bita_look_fk_i2 RENAME TO bita_look_fk_i;
ALTER INDEX bita_created_date_i2 RENAME TO bita_created_date_i;SPLIT PARTITION
Next, we split the single large partition into smaller partitions as required.
ALTER TABLE big_table
SPLIT PARTITION big_table_2007 AT (TO_DATE(‘31-DEC-2005 23:59:59′, ‘DD-MON-YYYY HH24:MI:SS’))
INTO (PARTITION big_table_2005,
PARTITION big_table_2007)
UPDATE GLOBAL INDEXES;
ALTER TABLE big_table
SPLIT PARTITION big_table_2007 AT (TO_DATE(‘31-DEC-2006 23:59:59′, ‘DD-MON-YYYY HH24:MI:SS’))
INTO (PARTITION big_table_2006,
PARTITION big_table_2007)
UPDATE GLOBAL INDEXES;
EXEC DBMS_STATS.gather_table_stats(USER, ‘BIG_TABLE’, cascade => TRUE);The following queries show that the partitioning was successful.
SELECT partitioned
FROM user_tables
WHERE table_name = ‘BIG_TABLE’;
PAR
—
YES
1 row selected.
SELECT partition_name, num_rows
FROM user_tab_partitions
WHERE table_name = ‘BIG_TABLE’;
PARTITION_NAME NUM_ROWS
—————————— ———-
BIG_TABLE_2005 335326
BIG_TABLE_2006 332730
BIG_TABLE_2007 334340
3 rows selected.
Virtual Private Databases
Virtual Private Database (VPD) is the aggregation of server-enforced fine-grained access control and secure application context in the Oracle database. VPD enables you to build applications that enforce your security policies at the row level. When a user directly or indirectly accesses a table, a view, or a synonym associated with a VPD security policy, the server dynamically modifies the user’s SQL statement. The modification is based on a WHERE clause returned by a function which implements the security policy. The database modifies the statement dynamically (transparently to the user) using any condition that can be expressed in, or returned by, a function.
The DBMS_RLS.ADD_POLICY has the new argument LONG_PREDICATE. Its default value is FALSE so that the policy function may return up to 4000 bytes of predicate length. Setting this value to TRUE allows the function to return up to 32 KB of predicate text string.
There is a new security policy on INDEX maintenance operations performed with the create index and alter index statements. This is important because users need full access to tables to create indexes. Consequently, a user who has privileges to maintain an index can see all the row data although the user does not have full table access under a regular query.
The execution of policy functions can consume a significant amount of system resources. If you can minimize the number of times that policy functions must execute, then you can optimize your database performance.
In previous releases, policies were dynamic by default. This means that the Oracle database executed the policy function for each DML statement. In addition to dynamic policies, Oracle Database 10g provides static and context-sensitive policies. These policy types provide a way to improve server performance because they do not always reexecute policy functions for each DML statement, and they can be shared across multiple database objects.
Oracle 10g includes improvements to Oracle’s Virtual Private Database (VPD), including the following features:
The benefit of VPD is that it provides for row-level security in your Oracle database. Oracle 10g offers a feature that allows you to indicate that a VPD policy should only be enforced if specific columns are accessed or referenced. One or more columns can be defined within a policy. If you don’t specify any columns, VPD will operate just as in Oracle9i.
As a result, you can now provide varying levels of security for database tables. For example, you may not need to secure queries against certain columns, such as the name of an employee, but you may require some level of access control for queries against the social security number, because of privacy issues. In this case, you would create a VPD policy that references the column containing the social security number. The policy would be effective for any query that includes the SSN column. This allows you to define privacy policies for certain types of data, such as personal data, while making other data available.
This feature is supported with the addition of the sec_relevant_cols parameter in the dbms_rls.add_policy PL/SQL package supplied by Oracle. The following example usea dbms_rls.add_policy to create a policy on a table called RET_SCHEMA.RETIREE:
BEGIN Dbms_rls.add_policy(object_schema=>'ret_schema', Object_name=>'retiree', Policy_name=>'retiree_policy', Function_schema=>'retiree', Policy_function=>'f_retiree_01', Statement_types=>'select', Sec_relevant_cols=>'ssn, sal'); END; /
The steps to implement a VPD policy using this new feature are basically the same as in Oracle9i, with the exception of the sec_relevant_cols parameter in dbms_rls.add_policy (which is optional). If you do not include the sec_relevant_cols parameter, then the policy will apply to all columns, just as it did prior to Oracle 10g.
In the following example, we are applying the policy implemented by the RUN function to the EMP table. You also set the policy to only apply the VPD predicate for SELECT statements. The three security-relevant columns in the EMP table are SAL, HIREDATE and COMM.
Connect as scott user on sqlplus.
create or replace function scott.run
(object_schema in varchar2, object_name in varchar2)
return varchar2 is d_predicate varchar2(2000);
BEGIN
d_predicate := '(ename = sys_context (''USERENV'', ''SESSION_USER''))';
RETURN d_predicate;
END run;
/
After creating the function to implement policy, add the policy in database. Te user should have enough permission to execute DBMS_RLS package.
BEGIN dbms_rls.add_policy(object_schema => 'scott', object_name => 'emp', policy_name => 'scott_policy', function_schema => 'scott', policy_function => 'run', statement_types => 'select', sec_relevant_cols => 'sal,hiredate,comm'); END;
With reference to the above example, Oracle database will not enforce the VPD policy when you select only the LAST_NAME column from the EMP table because LAST_NAME column is not a security relevant column and Oracle will not apply security policy on this column. So employees cannot access sensitive information in the EMP Table. However, when you issue queries that access columns considered as security-relevant (sal, hiredate and comm), then VPD applies the fine-grained access control defined by the policy function.
Here is an example of the way that the column level VPD policy created earlier would be applied. In this first example, we are querying the EMP table. We reference the FIRSTNAME column which is not a secured column. As a result, the VPD policy we created will not apply to this query and all rows in the table will be available to the query:
SELECT COUNT(*) FROM EMP WHERE FIRSTNAME LIKE ‘%’;
In contrast, the following query uses a secured column (SAL) in the WHERE clause. As a result, the column level VPD policy will be applied to the statement and only the rows/columns that the user has access to will be included in the result set:
SELECT COUNT(*) FROM EMP WHERE SAL > 0 OR SAL < 0 or SAL=0;
In processing the second statement, Oracle will affix an additional predicate that will restrict the result set such that it conforms to the VPD policy that is defined on the EMP table (which in our case means that the Oracle user will only be able to see their own individual record, and no one else’s).
The only type of database policy offered in earlier versions of Oracle was a dynamic one. Oracle 10g offers five VPD policy types to choose from, which are listed and described below.
| Policy Type | Description |
|---|---|
| Static | With a static policy, VPD will always use the same predicate for access control. The static policy only applies to a single object. |
| Shared_static | A shared_static policy is a static policy that is shared by multiple database objects. |
| Context_sensitive | This is a nonstatic (or dynamic) policy that executes each time the session context changes, such as when the username changes and you want your policy to be different for each user. |
| Shared_context_sensitive | This policy is dynamic just like a context_sensitive policy, but it can be shared across multiple objects. |
| Dynamic | This policy is the default type of policy. The policy function is executed each time the command accesses the object and the columns relevant to the access policy. |
Static policy predicates execute quickly because they are stored in the SGA. Static policies also have the same predicate that is applied to all SQL statements accessing the objects assigned to the policy. Dynamic policies are re-created via the policy function each time the defined columns are accessed, and thus dynamic policy execution can be slower than static policy execution.
Note that some policy types can be shared between different objects. This allows a single policy to scale better, and keeps business rules more consistent. To define the policy type, use the policy_type argument to the dbms_rls.add_policy procedure for the correct policy type, as shown in this example:
BEGIN Dbms_rls.add_policy(object_schema=>'ret_schema', Object_name=>'retiree', Policy_name=>'retiree_policy', Function_schema=>'retiree', Policy_function=>'f_retiree_01', Statement_types=>'select', Sec_relevant_cols=>'ssn', Policy_type=>DBMS_RLE.STATIC); END; /
Ida Bagus Enderajana
Recent Comments