Databases

Oracle DB 11g Express on Linux User Guide

Last updated: 2026-03-25 | Product: Oracle DB 11g Express on Linux

Overview

This guide covers the deployment and configuration of Oracle Database 11g Express Edition (XE) on Linux using cloudimg AMIs from the AWS Marketplace. Oracle Database 11g XE is a free, lightweight edition of Oracle Database ideal for development, testing, and small production workloads. It provides the same core SQL and PL/SQL engine as the full Oracle Database with resource limits on CPU, memory, and storage.

What's included in this AMI:

Oracle Database 11g Express Edition 11.2.0.2 (64 bit) installed at /u01
Preconfigured XE database service that starts automatically on boot
Oracle Listener preconfigured on port 1521
Dedicated oracle OS user for database access
Randomly generated SYSTEM user credentials
OS package update script for keeping the system current
AWS CLI v2 for AWS service integration
Systems Manager Agent (SSM) for remote management
CloudWatch Agent for monitoring
Latest security patches applied at build time
24/7 cloudimg support with guaranteed 24 hour response SLA

Prerequisites

Before launching this AMI, ensure you have:

An active AWS account
An active subscription to the Oracle DB 11g Express on Linux listing on AWS Marketplace
An EC2 key pair for SSH access
Familiarity with EC2 instance management and SSH

Recommended Instance Type: t3.medium (2 vCPU, 4 GB RAM) or larger. The minimum requirements are 1 vCPU, 1 GB RAM, and 20 GB disk space.

Step 1: Launch the AMI

Navigate to the AWS Marketplace and search for "Oracle DB 11g Express cloudimg"
Click Continue to Subscribe, accept the terms, then Continue to Configuration
Select your preferred Region and Software Version
Click Continue to Launch
Choose Launch through EC2 for full control over instance configuration
Select your instance type (t3.medium recommended)
Configure storage: 20 GB gp3 minimum for root volume, plus the dedicated /u01 Oracle volume
Configure your Security Group with the following inbound rules:

Port	Protocol	Source	Purpose
22	TCP	Your IP	SSH access
1521	TCP	Your IP	Oracle Database Listener port

Important: Restrict port 1521 to trusted application servers or your IP only. Do not open the Oracle Listener port to the public internet.

Select your EC2 key pair and launch the instance

Step 2: Connect via SSH

Once your instance is running and has passed both status checks (2/2), connect using SSH:

ssh -i your-key.pem ec2-user@<public-ip-address>

To switch to the root user:

sudo su -

Important: Wait for the EC2 instance to reach 2/2 successful status checks before connecting. Early connection attempts may produce permission denied errors while the instance is still initialising.

Step 3: Verify the Oracle XE Service

The Oracle XE database service is configured to start automatically on boot. As the root user, check its status:

service oracle-xe status

Expected output:

LSNRCTL for Linux: Version 11.2.0.2.0 - Production

Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC_FOR_XE)))
STATUS of the LISTENER
------------------------
Alias                     LISTENER
Version                   TNSLSNR for Linux: Version 11.2.0.2.0 - Production
Trace Level               off
Security                  ON: Local OS Authentication
SNMP                      OFF
Default Service           XE
Listener Parameter File   /u01/app/oracle/product/11.2.0/xe/network/admin/listener.ora

Listening Endpoints Summary...
  (DESCRIPTION=(ADDRESS=(PROTOCOL=ipc)(KEY=EXTPROC_FOR_XE)))
  (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=127.0.0.1)(PORT=1521)))

The command completed successfully

Step 4: Connect with SQL*Plus

Switch to the oracle user and connect to the XE database using SQL*Plus:

sudo su - oracle
sqlplus / as sysdba

Expected output:

SQL*Plus: Release 11.2.0.2.0 Production

Copyright (c) 1982, 2011, Oracle. All rights reserved.

Connected to:
Oracle Database 11g Express Edition Release 11.2.0.2.0 - 64bit Production

SQL>

Type EXIT to leave the SQL*Plus session.

Step 5: Connect Remotely with SQL Developer

To connect to the database from an external tool such as SQL Developer, use the following connection settings:

Setting	Value
Database Type	Oracle
Authentication Type	Default
Username	SYSTEM
Password	See credentials file below
Connection Type	Basic
Hostname	Your instance public IP
Port	1521
SID	XE
Service Name	XE

Note: To retrieve the SYSTEM user password, refer to the randomly generated credentials file at /stage/scripts/oracle-database-xe-config.log.

Server Components

Component	Version	Install Path
Oracle Database 11g XE	11.2.0.2	/u01

Note: Component versions may be updated on first boot by the automatic OS package update script.

Filesystem Layout

Mount Point	Size	Description
/	38 GB	Root filesystem
/boot	2.0 GB	Operating system kernel files
/u01	20 GB	Oracle software installation directory

Key Oracle directories:

Directory	Purpose
/u01/app/oracle	Oracle base directory
/u01/app/oracle/product/11.2.0/xe	Oracle XE software home
/u01/app/oracle/product/11.2.0/xe/network/admin	Listener and TNS configuration files
/u01/app/oracle/diag	Oracle diagnostic and alert log files

Managing the Oracle XE Service

The Oracle XE database is managed as a system service and starts automatically on boot.

Check service status:

sudo su -
service oracle-xe status

Stop the database:

sudo su -
service oracle-xe stop

Start the database:

sudo su -
service oracle-xe start

Scripts and Log Files

Script/Log	Path	Description
initial_boot_update.sh	/stage/scripts	Updates the OS with the latest packages on first boot
initial_boot_update.log	/stage/scripts	Output log for the boot update script
oracle-database-xe-config.log	/stage/scripts	Oracle Database XE SYSTEM user credentials

On Startup

An OS package update script runs on first boot to ensure the image is fully up to date. You can disable this by removing the script and its crontab entry:

rm -f /stage/scripts/initial_boot_update.sh

crontab -e
# Delete the following line, save and exit:
@reboot /stage/scripts/initial_boot_update.sh

Troubleshooting

Cannot connect via SSH

Verify the instance has reached 2/2 status checks in the EC2 console
Confirm your security group allows inbound TCP port 22 from your IP
Ensure you are using the correct key pair and connecting as ec2-user

Oracle XE service fails to start

Check service status: service oracle-xe status
Try restarting the service: service oracle-xe start
Review the listener log at /u01/app/oracle/diag/tnslsnr/<hostname>/listener/alert/log.xml
Verify port 1521 is not in use by another process: netstat -tlnp | grep 1521

Database fails to start

Switch to the oracle user: sudo su - oracle
Connect to sqlplus: sqlplus / as sysdba
Check the instance status: SELECT STATUS FROM V$INSTANCE;
Try starting manually: STARTUP;
Check available disk space: df -h /u01

Cannot connect remotely on port 1521

Verify the Oracle XE service is running: service oracle-xe status
Confirm your security group allows inbound TCP port 1521 from your IP
Test connectivity: telnet <instance-ip> 1521
Check the listener.ora configuration at /u01/app/oracle/product/11.2.0/xe/network/admin/listener.ora

Security Recommendations

Restrict port access: Only allow port 1521 from trusted application servers or specific IP addresses
Change default passwords: Update the SYSTEM and SYS user passwords immediately after first login
Use strong passwords: Ensure all database user passwords meet complexity requirements
Enable auditing: Configure Oracle Database auditing to track access and changes
Encrypt connections: Configure Oracle Net Services to use SSL/TLS encryption for client connections
Limit OS access: Restrict SSH access to authorised administrators only
Review user privileges: Remove unnecessary grants and follow the principle of least privilege
Keep the system updated: Apply OS security patches regularly

Support

If you encounter any issues with this product, contact cloudimg support:

Email: support@cloudimg.co.uk
Website: www.cloudimg.co.uk
Support hours: 24/7 with guaranteed 24 hour response SLA