Passwords in shell scripts
Hi allI'm using Oracle 11 g R2 on AIX 7.1
I'm developing some shell scripts that connect to the database and run queries.
My question is that I don't want my password to be hard coded in these shell scripts. What is the best way to do not hard code the password?
Kind regards
1 use authenticated OS account.
create a user identified externally.
Account authenticated OS have the same name as the account corresponding Unix.
If you have such an account, you can connect using sqlplus.
2 using Oracle Wallet (10g or higher)
Ignore the suggestion of mseberg please, it's very dangerous.
----------
Sybrand Bakker
Senior Oracle DBA
Tags: Database
Similar Questions
-
Password Oracle symbol # does not not in shell script
I have the shell script that exports the database schema. My Userid password export subscription contains #. Shell script is throwing error. If we have the password without this character, then it works fine. How do we use the password in shell script to perform this task?
$ORACLE_HOME/bin/expdp system/test #test = userid parfile test.par dumpfile = test.dmp =
I tried to use double-quotes and apostrophes for this password... but it still does not. any help is appreciated.Please post the contents of test.par.
You can try to run before running EXPDP:
drop table SYSTEM.EXP_DEVDB06;
Edited by: P. Forstmann on 27 Jan. 2010 17:46
Edited by: P. Forstmann on 27 Jan. 2010 17:47
-
Hello
on 10 G R2 in AIX 6.1
I'm looking for an RMAN backup Shell script.
In addition, if we should connect like this:
How to avoid writing the password in shell script?rman nocatalog target sys/password@myDB << EOF backup as compressed backupset format '$savdir/ctl_%d_%T_%s_%p' current controlfile; exit EOF
Thank you.There is a standard 'backup' option in the control of the database.
You don't need any shell script and you're wasting your time by establishing a.-------
Sybrand Bakker
Senior Oracle DBA -
Exports (from shell script) without password given explicitly in the script
Hi all
I have Oracle 10g 2 on SLES 10 64-bit. I would like to export the database using shell scripts data pump. Is there a method to hide the password in the script file.
Currently to be done by the command:
expdp system/password@database...
If any user who see the script will know the Passover.
Concerning
GroxyHello
Have you thought about the feature ' Secure external password store "which was added in 10 gr 2? It uses the Oracle Wallet to store a database_alias with the name of user and password credentials in an encrypted format. You can then enter your order expdp like this:
expdp / @database_alias...
Take a look at the security of 10gr 2 Guide. There is a chapter on how to put in place.
John
-
How to validate SQL * MORE connection in Unix shell script
I wrote the following function in unix shell script to validate SQL * MORE connection and throw a user-defined message.
function check_db_conn
{
output | sqlplus-s-L $User/$Password@$SID >/dev/null
If [[$?-no 0]]; then
echo 'credentials incorrect DB.
FI
}
However, I would like to change this feature so that the user has entered a good connection and that there is a problem with TNS listener must display the appropriate message.
Hello
Try adding:
lsnrctl status $listener_name > /dev/null if [[ $? -ne 0 ]]; then echo "Issue with Listener" fi
-
Component sql through shell script
How to call a sql through UNIX shell script file?Rahul India wrote:
export ORACLE_HOME=$ORACLE_BASE/product/10g cd $ORACLE_HOME set `sqlplus -s
/ < THIS SCRIPT IS OK?
You will also need to set ORACLE_SID
And I don't know why everyone puts the reference to sqlplus context of a 'set' assessment, nor why they put the reference to Scripture in a redirected input stream. What you need is
sqlplus -s user/password @r_100.sql
And to make sure the environment is set correctly:
export ORACLE_SID=whatever export ORAENV_ASK=NO . oraenv unset ORAENV_ASK=NO sqlplus -s user/password @r_100.sql
-
How to use select into command in shell script?
I need to get the total number of rows in a table using select count (*) table and must assign a shell script variable. I used the following script, it returns the number of lines, but also with oracle headers, please help me to remove the headers.
Shell script
#! / bin/sh
Count = "sqlplus $username/$password@$tnsname < < EOF"
NEWPAGE 0 VALUE
SET SPACE 0
SET LINESIZE 80
SET PAGESIZE 0
SET ECHO OFF
SET FEEDBACK OFF
SET THE POSITION
Select count (*) in the table.
"exit";
EXPRESSIONS OF FOLKLORE"
echo "the value is"$count"
O/P:
SQL * more: Release 10.2.0.4.0 - Production on game Dec 22 05:01:33 2011 Copyright (c) 1982, 2007, Oracle. All rights reserved.
Connected to: Oracle Database 10g Enterprise Edition Release 10.2.0.5.0 - 64 bit Production with the partitioning, options Real Application Clusters, OLAP, Data Mining and Real Application Testing
SQL > SQL > SQL > SQL > SQL > SQL > SQL > SQL 525935 SQL > >
Disconnected from the database to Oracle 10 g Enterprise Edition Release 10.2.0.5.0 - 64-bit options of Production with the partitioning, Real Application Clusters, OLAP, Data Mining and Real Application TestingUse SQL * Plus silent mode. Change:
Count = "sqlplus $username/$password@$tnsname<>
TO
Count ='sqlplus- s $username/$password@$tnsname<>
SY.
-
How2 validate the chain of connection in unix shell script
I am writing a shell script unix which removes the instance user/passwd/user, form a connection string and pass it to sqlplus. Now, I want to validate if a valid/clean connection string was formed. Basically, I want to do something like below
sqlplus-s $CONN_STR
and disconnect if valid string and always disconnect and return to guest if it's not a string valid.
Is there a clean way, I can check if the return has been after a successful login and how disconnect it in script and check if a string is not valid.Create a file name test.sql containing only the OUTPUT and use-L option to SQL * more (attempts to connect only once, instead of reprompting error.)
D:\>sqlplus -L hr/ko@XE @test.sql SQL*Plus: Release 11.1.0.6.0 - Production on Wed Feb 17 08:48:37 2010 Copyright (c) 1982, 2007, Oracle. All rights reserved. ERROR: ORA-01017: invalid username/password; logon denied SP2-0751: Unable to connect to Oracle. Exiting SQL*Plus D:\>echo %errorlevel% 1 D:\>sqlplus -L hr/hr@XE @test.sql SQL*Plus: Release 11.1.0.6.0 - Production on Wed Feb 17 08:48:49 2010 Copyright (c) 1982, 2007, Oracle. All rights reserved. Connected to: Oracle Database 10g Express Edition Release 10.2.0.1.0 - Production Disconnected from Oracle Database 10g Express Edition Release 10.2.0.1.0 - Production D:\>echo %errorlevel% 0 D:\>sqlplus -L hr/hr@KO @test.sql SQL*Plus: Release 11.1.0.6.0 - Production on Wed Feb 17 08:52:22 2010 Copyright (c) 1982, 2007, Oracle. All rights reserved. ERROR: ORA-12154: TNS:could not resolve the connect identifier specified SP2-0751: Unable to connect to Oracle. Exiting SQL*Plus D:\>echo %errorlevel% 1
-
Password database Chaning scripts
We have more than 100 shell scripts on the database server that has the password for the dba user in these scripts.
for example:
test.sh
UserID = s/n
password = s/n
Now, he must change the password for the dba user and hide the password for all users on this box.
What will be the best solution to change the password.
Is it possible to store the password in a file and leave the script uses this password?Hello
Something very simple like
my script which uses the password i=`cat erro.txt` echo $i text file which contain the password password Output I get sh output.sh password
Concerning
Anurag Tibrewal -
Database remote stop using shell script
Hi all
I need to close a remote database through shell script. I won't know SYS password and so cannot connect directly.
I need to SSH to the remote database will define ORACLE_SID and then stop the database.
Note Please I want to achieve this without calling any other SQL or shell script I have ssh.
Pointers or help is much appreciated.
Kind regards
Nagendra ChillaleHi Nagendra,
following works for me...
SSH otherhost ".» \$home/.bash_profile
export ORACLE_SID = MYSID
echo \"shutdown abort\ | sqlplus------' / as sysdba\.
"SSH otherhost ".» \$home/.bash_profile
export ORACLE_SID = MYSID
sqlplus------' / as sysdba\.<>
startup
EXPRESSIONS OF FOLKLORE
"HTH Mathias
Published by: mzarick on August 13, 2009 11:27
-
Calling shell script program SQL and passing parameters
Hi guys,.
Greetings from Toronto. Is it possible to move one or more strings as parameters to a sql from shell script program?
Shell script
SQL program (rd_test.sql)# Accept system input parameters p_user_id=$1 p_job_id=$2 sqlplus.exe -s $p_user_id @$RD_PATH/rd_test.sql $p_user_id $p_job_id
As always, this is not something I have to solve that minute. Any help would be appreciated-- Accept system input parameters define p_user_id = &1 define p_job_id = &2 -- Wondering if its possible to pass these 3 parameters from a shell script program. -- (1) rd_test-$p_job_id-3-1.lis -- (2) RD_PRINTER(rd_test,3) -- (3) t_data select t_data=''rd_test-'||'''$p_job_id'''||'-1-1.txt'' t_data_dir=''.'' ksh $RD_PATH/another_shell_prog.sh $p_user_id $p_job_id '||a.rd_value||' ' ||b.rd_value||' rd_test-$p_job_id-3-1.lis $RD_PRINTER(rd_test,3) '|| '$t_data $t_data_dir'||' exit_status=$? check_command' from rd_job_parameter b, rd_job_parameter a where a.job_id = &2 and a.jp_module_id = 'RDTEST' and b.job_id = a.job_id and b.module_id = a.module_id /
and I will think of the problem.
Thank you
REDA
Published by: Raj404261 on June 25, 2009 11:40
Published by: Raj404261 on June 25, 2009 17:29OK, just a few pointers possible if you need to go the way of shell script.
I suggest that you have a separate SQL script for each of your options, which retains the fairly well-defined lines and keeps the maintenance as simple as possible. Therefore, in your shell script, you can have something like:
#!/bin/ksh # Accept system input parameters p_user_id=$1 p_job_id=$2 # Deduce which script you'll call here # using if statements, or even a case: if [[ p_job_id -eq 1 ]] then SQL_SCRIPT=sql_script1.sql else SQL_SCRIPT=sql_script2.sql fi # Or using case case $2 in 1) SQL_SCRIPT=sql_script1.sql; 2) SQL_SCRIPT=sql_script2.sql; 3) SQL_SCRIPT=sql_script3.sql; *) SQL_SCRIPT=sql_script4.sql; esac export ${SQL_SCRIPT} #If you need to query the database at all to deduce which script to cal #Then something like this: SCRIPT_VAR=`sqlplus -s username/password << EOF set heading off set feedback off set verify off SELECT * FROM DUAL; EOF` export {SCRIPT_VAR} SQL_SCRIPT=sql_script${SCRIPT_VAR}.sql # Then just call your script: sqlplus. -s $p_user_id/password @${SQL_SCRIPT}
-
Put 'do shell script' multi-line with comments
I would like to integrate a Bash in Applescript script, as it is on several lines with comments.
The only documentation useful, that I can find is tn2065, but as far as I can see, it does not say how.
What is the correct syntax?
Maybe I'm missing something, but you can just write your script bash as a text object and passing to the shell script:
game of longBashCommand to "# some relevant comments.
CD /somedir
/ bin/something - foobar
# one other comment here
/ bin/Gisèle
' # one other comment.
the shell script longBashCommand
The trickiest part is perhaps the need to escape some characters such as quotation marks in the command shell.
-
Get the progress and result of a shell script
Hello
I would use a shell script to convert MP3 / audio FLAC files MP3 files with a bitrate of 192kbs and do other things in Automator or AppleScript script.
So I installed lame and flac with brew, run an Automator process with a selected file and perform an action of AppleScrip:
on run {input, parameters} if input is not {} then repeat with theFile in input set posix_file to POSIX path of theFile if input is not {} then tell application "Terminal" set thescript to "/usr/local/bin/lame -b 192 \"" & posix_file & "\" " do script thescript end tell end if end repeat end if return input end run
The Terminal window is there because you tell the Terminal to run your script - try using shell script.
-
I'm on Mac OS X 10.11.2 and have problems with AppleScript and shell scripting.
The following script is a cutting of a larger project:
Tell application "Finder".
the value the_MePath (path for me)
the value the_MeCont (the_MePath container) as string
tell the end
the value of the_MeCont (text 1 thru-2) the_MeContShell
-normally isn't here!
the value the_MePara (the_MeCont & "STH - C Para WAV_48k_24.txt")
the value the_Parameters (opening for access file the_MePara with permission to write)
write ("WAV\r24\r48000\r48k\r") the_Parameters
Close access the_Parameters
-normally isn't here!
-destined to be there!
-the value the_MePara (shell script 'find' & city form the_MeContShell POSIX path & "-iname" "Para STH - C *'")
the value the_Parameters (opening for access file the_MePara)
the value the_ParaList (read the the_MePara file)
Close access the_Parameters
paragraph 1 of the value userFormat the_ParaList
paragraph 2 of the the_ParaList the value userBitDepth
paragraph 3 of the the_ParaList the value userSampleRate
paragraph 4 of the the_ParaList the value shortSampleRate
The lines between the "-normally isn't there!"-lines fills a file in the directory of the AppleScript with the data.
So now the file is there.
If I remove these lines and enable the line below "-intended to be here! ', the shell should find this file.
What I get, then, is a mistake:
"Fehler beim Zugriff auf das Netzwerk." error number - 5000 file "/ users/shared/_AppleScript development/_Archiv Sniplets/STH-C Para WAV_48k_24.txt" to "class fsrf".
to "open for access file the_MePara.
Any ideas, anyone?
Kind regards...
... Maik
Hello
Remove the end of file before the_MePara.
the_MePara contains a posix path type path--> "/ users/shared/_AppleScript development/_Archiv Sniplets/STH-C Para WAV_48k_24.txt.
You can use the file on the path of type HFS --> ' StartupDiskName:Users: shared: _AppleScript development: _Archiv Sniplets:STH - C Para WAV_48k_24.txt.
Information:
The script didn't need to open and close the access when the script to read-only.
Use this line only--> the value the_ParaList to read the_MePara
-
Insert a record, call a stored procedure and execute a shell script
Hello
I am trying to build a page APEX do these three things in order.
#1. Insert a new record in a database table (pk, donnees_xml, attr1 and attr2, etc.) and download the XML file to the donnees_xml column
#2. Save this XML file on a file system
#3. Parse the XML file on a file system and update the database with the parsed data table
I can do #1 with a regular shape based on the database table. I can do #2 with a stored procedure.
I can do #3 with a shell script.
I wonder how these tasks can be combined into a single action in APEX.
do #1;
If successful, do #2;
If successful, do #3;
I'd appreciate comments on this.
Thank you
Define a process of PL/SQL page submit that runs after the record is inserted, if P1_FILE is not null.
Maybe you are looking for
-
How to make the homepage to appear when opening new tab
Under Firefox 40.x whenever I opened a new tab, my home page appeared. When I upgraded to 41.0, opening a new tab displays the suggested sites. How do I have my home page appear whenever I open a new tab?
-
Photosmart HP 5510: personalized printing
I have a number of documents on Pages that I adapted size. All these used to print ok (I just used to cut the paper down set the charger on the printer & print or I used before paper-cutting). Tried to do it today & I only get a partial print on the
-
Is it possible to split the Windows 7 on several hard drives?
Hi all! I have a question I asked on for a while and have never found an answer to. I use Linux and Windows together and I like the two operating systems, and one thing I LIKE about Linux, it is how it is easy to split on several partitions/hard disk
-
I can't use my printer Canon Pixma MX310 on Windows 8 pro!
It doesn´t work. What can I do? I searched for the most recent drivers, but they can´t find/install the.
-
Maximum number of lines per Page to include
<! - this Configuration setting is managed by Oracle Business Intelligence Enterprise Manager - >< DefaultRowsDisplayedInDelivery > 75 < / DefaultRowsDisplayedInDelivery >I'm unable to change the maximum number of lines per Page to be included in the