| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.server -> Re: SQL script without password
Internal on NT doesn't need a password when the user running Oracle (usually administrator) is in the *local* ora_dba group.
Regards,
Sybrand Bakker, Oracle DBA
"Leonard F Clark" <lfc_at_zoom.co.uk> wrote in message
news:3afd863f.26290263_at_125.0.0.1...
> Robert,
>
> You don't say what platform you are working on. In Unix it is
> possible to do what you want, so long as the process is run by a Unix
> user that can connect to internal.
>
> Let me explain.
>
> Usually, you are asked to create two users:
>
> orainst: specifically for installing oracle;
> oracle: the *unix* oracle system user.
>
> Both of these will belong to the administration group identified on
> installation (usually dba).
>
> Some people use "oracle" for both and don't bother with orainst. Some
> also do all the installation as root - a very bad idea.
>
> If you can log in as this user (lets assume it's "oracle"), then you
> can connect to either svrmgrl or sqlplus as internal. In both cases,
> you will not be prompted for a password. (If you are, you are not in
> the right unix user!).
>
> So, we will assume you are going to use sqlplus (because svrmgrl is
> going to be phased out). You can write a script like this:
>
> sqlplus << ! > extra_sure.log
> internal
>
> spool normal.log
>
> -- normal queries or anonymous PL/SQL goes here
>
> !
>
> (Obviously, you will dress the script up. Note that the "internal"
> and "!" *must* go on the left - no spaces. Note also that the
> internal should go on a separate line so that the process does not
> give your user away.)
>
> And, hey presto, you have your password-less script.
>
> If you are running scheduled tasks, yo can either issue it as oracle
> or as root. From cron, for example, it might look something like:
>
> 00 2 * * 2-6 su - oracle -c "/xyz/yourscript param1 param2" # Comment
>
> Pause
>
> There are other ways. Another way was the creative use of sudo.
>
> If you are using NT, you don't have the same freedom: internal
> requires a password - but I think you can use password files.
>
> Len
>
> >
> >Is there some way for SQL scripts to connect to database without
> >password? We have many scripts that calls sqlplus and issue SQL
> >commands, and we want to avoid hard-coded passwords in the scripts.
> >We do not want to use OS authentication method, because the scripts
> >need to be run from remote machines and using OS authentication from
> >remote machine can open up security hole. Thank you in advance.
> >
> >
> >
>
Received on Sat May 12 2001 - 12:55:55 CDT
 |
 |