[CentOS] best practises for avoiding to write passwords in shell scripts (example sqlplus from Oracle)
nate
centos at linuxpowered.net
Tue Dec 1 23:03:01 UTC 2009
Sven Aluoor wrote:
> Hi folks
>
> I have here a CentOS box where i need to setup cronjob (with session
> to remote Oracle instance). On the remote DB i have no access, expect
> limited user.
With sqlplus and oracle I pretty much always ran scripts
as sysdba
from one of my scripts that fires up Oracle ASM:
# Set variables for ASM sid (first)
su $ORACLE_USERNAME -c "echo "startup" | sqlplus / as sysdba" | tee
$ASM_STARTUP_LOG
another example -
su $ORACLE_USERNAME -c "sqlplus / as sysdba
@/home/oracle/sql/snapshot-restore/restore-from-prod-oracle-change-passwords.sql"
| tee -a $FINAL_SQL_LOG
If I needed to login as a specific user to oracle I would login
as sysdba and run
alter session set current_schema=OTHER_USER_NAME;
to change the user name after login.
So no passwords needed.
For servers, everything automated relies on ssh key based auth.
I'm no Oracle expert by any means!
nate
More information about the CentOS
mailing list