[CentOS] best practises for avoiding to write passwords in shell scripts (example sqlplus from Oracle)

nate

centos at linuxpowered.net
Tue Dec 1 23:03:01 UTC 2009


Sven Aluoor wrote:
> Hi folks
>
> I have here a CentOS box where i need to setup cronjob (with session
> to remote Oracle instance). On the remote DB i have no access, expect
> limited user.

With sqlplus and oracle I pretty much always ran scripts
as sysdba

from one of my scripts that fires up Oracle ASM:
# Set variables for ASM sid (first)
su $ORACLE_USERNAME -c "echo "startup" | sqlplus / as sysdba" | tee
$ASM_STARTUP_LOG

another example -
        su $ORACLE_USERNAME -c "sqlplus / as sysdba 
@/home/oracle/sql/snapshot-restore/restore-from-prod-oracle-change-passwords.sql"
| tee -a $FINAL_SQL_LOG

If I needed to login as a specific user to oracle I would login
as sysdba and run

alter session set current_schema=OTHER_USER_NAME;

to change the user name after login.

So no passwords needed.

For servers, everything automated relies on ssh key based auth.

I'm no Oracle expert by any means!

nate





More information about the CentOS mailing list