-
When I call my rman scripts from a UNIX shell script which invokes RMAN, I connect to the target database using the following code:
connect target user/password
Are there any ideas of how I can do this without hard coding the password?
Michael Auer
Oracle DBA/Developer
Oracle8i OCP
-
change file permission to 400, so people outside dba group could not read your file.
-
-
You could enable OS authentication. Then, you would only have to:
connect target /
Jeff Hunter
-
Hi
setting file permission may not help . Anybody can do a ps -ef | grep rman to find the connection string. Setting os authentication seems to work fine . I usually put the passwords and other options in a config file and protect that file . within the shell script i read the config file and cut the necessary options for constructing the command line.
HTH
Santosh
-
You can also use a Unix user/password file (note: not Oracle's password authentication for remote logins)
It is still hard coded, but you can have just one file for every user/pw for each database or server. I reference this file for many purposes. It also hides the password from the Unix ps command.
From my Korne shell script:
ORAPSWD_FILE=/fullpath/${ORACLE_SID}/scripts/pwsystem.txt
ORAPSWD_IN=`cat ${ORAPSWD_FILE}`
[...]
$ORACLE_HOME/bin/imp file=expdat.dmp log=imp.log << EOT
${ORAPSWD_IN}
EOT
Obviously i use this for exp/imp, but i imagine you can use it for RMAN. The read/write permissions for pwsystem.txt should be restricted as indicated by dragon99.
hth, D.
-
Hi
An example script for an incremental backup
DATE=`date +%D`
PWD=/home/admin/dba/oracle/rman_scripts
CONFIG=$PWD/config.rman
LOG=$PWD/log
do_backup()
{
TARGET_INSTANCE=$1
TARGET_INTERNAL_PASS=$2
RMAN_USER=$3
RMAN_PASS=$4
RMAN_REPO=$5
TODAY=`date +%a`
case $TODAY in
'Mon')
LEVEL=0
;;
'Tue'|'Wed'|'Fri')
LEVEL=2
;;
'Thu')
LEVEL=1
;;
default)
;;
esac
echo "The current backup level is $LEVEL"
SCRIPTNAME=run_backup_db_level_${LEVEL}
LOGFILE=${LOG}/${SCRIPTNAME}_${TARGET_INSTANCE}.log
CMDFILE=${PWD}/${SCRIPTNAME}
# Now Run the backup line for the specific database
rman target internal/${TARGET_INTERNAL_PASS}@${TARGET_INSTANCE} RCVCAT ${RMAN_USER}/${RMAN_PASS}@${RMAN_REPO} CMDFILE $CMDFILE MSGLOG $LOGFILE
}
cat $CONFIG | while read LINE
do
case $LINE in
\#*) ;;
*)
TARGET_INSTANCE=`echo $LINE | cut -d":" -f1`
TARGET_INTERNAL_PASS=`echo $LINE | cut -d":" -f2`
RMAN_USER=`echo $LINE | cut -d":" -f3`
RMAN_PASS=`echo $LINE | cut -d":" -f4`
RMAN_REPO=`echo $LINE | cut -d":" -f5`
do_backup $TARGET_INSTANCE $TARGET_INTERNAL_PASS $RMAN_USER $RMAN_PASS $RMAN_REPO
esac
done
==========================================================
This is sample config.rman file
# This is the configuration file for rman backup
# All comments should start with a hash symbol
# Each field should be separated with a (:)
# Field 1 - Instance name
# Field 2 - Instance pass
# Field 3 - Rman User Name
# Field 4 - Rman Passwd
# Field 5 - Rman Repository
#
db1:db1pass:rman:rman:rcvcat_db
db2:db2pass:rman:rman:rcvcat_db
db3:db3pass:rman:rman:rcvcat_db
#
#
HTH
Santosh
-
hi
Please refer to one of my prevoius posting for the sample scripts stored in repository mentioned in above posting.
[url]http://ora.dbasupport.com/forums/showthread.php?threadid=4351[/url]
HTH
Santosh
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|