Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Oracle Passwords in Unix scripts
Top Forums Shell Programming and Scripting Oracle Passwords in Unix scripts Post 302194764 by Smiling Dragon on Tuesday 13th of May 2008 07:02:09 PM
Old 05-13-2008
FWIW, storing the password in an environment variable makes the information available to all users with access to a bsd ps on the box.

Are you able to use sudo? You could store the passwords in a central set of files, readable only by specific groups.

Create specific system users and allocate them to the appropriate groups.

You can then allow certain users to run your various scripts as the specific system users. Your script then goes and looks up the file in question for the DB and uses the password contained within.

This also gives you the ability to create a script for retrieving passwords inline for users with the appropriate rights (say admins only?) to use in _any_ script they want.

eg:
Code:
some_oracle_supplied_command -user `sudo -u orapass /usr/local/bin/get_the_username MY_DB` -pass ``sudo -u orapass /usr/local/bin/get_the_password MY_DB`

 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Unix passwords?

The local policy is set in our LAN so that passwords have to be 8 characters and contain a capital letter, a small letter and a special character. Is Unix able to restrict users passwords to certain lengths and characters. (1 Reply)
Discussion started by: wmosley2
1 Replies

2. UNIX for Advanced & Expert Users

Connecting to Oracle through unix shell scripts

Hi, Can some one help me in connecting to oracle through unix shell scripts with examples. Regards Narayana Gupta (1 Reply)
Discussion started by: guptan
1 Replies

3. Shell Programming and Scripting

How to pass passwords to bash scripts?

I'm finding the following command very tedious to type in all the time, so I created a one line bash script called mount.bash with the following contents: mount -t cifs //mark/C\$ -o unc=//mark\\C$,ip=10.1.1.33,user=Administrator,password=$1 /mnt/mark I don't like the fact that I have to put... (5 Replies)
Discussion started by: siegfried
5 Replies

4. Shell Programming and Scripting

Checking passwords - scripts

Hi Unix experts.... I am in the process checking user and root password of more than 1000 servers manulay. I am very pissed of checking these many servers manualy. Could some one of you help me how can i check the passwords just by runing some scripts..! Need Help Guys..! :confused: (5 Replies)
Discussion started by: bullz26
5 Replies

5. Shell Programming and Scripting

SSH - Passing Unix login passwords through shell scripts

Hi All , I need to call a script runscript_B.sh on server A, the runscript_B.sh script locating in server B. The runscript_B.sh in calls another script runscript_A on server A itself. it seend, i need to be connect from Server A to Server B using ssh. I have tryed like this in... (3 Replies)
Discussion started by: koti_rama
3 Replies

6. Shell Programming and Scripting

Calling oracle package Unix from shell scripts.

Hi, Can anyone tell me how to call a oracle package from a Unix shell script? I want to pass some input parameters to package and it will return me the output which I want to use further in my shell script. I want to know the way to capture the output values in my shell script. Please send some... (1 Reply)
Discussion started by: anil029
1 Replies

7. Shell Programming and Scripting

run oracle procedure in unix scripts

for j in $(du -h $1| awk '{printf("%100-s \n",$2)}') do for a in $(ls -time $(find $j -name '*.txt') | awk '{printf("\n%s %s %s %s %s",$4,$7,$8,$10,$11)}') do echo "$a">output.txt done done exit 0 echo "Password : xxxxxx " > LOG/BGH_$3.out (0 Replies)
Discussion started by: utoptas
0 Replies

8. Shell Programming and Scripting

KSH - How to call different scripts from master scripts based on a column in an Oracle table

Dear Members, I have a table REQUESTS in Oracle which has an attribute REQUEST_ACTION. The entries in REQUEST_ACTION are like, ME, MD, ND, NE etc. I would like to create a script which will will call other scripts based on the request action. Can we directly read from the REQUEST_ACTION... (2 Replies)
Discussion started by: Yoodit
2 Replies

9. UNIX for Advanced & Expert Users

When did UNIX start using encrypted passwords, and not displaying passwords when you type them in?

I've been using various versions of UNIX and Linux since 1993, and I've never run across one that showed your password as you type it in when you log in, or one that stored passwords in plain text rather than encrypted. I'm writing a script for work for a security audit, and two of the... (5 Replies)
Discussion started by: Anne Neville
5 Replies

10. Shell Programming and Scripting

How to store the passwords securely and use in scripts?

I want to store the passwords in a global file, so that all the users will not use them to login but a process should use it. One way is to keep the passwords in a .ini file and execute the file in the start of the script and use that variable. But with this, one can echo the variable in the... (15 Replies)
Discussion started by: karumudi7
15 Replies

LEARN ABOUT PHP

oci_password_change

OCI_PASSWORD_CHANGE(3)													    OCI_PASSWORD_CHANGE(3)

oci_password_change - Changes password of Oracle's user

SYNOPSIS

       bool oci_password_change (resource  $connection, string	$username, string  $old_password, string  $new_password)

DESCRIPTION

       resource oci_password_change (string  $dbname, string  $username, string  $old_password, string	$new_password)

	Changes password for user with $username.

	The  oci_password_change(3)  function  is most useful for PHP command-line scripts, or when non-persistent connections are used throughout
       the PHP application.

PARAMETERS

	      o $connection
		- An Oracle connection identifier, returned by oci_connect(3) or oci_pconnect(3).

	      o $username
		- The Oracle user name.

	      o $old_password
		- The old password.

	      o $new_password
		- The new password to be set.

	      o $dbname
		- The database name.

RETURN VALUES

	Returns TRUE on success or FALSE on failure.

EXAMPLES

       Example #1

	      oci_password_change(3) example changing the password of an already connected user

	      <?php

	      $dbase	  = 'localhost/orcl';
	      $user	  = 'cj';
	      $current_pw = 'welcome';
	      $new_pw	  = 'geelong';

	      $c = oci_pconnect($user, $current_pw, $dbase);
	      oci_password_change($c, $user, $current_pw, $new_pw);
	      echo "New password is : " . $new_pw . "
";

	      ?>

       Example #2

	      oci_password_change(3) example of connecting and changing the password in one step

	      <?php

	      $dbase	  = 'localhost/orcl';
	      $user	  = 'cj';
	      $current_pw = 'welcome';
	      $new_pw	  = 'geelong';

	      $c = oci_pconnect($user, $current_pw, $dbase);
	      if (!$c) {
		  $m = oci_error();
		  if ($m['code'] == 28001) { // "ORA-28001: the password has expired"
		      // Login and reset password at the same time
		      $c = oci_password_change($dbase, $user, $current_pw, $new_pw);
		      if ($c) {
			  echo "New password is : " . $new_pw . "
";
		      }
		  }
	      }

	      if (!$c) {  // The original error wasn't 28001, or the password change failed
		  $m = oci_error();
		  trigger_error('Could not connect to database: '. $m['message'], E_USER_ERROR);
	      }

	      // Use the connection $c

	      ?>

NOTES

       Note

	       Changing the password either with this function or directly in Oracle should be done carefully. This is	because  PHP  applications
	      may  continue  to successfully reuse persistent connections by authenticating with the old password. The best practice is to restart
	      all web servers whenever the user password is changed.

       Note

	       If upgrading the Oracle client libraries or the database from a release prior to 11.2.0.3 to version 11.2.0.3 or higher,  oci_pass-
	      word_change(3)  may  give the error "ORA-1017: invalid username/password" unless both client and server versions are upgraded at the
	      same time.

       Note

	       The second oci_password_change(3) syntax is available since OCI8 version 1.1.

       Note

	       In PHP versions before 5.0.0 you must use ocipasswordchange(3) instead. This name still can be  used,  it  was  left  as  alias	of
	      oci_password_change(3) for downwards compatability. This, however, is deprecated and not recommended.

PHP Documentation Group 												    OCI_PASSWORD_CHANGE(3)
All times are GMT -4. The time now is 04:59 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy