Login or Register to Ask a Question and Join Our Community


Shell Programming and Scripting

Hide and retrieve database credentials

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting Hide and retrieve database credentials
# 1  
Old 10-26-2017
Hide and retrieve database credentials
Hi Everyone,
I am new to shell scripting and I have a requirement to fire a sql statement to Oracle database and create a out file in Unix server.
This will be plugged in to Autosys as a batch job.

I have the database credentials saved in a configuration file in the below format.

dbdata.cfg:
Code:
GN1 dbname dbuser dbpwd

The actual script shown below:
miscript.sh:
Code:
DBNAME= `awk '{print $2}' /home/mireport/dbdata.cfg`
DBPWD= `awk '{print $4}' /home/mireport/dbdata.cfg`
DBUSER= `awk '{print $3}' /home/mireport/dbdata.cfg`
OUTFILE= /home/mireport/testmi.csv

sqlplus -S ${DBUSER}/${DBPWD}@${DBNAME}" <<SQLEND >> ${OUTFILE}
 set pages 0 feed off head off
 alter session set current_schema=Schema_Owner;
select column1 from testfile;

exit
sqlend

Getting the below error when exceuting the script, can you provide some help on this?

Code:
$ sh miscript.sh
test.sh: dbpwd:  not found.
test.sh[2]: dbname^M:  not found.
test.sh[3]: dbuser^M:  not found.
test.sh[4]: /home/mireport/testmi.csv^M:  not found.
test.sh[5]: ^M:  not found.
test.sh[6]: sqlplus:  not found.

Last edited by Scott; 10-26-2017 at 04:47 AM.. Reason: Please use code tags
# 2  
Old 10-26-2017
You will need to remove the paces after the = in your variable declarations, otherwise you will be executing the contents of the files you are awking, not assigning them.

You also don't need to use awk or command substitution (``) to read the files in simple cases like this. You could do something like:
Code:
read x DBNAME < /home/mireport/dbdata.cfg

for example.

It is also more secure to put the connect string inside the SQLPlus command, not as an argument to it. As an argument, anyone running a ps on the system will see the username and password.
Last edited by Scott; 10-26-2017 at 05:58 AM.. Reason: read
This User Gave Thanks to Scott For This Post:
Pradeep_Raj
# 3  
Old 10-26-2017
Thanks Scott, as the dbname, password and user delimited by a space in the file, could you please show me an example how to read assign the values to variables?
# 4  
Old 10-26-2017
On top of what Scott already said, you seem to have DOS line terminators (^M / \r / 0x0D / <CR>) in your files, mayhap due to editing with an non-*nix tool.
What is your OS and editor?

Instead of using three command substitutions for the variable assignments, how about
Code:
read X DBNAME DBPWD DBUSER X /home/mireport/dbdata.cfg

assuming - as you do - the data file has one line only?

EDIT: Please see correction by Scott below...
Last edited by RudiC; 10-26-2017 at 06:11 AM..
This User Gave Thanks to RudiC For This Post:
Pradeep_Raj
# 5  
Old 10-26-2017
Code:
read x DBNAME DBUSER DBPWD junk < /home/mireport/dbdata.cfg

These 2 Users Gave Thanks to Scott For This Post:
Pradeep_Raj RudiC
# 6  
Old 10-26-2017
Hi Rudic, OS: AIX and using notepad to edit the scripts.
I ll modify and test the scripts and update the outcome.

Thanks,
# 7  
Old 10-26-2017
If you can't avoid notepad, make sure to save files in *nix style.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Help with credentials when using Grep across multiple servers

Hello all, I need some help with a script I have been working on. I was wanting to know if it is possible to add authentication to it for each server it runs across? The credentials are all the same on each server. This is what I am using so far and it seems to work. I am trying to avoid... (3 Replies)
Discussion started by: Smorgen
3 Replies

2. Programming

How to hide from UNIX strings - obfuscate or hide a literal or constant?

Hi, I need to somehow pipe the password to a command and run some SQL, for example, something like echo $password | sqlplus -s system @query01.sql To make it not so obvious, I decided to try out writing a small C program that basically just do echo $password. So now I just do x9.out | sqlplus... (8 Replies)
Discussion started by: newbie_01
8 Replies

3. UNIX for Advanced & Expert Users

Need to pass credentials in one Go

Hi, We usually switch user using the below command. sudo su - user1 It then prompts for the password which we feed in. I wish to pass both the username and the password in one go thus eliminating the prompt for the password. I am using java standalone to connect to unix using... (11 Replies)
Discussion started by: mohtashims
11 Replies

4. Shell Programming and Scripting

Logging into device with other set of credentials

If I run the below code... it will login into the router and then changes to privilege mode and then stores the running configuration information to an array. In this program, I have included the username and password . In case the username and password is wrong.. it will re login for 2 times... (0 Replies)
Discussion started by: scriptscript
0 Replies

5. Shell Programming and Scripting

Wget/curl credentials validation

Experts, I login to a 3rd party and pull some valuable information with my credentials. I pass my credentials via --post-data in wget. Now my Account is locked. I want my wget to alert that the Account is locked. How can i achieve this. My idea is, get the Source page html from the... (2 Replies)
Discussion started by: sathyaonnuix
2 Replies

6. Shell Programming and Scripting

FTP credentials from a config file

Hi, I am using the following syntax to connect to an FTP server and paste the file. Based on the value in the variable $Folder, i want to connect to different folders on the same server. The credential is different to access different folders. How to get the user name and password from a... (3 Replies)
Discussion started by: ashok.k
3 Replies

7. Shell Programming and Scripting

Hide DB Credentials in unix

Hi, I my unix we have one file that contains all the database credentials. we are calling that file while connecting databse. I need to hide that file....other user should not view that file. How to do this. Please suggest me apart from permisstion(chmod) level suggestion. Regards,... (3 Replies)
Discussion started by: rsivasan
3 Replies

8. Shell Programming and Scripting

A script pls( To retrieve database information)

KSH - Unix -AIX - db2 ************** Get the input from the user say '123' (It varies) Then i want to connect to a database say "D1" then i want th extract from the database by giving "select * from tablename where input = '123' I also want to connect to another database "D2" then i... (3 Replies)
Discussion started by: rollthecoin
3 Replies

9. AIX

Telnet Credentials

Dears i am going to write a shell script to do some administration jobs and automate them , but i need to access remote servers through telnet so my question is how to pass the required credentials to telnet through shell script or can i use a file and redirect the standard input to be from that... (3 Replies)
Discussion started by: TheEngineer
3 Replies

10. UNIX for Dummies Questions & Answers

Ldap : Invalid credentials

Hi All, :) I have configure openldap but when I test this its show me a massage that "Invalid Creedientials". I search for the slove at Google, Yahoo but I did not find any solution. Plz help me. :cool: (3 Replies)
Discussion started by: Sudipta Biswas
3 Replies
Login or Register to Ask a Question