LoveUnix » ORACLE等数据库 » 也谈oracle 10g listener password
2006-10-16 21:14
boypoo
也谈oracle 10g listener password
今天看到坛子里有朋友问listener的password的问题,以前没怎么测试过,今天等一个朋友,刚好顺手来测试下.
测试的过程中,发现这么个问题,Oracle 10g,listener,本地oracle用户关闭的话,是不需要口令的了(以前版本是需要的)
先说说建立口令的过程:
[quote]
LSNRCTL> change_password
Old password:
New password:
Reenter new password:
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=RH4SRV1)(PORT=1521)))
Password changed for LISTENER
The command completed successfully
LSNRCTL> save_config
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=RH4SRV1)(PORT=1521)))
Saved LISTENER configuration parameters.
Listener Parameter File /home/oracle/product/10.2.0/network/admin/listener.ora
Old Parameter File /home/oracle/product/10.2.0/network/admin/listener.bak
The command completed successfully
[/quote]
就这么简单
如果你经常登陆本机关闭listener,那么设置它对于你来说是没有意思的
这样做的目的是,
[b][u]1. 防止本机的其他user,关闭listener[/u][/b]
[b][u]2.防止别人远程关闭[/u][/b]
接下来,下面我们分别演示一下:
1.本机其他用户:
[quote]
[test@boypoo1 ~]$ id
uid=502(test) gid=500(dba) groups=500(dba) context=user_u:system_r:unconfined_t
[test@boypoo1 ~]$ lsnrctl
LSNRCTL for Linux: Version 10.2.0.1.0 - Production on 03-NOV-2006 20:52:25
Copyright (c) 1991, 2005, Oracle. All rights reserved.
Welcome to LSNRCTL, type "help" for information.
[color=red]LSNRCTL> stop
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=RH4SRV1)(PORT=1521)))
TNS-01190: The user is not authorized to execute the requested listener command
[/color][b]LSNRCTL> set password abc
The command completed successfully
LSNRCTL> stop[/b]
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=RH4SRV1)(PORT=1521)))
The command completed successfully
LSNRCTL>
[/quote]
2.远程关闭
[quote]
[oracle@boypoo2 ~]$ lsnrctl
LSNRCTL for Linux: Version 10.2.0.1.0 - Production on 09-OCT-2006 22:00:21
Copyright (c) 1991, 2005, Oracle. All rights reserved.
Welcome to LSNRCTL, type "help" for information.
LSNRCTL> set current listener1
Current Listener is listener1
[color=deepskyblue]LSNRCTL> set password
Password:
The command completed successfully[/color]
LSNRCTL> stop
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=192.168.1.100)(PORT=1521)))
The command completed successfully
LSNRCTL>
[/quote]
如若不然:
[quote]
[oracle@boypoo2 ~]$ lsnrctl
LSNRCTL for Linux: Version 10.2.0.1.0 - Production on 09-OCT-2006 22:02:22
Copyright (c) 1991, 2005, Oracle. All rights reserved.
Welcome to LSNRCTL, type "help" for information.
LSNRCTL> set current_listener listener1
Current Listener is listener1
LSNRCTL> stop
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=192.168.1.100)(PORT=1521)))
TNS-01169: The listener has not recognized the password
TNS-01189: The listener could not authenticate the user
LSNRCTL>
[/quote]
还有一种情况,使用Oracle8i/9i的DBA用的到,10g的就用不到了
就是你忘记了listener密码怎么办?
唯一的招数:
[quote]
[oracle@boypoo1 ~]$ ps -ef|grep tns
oracle [b][color=red] 2907[/color][/b] 1 0 20:56 ? 00:00:00 /home/oracle/product/10.2.0/bin/tnslsnr LISTENER -inherit
[color=royalblue][oracle@boypoo1 ~]$ kill 2907
[/color][oracle@boypoo1 ~]$ ps -ef|grep tns
oracle 2913 2802 0 20:59 pts/0 00:00:00 grep tns
接下来要把listener.ora中
[b][color=cyan]#----ADDED BY TNSLSNR 03-NOV-2006 18:31:10---
PASSWORDS_LISTENER = E154352CED22C60A
#-----------------------------------------[/color][/b]
删除或者注释,然后
[oracle@boypoo1 ~]$ lsnrctl start
LSNRCTL for Linux: Version 10.2.0.1.0 - Production on 03-NOV-2006 20:59:42
Copyright (c) 1991, 2005, Oracle. All rights reserved.
Starting /home/oracle/product/10.2.0/bin/tnslsnr: please wait...
TNSLSNR for Linux: Version 10.2.0.1.0 - Production
System parameter file is /home/oracle/product/10.2.0/network/admin/listener.ora
Log messages written to /home/oracle/product/10.2.0/network/log/listener.log
Listening on: (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.1.100)(PORT=1521)))
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=RH4SRV1)(PORT=1521)))
STATUS of the LISTENER
------------------------
Alias LISTENER
Version TNSLSNR for Linux: Version 10.2.0.1.0 - Production
Start Date 03-NOV-2006 20:59:42
Uptime 0 days 0 hr. 0 min. 0 sec
Trace Level off
Security ON: Password or Local OS Authentication
SNMP OFF
Listener Parameter File /home/oracle/product/10.2.0/network/admin/listener.ora
Listener Log File /home/oracle/product/10.2.0/network/log/listener.log
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.1.100)(PORT=1521)))
Services Summary...
Service "DB10G" has 1 instance(s).
Instance "DB10G", status UNKNOWN, has 1 handler(s) for this service...
The command completed successfully
[oracle@boypoo1 ~]$
[/quote]
-END-
今天看到坛子里有朋友问listener的password的问题,以前没怎么测试过,今天等一个朋友,刚好顺手来测试下.
测试的过程中,发现这么个问题,Oracle 10g,listener,本地oracle用户关闭的话,是不需要口令的了(以前版本是需要的)
先说说建立口令的过程:
[quote]
LSNRCTL> change_password
Old password:
New password:
Reenter new password:
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=RH4SRV1)(PORT=1521)))
Password changed for LISTENER
The command completed successfully
LSNRCTL> save_config
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=RH4SRV1)(PORT=1521)))
Saved LISTENER configuration parameters.
Listener Parameter File /home/oracle/product/10.2.0/network/admin/listener.ora
Old Parameter File /home/oracle/product/10.2.0/network/admin/listener.bak
The command completed successfully
[/quote]
就这么简单
如果你经常登陆本机关闭listener,那么设置它对于你来说是没有意思的
这样做的目的是,
[b][u]1. 防止本机的其他user,关闭listener[/u][/b]
[b][u]2.防止别人远程关闭[/u][/b]
接下来,下面我们分别演示一下:
1.本机其他用户:
[quote]
[test@boypoo1 ~]$ id
uid=502(test) gid=500(dba) groups=500(dba) context=user_u:system_r:unconfined_t
[test@boypoo1 ~]$ lsnrctl
LSNRCTL for Linux: Version 10.2.0.1.0 - Production on 03-NOV-2006 20:52:25
Copyright (c) 1991, 2005, Oracle. All rights reserved.
Welcome to LSNRCTL, type "help" for information.
[color=red]LSNRCTL> stop
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=RH4SRV1)(PORT=1521)))
TNS-01190: The user is not authorized to execute the requested listener command
[/color][b]LSNRCTL> set password abc
The command completed successfully
LSNRCTL> stop[/b]
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=RH4SRV1)(PORT=1521)))
The command completed successfully
LSNRCTL>
[/quote]
2.远程关闭
[quote]
[oracle@boypoo2 ~]$ lsnrctl
LSNRCTL for Linux: Version 10.2.0.1.0 - Production on 09-OCT-2006 22:00:21
Copyright (c) 1991, 2005, Oracle. All rights reserved.
Welcome to LSNRCTL, type "help" for information.
LSNRCTL> set current listener1
Current Listener is listener1
[color=deepskyblue]LSNRCTL> set password
Password:
The command completed successfully[/color]
LSNRCTL> stop
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=192.168.1.100)(PORT=1521)))
The command completed successfully
LSNRCTL>
[/quote]
如若不然:
[quote]
[oracle@boypoo2 ~]$ lsnrctl
LSNRCTL for Linux: Version 10.2.0.1.0 - Production on 09-OCT-2006 22:02:22
Copyright (c) 1991, 2005, Oracle. All rights reserved.
Welcome to LSNRCTL, type "help" for information.
LSNRCTL> set current_listener listener1
Current Listener is listener1
LSNRCTL> stop
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=192.168.1.100)(PORT=1521)))
TNS-01169: The listener has not recognized the password
TNS-01189: The listener could not authenticate the user
LSNRCTL>
[/quote]
还有一种情况,使用Oracle8i/9i的DBA用的到,10g的就用不到了
就是你忘记了listener密码怎么办?
唯一的招数:
[quote]
[oracle@boypoo1 ~]$ ps -ef|grep tns
oracle [b][color=red] 2907[/color][/b] 1 0 20:56 ? 00:00:00 /home/oracle/product/10.2.0/bin/tnslsnr LISTENER -inherit
[color=royalblue][oracle@boypoo1 ~]$ kill 2907
[/color][oracle@boypoo1 ~]$ ps -ef|grep tns
oracle 2913 2802 0 20:59 pts/0 00:00:00 grep tns
接下来要把listener.ora中
[b][color=cyan]#----ADDED BY TNSLSNR 03-NOV-2006 18:31:10---
PASSWORDS_LISTENER = E154352CED22C60A
#-----------------------------------------[/color][/b]
删除或者注释,然后
[oracle@boypoo1 ~]$ lsnrctl start
LSNRCTL for Linux: Version 10.2.0.1.0 - Production on 03-NOV-2006 20:59:42
Copyright (c) 1991, 2005, Oracle. All rights reserved.
Starting /home/oracle/product/10.2.0/bin/tnslsnr: please wait...
TNSLSNR for Linux: Version 10.2.0.1.0 - Production
System parameter file is /home/oracle/product/10.2.0/network/admin/listener.ora
Log messages written to /home/oracle/product/10.2.0/network/log/listener.log
Listening on: (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.1.100)(PORT=1521)))
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=RH4SRV1)(PORT=1521)))
STATUS of the LISTENER
------------------------
Alias LISTENER
Version TNSLSNR for Linux: Version 10.2.0.1.0 - Production
Start Date 03-NOV-2006 20:59:42
Uptime 0 days 0 hr. 0 min. 0 sec
Trace Level off
Security ON: Password or Local OS Authentication
SNMP OFF
Listener Parameter File /home/oracle/product/10.2.0/network/admin/listener.ora
Listener Log File /home/oracle/product/10.2.0/network/log/listener.log
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.1.100)(PORT=1521)))
Services Summary...
Service "DB10G" has 1 instance(s).
Instance "DB10G", status UNKNOWN, has 1 handler(s) for this service...
The command completed successfully
[oracle@boypoo1 ~]$
[/quote]
-END-
页: [1]
查看完整版本: 也谈oracle 10g listener password
Powered by Discuz! Archiver 5.5.0 © 2001-2006 Comsenz Inc.