停止空想

老张的空中之家

存档于 三月, 2007

如何给listener设置密码

作者:admin 发表时间:三月 - 28 - 2007

一直觉得给listener设置密码的作用不是很大,但是绿盟给我们安全检测之后,说这是一个比较严重的安全隐患。

简单来说,如果有多个listener,那么就必须设定current listener的名字。

set current_listener L1

change_password  是设定密码

注意:change_password 设置密码马上生效,如果要进一步对该listener进行操作(status,stop)等等,必须

set password 。这个命令的目的是使用我设定好的密码。

具体的步骤是:

下面内容来自metalink

PURPOSE

——-

This article serves as a quick reference to setting up password protection

for listeners

SCOPE & APPLICATION

——————-

Customers, Support. UNIX platforms.

RELATED DOCUMENTS

—————–

Oracle Net 8 Administrator’s Guide


How to password protect your listener

————————————-

To avoid inadvertent stopping of your listener or to prevent unauthorized

access to your listener, you may set up password protection for your listener.


1. Cleartext Password


- Add PASSWORDS_<your_listener_name> entry to your existing listener.ora file.

   e.g.

   PASSWORDS_listener1 = (p1,p2)

- Stop your listener, and restart it.


Now passwords are in effect.

To stop the listener, set password command must be used.


e.g.

lsnrctl

LSNRCTL> set current_listener listener1

LSNRCTL> set password p1

LSNRCTL> stop



2. Encrypted Password


- Comment out PASSWORD_ line if cleartext password is set.

- Restart listener.

- Run lsnrctl


LSNRCTL> set current_listener <your_listener_name>

LSNRCTL> set save_config_on_stop on

LSNRCTL> change_password

Old password: <enter>

New password: <enter_your_password>

Reenter new password: <reenter_your_password>


e.g:

LSNRCTL> change_password

Old password: <enter>

New password: e1

Reenter new password: e1


Just hit <enter> key for old password since no previuos password is set. 

The passwords you entered will not be echoed.


- Stop the listener


LSNRCTL> set password 

Password: <enter_your_password_here>

LSNRCTL> stop


e.g.

LSNRCTL> set password 

Password: e1

LSNRCTL> stop


- Check your listener.ora file



Entries similar to the following should have been added to your listener.ora 

automatically.


SAVE_CONFIG_ON_STOP_listener1 = ON

PASSWORDS_listener1 = 2D6C48144CF753AC



Sample Files:

————-

listener.ora


#

# (1) listener.ora

#

LOG_DIRECTORY_LISTENER1 = /tmp/log

LOG_FILE_LISTENER1 = listener.log


TRACE_DIRECTORY_LISTENER1 = /tmp/log

TRACE_FILE_LISTENER1 = listener.trc

TRACE_LEVEL_LISTENER1 = ADMIN


LISTENER1 =

  (ADDRESS_LIST =

    (ADDRESS = (PROTOCOL = TCP)(HOST = localhost)(PORT = 12345))

  )

#passwords_listener1=(p1,p2)


#—-ADDED BY TNSLSNR 23-DEC-99 14:57:24—

SAVE_CONFIG_ON_STOP_listener1 = ON

PASSWORDS_listener1 = 2D6C48144CF753AC

#——————————————


sqlnet.ora


#

# (2) sqlnet.ora

#

NAMES.DEFAULT_DOMAIN = your_domain

NAMES.DIRECTORY_PATH = (TNSNAMES)


LOG_DIRECTORY_SERVER = /tmp/log

LOG_FILE_SERVER = server.log


TRACE_DIRECTORY_SERVER = /tmp/log

TRACE_FILE_SERVER = server 

TRACE_LEVEL_SERVER = ADMIN

#

#eof

类别:Oracle

9i 修改临时表空间

作者:admin 发表时间:三月 - 27 - 2007

Oracle9i引入了全局缺省临时表空间,缺省的如果不指定用户临时表空间,Oracle会为用户指定这个缺省临时表空间.

首先查询用户的缺省临时表空间:

[oracle@jumper oracle]$ sqlplus “/ as sysdba” 

SQL*Plus: Release 9.2.0.4.0 - Production on Wed Apr 12 11:11:43

Copyright (c) 1982, 2002, Oracle Corporation.  All rights reserved.
Connected to:
Oracle9i Enterprise Edition Release 9.2.0.4.0 - Production
With the Partitioning option
JServer Release 9.2.0.4.0 - Production

SQL> select username,temporary_tablespace from dba_users;

USERNAME                       TEMPORARY_TABLESPACE
—————————— ——————————
SYS                                 TEMP2
SYSTEM                         TEMP2
OUTLN                           TEMP2
EYGLE                            TEMP2
CSMIG                            TEMP2
TEST                               TEMP2
REPADMIN                    TEMP2
……

13 rows selected.

SQL> select name from v$tempfile;

NAME
———————————————————————
/opt/oracle/oradata/conner/temp02.dbf
/opt/oracle/oradata/conner/temp03.dbf

重建新的临时表空间并进行切换:

SQL> create temporary tablespace temp tempfile ‘/opt/oracle/oradata/conner/temp1.dbf’ size 10M; 

Tablespace created.

SQL> alter tablespace temp add tempfile ‘/opt/oracle/oradata/conner/temp2.dbf’ size 20M;

Tablespace altered.

SQL> alter database default temporary tablespace temp;

Database altered.

SQL> select username,temporary_tablespace from dba_users;

USERNAME                       TEMPORARY_TABLESPACE
—————————— ——————————
SYS                                 TEMP
SYSTEM                         TEMP
OUTLN                           TEMP
EYGLE                            TEMP
CSMIG                           TEMP
TEST                               TEMP
REPADMIN                    TEMP
…….

13 rows selected.

如果原临时表空间无用户使用,我们可以删除该表空间:

SQL> drop tablespace temp2; 

Tablespace dropped.

SQL>
SQL> select name from v$tempfile;

NAME
—————————————————————
/opt/oracle/oradata/conner/temp1.dbf
/opt/oracle/oradata/conner/temp2.dbf

SQL> select file_name,tablespace_name,bytes/1024/1024 MB,autoextensible
2  from dba_temp_files
3  /

FILE_NAME                              TABLESPACE_NAME              MB AUTOEXTENSIBLE
————————————– ——————– ———- ————–
/opt/oracle/oradata/conner/temp2.dbf   TEMP                         20 NO
/opt/oracle/oradata/conner/temp1.dbf   TEMP                         10 NO

以上转自eygle

9i不能删除表空间里没有分配extent的数据文件,但是10g可以 。

但9i可以删除临时表空间的数据文件,前提是该数据文件没有被使用。所以可以offline 然后drop

alter database tempfile ‘/u01/oradata/temp01.dbf’ drop including datafiles;

类别:Oracle