I was wondering how sqlplus takes the username and password in connect statement "sqlplus /".
How can I change the configuration if i want to connect with "sqlplus /" with different user. It Might seems awkward but in my script "sqlplus /" is harcoded and we cannot change this. Just I want to connect with different user using same command.
From the Oracle documentation:
/
Represents a default logon using operating system authentication. In a default logon, SQL*Plus typically attempts to log you in using the username OPS$name, where name is your operating system username. Note that the prefix "OPS$" can be set to any other string of text.
For example, you may wish to change the settings in your INIT.ORA parameters file to LOGONname or USERIDname. See the Oracle9i Database Administrator's Guide for information about operating system authentication.
So it uses your operating system details to construct your Oracle user name, meaning that you probably can't set an arbitrary name.
The Oracle initialisation parameter for specifying the prefix is OS_AUTHENT_PREFIX and its default value id OPS$.
One thing you could do, if you cannot change the script which calls sqlplus, is to insert your own sqlplus script in the path before the Oracle one, along the lines of (not thoroughly tested):
#!/bin/bash
if [[ "$1" != "/" ]] ; then
$ORACLE_HOME/bin/sqlplus "$#"
exit
fi
shift
$ORACLE_HOME/bin/sqlplus $MY_ORA_USER/$MY_ORA_PWD "$#"
This would then be the one called by your script and it would check the first parameter to see if it was the simple /. If not, it would call the real sqlplus with the same parameters.
Otherwise, it would replace the / with a user/password formed from the MY_ORA_* environment variables.
Related
I wish to use a sqlplus command with password hidden from view such that it doesn't show up on ps -ef command.
I know there are a lot of solutions provided all over internet blogs but most of them seem to require admin privileges and I have restricted access on this server. And rest of them just don't seem to work me.
The command that I am currently using is as below:
sqlplus -s SOME_USERNAME/SOME_PASSWORD#somedns.intra.com:1500/SOMESID #some.sql
Legend:
SOME_USERNAME: schema/user
SOME_PASSWORD: password
SOMESID: SID for this DB.
#some.sql: An sql file containing insert statements.
Any pointers are much appreciated.
Update: Forgot to mention that this sqlplus command will be used inside a shell script.
How do I input the password from within a shell script in this case?
You can use a heredoc:
sqlplus -s /nolog <<!EOF
connect SOME_USERNAME/SOME_PASSWORD#somedns.intra.com:1500/SOMESID
#some.sql
!EOF
The connect and #some.sql are treated as an input stream to SQL*Plus, as if you'd typed them in an interactive session, and are not part of the initial call to the executable - so the connection details don't appear in ps output.
You can also use variables if you want to, incidentally, as the variable expansion happens in the shell before it passes the stream to the executable - so even though SQL*Plus wouldn't understand say $PASSWD, referring to that in the heredoc works and the actual variable value is passed.
Use sqlplus -s SOME_USERNAME#\"somedns.intra.com:1500/SOMESID\" #some.sql and enter your password on the command line.
Or use external authentication and don't use a password at all
Finally, SOMESID is not a SID, it's a Service Name. The Easy Connect syntax you use only works with service names. SIDs are very very old-school.
I'm working and discovering the world of Zabbix. In particular I am trying to monitor an Oracle database with the Zabbix server through an external script. Given that other external scripts work, however, I created one with sqlplus, but on Zabbix I get "command not found". Can you tell me why?
The code is:
check.pl
#!/usr/bin/perl
use strict;
use warnings;
my $out=`echo "select * from v$version;" | sqlplus user/password#ip_database:port`;
print $out;
The code is very simple.
I created an item as always, passed as type "external check" and a key I entered my script. Can anyone solve my problem? Also if I was not clear, just ask for more information rather than "insult" on the forum: Thanks to everyone in advance
I RESOLVED IT WITH:
echo "/usr/lib/oracle/11.2/client64/lib" > /etc/ld.so.conf.d/oracle.conf
echo "export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/lib/oracle/11.2/client64/lib" >> /etc/profile
THANKS TO ALL!!!!
Apparently, your zabbix server does not have the necessary environment to find sqlplus. You could simply use the full path to sqlplus in your script (but that alone might not be enough) or create a wrapper script that sets all the necessary environment variables for your script.
From TFM:
The command will be executed as the user Zabbix server runs as, so any
access permissions or environment variables should be handled in a
wrapper script, if necessary, and permissions on the command should
allow that user to execute it.
You also have to configure the sqlplus libraries required to run sqlplus. The script which you use to start the zabbix server you can configure below oracle things in the startup script so that zabbix can find all necessary libraries to run.
export ORACLE_HOME={path to Oracle Client}
export LD_LIBRARY_PATH=${LD_LIBRARY_PATH}:${ORACLE_HOME}/lib
If still there are issues related to .so files then there must be some issues in your SQL client installation.
I'm trying to write a shell script that when called, uses the dbaccess command line tool to pull data from a table.
echo "unload to data.csv delimiter '|' select * from tbl_extract;" | time dbaccess $database_name;
Now when I run this, it runs with my own account. Dbaccess seems to use the logged in Unix account to login to the database. But I want this to run under a different account. How do I get dbaccess to accept a username and password to use a different account?
As #Johnathan Leffler correctly pointed out, if you use the CONNECT clause in the SQL, you cannot avoid being prompted for the password. What you need to do is ensure that the dbaccess process itself runs as a different user.
You can either use sudo, e.g.:
echo "unload to data.csv delimiter '|' select * from tbl_extract;" |\
sudo -u __run_as_user__ time dbaccess $database_name;
NB You may need to configure the sudoers file to permit execution and not prompt for password.
The better alternative would be to set setuid on the script, so that the whole script runs as __run_as_user__. This has the added bonus of ensuring any files (such as data.csv) are also owned by that user, and you don't run into permissions problems.
You will need to use the explicit CONNECT statement, and will need to provide the password:
{
echo "CONNECT TO $database USER 'whoever';"
echo "UNLOAD TO 'data.csv' DELIMITER '|' SELECT * FROM tbl_extract;"
} |
time dbaccess - -
Note the delicate balancing of quotes; the user name must be in a string, and you want to specify the database via a variable, so the string as a whole must be in double quotes and it is simpler to use single quotes around the name than backslash double quote \" twice (which would also work, even if the user name is in a variable).
This will prompt you for the user's password.
Alternatives include using sudo or su to change identity to the user.
My SQLCMD program (unrelated to Microsoft's johnny-come-lately program of the same name) has a variety of ways of connecting to a database with a user name and scripting the password so that there is no interaction needed, ranging from the wholly insecure (command line argument; string in script) to the relatively secure (string in a file that can only be read by the user). It can be used instead of DB-Access — I use it instead of DB-Access, but then I wrote it (mainly because I wasn't happy with the interface provided by DB-Access or its predecessor command).
We are using CA Workload Control Center (Autosys) to run a windows batch file which calls another batch file which calls SQLPlus with the following:
sqlplus username/password %1 %2 %3
Since this is all being done remotely I cannot see what is actually happening on the server.
I am wondering if the sqlplus file exists but has invalid syntax (like referring to non-existent table) will the sqlplus prompt exit and return back to the batch file?
The reason I ask is because I am looking at the log file from Autosys and it shows that SQLPlus call was made, it prints out ERROR AT LINE 2: Invalid Table, but then it does not show any other activity with the batch script after that where there are multiple echoes and file copies etc. It seems as though it is not exiting SQLPlus perhaps?
Is there a parm I need to pass to SQLPlus to tell it to exit SQLPlus and return back to the calling script after running a SQL script if it fails?
Edit: We are using "WHENEVER SQL ERROR" inside of our SQL files as well and the log file does show this:
Disconnected from Oracle Database 11g Enterprise Edition Release 11.2.0.3.0 - 64bit Production
With the Partitioning, Real Application Clusters, Automatic Storage Management, OLAP,
Data Mining and Real Application Testing options
But I am still expecting that it should continue with the rest of the Batch script but its not, above is the last that Autosys shows in the log
See SQLPlus instruction WHENEVER SQLERROR, it describes in Oracle docs:
http://docs.oracle.com/cd/B19306_01/server.102/b14357/ch12052.htm
Found the solution SO Post:
You can do sqlplus -l test/Test#mydatabase #script.sql; the -l flag means it will only try to connect once, and if it fails for any reason will exit instead of prompting. Look at the output of sqlplus -?, or see the documentation.
Please tell me what is the use of TNS_ADMIN parameter in Oracle? I am working on Unix using oracle database.
Is this parameter is required to locate the sqlplus. I am executing a script in which a update query is executed on Oracle Database.
The script fails with 127 error code when executed with crontab.
The script contents I suspect (eval) failing are
----------
cmd='sqlplus ${ORALOGIN} < SQLS
----------
eval $cmd
TNS_ADMIN tells sqlplus where to find the tnsnames.ora file.
If you are running sqlplus from a crontab then the normal reason for having difficulty are:
Incorrect path
Not having the correctly set ORACLE_SID or other Oracle connection information
A startup/login script that is getting executed when you login to the system that is interfering with your cron execution
Some script that you run from the command line when you login that sets up your Oracle environment that is not getting executed in your crontab.
Check these things and other environment related items. It always takes me a number of passes to get crontab and Oracle to work happily together.