Shell Scripting in UNIX environment for Oracle Database

**pragatiswain** · Dec 6 '06, 06:36 AM

Originally posted by Sanket80

Hi,

I have one shell script which runs a report and sends the output to user.
The shell script has some queries written in it in SQL and hence when I execute a shell script via a concurrent programme, I need to ensure that shell script connects to Oracle Database to execute the SQL written inside it.
Now when I hard code the shell script with User ID / PWD, the scripts run fine.....but I dont want to put the user id and pwd in shell script for security reasons.....do we have something better than hard coding user id and pwd

Thanks
Sanket

I also stress more on security in a real production environment.
Unix Environmental variables are user/session specific, which other users/sessions can't see.
Set environmental variables for oracle User ID / PWD. which you can put in Unix user's .profile or ask the user at the time of login to unix environment.

Hope this helps

**buzznt** · Dec 6 '06, 08:34 AM

Originally posted by Sanket80

Hi,

I have one shell script which runs a report and sends the output to user.
The shell script has some queries written in it in SQL and hence when I execute a shell script via a concurrent programme, I need to ensure that shell script connects to Oracle Database to execute the SQL written inside it.
Now when I hard code the shell script with User ID / PWD, the scripts run fine.....but I dont want to put the user id and pwd in shell script for security reasons.....do we have something better than hard coding user id and pwd

Thanks
Sanket

HI :)
One solution is to use in the script connect string inside you script, like:

Code:

sqlplus sqlplus -s /nolog  << *EOF*
conn <user>/<pass>
.....
<SQL>
.....
*EOF*

10X,

Roni

**Sanket80** · Dec 7 '06, 06:11 PM

Hi,

The problem is that I am new to shell scripting and does not know how to set the environment variables. Can u pls help me in that......
Also note that we are keeping the sh script in a custom directory and then we are registering a custom programme in Oracle ERP with execution method as HOST so that the programme will call and execute the shell script. So security wise, my concern is only when a UNIX user logs on to UNIX Custom directory and view the shell script which has the USER ID and PWD.

Pls advice
Thanks

Originally posted by pragatiswain

I also stress more on security in a real production environment.
Unix Environmental variables are user/session specific, which other users/sessions can't see.
Set environmental variables for oracle User ID / PWD. which you can put in Unix user's .profile or ask the user at the time of login to unix environment.

Hope this helps

**Sanket80** · Dec 7 '06, 06:13 PM

Hi

I guess the conn command will again require me to put the USERID and PWD
My concern is a situatiion when an Unix User Logs on and views the content of the Shell Script

Thanks

Originally posted by buzznt

HI :)
One solution is to use in the script connect string inside you script, like:

Code:

sqlplus sqlplus -s /nolog  << *EOF*
conn <user>/<pass>
.....
<SQL>
.....
*EOF*

10X,

Roni

**Sanket80** · Dec 8 '06, 10:03 PM

can somebody pls help me on this

**Mondo Tofu** · Dec 10 '06, 03:29 AM

You could read from a file where the usernames and passwords are stored.

Store the password file in a directory where only DBAs can get to.

That you read from a file to obtain a password will be obvious to the Unix sysadmin, but what you read from it does not need to be echoed in the logs.

Recommend that you make the passwords very long up to 30 characters, and very difficult to guess.

Shell Scripting in UNIX environment for Oracle Database

Shell Scripting in UNIX environment for Oracle Database

Comment

Comment

Comment

Comment

Comment

Comment