正确认识password file的作用

[oracle@jumper dbs]$ sqlplus "/ as sysdba"

SQL*Plus: Release 9.2.0.3.0 - Production on Tue Jul 6 09:40:34 2004

Copyright (c) 1982, 2002, Oracle Corporation. All rights reserved.

Connected to:

Oracle9i Enterprise Edition Release 9.2.0.3.0 - Production

With the Partitioning, OLAP and Oracle Data Mining options

JServer Release 9.2.0.3.0 - Production

SQL> shutdown immediate

Database closed.

Database dismounted.

ORACLE instance shut down.

SQL> !

[oracle@jumper dbs]$ ls

hsjf initdw.ora inithsjf.ora init.ora lkHSJF orapwhsjf spfilehsjf.ora

[oracle@jumper dbs]$ mv orapwhsjf orapwhsjf.bak

[oracle@jumper dbs]$ exit

exit

SQL> startup

ORACLE instance started.

Total System Global Area 235999908 bytes

Fixed Size 451236 bytes

Variable Size 201326592 bytes

Database Buffers 33554432 bytes

Redo Buffers 667648 bytes

ORA-01990: error opening password file '/opt/oracle/product/9.2.0/dbs/orapw'

--它是最后查找的文件

ORA-27037: unable to obtain file status

Linux Error: 2: No such file or directory

Additional information: 3

建立orapw口令文件,此时可以打开数据库。

SQL> !

[oracle@jumper dbs]$ ls

hsjf initdw.ora inithsjf.ora init.ora lkHSJF orapwhsjf.bak spfilehsjf.ora

[oracle@jumper dbs]$ cp orapwhsjf.bak orapw

[oracle@jumper dbs]$ exit

exit

SQL> alter database open;

Database altered.

SQL> show parameter passw

NAME TYPE VALUE

------------------------------------ ----------- ---------------

remote_login_passwordfile string SHARED

SQL>

很多人可能会产生有这样的疑问,多个Exclusive的数据库是否可以共享一个口令文件(orapw)呢?

继续回到试验中:

SQL> show parameter passwordNAME TYPE VALUE

------------------------------------ ----------- ---------------

remote_login_passwordfile string SHARED

[oracle@jumper dbs]$ strings orapw

]\[Z

ORACLE Remote Password file

INTERNAL

AB27B53EDC5FEF41

8A8F025737A9097A

注意这里仅记录着INTERNAL/SYS的口令

REMOTE_LOGIN_PASSWORDFILE=EXCLUSIVE 时

SQL> alter system set remote_login_passwordfile=exclusive scope=spfile;System altered.

SQL> startup force;

ORACLE instance started.

Total System Global Area 235999908 bytes

Fixed Size 451236 bytes

Variable Size 201326592 bytes

Database Buffers 33554432 bytes

Redo Buffers 667648 bytes

Database mounted.

Database opened.

SQL> !

[oracle@jumper bin]$ cd $ORACLE_HOME/dbs

[oracle@jumper dbs]$ strings orapw

]\[Z

ORACLE Remote Password file

HSJF

INTERNAL

AB27B53EDC5FEF41

8A8F025737A9097A

[oracle@jumper dbs]$ exit

exit

注意此处,以EXCLUSIVE方式启动以后,实例名称信息就会被写入口令文件.

如果此时有其它实例以Exclusive模式启动仍然可以使用这个口令文件,口令文件中的实例名称同时被改写.

这也就是说,数据库只在启动过程中才读取口令文件,数据库运行过程中并不锁定该文件,类似于pfile/spfile文件.

SQL> select * from v$pwfile_users;USERNAME SYSDB SYSOP

------------------------------ ----- -----

SYS TRUE TRUE

SQL> grant sysdba to eygle;

Grant succeeded.

SQL> select * from v$pwfile_users;

USERNAME SYSDB SYSOP

------------------------------ ----- -----

SYS TRUE TRUE

EYGLE TRUE FALSE

SQL> !

[oracle@jumper bin]$ cd $ORACLE_HOME/dbs

[oracle@jumper dbs]$ strings orapw

]\[Z

ORACLE Remote Password file

HSJF

INTERNAL

AB27B53EDC5FEF41

8A8F025737A9097A

>EYGLE

B726E09FE21F8E83

注意：

在此处我们可以增加SYSDBA用户，并且这些信息可以被写入到口令文件。

如果我们在口令文件中增加了其他SYSDBA用户,这个文件就不能被其它Exclusive的实例共享。

仔细了解过后，我们可以发觉，口令文件对于其他用户来说其实就是启到了一个sudo的作用。

6.重建口令文件

假如口令文件丢失,使用orapwd可以很方便的重建口令文件，详细的语法如下:

[oracle@jumper oracle]$ orapwdUsage: orapwd file= password= entries= where

file - name of password file (mand),

password - password for SYS (mand),

entries - maximum number of distinct DBA and OPERs (opt),

There are no spaces around the equal-to (=) character.