Oracle 9i、10g在缺省的情况下,允许任何一个人利用lsnrctl从远程发起对监听器的管理。
Oracle11g在listener加密的情况下,在本服务器上执行lsnrctl status listener_name仍然可以,除非listener.ora里加如下内容:
LOCAL_OS_AUTHENTICATION_LISTENER = OFF
1. 未设定密码情形下停止监听
2. 重新启动监听并设置密码[oracle@test ~]$ lsnrctl stop listener_name -->停止监听,可以看出不需要任何密码即可停止
3. 尝试未使用密码的情况下停止监听
- [oracle@test ~]$ lsnrctl
- LSNRCTL for Linux: Version 9.2.0.8.0 - Production on 26-JUN-2011 08:24:09
- Copyright (c) 1991, 2006, Oracle Corporation. All rights reserved.
- Welcome to LSNRCTL, type "help" for information.
- LSNRCTL> set current_listener listener_demo92 -->设置当前监听器
- Current Listener is listener_demo92
- LSNRCTL> start -->启动过程也不需要任何密码,启动的详细信息省略
- LSNRCTL> change_password -->使用change_password来设置密码
- Old password: ----之前没设置密码,直接按回车
- New password:
- Reenter new password:
- Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=test)(PORT=1521)))
- Password changed for listener_demo92
- The command completed successfully
- LSNRCTL> save_config -->注意此处的save_config失败
- Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=test)(PORT=1521)))
- TNS-01169: The listener has not recognized the password
- LSNRCTL> set password -->输入新设定的密码验证
- Password:
- The command completed successfully
- LSNRCTL> save_config -->再次save_config成功
- Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=test)(PORT=1521)))
- Saved listener_demo92 configuration parameters.
- Listener Parameter File /oracle/92/network/admin/listener.ora
- Old Parameter File /oracle/92/network/admin/listener.bak
- The command completed successfully
- -->增加密码之后可以看到listener.ora文件中有一条新增的记录,即密码选项(注:尽管使用了密码管理方式,仍然可以无需密码启动监听)
- [oracle@test admin]$ more listener.ora
- #----ADDED BY TNSLSNR 26-JUN-2011 05:12:48---
- PASSWORDS_listener_demo92 = 678679679hjfh
- #--------------------------------------------
- [oracle@test ~]$ lsnrctl stop listener_demo92
- LSNRCTL for Linux: Version 9.2.0.8.0 - Production on 26-JUN-2011 06:09:51
- Copyright (c) 1991, 2006, Oracle Corporation. All rights reserved.
- Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=test)(PORT=1521)))
- TNS-01169: The listener has not recognized the password -->收到错误信息,需要使用密码认证