在上一篇文章中描述了WINDOWS环境下,忘记了DVSYS管理帐号的解决方法,这一篇介绍UNIX和LINUX环境中,如何解决这个问题。
忘记VAULT的帐号管理密码的解决方法:http://yangtingkun.itpub.net/post/468/475564
在Oracle中,忘记任何帐号的密码都没有关系。只要你能登陆操作系统中DBA组对应的用户,就可以通过操作系统验证,或者通过重建密码文件的方法以SYSDBA身份登陆数据库,而一旦有了SYSDBA权限,可以修改任何的密码。
但是在Oracle Database Vault中,上面的方法不在适用。用户仍然可以使用SYSDBA身份登陆,但是即使是SYS也不能随意修改其他用户的密码。
SQL> CONN / AS SYSDBA
Connected.
SQL> SELECT * FROM V$VERSION;
BANNER
--------------------------------------------------------------------------------
Oracle Database 11g Enterprise Edition Release 11.1.0.7.0 - Production
PL/SQL Release 11.1.0.7.0 - Production
CORE 11.1.0.7.0 Production
TNS for Linux: Version 11.1.0.7.0 - Production
NLSRTL Version 11.1.0.7.0 - Production
SQL> SELECT * FROM V$OPTION
2 WHERE PARAMETER = 'Oracle Database Vault';
PARAMETER VALUE
---------------------------------------- ------------------------------
Oracle Database Vault TRUE
SQL> SELECT USERNAME, ACCOUNT_STATUS FROM DBA_USERS
2 WHERE USERNAME = 'DVSYS';
USERNAME ACCOUNT_STATUS
------------------------------ --------------------------------
DVSYS LOCKED
SQL> ALTER USER DVSYS ACCOUNT UNLOCK;
ALTER USER DVSYS ACCOUNT UNLOCK
*
ERROR at line 1:
ORA-01031: insufficient privileges
只有SYS的口令而没有DVSYS的口令是不行的,现在不要说修改DVSYS的口令了,连更改DVSYS帐号被锁定的状态都没有办法。
对于这种情况,唯一的解决方法是先关闭VAULT选项:
SQL> SHUTDOWN IMMEDIATE
Database closed.
Database dismounted.
ORACLE instance shut down.
SQL> EXIT
Disconnected from Oracle Database 11g Enterprise Edition Release 11.1.0.7.0 - Production
With the Partitioning, Oracle Label Security, OLAP, Data Mining,
Oracle Database Vault and Real Application Testing options
oracle:/home/oracle> cd $ORACLE_HOME/rdbms/lib
oracle:/u01/oracle/product/11.1.0/db_1/rdbms/lib> make -f ins_rdbms.mk dv_off
/usr/bin/ar d /u01/oracle/product/11.1.0/db_1/rdbms/lib/libknlopt.a kzvidv.o
/usr/bin/ar cr /u01/oracle/product/11.1.0/db_1/rdbms/lib/libknlopt.a /u01/oracle/product/11.1.0/db_1/rdbms/lib/kzvndv.o
oracle:/u01/oracle/product/11.1.0/db_1/rdbms/lib> cd $ORACLE_HOME/bin
oracle:/u01/oracle/product/11.1.0/db_1/bin> relink oracle
chmod 755 /u01/oracle/product/11.1.0/db_1/bin
- Linking Oracle
rm -f /u01/oracle/product/11.1.0/db_1/rdbms/lib/oracle
gcc -o /u01/oracle/product/11.1.0/db_1/rdbms/lib/oracle -L/u01/oracle/product/11.1.0/db_1/rdbms/lib/ -L/u01/oracle/product/11.1.0/db_1/lib/ -L/u01/oracle/product/11.1.0/db_1/lib/stubs/ -L/u01/oracle/product/11.1.0/db_1/lib/ -lirc -lipgo -Wl,-E /u01/oracle/product/11.1.0/db_1/rdbms/lib/opimai.o /u01/oracle/product/11.1.0/db_1/rdbms/lib/ssoraed.o /u01/oracle/product/11.1.0/db_1/rdbms/lib/ttcsoi.o -Wl,--whole-archive -lperfsrv11 -Wl,--no-whole-archive /u01/oracle/product/11.1.0/db_1/lib/nautab.o /u01/oracle/product/11.1.0/db_1/lib/naeet.o /u01/oracle/product/11.1.0/db_1/lib/naect.o /u01/oracle/product/11.1.0/db_1/lib/naedhs.o /u01/oracle/product/11.1.0/db_1/rdbms/lib/config.o -lserver11 -lodm11 -lcell11 -lnnet11 -lskgxp11 -lsnls11 -lnls11 -lcore11 -lsnls11 -lnls11 -lcore11 -lsnls11 -lnls11 -lxml11 -lcore11 -lunls11 -lsnls11 -lnls11 -lcore11 -lnls11 -lclient11 -lvsn11 -lcommon11 -lgeneric11 -lknlopt `if /usr/bin/ar tv /u01/oracle/product/11.1.0/db_1/rdbms/lib/libknlopt.a | grep xsyeolap.o > /dev/null 2>&1 ; then echo "-loraolap11" ; fi` -lslax11 -lpls11 -lrt -lplp11 -lserver11 -lclient11 -lvsn11 -lcommon11 -lgeneric11 `if [ -f /u01/oracle/product/11.1.0/db_1/lib/libavserver11.a ] ; then echo "-lavserver11" ; else echo "-lavstub11"; fi` `if [ -f /u01/oracle/product/11.1.0/db_1/lib/libavclient11.a ] ; then echo "-lavclient11" ; fi` -lknlopt -lslax11 -lpls11 -lrt -lplp11 -ljavavm11 -lserver11 -lwwg `cat /u01/oracle/product/11.1.0/db_1/lib/ldflags` -lncrypt11 -lnsgr11 -lnzjs11 -ln11 -lnl11 -lnro11 `cat /u01/oracle/product/11.1.0/db_1/lib/ldflags` -lncrypt11 -lnsgr11 -lnzjs11 -ln11 -lnl11 -lnnz11 -lzt11 -lmm -lsnls11 -lnls11 -lcore11 -lsnls11 -lnls11 -lcore11 -lsnls11 -lnls11 -lxml11 -lcore11 -lunls11 -lsnls11 -lnls11 -lcore11 -lnls11 -lztkg11 `cat /u01/oracle/product/11.1.0/db_1/lib/ldflags` -lncrypt11 -lnsgr11 -lnzjs11 -ln11 -lnl11 -lnro11 `cat /u01/oracle/product/11.1.0/db_1/lib/ldflags` -lncrypt11 -lnsgr11 -lnzjs11 -ln11 -lnl11 -lnnz11 -lzt11 -lsnls11 -lnls11 -lcore11 -lsnls11 -lnls11 -lcore11 -lsnls11 -lnls11 -lxml11 -lcore11 -lunls11 -lsnls11 -lnls11 -lcore11 -lnls11 `if /usr/bin/ar tv /u01/oracle/product/11.1.0/db_1/rdbms/lib/libknlopt.a | grep "kxmnsd.o" > /dev/null 2>&1 ; then echo " " ; else echo "-lordsdo11"; fi` -L/u01/oracle/product/11.1.0/db_1/ctx/lib/ -lctxc11 -lctx11 -lzx11 -lgx11 -lctx11 -lzx11 -lgx11 -lordimt11 -lclsra11 -ldbcfg11 -lhasgen11 -lcore11 -lskgxn2 -locr11 -locrb11 -locrutl11 -lhasgen11 -lcore11 -lskgxn2 -loraz -lsnls11 -lnls11 -lcore11 -lsnls11 -lnls11 -lcore11 -lsnls11 -lnls11 -lxml11 -lcore11 -lunls11 -lsnls11 -lnls11 -lcore11 -lnls11 -lsnls11 -lunls11 -lsnls11 -lnls11 -lcore11 -lsnls11 -lnls11 -lcore11 -lsnls11 -lnls11 -lxml11 -lcore11 -lunls11 -lsnls11 -lnls11 -lcore11 -lnls11 -laio `cat /u01/oracle/product/11.1.0/db_1/lib/sysliblist` -Wl,-rpath,/u01/oracle/product/11.1.0/db_1/lib -lm `cat /u01/oracle/product/11.1.0/db_1/lib/sysliblist` -ldl -lm -L/u01/oracle/product/11.1.0/db_1/lib
test ! -f /u01/oracle/product/11.1.0/db_1/bin/oracle ||\
mv -f /u01/oracle/product/11.1.0/db_1/bin/oracle /u01/oracle/product/11.1.0/db_1/bin/oracleO
mv /u01/oracle/product/11.1.0/db_1/rdbms/lib/oracle /u01/oracle/product/11.1.0/db_1/bin/oracle
chmod 6751 /u01/oracle/product/11.1.0/db_1/bin/oracle
首先关闭数据库,然后重新编译并关闭VAULT选项,然后重新连接ORACLE,下面登陆sqlplus:
oracle:/u01/oracle/product/11.1.0/db_1/bin> sqlplus "/ as sysdba"
SQL*Plus: Release 11.1.0.7.0 - Production on Sat Jan 3 15:26:15 2009
Copyright (c) 1982, 2008, Oracle. All rights reserved.
Connected to an idle instance.
SQL> STARTUP
ORACLE instance started.
Total System Global Area 418484224 bytes
Fixed Size 1313792 bytes
Variable Size 226493440 bytes
Database Buffers 184549376 bytes
Redo Buffers 6127616 bytes
Database mounted.
Database opened.
SQL> COL PARAMETER FORMAT A40
SQL> COL VALUE FORMAT A30
SQL> SELECT * FROM V$OPTION
2 WHERE PARAMETER = 'Oracle Database Vault';
PARAMETER VALUE
---------------------------------------- ------------------------------
Oracle Database Vault FALSE
SQL> ALTER USER DVSYS ACCOUNT UNLOCK;
User altered.
SQL> ALTER USER DVSYS IDENTIFIED BY TEST;
User altered.
完成修改目的后,还要重复刚才类似的操作,重新启用VAULT选项:
SQL> SHUTDOWN IMMEDIATE
Database closed.
Database dismounted.
ORACLE instance shut down.
SQL> EXIT
Disconnected from Oracle Database 11g Enterprise Edition Release 11.1.0.7.0 - Production
With the Partitioning, Oracle Label Security, OLAP, Data Mining
and Real Application Testing options
oracle:/u01/oracle/product/11.1.0/db_1/bin> cd $ORACLE_HOME/rdbms/lib
oracle:/u01/oracle/product/11.1.0/db_1/rdbms/lib> make -f ins_rdbms.mk dv_on
/usr/bin/ar d /u01/oracle/product/11.1.0/db_1/rdbms/lib/libknlopt.a kzvndv.o
/usr/bin/ar cr /u01/oracle/product/11.1.0/db_1/rdbms/lib/libknlopt.a /u01/oracle/product/11.1.0/db_1/rdbms/lib/kzvidv.o
oracle:/u01/oracle/product/11.1.0/db_1/rdbms/lib> cd $ORACLE_HOME/bin
oracle:/u01/oracle/product/11.1.0/db_1/bin> relink oracle
chmod 755 /u01/oracle/product/11.1.0/db_1/bin
- Linking Oracle
rm -f /u01/oracle/product/11.1.0/db_1/rdbms/lib/oracle
gcc -o /u01/oracle/product/11.1.0/db_1/rdbms/lib/oracle -L/u01/oracle/product/11.1.0/db_1/rdbms/lib/ -L/u01/oracle/product/11.1.0/db_1/lib/ -L/u01/oracle/product/11.1.0/db_1/lib/stubs/ -L/u01/oracle/product/11.1.0/db_1/lib/ -lirc -lipgo -Wl,-E /u01/oracle/product/11.1.0/db_1/rdbms/lib/opimai.o /u01/oracle/product/11.1.0/db_1/rdbms/lib/ssoraed.o /u01/oracle/product/11.1.0/db_1/rdbms/lib/ttcsoi.o -Wl,--whole-archive -lperfsrv11 -Wl,--no-whole-archive /u01/oracle/product/11.1.0/db_1/lib/nautab.o /u01/oracle/product/11.1.0/db_1/lib/naeet.o /u01/oracle/product/11.1.0/db_1/lib/naect.o /u01/oracle/product/11.1.0/db_1/lib/naedhs.o /u01/oracle/product/11.1.0/db_1/rdbms/lib/config.o -lserver11 -lodm11 -lcell11 -lnnet11 -lskgxp11 -lsnls11 -lnls11 -lcore11 -lsnls11 -lnls11 -lcore11 -lsnls11 -lnls11 -lxml11 -lcore11 -lunls11 -lsnls11 -lnls11 -lcore11 -lnls11 -lclient11 -lvsn11 -lcommon11 -lgeneric11 -lknlopt `if /usr/bin/ar tv /u01/oracle/product/11.1.0/db_1/rdbms/lib/libknlopt.a | grep xsyeolap.o > /dev/null 2>&1 ; then echo "-loraolap11" ; fi` -lslax11 -lpls11 -lrt -lplp11 -lserver11 -lclient11 -lvsn11 -lcommon11 -lgeneric11 `if [ -f /u01/oracle/product/11.1.0/db_1/lib/libavserver11.a ] ; then echo "-lavserver11" ; else echo "-lavstub11"; fi` `if [ -f /u01/oracle/product/11.1.0/db_1/lib/libavclient11.a ] ; then echo "-lavclient11" ; fi` -lknlopt -lslax11 -lpls11 -lrt -lplp11 -ljavavm11 -lserver11 -lwwg `cat /u01/oracle/product/11.1.0/db_1/lib/ldflags` -lncrypt11 -lnsgr11 -lnzjs11 -ln11 -lnl11 -lnro11 `cat /u01/oracle/product/11.1.0/db_1/lib/ldflags` -lncrypt11 -lnsgr11 -lnzjs11 -ln11 -lnl11 -lnnz11 -lzt11 -lmm -lsnls11 -lnls11 -lcore11 -lsnls11 -lnls11 -lcore11 -lsnls11 -lnls11 -lxml11 -lcore11 -lunls11 -lsnls11 -lnls11 -lcore11 -lnls11 -lztkg11 `cat /u01/oracle/product/11.1.0/db_1/lib/ldflags` -lncrypt11 -lnsgr11 -lnzjs11 -ln11 -lnl11 -lnro11 `cat /u01/oracle/product/11.1.0/db_1/lib/ldflags` -lncrypt11 -lnsgr11 -lnzjs11 -ln11 -lnl11 -lnnz11 -lzt11 -lsnls11 -lnls11 -lcore11 -lsnls11 -lnls11 -lcore11 -lsnls11 -lnls11 -lxml11 -lcore11 -lunls11 -lsnls11 -lnls11 -lcore11 -lnls11 `if /usr/bin/ar tv /u01/oracle/product/11.1.0/db_1/rdbms/lib/libknlopt.a | grep "kxmnsd.o" > /dev/null 2>&1 ; then echo " " ; else echo "-lordsdo11"; fi` -L/u01/oracle/product/11.1.0/db_1/ctx/lib/ -lctxc11 -lctx11 -lzx11 -lgx11 -lctx11 -lzx11 -lgx11 -lordimt11 -lclsra11 -ldbcfg11 -lhasgen11 -lcore11 -lskgxn2 -locr11 -locrb11 -locrutl11 -lhasgen11 -lcore11 -lskgxn2 -loraz -lsnls11 -lnls11 -lcore11 -lsnls11 -lnls11 -lcore11 -lsnls11 -lnls11 -lxml11 -lcore11 -lunls11 -lsnls11 -lnls11 -lcore11 -lnls11 -lsnls11 -lunls11 -lsnls11 -lnls11 -lcore11 -lsnls11 -lnls11 -lcore11 -lsnls11 -lnls11 -lxml11 -lcore11 -lunls11 -lsnls11 -lnls11 -lcore11 -lnls11 -laio `cat /u01/oracle/product/11.1.0/db_1/lib/sysliblist` -Wl,-rpath,/u01/oracle/product/11.1.0/db_1/lib -lm `cat /u01/oracle/product/11.1.0/db_1/lib/sysliblist` -ldl -lm -L/u01/oracle/product/11.1.0/db_1/lib
test ! -f /u01/oracle/product/11.1.0/db_1/bin/oracle ||\
mv -f /u01/oracle/product/11.1.0/db_1/bin/oracle /u01/oracle/product/11.1.0/db_1/bin/oracleO
mv /u01/oracle/product/11.1.0/db_1/rdbms/lib/oracle /u01/oracle/product/11.1.0/db_1/bin/oracle
chmod 6751 /u01/oracle/product/11.1.0/db_1/bin/oracle
下面再次登陆SQLPLUS,检查密码修改情况:
oracle:/u01/oracle/product/11.1.0/db_1/bin> sqlplus "/ as sysdba"
SQL*Plus: Release 11.1.0.7.0 - Production on Sat Jan 3 15:42:38 2009
Copyright (c) 1982, 2008, Oracle. All rights reserved.
Connected to an idle instance.
SQL> STARTUP
ORACLE instance started.
Total System Global Area 418484224 bytes
Fixed Size 1313792 bytes
Variable Size 226493440 bytes
Database Buffers 184549376 bytes
Redo Buffers 6127616 bytes
Database mounted.
Database opened.
SQL> COL PARAMETER FORMAT A40
SQL> COL VALUE FORMAT A30
SQL> SELECT * FROM V$OPTION
2 WHERE PARAMETER = 'Oracle Database Vault';
PARAMETER VALUE
---------------------------------------- ------------------------------
Oracle Database Vault TRUE
SQL> CONN DVSYS/TEST
Connected.
来自 “ ITPUB博客 ” ,链接:http://blog.itpub.net/4227/viewspace-526439/,如需转载,请注明出处,否则将追究法律责任。
转载于:http://blog.itpub.net/4227/viewspace-526439/