2台节点,edsir3p1和edisr3p16。
[oracle@EDSIR3P1 ~]$ hostname --long
edsir3p1.us.oracle.com
[oracle@EDSIR3P16 ~]$ hostname --long
edsir3p16.us.oracle.com
在edsir3p1上编辑tnsnames.ora文件
[oracle@EDSIR3P1 ~]$ vi $ORACLE_HOME/network/admin/tnsnames.ora
将以下内容添加到tnsnames.ora文件:
ORCL16 =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = EDSIR3P16.us.oracle.com)(PORT = 1521))
)
)
查看EDSIR3P16机器上的监听器状态:
[oracle@EDSIR3P16 ~]$ lsnrctl status
LSNRCTL for Linux: Version 10.1.0.4.0 - Production on 10-OCT-2008 15:15:37
Copyright (c) 1991, 2004, Oracle. All rights reserved.
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC)))
STATUS of the LISTENER
------------------------
Alias LISTENER
Version TNSLSNR for Linux: Version 10.1.0.4.0 - Production
Start Date 10-OCT-2008 15:09:25
Uptime 0 days 0 hr. 6 min. 12 sec
Trace Level off
Security ON: Local OS Authentication 注意这里,10g已经使用本地操作系统认证
SNMP OFF
Listener Parameter File /u01/app/oracle/product/10.1.0/db_1/network/admin/listener.ora
Listener Log File /u01/app/oracle/product/10.1.0/db_1/network/log/listener.log
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=ipc)(KEY=EXTPROC)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=edsir3p16.us.oracle.com)(PORT=1521)))
Services Summary...
Service "PLSExtProc" has 1 instance(s).
Instance "PLSExtProc", status UNKNOWN, has 1 handler(s) for this service...
Service "orcl.us.oracle.com" has 1 instance(s).
Instance "orcl", status UNKNOWN, has 1 handler(s) for this service...
The command completed successfully
[oracle@EDSIR3P16 ~]$
在edsir3p1上启动监听器,尝试停止edsir3p16上的监听器。
[oracle@EDSIR3P1 ~]$ lsnrctl
LSNRCTL for Linux: Version 10.1.0.4.0 - Production on 10-OCT-2008 15:17:02
Copyright (c) 1991, 2004, Oracle. All rights reserved.
Welcome to LSNRCTL, type "help" for information.
LSNRCTL> set current_listener orcl16
Current Listener is orcl16
LSNRCTL> stop
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=EDSIR3P16.us.oracle.com)(PORT=1521)))
TNS-01189: The listener could not authenticate the user
LSNRCTL>
很明显的可以看到,与9i不同,10g里不能远程停止服务器上的监听器。而在9i下,则这里就可以把监听器停掉。
然后到edsir3p16上设置监听器密码:
[oracle@EDSIR3P16 ~]$ lsnrctl
LSNRCTL for Linux: Version 10.1.0.4.0 - Production on 10-OCT-2008 15:17:50
Copyright (c) 1991, 2004, Oracle. All rights reserved.
Welcome to LSNRCTL, type "help" for information.
LSNRCTL> change_password
Old password:
New password:
Reenter new password:
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC)))
Password changed for LISTENER
The command completed successfully
LSNRCTL> status
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC)))
STATUS of the LISTENER
------------------------
Alias LISTENER
Version TNSLSNR for Linux: Version 10.1.0.4.0 - Production
Start Date 10-OCT-2008 15:09:25
Uptime 0 days 0 hr. 8 min. 40 sec
Trace Level off
Security ON: Password or Local OS Authentication --注意这里,使用密码或本地操作系统认证
SNMP OFF
Listener Parameter File /u01/app/oracle/product/10.1.0/db_1/network/admin/listener.ora
Listener Log File /u01/app/oracle/product/10.1.0/db_1/network/log/listener.log
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=ipc)(KEY=EXTPROC)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=edsir3p16.us.oracle.com)(PORT=1521)))
Services Summary...
Service "PLSExtProc" has 1 instance(s).
Instance "PLSExtProc", status UNKNOWN, has 1 handler(s) for this service...
Service "orcl.us.oracle.com" has 1 instance(s).
Instance "orcl", status UNKNOWN, has 1 handler(s) for this service...
The command completed successfully
LSNRCTL>
然后到edsir3p1去测试密码
[oracle@EDSIR3P1 ~]$ lsnrctl
LSNRCTL for Linux: Version 10.1.0.4.0 - Production on 10-OCT-2008 15:19:42
Copyright (c) 1991, 2004, Oracle. All rights reserved.
Welcome to LSNRCTL, type "help" for information.
LSNRCTL> set current_listener orcl16
Current Listener is orcl16
LSNRCTL> set password
Password:
The command completed successfully
LSNRCTL> stop
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=EDSIR3P16.us.oracle.com)(PORT=1521)))
The command completed successfully
到edsir3p16上查看其监听器状态:
[oracle@EDSIR3P16 ~]$ lsnrctl status
LSNRCTL for Linux: Version 10.1.0.4.0 - Production on 10-OCT-2008 15:20:52
Copyright (c) 1991, 2004, Oracle. All rights reserved.
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC)))
TNS-12541: TNS:no listener
TNS-12560: TNS:protocol adapter error
TNS-00511: No listener
Linux Error: 2: No such file or directory
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=EDSIR3P16.us.oracle.com)(PORT=1521)))
TNS-12541: TNS:no listener
TNS-12560: TNS:protocol adapter error
TNS-00511: No listener
Linux Error: 111: Connection refused
很明显,如果能够猜测出密码,则可以成功停止远程的监听器。因此,在10g下,不建议为监听器设置密码,保留缺省的本地操作系统认证就好了。
[oracle@EDSIR3P1 ~]$ hostname --long
edsir3p1.us.oracle.com
[oracle@EDSIR3P16 ~]$ hostname --long
edsir3p16.us.oracle.com
在edsir3p1上编辑tnsnames.ora文件
[oracle@EDSIR3P1 ~]$ vi $ORACLE_HOME/network/admin/tnsnames.ora
将以下内容添加到tnsnames.ora文件:
ORCL16 =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = EDSIR3P16.us.oracle.com)(PORT = 1521))
)
)
查看EDSIR3P16机器上的监听器状态:
[oracle@EDSIR3P16 ~]$ lsnrctl status
LSNRCTL for Linux: Version 10.1.0.4.0 - Production on 10-OCT-2008 15:15:37
Copyright (c) 1991, 2004, Oracle. All rights reserved.
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC)))
STATUS of the LISTENER
------------------------
Alias LISTENER
Version TNSLSNR for Linux: Version 10.1.0.4.0 - Production
Start Date 10-OCT-2008 15:09:25
Uptime 0 days 0 hr. 6 min. 12 sec
Trace Level off
Security ON: Local OS Authentication 注意这里,10g已经使用本地操作系统认证
SNMP OFF
Listener Parameter File /u01/app/oracle/product/10.1.0/db_1/network/admin/listener.ora
Listener Log File /u01/app/oracle/product/10.1.0/db_1/network/log/listener.log
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=ipc)(KEY=EXTPROC)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=edsir3p16.us.oracle.com)(PORT=1521)))
Services Summary...
Service "PLSExtProc" has 1 instance(s).
Instance "PLSExtProc", status UNKNOWN, has 1 handler(s) for this service...
Service "orcl.us.oracle.com" has 1 instance(s).
Instance "orcl", status UNKNOWN, has 1 handler(s) for this service...
The command completed successfully
[oracle@EDSIR3P16 ~]$
在edsir3p1上启动监听器,尝试停止edsir3p16上的监听器。
[oracle@EDSIR3P1 ~]$ lsnrctl
LSNRCTL for Linux: Version 10.1.0.4.0 - Production on 10-OCT-2008 15:17:02
Copyright (c) 1991, 2004, Oracle. All rights reserved.
Welcome to LSNRCTL, type "help" for information.
LSNRCTL> set current_listener orcl16
Current Listener is orcl16
LSNRCTL> stop
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=EDSIR3P16.us.oracle.com)(PORT=1521)))
TNS-01189: The listener could not authenticate the user
LSNRCTL>
很明显的可以看到,与9i不同,10g里不能远程停止服务器上的监听器。而在9i下,则这里就可以把监听器停掉。
然后到edsir3p16上设置监听器密码:
[oracle@EDSIR3P16 ~]$ lsnrctl
LSNRCTL for Linux: Version 10.1.0.4.0 - Production on 10-OCT-2008 15:17:50
Copyright (c) 1991, 2004, Oracle. All rights reserved.
Welcome to LSNRCTL, type "help" for information.
LSNRCTL> change_password
Old password:
New password:
Reenter new password:
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC)))
Password changed for LISTENER
The command completed successfully
LSNRCTL> status
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC)))
STATUS of the LISTENER
------------------------
Alias LISTENER
Version TNSLSNR for Linux: Version 10.1.0.4.0 - Production
Start Date 10-OCT-2008 15:09:25
Uptime 0 days 0 hr. 8 min. 40 sec
Trace Level off
Security ON: Password or Local OS Authentication --注意这里,使用密码或本地操作系统认证
SNMP OFF
Listener Parameter File /u01/app/oracle/product/10.1.0/db_1/network/admin/listener.ora
Listener Log File /u01/app/oracle/product/10.1.0/db_1/network/log/listener.log
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=ipc)(KEY=EXTPROC)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=edsir3p16.us.oracle.com)(PORT=1521)))
Services Summary...
Service "PLSExtProc" has 1 instance(s).
Instance "PLSExtProc", status UNKNOWN, has 1 handler(s) for this service...
Service "orcl.us.oracle.com" has 1 instance(s).
Instance "orcl", status UNKNOWN, has 1 handler(s) for this service...
The command completed successfully
LSNRCTL>
然后到edsir3p1去测试密码
[oracle@EDSIR3P1 ~]$ lsnrctl
LSNRCTL for Linux: Version 10.1.0.4.0 - Production on 10-OCT-2008 15:19:42
Copyright (c) 1991, 2004, Oracle. All rights reserved.
Welcome to LSNRCTL, type "help" for information.
LSNRCTL> set current_listener orcl16
Current Listener is orcl16
LSNRCTL> set password
Password:
The command completed successfully
LSNRCTL> stop
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=EDSIR3P16.us.oracle.com)(PORT=1521)))
The command completed successfully
到edsir3p16上查看其监听器状态:
[oracle@EDSIR3P16 ~]$ lsnrctl status
LSNRCTL for Linux: Version 10.1.0.4.0 - Production on 10-OCT-2008 15:20:52
Copyright (c) 1991, 2004, Oracle. All rights reserved.
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC)))
TNS-12541: TNS:no listener
TNS-12560: TNS:protocol adapter error
TNS-00511: No listener
Linux Error: 2: No such file or directory
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=EDSIR3P16.us.oracle.com)(PORT=1521)))
TNS-12541: TNS:no listener
TNS-12560: TNS:protocol adapter error
TNS-00511: No listener
Linux Error: 111: Connection refused
很明显,如果能够猜测出密码,则可以成功停止远程的监听器。因此,在10g下,不建议为监听器设置密码,保留缺省的本地操作系统认证就好了。
来自 “ ITPUB博客 ” ,链接:http://blog.itpub.net/9842/viewspace-470282/,如需转载,请注明出处,否则将追究法律责任。
转载于:http://blog.itpub.net/9842/viewspace-470282/