分享程序员开发的那些事...
更新时间:2022-09-13 23:24:51
[20150529]revoke sysdba from user_name.txt
SYS@test> @ver1
PORT_STRING VERSION BANNER
------------------------------ -------------- --------------------------------------------------------------------------------
x86_64/Linux 2.4.xx 11.2.0.3.0 Oracle Database 11g Enterprise Edition Release 11.2.0.3.0 - 64bit Production
SYS@test> grant sysdba to scott;
Grant succeeded.
SYS@test> select * from V$PWFILE_USERS;
USERNAME SYSDB SYSOP SYSAS
-------------------- ----- ----- -----
SYS TRUE TRUE FALSE
SCOTT TRUE FALSE FALSE
SYS@test> revoke sysdba from scott;
Revoke succeeded.
SYS@test> select * from V$PWFILE_USERS;
USERNAME SYSDB SYSOP SYSAS
-------------------- ----- ----- -----
SYS TRUE TRUE FALSE
$ strings orapwtest
]\[Z
ORACLE Remote Password file
INTERNAL
921BA08037BF42BA
2E77A75AE2AF294D
SCOTT
57964D8CE8DC6EB2
--可以发现口令文件里面并没有清除,这个是别人问我的问题.why?
SYS@test> revoke sysoper from scott;
Revoke succeeded.
$ strings orapwtest
]\[Z
ORACLE Remote Password file
INTERNAL
921BA08037BF42BA
2E77A75AE2AF294D
SCOTT
57964D8CE8DC6EB2
--问题依旧.
SYS@test> column VIEW_DEFINITION format a100
SYS@test> select * from V$FIXED_VIEW_DEFINITION where view_name='GV$PWFILE_USERS';
VIEW_NAME VIEW_DEFINITION
------------------------------ ----------------------------------------------------------------------------------------------------
GV$PWFILE_USERS select inst_id,username,decode(sysdba,1,'TRUE','FALSE'), decode(sysoper,1,'TRUE','FALSE'), decode(s
ysasm,1,'TRUE','FALSE') from x$kzsrt where valid=1 and username != 'INTERNAL'
--格式化:
SELECT inst_id, username, decode(sysdba, 1,'TRUE','FALSE'), decode(sysoper, 1,'TRUE','FALSE'), decode(sysasm,
1,'TRUE','FALSE')
FROM x$kzsrt
WHERE valid = 1
AND username != 'INTERNAL';
--执行如下:
SYS@test> select * FROM x$kzsrt;
ADDR INDX INST_ID USERNAME SYSDBA SYSOPER SYSASM VALID
---------------- ---------- ---------- -------------------- ---------- ---------- ---------- ----------
0000002A9746B908 0 1 INTERNAL 1 1 0 1
0000002A9746B908 1 1 SYS 1 1 0 1
0000002A9746B908 2 1 SCOTT 0 0 0 0
--可以发现revoke全部取消后,实际上修改口令文件某个标识VALID,并没有清除口令文件的信息.
$ cp orapwtest orapwtest.20150529
SYS@test> grant sysdba to scott;
Grant succeeded.
--对比两个文件orapwtest,orapwtest.20150529.
$ xxd -c 16 orapwtest > /tmp/a2.txt
$ xxd -c 16 orapwtest.20150529 > /tmp/a1.txt
$ diff -Nur /tmp/a1.txt /tmp/a2.txt
--- /tmp/a1.txt 2015-05-29 11:59:41.000000000 +0800
+++ /tmp/a2.txt 2015-05-29 11:59:36.000000000 +0800
@@ -54,7 +54,7 @@
0000350: 0000 0000 0000 0000 0000 0000 0500 0000 ................
0000360: 3537 3936 3444 3843 4538 4443 3645 4232 57964D8CE8DC6EB2
0000370: 0000 0000 0000 0000 0000 0000 0000 0000 ................
-0000380: 1000 0000 18f6 7125 c768 6513 0eb8 99ab .....鰍%莌e.....
+0000380: 1000 0000 1bf6 7125 c768 6513 0eb8 99ab .....鰍%莌e.....
0000390: b60a 06c3 d063 a9a2 6ca2 c95d 7607 8db1 ...眯c..l.蒥v...
00003a0: 1f1f 0a00 0000 0000 0000 0000 0000 0000 ................
00003b0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
--可以发现仅仅修改1位. 18=>1b.
SYS@test> grant sysoper to scott;
Grant succeeded.
$ xxd -c 16 orapwtest > /tmp/a3.txt
$ diff -Nur /tmp/a1.txt /tmp/a3.txt
--- /tmp/a1.txt 2015-05-29 11:59:41.000000000 +0800
+++ /tmp/a3.txt 2015-05-29 12:03:00.000000000 +0800
@@ -54,7 +54,7 @@
0000350: 0000 0000 0000 0000 0000 0000 0500 0000 ................
0000360: 3537 3936 3444 3843 4538 4443 3645 4232 57964D8CE8DC6EB2
0000370: 0000 0000 0000 0000 0000 0000 0000 0000 ................
-0000380: 1000 0000 18f6 7125 c768 6513 0eb8 99ab .....鰍%莌e.....
+0000380: 1000 0000 1ff6 7125 c768 6513 0eb8 99ab .....鰍%莌e.....
0000390: b60a 06c3 d063 a9a2 6ca2 c95d 7607 8db1 ...眯c..l.蒥v...
00003a0: 1f1f 0a00 0000 0000 0000 0000 0000 0000 ................
00003b0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
1000(0x8)=> 1010(0xb) => 1111(0xf)