课程第32次（2018-08-24星期五）

botang

Skillset 1
Section 7装agent:
wget http://station37.example.com:488 ... agentDownload.linux
./agentDownload.linux -b  /u01/app/oracle/product/11.1.0/ -m station37.example.com -r 4889

[oracle@station38 ~]$ sudo /u01/app/oracle/product/agent10g/root.sh
Running Oracle10 root.sh script...

The following environment variables are set as:
    ORACLE_OWNER= oracle
    ORACLE_HOME=  /u01/app/oracle/product/agent10g

Enter the full pathname of the local bin directory: [/usr/local/bin]:
The file "dbhome" already exists in /usr/local/bin.  Overwrite it? (y/n)
[n]: y
   Copying dbhome to /usr/local/bin ...
The file "oraenv" already exists in /usr/local/bin.  Overwrite it? (y/n)
[n]: y
   Copying oraenv to /usr/local/bin ...
The file "coraenv" already exists in /usr/local/bin.  Overwrite it? (y/n)
[n]: y
   Copying coraenv to /usr/local/bin ...

Entries will be added to the /etc/oratab file as needed by
Database Configuration Assistant when a database is created
Finished running generic part of root.sh script.
Now product-specific root actions will be performed.
Finished product-specific root actions.
[oracle@station38 ~]$


[oracle@station38 bin]$ ./emctl secure  agent
Oracle Enterprise Manager 10g Release 5 Grid Control 10.2.0.5.0.  
Copyright (c) 1996, 2009 Oracle Corporation.  All rights reserved.
Agent successfully stopped...   Done.
Securing agent...   Started.
Enter Agent Registration Password :           
Agent successfully restarted...   Done.
Securing agent...   Successful.
[oracle@station38 bin]$ ./emctl upload  agent
Oracle Enterprise Manager 10g Release 5 Grid Control 10.2.0.5.0.  
Copyright (c) 1996, 2009 Oracle Corporation.  All rights reserved.
---------------------------------------------------------------
EMD upload completed successfully
[oracle@station38 bin]$




Section3:

1. CREATE OR REPLACE FUNCTION verify_function_11G
   
2. (username varchar2,
   
3.   password varchar2,
   
4.   old_password varchar2)
   
5.   RETURN boolean IS
   
6.    n boolean;
   
7.    m integer;
   
8.    differ integer;
   
9.    isdigit boolean;
   
10.    ischar  boolean;
    
11.    ispunct boolean;
    
12.    db_name varchar2(40);
    
13.    digitarray varchar2(20);
    
14.    punctarray varchar2(25);
    
15.    chararray varchar2(52);
    
16.    i_char varchar2(10);
    
17.    simple_password varchar2(10);
    
18.    reverse_user varchar2(32);
    
19. ----------------------
    
20.    part1 varchar2(30);
    
21. ----------------------
    
22.    part2 varchar2(30);
    
23. BEGIN
    
24.    digitarray:= '0123456789';
    
25.    chararray:= 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
    
26.    -- Check for the minimum length of the password
    
27.    IF length(password) < 8 THEN
    
28.       raise_application_error(-20001, 'Password length less than 8');
    
29.    END IF;
    
30. --------------------------------
    
31.    IF length(password) > 30 THEN
    
32.       raise_application_error(-20900, 'Password length more than 30');
    
33.    END IF;
    
34. 
    
35.    -- Check if the password is same as the username or username(1-100)
    
36.    IF NLS_LOWER(password) = NLS_LOWER(username) THEN
    
37.      raise_application_error(-20002, 'Password same as or similar to user');
    
38.    END IF;
    
39. ----------------------------------------------------------------------
    
40.    IF length(password)>length(username)
    
41.    THEN
    
42.       part1 := SUBSTR(password, 1, length(username));
    
43.       part2 := SUBSTR(password, length(username)+1);
    
44.       FOR i IN 1..(10**(length(part2)+1)-1)
    
45.       LOOP
    
46.        i_char := to_char(i);
    
47.        if NLS_LOWER(username)|| i_char = NLS_LOWER(password) THEN
    
48.         raise_application_error(-20005, 'Password same as or similar to user name ');
    
49.        END IF;
    
50.       END LOOP;
    
51.    END IF;  
    
52.    -- Check if the password is same as the username reversed
    
53.    
    
54.    FOR i in REVERSE 1..length(username) LOOP
    
55.      reverse_user := reverse_user || substr(username, i, 1);
    
56.    END LOOP;
    
57.    IF NLS_LOWER(password) = NLS_LOWER(reverse_user) THEN
    
58.      raise_application_error(-20003, 'Password same as username reversed');
    
59.    END IF;
    
60. 
    
61.    -- Check if the password is the same as server name and or servername(1-100)
    
62.    select name into db_name from sys.v$database;
    
63.    if NLS_LOWER(db_name) = NLS_LOWER(password) THEN
    
64.       raise_application_error(-20004, 'Password same as or similar to server name');
    
65.    END IF;
    
66.    FOR i IN 1..100 LOOP
    
67.       i_char := to_char(i);
    
68.       if NLS_LOWER(db_name)|| i_char = NLS_LOWER(password) THEN
    
69.         raise_application_error(-20005, 'Password same as or similar to server name ');
    
70.       END IF;
    
71.     END LOOP;
    
72. 
    
73.    -- Check if the password is too simple. A dictionary of words may be
    
74.    -- maintained and a check may be made so as not to allow the words
    
75.    -- that are too simple for the password.
    
76.    IF NLS_LOWER(password) IN ('welcome1', 'database1', 'account1', 'user1234', 'password1', 'oracle123', 'computer1', 'abcdefg1', 'change_on_install') THEN
    
77.       raise_application_error(-20006, 'Password too simple');
    
78.    END IF;
    
79. 
    
80.    -- Check if the password is the same as oracle (1-100)
    
81.     simple_password := 'oracle';
    
82.     FOR i IN 1..100 LOOP
    
83.       i_char := to_char(i);
    
84.       if simple_password || i_char = NLS_LOWER(password) THEN
    
85.         raise_application_error(-20007, 'Password too simple ');
    
86.       END IF;
    
87.     END LOOP;
    
88. 
    
89.    -- Check if the password contains at least one letter, one digit
    
90.    -- 1. Check for the digit
    
91.    isdigit:=FALSE;
    
92.    m := length(password);
    
93.    FOR i IN 1..10 LOOP
    
94.       FOR j IN 1..m LOOP
    
95.          IF substr(password,j,1) = substr(digitarray,i,1) THEN
    
96.             isdigit:=TRUE;
    
97.              GOTO findchar;
    
98.          END IF;
    
99.       END LOOP;
    
100.    END LOOP;
     
101. 
     
102.    IF isdigit = FALSE THEN
     
103.       raise_application_error(-20008, 'Password must contain at least one digit, one character');
     
104.    END IF;
     
105.    -- 2. Check for the character
     
106.    <<findchar>>
     
107.    ischar:=FALSE;
     
108.    FOR i IN 1..length(chararray) LOOP
     
109.       FOR j IN 1..m LOOP
     
110.          IF substr(password,j,1) = substr(chararray,i,1) THEN
     
111.             ischar:=TRUE;
     
112.              GOTO endsearch;
     
113.          END IF;
     
114.       END LOOP;
     
115.    END LOOP;
     
116.    IF ischar = FALSE THEN
     
117.       raise_application_error(-20009, 'Password must contain at least one \
     
118.               digit, and one character');
     
119.    END IF;
     
120. 
     
121. 
     
122.    <<endsearch>>
     
123.    -- Check if the password differs from the previous password by at least
     
124.    -- 3 letters
     
125.    IF old_password IS NOT NULL THEN
     
126.      differ := length(old_password) - length(password);
     
127. 
     
128.      differ := abs(differ);
     
129.      IF differ < 3 THEN
     
130.        IF length(password) < length(old_password) THEN
     
131.          m := length(password);
     
132.        ELSE
     
133.          m := length(old_password);
     
134.        END IF;
     
135. 
     
136.        FOR i IN 1..m LOOP
     
137.          IF substr(password,i,1) != substr(old_password,i,1) THEN
     
138.            differ := differ + 1;
     
139.          END IF;
     
140.        END LOOP;
     
141. 
     
142.        IF differ < 3 THEN
     
143.          raise_application_error(-20011, 'Password should differ from the \
     
144.             old password by at least 3 characters');
     
145.        END IF;
     
146.      END IF;
     
147.    END IF;
     
148.    -- Everything is fine; return TRUE ;   
     
149.    RETURN(TRUE);
     
150. END;
     
151. /
     
152. 
     
153. -- This script alters the default parameters for Password Management
     
154. -- This means that all the users on the system have Password Management
     
155. -- enabled and set to the following values unless another profile is
     
156. -- created with parameter values set to different value or UNLIMITED
     
157. -- is created and assigned to the user.
     
158. 
     
159. ALTER PROFILE DEFAULT LIMIT
     
160. PASSWORD_VERIFY_FUNCTION verify_function_11G;

复制代码