Oracle Vault是安全三個技術策略的重要組成部分。相對於其他兩種,Label Security和VPD(Virtual Private Database),Oracle Vault更加體現營運體系管理建設和安全規則配置。安裝配置Vault之後,Oracle原有的sys超級使用者資訊安全角色被剝離,資料、操作和資源以規則的方式進行安全限制。應該說,使用Vault之後,才能真正實現對於資料管理員行為的管制。
本篇主要介紹如何對Vault進行卸載操作,依據的版本是11gR2。注意:Oracle Vault不同版本下進行卸載的方法有一定差異,特別是在relink的過程。
1、卸載前準備
Oracle Vault在資料庫中涉及幾個部分:dva組件以Web App的方式綁定在OEM中、內部的dbowner和manager管理對象和角色許可權調整。在正式的卸載操作之前,我們需要將資料庫和各種組件進行關閉。
資料庫完全關閉。
SQL> conn / as sysdba
Connected.
SQL> shutdown immediate;
Database closed.
Database dismounted.
ORACLE instance shut down.
監聽程式關閉。
[oracle@SimpleLinux ~]$ lsnrctl stop
LSNRCTL for Linux: Version 11.2.0.4.0 - Production on 28-APR-2014 13:56:27
Copyright (c) 1991, 2013, Oracle. All rights reserved.
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=SimpleLinux)(PORT=1521)))
The command completed successfully
DB Console Web應用關閉。
[oracle@SimpleLinux ~]$ emctl stop dbconsole
Oracle Enterprise Manager 11g Database Control Release 11.2.0.4.0
Copyright (c) 1996, 2013 Oracle Corporation. All rights reserved.
https://SimpleLinux:1158/em/console/aboutApplication
Stopping Oracle Enterprise Manager 11g Database Control ...
... Stopped.
[oracle@SimpleLinux ~]$ emctl status dbconsole
Oracle Enterprise Manager 11g Database Control Release 11.2.0.4.0
Copyright (c) 1996, 2013 Oracle Corporation. All rights reserved.
https://SimpleLinux:1158/em/console/aboutApplication
Oracle Enterprise Manager 11g is not running.
2、Disable Vault
Vault是一個預設情況下未啟用的組件。我們進行安裝Vault的過程,實際上就是將其重新打包如Oracle執行程式。進行卸載的過程,也需要重新relink Oracle應用程式。
首先進行Disable過程。
[oracle@SimpleLinux ~]$ cd $ORACLE_HOME/rdbms/lib
[oracle@SimpleLinux lib]$ make -f ins_rdbms.mk dv_off ioracle
/usr/bin/ar d /u01/app/oracle/rdbms/lib/libknlopt.a kzvidv.o
/usr/bin/ar cr /u01/app/oracle/rdbms/lib/libknlopt.a /u01/app/oracle/rdbms/lib/kzvndv.o
chmod 755 /u01/app/oracle/bin
(篇幅原因,有省略……)
- Linking Oracle
rm -f /u01/app/oracle/rdbms/lib/oracle
gcc -o /u01/app/oracle/rdbms/lib/oracle -m32 -z noexecstack -L/u01/app/oracle/rdbms/lib/ -L/u01/app/oracle/lib/ -L/u01/app/oracle/lib/stubs/ -L/u01/app/oracle/lib/ -lirc
mv /u01/app/oracle/rdbms/lib/oracle /u01/app/oracle/bin/oracle
chmod 6751 /u01/app/oracle/bin/oracle
注意:如果是在11gR2中,可以選擇chopt方式進行dv的卸載。
[oracle@SimpleLinux lib]$ chopt disable dv
Writing to /u01/app/oracle/install/disable_dv.log...
/usr/bin/make -f /u01/app/oracle/rdbms/lib/ins_rdbms.mk dv_off ORACLE_HOME=/u01/app/oracle
/usr/bin/make -f /u01/app/oracle/rdbms/lib/ins_rdbms.mk ioracle ORACLE_HOME=/u01/app/oracle
啟動監聽器,此時Oracle通常已經自動啟動。
[oracle@SimpleLinux lib]$ lsnrctl start
LSNRCTL for Linux: Version 11.2.0.4.0 - Production on 28-APR-2014 14:04:34
Copyright (c) 1991, 2013, Oracle. All rights reserved.
(篇幅原因,有省略……)
(DESCRIPTION=(ADDRESS=(PROTOCOL=ipc)(KEY=EXTPROC1521)))
The listener supports no services
The command completed successfully
[oracle@SimpleLinux lib]$ sqlplus /nolog
SQL*Plus: Release 11.2.0.4.0 Production on Mon Apr 28 14:04:41 2014
Copyright (c) 1982, 2013, Oracle. All rights reserved.
SQL> conn / as sysdba
Connected.
SQL> startup
ORA-01081: cannot start already-running ORACLE - shut it down first
更多詳情見請繼續閱讀下一頁的精彩內容:
|
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
