OGG -使用CMDSEC 檔案限制某個系統使用者對OGG 進行特定命令操作。
You can establish command security for Oracle GoldenGate to control which users have
access to which Oracle GoldenGate functions. For example, you can allow certain users to
issue INFOand STATUScommands, while preventing their use of STARTand STOPcommands.
Security levels are defined by the operating system’s user groups.
To implement security for Oracle GoldenGate commands, you create a CMDSECfile in the
Oracle GoldenGate directory. Without this file, access to all Oracle GoldenGate commands
is granted to all users.
To implement command security
1. Open a new ASCII text file.
2. Referring to the following syntax and the example on page 135, create one or more
security rules for each commandthat you want to restrict, one rule per line. List the
rules in order from the most specific (those with no wildcards) to the least specific.
Security rules are processed from the top of the CMDSEC file downward. The first rule
satisfied is the one thatdetermines whether or not access is allowed.
Separate each of the following components with spaces or tabs.
Where:
? is a GGSCI command name or a wildcard, for example STARTor STOP
or *.
? is any GGSCI command objector a wildcard, for example EXTRACT
or REPLICATor MANAGER.
? is the name of a Windows or UNIX user group. On a UNIX system, you
can specify a numeric group ID instead ofthe group name. You can use a wildcard
to specify all groups.
? is the name of a Windows or UNIX user. On a UNIX system, you can
specify a numeric user ID instead of the user name. You can use a wildcard to
specify all users.
? specifies whether access to the command is granted or prohibited.
3. Save the file as CMDSEC(using upper case letters on a UNIX system) in the Oracle
GoldenGate home directory.
The following example illustrates the correct implementation of a CMDSECfile on a UNIX
system.
-------------------------------------------------------------------------------------------------------------------------------
1、GGSCI (OGG1) 2> status extract ggex
EXTRACT GGEX: RUNNING
2、[oracle@OGG1 ogg]$ vi CMDSEC
[oracle@OGG1 ogg]$ more CMDSEC
STATUS EXTRACT * oracle NO
3、GGSCI (OGG1) 2> status extract ggex
ERROR: Command not authorized for this user.
-----------------------------------------------------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------------------------------------------------
1、GGSCI (OGG1) 2> status extract ggex
EXTRACT GGEX: RUNNING
2、[oracle@OGG1 ogg]$ vi CMDSEC
[oracle@OGG1 ogg]$ more CMDSEC
STATUS EXTRACT * oracle NO
3、GGSCI (OGG1) 2> status extract ggex
ERROR: Command not authorized for this user.
-----------------------------------------------------------------------------------------------------------------------------------
來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/26764973/viewspace-1176434/,如需轉載,請註明出處,否則將追究法律責任。
相關文章
- OGG 對trail 檔案加密AI加密
- 各檔案系統對單個檔案大小的限制
- 【OGG】hpux系統nfs異常造成OGG無法應用歸檔日誌UXNFS
- 使用scp命令在多個Linux系統間進行檔案複製Linux
- OGG 修改trail 檔案的大小AI
- OGG維護命令
- forfiles 命令是 Windows 作業系統中的一個命令列工具,用於在指定的檔案集合上執行特定的操作。 它允許使用者按照檔名、資料夾、檔案大小、修改日期等條件來篩選檔案,並對符合條件的檔案執行使用者指定的命令自動化檔案操作任務Windows作業系統命令列
- OGG 獲取truncate 操作
- ogg日常運維命令運維
- WINDOWS下對NIGNX日誌檔案進行限制Windows
- 如何使用diff 和 patch 命令對檔案進行協作?
- OGG-00268 OGG-01668引數檔案格式問題
- 在linux系統中對檔案進行分割Linux
- mac下通過dscl命令對使用者/使用者組進行增刪改查操作Mac
- ogg簡單維護命令
- ogg 同步 物化檢視建立限制 Materialized ViewZedView
- 用Python寫一個FUSE(使用者態檔案系統)檔案系統Python
- OGG-extract程式對應的多餘trail檔案的刪除AI
- C++中對檔案進行讀寫操作C++
- OGG雙向DML複製操作
- OGG單向DDL複製操作
- 傳統OGG與Microservice Architecture OGG的通訊ROS
- 使用GnuPG對檔案進行加密(轉)加密
- 10g Cluster啟動OGG後./ggsci登入OGG無法操作
- Oracle歸檔檔案丟失導致OGG不用啟動Oracle
- 利用觸發器監控對某個表操作的使用者資訊觸發器
- rm命令刪除檔案時排除特定檔案
- 使用RMAN duplicate對源庫的某個incarnation進行duplicate操作時遇到的問題
- 『學了就忘』Linux檔案系統管理 — 61、使用parted命令進行分割槽Linux
- ogg登陸資料庫使用者密碼加密資料庫密碼加密
- Oracle中對使用者所能使用的資料庫資源進行限制Oracle資料庫
- Oracle OGG 到 Kafka OGG-01431 OGG-01003 OGG-01151 OGG-01296 OGG-01668OracleKafka
- 使用系統API進行資料庫操作API資料庫
- Oracle+Ogg 歸檔丟失 重新導資料建立ogg同步步驟Oracle
- 運用sed命令高效地刪除檔案的特定行
- OGG刪除過期的trail檔案,shell實現AI
- sqlserver 對單個mdf檔案進行恢復SQLServer
- 在原ogg基礎上重新搭建ogg