Oracle 12c 数据库链接导出与删除(Database Link)

  1. 云栖社区>
  2. 博客>
  3. 正文

Oracle 12c 数据库链接导出与删除(Database Link)

leshami 2018-03-28 10:29:52 浏览12026
展开阅读全文

前阵子在漏洞扫描后,有些暂时不再使用的数据库链接Database Link需要删除。出于万一后续需要再用的情况考虑,于是乎先备份这些Database Link。首先让我想到的是直接生成DDL就行。事实上这DDL并不包含链接用户的密码。此路不通,所以就只能考虑用expdp工具来进行备份了。其次由于有些数据库用户的密码未知,因此这些用户创建的数据库链接在sys账号下无法删除。下文则是这些个问题的描述与解决。

一、环境准备

12c中包含了2个pdb数据库,分别是cdb1pdb1, cdb1pdb2
其中在cdb1pdb1上有一个db link指向了cdb1pdb2

--演示环境
SQL> select * from v$version;

BANNER                                                                              CON_ID
-------------------------------------------------------------------------------- ----------
Oracle Database 12c Enterprise Edition Release 12.2.0.1.0 - 64bit Production              0
PL/SQL Release 12.2.0.1.0 - Production                                                    0

--在cdb1pdb2上创建用户,用户配置从cdb1pdb1访问
SQL> alter session set container=cdb1pdb2;

SQL> create user robin identified by xxx;

SQL> grant dba,connect,resource to robin;

$ sqlplus robin/xxx@cdb1pdb2

SQL> create table blog(ename varchar2(20),addr varchar2(60));

SQL> insert into blog values('leshami','http://blog.csdn.net/leshami');

SQL> commit;

--连接到cdb1pdb1,此时我们使用了hr账号,密码已知。
--真实的环境类似用户密码我们是未知的,此处演示。
$ sqlplus hr/hr@cdb1pdb1
SQL> show user;
USER is "HR"

--创建到cdb1pdb2的数据库链接                  
SQL> create database link to_cdb1pdb2 connect to robin identified by xxx using 'CDB1PDB2';

SQL> select * from blog@to_cdb1pdb2;

ENAME                ADDR
-------------------- ------------------------------------------------------------
leshami              http://blog.csdn.net/leshami

二、备份数据库链接(提取DDL,以及导出DB Link)

通过get_ddl方式导出DB Link
$ sqlplus / as sysdba

SQL> select db_link,username from cdb_db_links where owner='HR';

DB_LINK                        USERNAME
------------------------------ ----------------------------------------
TO_CDB1PDB2.YDQ05.COM          ROBIN

SQL> alter session set container=cdb1pdb1;

SQL> alter session set current_schema=hr;

--通过get_ddl函数提取DDL,如下,我们看到密码部分为一个绑定变量
--很显然,这个没有起到绝对备份的作用
SQL> set long 5000
SQL> select dbms_metadata.get_ddl('DB_LINK','TO_CDB1PDB2.YDQ05.COM','HR') FROM DUAL;

DBMS_METADATA.GET_DDL('DB_LINK','TO_CDB1PDB2.YDQ05.COM','HR')
--------------------------------------------------------------------------------

  CREATE DATABASE LINK "TO_CDB1PDB2.YDQ05.COM"
  CONNECT TO "ROBIN" IDENTIFIED BY VALUES ':1'
  USING 'CDB1PDB2'

通过expdp方式导出DB Link
$ vi prfile.par 
directory=DATA_PUMP_DIR
dumpfile=hrdblink.dmp
logfile=exp_dblink.log
schemas=hr
INCLUDE=DB_LINK:"LIKE 'TO_CDB1PDB2.YDQ05.COM'" 

$ expdp parfile=prfile.par                                                                              

Export: Release 12.2.0.1.0 - Production on Tue Mar 27 17:38:11 2018

Copyright (c) 1982, 2017, Oracle and/or its affiliates.  All rights reserved.

Username: sys@cdb1pdb1 as sysdba 
Password: 

Connected to: Oracle Database 12c Enterprise Edition Release 12.2.0.1.0 - 64bit Production
Starting "SYS"."SYS_EXPORT_SCHEMA_01":  sys/********@cdb1pdb1 AS SYSDBA parfile=prfile.par 
Processing object type SCHEMA_EXPORT/DB_LINK
Master table "SYS"."SYS_EXPORT_SCHEMA_01" successfully loaded/unloaded
******************************************************************************
Dump file set for SYS.SYS_EXPORT_SCHEMA_01 is:
  /app/oracle/ora12c/admin/cdb1/dpdump/50DDF77203BA2CCBE053F401A8C03639/hrdblink.dmp
Job "SYS"."SYS_EXPORT_SCHEMA_01" successfully completed at Tue Mar 27 17:38:29 2018 elapsed 0 00:00:07

三、删除数据库链接(DB Link)

--此处模拟我们不知道创建数据库链接的用户名和密码,所以用sys登陆
SQL> show user;
USER is "SYS"

SQL> show con_name;

CON_NAME
------------------------------
CDB1PDB1

SQL> alter session set current_schema=hr;

--以下操作均无法删除DB Link,即使带上owner也不行
SQL> drop database link to_cdb1pdb2;
drop database link to_cdb1pdb2
*
ERROR at line 1:
ORA-01031: insufficient privileges

SQL> drop database link TO_CDB1PDB2.YDQ05.COM;
drop database link TO_CDB1PDB2.YDQ05.COM
*
ERROR at line 1:
ORA-01031: insufficient privileges

--下面通过一个专用的存储过程来搞定
--关于这个使用sys删除其他用户下的dblink,感谢steve.tang支持提供了个参考链接
SQL> exec DROP_DBLINK('HR','TO_CDB1PDB2.YDQ05.COM');

PL/SQL procedure successfully completed.

SQL> select db_link,username from cdb_db_links where owner='HR';

no rows selected

四、恢复数据库链接(DB Link)

$ impdp directory=DATA_PUMP_DIR dumpfile=hrdblink.dmp full=y

Import: Release 12.2.0.1.0 - Production on Wed Mar 28 09:15:11 2018

Copyright (c) 1982, 2017, Oracle and/or its affiliates.  All rights reserved.

Username: sys@cdb1pdb1 as sysdba
Password: 

Connected to: Oracle Database 12c Enterprise Edition Release 12.2.0.1.0 - 64bit Production
Master table "SYS"."SYS_IMPORT_FULL_01" successfully loaded/unloaded
Starting "SYS"."SYS_IMPORT_FULL_01":  sys/********@cdb1pdb1 AS SYSDBA directory=DATA_PUMP_DIR dumpfile=hrdblink.dmp full=y 
Processing object type SCHEMA_EXPORT/DB_LINK
Job "SYS"."SYS_IMPORT_FULL_01" successfully completed at Wed Mar 28 09:15:27 2018 elapsed 0 00:00:03

SQL> conn hr/hr@cdb1pdb1  

SQL> select * from blog@to_cdb1pdb2;

ENAME                ADDR
-------------------- ------------------------------------------------------------
leshami              http://blog.csdn.net/leshami

五、参考链接

删除数据库链接 http://www.oracle-ckpt.com/drop-db_links-of-a-private-user-from-sys/
expdp impdp中 exclude/include 的使用

网友评论

登录后评论
0/500
评论
leshami
+ 关注