-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathidenc_wroot.sql
70 lines (61 loc) · 2.69 KB
/
idenc_wroot.sql
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
--------------------------------------------------------------------------------
-- OraDBA - Oracle Database Infrastructur and Security, 5630 Muri, Switzerland
--------------------------------------------------------------------------------
-- Name......: idenc_wroot.sql
-- Author....: Stefan Oehrli (oes) [email protected]
-- Editor....: Stefan Oehrli
-- Date......: 2023.08.29
-- Revision..:
-- Purpose...: Initialize init.ora parameter WALLET_ROOT for TDE with software
-- keystore. This script should run in CDB$ROOT. A manual restart
-- of the database is mandatory to activate WALLET_ROOT
-- Notes.....:
-- Reference.: Requires SYS, SYSDBA or DBA privilege
-- License...: Apache License Version 2.0, January 2004 as shown
-- at http://www.apache.org/licenses/
--------------------------------------------------------------------------------
SET FEEDBACK OFF
SET VERIFY OFF
-- define default values
COLUMN def_admin_path NEW_VALUE def_admin_path NOPRINT
-- get the admin directory from audit_file_dest
SELECT
substr(value, 1, instr(value, '/', - 1, 1) - 1) def_admin_path
FROM
v$parameter
WHERE
name = 'audit_file_dest';
-- assign default value for parameter if argument 1 is empty
COLUMN 1 NEW_VALUE 1 NOPRINT
SELECT '' "1" FROM dual WHERE ROWNUM = 0;
DEFINE admin_path = &1 &def_admin_path
COLUMN admin_path NEW_VALUE admin_path NOPRINT
-- format SQLPlus output and behavior
SET LINESIZE 160 PAGESIZE 200
SET HEADING ON
SET FEEDBACK ON
COLUMN name FORMAT A42
COLUMN value FORMAT A60
-- start to spool
SPOOL idenc_wroot.log
-- create the wallet root folders
HOST mkdir -p &admin_path/wallet
host mkdir -p &admin_path/wallet/tde
host mkdir -p &admin_path/wallet/tde_seps
-- list init.ora parameter for TDE information in SPFile
PROMPT == Current setting of WALLET_ROOT in SPFILE =============================
SELECT name,value FROM v$spparameter
WHERE name IN ('wallet_root','tde_configuration','_db_discard_lost_masterkey')
ORDER BY name;
-- set the WALLET ROOT parameter
ALTER SYSTEM SET wallet_root='&admin_path/wallet' SCOPE=SPFILE;
-- list init.ora parameter for TDE information in SPFile
PROMPT == New setting of WALLET_ROOT in SPFILE =================================
SELECT name,value FROM v$spparameter
WHERE name IN ('wallet_root','tde_configuration','_db_discard_lost_masterkey')
ORDER BY name;
PROMPT =========================================================================
PROMPT == Please restart the database to apply the changes on WALLET_ROOT. =====
PROMPT =========================================================================
SPOOL OFF
-- EOF -------------------------------------------------------------------------