监听服务管理
2012-12-19 19:02 潇湘隐者 阅读(9276) 评论(1) 编辑 收藏 举报如果你想管理(启动、关闭等)ORACLE数据库的监听服务,在Windows/Linux平台,你都可以通过lsnrctl命令来实现,下面
我们主要讲一下如何用lsnrctl命令来管理监听服务(我在两台数据库(不同平台、不同版本)分别操作,暂且叫为服务器A、
服务器B):
1:查看服务监听命令的详细帮助信息
服务器A:Red Hat Enterprise Linux Server release 6.0 (Santiago) ORACLE 10
[oracle@DB-Server ~]$ lsnrctl
LSNRCTL for Linux: Version 10.2.0.1.0 - Production on 04-JUL-2012 12:10:13
Copyright (c) 1991, 2005, Oracle. All rights reserved.
Welcome to LSNRCTL, type "help" for information.
LSNRCTL> help
The following operations are available
An asterisk (*) denotes a modifier or extended command:
start stop status
services version reload
save_config trace spawn
change_password quit exit
set* show*
服务器B:WINDOW平台 ORACLE 11
LSNRCTL> help
以下操作可用
星号 (*) 表示修改符或扩展命令:
start stop status
services version reload
save_config trace change_password
quit exit set*
show*
对比10g与11g,可以发现11g少了spawn命令
参数 |
参数功能描述 |
start |
启动指定的监听服务:start [<listener_name>] : start listener |
stop |
停止指定的监听服务:stop [<listener_name>] : stop listener |
status |
查看指定的监听服务状态:status [<listener_name>] : get the status of listener |
services |
列举出服务的一个汇总表及为每个协议服务处理程序所建立和拒绝的连接信息个数 :service [<listener_name>] : get the service information of the listener |
version |
查看监听服务版本信息:version [<listener_name>] : get the version information of the listener |
reload |
重启监听服务:reload [<listener_name>] : reload the parameter files and SIDs |
save_config |
保存修改监听配置的信息到参数文件:save_config [<listener_name>]: saves configuration changes to parameter file |
trace |
打开监听器的跟踪特性:trace OFF | USER | ADMIN | SUPPORT [<listener_name>] : set tracing to the specified level |
spawn |
产生一个以listener.ora文件中的别名运行的程序: spawn [<listener_name>] <spawn_alias> [<(ARGUMENTS='arg0, arg1,...')>] |
change_password |
修改关闭监听服务的秘密:change_password [<listener_name>]: changes the password of the listener |
quit |
退出tnsrctl命令:quit | exit : exit LSNRCTL |
exit |
退出tnsrctl命令:quit | exit : exit LSNRCTL |
set |
设置监听服务的配置 |
show |
显示一些参数配置信息 |
2:启动指定的监听服务
服务器A:
LSNRCTL> start LISTENER
Starting /database/product/dbhome_1/bin/tnslsnr: please wait...
TNSLSNR for Linux: Version 10.2.0.1.0 - Production
System parameter file is /database/product/dbhome_1/network/admin/listener.ora
Log messages written to /database/product/dbhome_1/network/log/listener.log
Listening on: (DESCRIPTION=(ADDRESS=(PROTOCOL=ipc)(KEY=EXTPROC1)))
Listening on: (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=DB-Server)(PORT=1521)))
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1)))
STATUS of the LISTENER
------------------------
Alias LISTENER
Version TNSLSNR for Linux: Version 10.2.0.1.0 - Production
Start Date 05-JUL-2012 10:38:14
Uptime 0 days 0 hr. 0 min. 0 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Listener Parameter File /database/product/dbhome_1/network/admin/listener.ora
Listener Log File /database/product/dbhome_1/network/log/listener.log
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=ipc)(KEY=EXTPROC1)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=DB-Server)(PORT=1521)))
Services Summary...
Service "PLSExtProc" has 1 instance(s).
Instance "PLSExtProc", status UNKNOWN, has 1 handler(s) for this service...
Service "WGODS" has 1 instance(s).
Instance "WGODS", status UNKNOWN, has 1 handler(s) for this service...
The command completed successfully
服务器B:
LSNRCTL> start LISTENER
启动tnslsnr: 请稍候...
TNSLSNR for 32-bit Windows: Version 11.2.0.1.0 - Production
系统参数文件为E:\app\kerry\product\11.2.0\dbhome_1\network\admin\listener.ora
写入e:\app\kerry\diag\tnslsnr\kerry-PC\listener\alert\log.xml的日志信息
监听: (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=127.0.0.1)(PORT=1521)))
正在连接到 (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=127.0.0.1)(PORT=1521)))
LISTENER 的 STATUS
------------------------
别名 LISTENER
版本 TNSLSNR for 32-bit Windows: Version 11.2.0.1.0 - Production
启动日期 05-7月 -2012 10:37:49
正常运行时间 0 天 0 小时 0 分 5 秒
跟踪级别 off
安全性 ON: Local OS Authentication
SNMP OFF
监听程序参数文件 E:\app\kerry\product\11.2.0\dbhome_1\network\admin\listener.ora
监听程序日志文件 e:\app\kerry\diag\tnslsnr\kerry-PC\listener\alert\log.xml
监听端点概要...
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=127.0.0.1)(PORT=1521)))
服务摘要..
服务 "CLRExtProc" 包含 1 个实例。
实例 "CLRExtProc", 状态 UNKNOWN, 包含此服务的 1 个处理程序...
服务 "orcl.20.32.106" 包含 1 个实例。
实例 "ORCL", 状态 UNKNOWN, 包含此服务的 1 个处理程序...
命令执行成功
LSNRCTL> top
NL-00853: 未定义的 命令 "top"。请尝试 "help"
3:停止监听服务
服务器A:
LSNRCTL> stop
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1)))
The command completed successfully
服务器B:
LSNRCTL> stop
正在连接到 (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=127.0.0.1)(PORT=1521)))
命令执行成功
4:查看监听服务状态
服务器A:
服务器B:
5:查看监听服务版本
服务器A:
LSNRCTL> version
Connecting to (ADDRESS=(PROTOCOL=tcp)(HOST=DB-Server)(PORT=1521))
TNSLSNR for Linux: Version 10.2.0.1.0 - Production
TNS for Linux: Version 10.2.0.1.0 - Production
Unix Domain Socket IPC NT Protocol Adaptor for Linux: Version 10.2.0.1.0 - Production
Oracle Bequeath NT Protocol Adapter for Linux: Version 10.2.0.1.0 - Production
TCP/IP NT Protocol Adapter for Linux: Version 10.2.0.1.0 - Production,,
The command completed successfully
服务器B:
正在连接到 (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=127.0.0.1)(PORT=1521)))
TNSLSNR for 32-bit Windows: Version 11.2.0.1.0 - Production
TNS for 32-bit Windows: Version 11.2.0.1.0 - Production
Oracle Bequeath NT Protocol Adapter for 32-bit Windows: Version 11.2.0.1.0 - Production
Windows NT Named Pipes NT Protocol Adapter for 32-bit Windows: Version 11.2.0.1.0 - Production
Windows NT TCP/IP NT Protocol Adapter for 32-bit Windows: Version 11.2.0.1.0 - Production,,
命令执行成功
6:查看监听服务信息
服务器A:
LSNRCTL> service
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1)))
Services Summary...
Service "PLSExtProc" has 1 instance(s).
Instance "PLSExtProc", status UNKNOWN, has 1 handler(s) for this service...
Handler(s):
"DEDICATED" established:0 refused:0
LOCAL SERVER
Service "WGODS" has 2 instance(s).
Instance "WGODS", status UNKNOWN, has 1 handler(s) for this service...
Handler(s):
"DEDICATED" established:0 refused:0
LOCAL SERVER
Instance "wgods", status READY, has 1 handler(s) for this service...
Handler(s):
"DEDICATED" established:1 refused:0 state:ready
LOCAL SERVER
Service "wgodsXDB" has 1 instance(s).
Instance "wgods", status READY, has 1 handler(s) for this service...
Handler(s):
"D000" established:0 refused:0 current:0 max:1022 state:ready
DISPATCHER <machine: DB-Server, pid: 31049>
(ADDRESS=(PROTOCOL=tcp)(HOST=DB-Server)(PORT=34792))
Service "wgods_XPT" has 1 instance(s).
Instance "wgods", status READY, has 1 handler(s) for this service...
Handler(s):
"DEDICATED" established:1 refused:0 state:ready
LOCAL SERVER
The command completed successfully
服务器B:
LSNRCTL> services
正在连接到 (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=127.0.0.1)(PORT=1521)))
服务摘要..
服务 "CLRExtProc" 包含 1 个实例。
实例 "CLRExtProc", 状态 UNKNOWN, 包含此服务的 1 个处理程序...
处理程序:
"DEDICATED" 已建立:0 已被拒绝:0
LOCAL SERVER
服务 "orcl.20.32.106" 包含 1 个实例。
实例 "ORCL", 状态 UNKNOWN, 包含此服务的 1 个处理程序...
处理程序:
"DEDICATED" 已建立:0 已被拒绝:0
LOCAL SERVER
命令执行成功
7:重启监听服务:此命令可以替代lsnrctl stop 和lsnrctl start,此命令可以在不用关闭监听服务命令的情况下,重新
读取listener.ora的配置,适合在修改监听服务文件后使用。
服务器A:
LSNRCTL> reload
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1)))
The command completed successfully
服务器B:
LSNRCTL> reload
正在连接到 (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=127.0.0.1)(PORT=1521)))
命令执行成功
8:修改、设置监听服务密码
如果没有设置监听服务密码,则默认口令为空.
LSNRCTL> change_password
Old password:
New password: ******
Reenter new password: ******
正在连接到 (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=127.0.0.1)(PORT=1521)))
LISTENER的口令已更改
命令执行成功
LSNRCTL> change_password
Old password:
New password:
Reenter new password:
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1)))
Password changed for LISTENER
The command completed successfully
LSNRCTL> set password
Password:
The command completed successfully
LSNRCTL> save_config
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1)))
Saved LISTENER configuration parameters.
Listener Parameter File /database/product/dbhome_1/network/admin/listener.ora
Old Parameter File /database/product/dbhome_1/network/admin/listener.bak
The command completed successfully
此时,你检查listener.ora,你会发现文件里面多了下面加密的密码
将该项删除后,保存listener.ora文件,即可取消lsnrctl的加密密码;
#----ADDED BY TNSLSNR 18-DEC-2012 17:28:17---
PASSWORDS_LISTENER = 1BAF8FABBD6810D3
#--------------------------------------------
这个设置在ORACLE 9i版本中有效,在10g版本中,即使设置密码后,依然可以不用输入密码停止监听服务,因为In Oracle 10, the TNSListener is secure out of the box and there should not be a need to set a listener password as in older versions of the Oracle listener.
Oracle10g以后,设置Listener密码已经不是安全检查的必要条件了,因为默认在10g里面除了启动监听的用户之外,其它用户都无法停止Listener(还有另外一些lsnrctl的命令也同样被禁止了,比如trace, reload等),即使Listener没有设置密码。在默认情况下,启动Listener或者使用lsnrctl status命令查看监听状态,可以看到:Security ON: Password OR Local OS Authentication这表明Listener的安全机制使用了Password方式或者Local OS Authentication方式,在这种状态下,即使是设置了监听密码,对于启动监听的user来说,也仍然是不需要任何密码就可以停止监听的。
如果想去除这种安全机制,你可以在listener.ora下加上LOCAL_OS_AUTHENTICATION_[listener name]=OFF
[oracle@DB-Server admin]$ vi listener.ora
SID_LIST_LISTENER =
(SID_LIST =
(SID_DESC =
(SID_NAME = PLSExtProc)
(ORACLE_HOME = /database/product/dbhome_1)
(PROGRAM = extproc)
)
(SID_DESC =
(SID_NAME = WGODS)
(ORACLE_HOME = /database/product/dbhome_1)
(SID_NAME = wgods)
)
)
LISTENER =
(DESCRIPTION_LIST =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC1))
(ADDRESS = (PROTOCOL = TCP)(HOST = DB-Server)(PORT = 1521))
)
)
LOCAL_OS_AUTHENTICATION_LISTENER=OFF
#----ADDED BY TNSLSNR 18-DEC-2012 17:28:17---
PASSWORDS_LISTENER = 1BAF8FABBD6810D3
"listener.ora" 33L, 779C written
[oracle@DB-Server admin]$ lsnrctl
LSNRCTL for Linux: Version 10.2.0.1.0 - Production on 19-DEC-2012 18:40:19
Copyright (c) 1991, 2005, Oracle. All rights reserved.
Welcome to LSNRCTL, type "help" for information.
LSNRCTL> reload
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1)))
The command completed successfully
LSNRCTL> stop
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1)))
TNS-01169: The listener has not recognized the password
LSNRCTL> set password --输入密码,停止监听服务
Password:
The command completed successfully
LSNRCTL> stop
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1)))
The command completed successfully
9:set命令配置
参数 |
描叙 |
set password |
|
set rawmode |
设置rawmode |
set displaymode |
把lsnrctl工具的显示模式设置成RAW、COMPACT、NORMAL或VERBOSE |
set trc_file |
设置监听跟踪文件的名称 |
set trc_directory |
设置监听器跟踪目录的名称 |
set trc_level |
把跟踪级别设置为OFF、USER、ADMIN、SUPPORT模式 |
set log_file |
显示或设置日志文件 |
set log_directory |
设置日志目录位置 |
set log_status |
设置是否为该监听器打开日志特性 |
set current_listener |
设置当前监听器为指定监听器 |
set inbound_connect_timeout |
设置参数指定的时间,在几秒钟内为客户完成网络连接已经建立后,其连接请求的监听 |
set startup_waittime |
设置监听器等待响应lsnrctl 命令行工具中的一条STATUS命令的时间长度 |
set save_config_on_stop |
在退出lsnrctl工具时保存对listener.ora文件的修改 |
set dynamic_registration |
使用的DYNAMIC_REGISTRATION_listener_name的参数启用或禁用动态注册。当设置为on,听者接受动态登记;设置为关闭时,听者拒绝动态注册。静态注册不受影响 |
set enable_global_dynamic_endpoint |
LSNRCTL> set
The following operations are available after set
An asterisk (*) denotes a modifier or extended command:
password rawmode
displaymode trc_file
trc_directory trc_level
log_file log_directory
log_status current_listener
inbound_connect_timeout startup_waittime
save_config_on_stop
LSNRCTL> help set password
set password : set the password for subsequent calls
LSNRCTL> help set current_listener
set|show current_listener [<listener_name>]: sets|shows current listener
9:保存配置信息:修改一些配置后,可以通过save_config保存到配置文件
LSNRCTL> save_config
正在连接到 (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=127.0.0.1)(PORT=1521)))
保存的LISTENER配置参数。
监听程序参数文件 E:\app\kerry\product\11.2.0\dbhome_1\network\admin\listener.ora
旧的参数文件E:\app\kerry\product\11.2.0\dbhome_1\network\admin\listener.bak
命令执行成功
LSNRCTL>
10:设置监听级别
11:spawn
12:退出监听服务器命令
LSNRCTL> exit
LSNRCTL> quit
13: 显示一些参数配置信息
参数 |
描叙 |
show rawmode |
显示原始模式信息:显示关于STATUS和SERVICES的较详细信息(当它们被设置成ON时)。值:ON或OFF |
show displaymode |
显示模式信息 |
show rules |
显示过滤规则信息 |
show trc_file |
显示跟踪文件信息 |
show trc_directory |
显示跟踪文件目录信息 |
show trc_level |
显示跟踪级别 |
show log_file |
查看日志文件信息 |
show log_direcotory |
显示日志文件目录信息 |
show log_status |
显示日志状态 |
show current_listener |
显示当前监听服务名称 |
show inbound_connect_timeout |
显示参数指定的时间,在几秒钟内为客户完成网络连接已经建立后,其连接请求的监听, |
show startup_waitetime |
显示监听器等待响应lsnrctl 命令行工具中的一条STATUS命令的时间长度 |
show snmp_visible |
|
show save_config_on_stop |
显示退出lsnrctl工具时是否保存对listener.ora文件的修改 |
show dynamic_registration |
显示是否启用或禁用动态注册 |
show enable_global_dynamic_endpoint |
|
show oracle_home |
显示ORACLE主目录信息 |
show pid |
显示ORACLE监听进程ID |
参考资料:
http://www.eygle.com/archives/2007/11/listener_security.html