Script to change Oracle SYS and SYSTEM passwords

 

To satisfy Oracle requirement I change SYS and SYSTEM passwords once in 3 months.

Here is a cron job that runs at 7:00 am on the 1st of the month of Jan, Apr, Jul and Oct.

0  7  1  1,4,7,10 * /app/scripts/pass_change.sh

In the end script emails me new passwords for all databases.

 

. /home/oracle/ora.env

 

_email_txt=/tmp/pass_change.txt

rm -f $_email_txt

 

create_passwd()

{

# Oracle passwords should start with alpha so I randomly choose first character

_mypass1=`</dev/urandom tr -dc a-z | head -c1`

# Then other 6 chacaters wil be random numbers or alphas, small and caps

_mypass2=`</dev/urandom tr -dc a-zA-Z0-9 | head -c6`

# Make the last character a number

_mypass3=`</dev/urandom tr -dc 0-9 | head -c1`

 

_mypass=${_mypass1}${_mypass2}${_mypass3}

}

 

create_sql()

{

_pass_file=/tmp/pass_change_${1}.sql

create_passwd

echo ALTER USER SYS IDENTIFIED BY ${_mypass}\; 1>${_pass_file}

create_passwd

echo ALTER USER SYSTEM IDENTIFIED BY ${_mypass}\; 1>>${_pass_file}

echo ${1} >> $_email_txt

cat ${_pass_file} >> $_email_txt

}

 

change_one()

{

export ORACLE_SID=$1

sqlplus /nolog <<EOF

connect / as sysdba

@${_pass_file}

exit

EOF

}

 

email_me()

{

MAIL_SUBJECT="Passwords for SYS"

EMAIL_LIST="dlevin@domain.com"

cat $_email_txt | mail -s "$MAIL_SUBJECT" -e "$EMAIL_LIST"

}

 

create_sql  Database1_SID

change_one Database1_SID

create_sql  Database2_SID

change_one Database2_SID

email_me

rm -f /tmp/pass_change*

 

1