目录
Oracle监听器中的XDB、XPT和PLSExtProc服务
【LISTENER】使用Oracle隐含参数禁止“_XPT”服务注册到监听器
数据库在shutdown状态下,仅有PLSExtProc服务,且处于未知状态。
数据库在nomount状态下,有SID、SIDXDB、SID_XPT、PLSExtProc服务,其中,SID、SIDXDB、SID_XPT服务处于
就绪/准备状态,PLSExtProc处于未知状态。
下面分别介绍各个服务的作用:
SID:启动数据库实例的服务
SIDXDB:高效处理XML数据的服务,默认会占用8080端口。
SID_XPT:Oracle 10g为DG准备的服务,DB BROKER会用到,如果不用DG可以删掉。
PLSExtProc:PL/SQL调用外部接口(C、JAVA编写的过程)的服务——容易受攻击
观察监听在数据库每个状态下各个服务的启动情况和状态:
SQL> shutdown immediate;
Database closed.
Database dismounted.
ORACLE instance shut down.
Services Summary...
Service "PLSExtProc" has 1 instance(s).
Instance "PLSExtProc", status UNKNOWN, has 1 handler(s) for this service...
The command completed successfully
注:数据库在shutdown状态下,仅有PLSExtProc服务,且处于未知状态。
SQL> startup nomount;
ORACLE instance started.
Total System Global Area 826277888 bytes
Fixed Size 1222096 bytes
Variable Size 473958960 bytes
Database Buffers 348127232 bytes
Redo Buffers 2969600 bytes
Service "C2155" has 1 instance(s).
Instance "C2155", status BLOCKED, has 1 handler(s) for this service...
Service "C2155_XPT" has 1 instance(s).
Instance "C2155", status BLOCKED, has 1 handler(s) for this service...
Service "PLSExtProc" has 1 instance(s).
Instance "PLSExtProc", status UNKNOWN, has 1 handler(s) for this service...
The command completed successfully
注:数据库在nomount状态下,有SID、SID_XPT、PLSExtProc服务,其中,SID、SID_XPT服务处于封锁状态,PLSExtProc处于未知状态。
SQL> alter database mount;
Database altered.
Services Summary...
Service "C2155" has 1 instance(s).
Instance "C2155", status READY, has 1 handler(s) for this service...
Service "C2155_XPT" has 1 instance(s).
Instance "C2155", status READY, has 1 handler(s) for this service...
Service "PLSExtProc" has 1 instance(s).
Instance "PLSExtProc", status UNKNOWN, has 1 handler(s) for this service...
The command completed successfully
注:数据库在nomount状态下,有SID、SID_XPT、PLSExtProc服务,其中,SID、SID_XPT服务处于就绪/准备状态,PLSExtProc处于未知状态。
SQL> alter database open;
Database altered.
Services Summary...
Service "C2155" has 1 instance(s).
Instance "C2155", status READY, has 1 handler(s) for this service...
Service "C2155XDB" has 1 instance(s).
Instance "C2155", status READY, has 1 handler(s) for this service...
Service "C2155_XPT" has 1 instance(s).
Instance "C2155", status READY, has 1 handler(s) for this service...
Service "PLSExtProc" has 1 instance(s).
Instance "PLSExtProc", status UNKNOWN, has 1 handler(s) for this service...
The command completed successfully
【LISTENER】使用Oracle隐含参数禁止“_XPT”服务注册到监听器在Oracle的10.2版本中,Oracle不仅会将数据库的实例注册到监听器,与此同时还会注册生成一个名为_XPT(以数据库的SID开头,以XPT结尾,中间是下划线)的服务,这个服务是用于Data Guard环境,对正常数据库连接没有影响。鉴于_XPT服务的作用,我们完全有理由取消这个注册。这里给出禁止_XPT服务注册到监听器的方法。
我们可以通过将隐含参数“__dg_broker_service_names”内容置空的方法达到这个目的。
1.“__dg_broker_service_names”隐含参数的含义
可以通过x$ksppi和x$ksppcv获取隐含参数的当前值和说明信息。查询结果如下。
sys@ora10g> select a.ksppinm param_name,b.ksppstvl param_value,a.ksppdesc param_description from x$ksppi a,x$ksppcv b where a.indx = b.indx and a.ksppinm = '__dg_broker_service_names';
PARAM_NAME PARAM_VALUE PARAM_DESCRIPTION
-------------------------- ------------- ----------------------------
__dg_broker_service_names ora10g_XPT service names for broker use
2.监听器状态信息
ora10g@secdb /home/oracle$ lsnrctl status
LSNRCTL for Linux: Version 10.2.0.1.0 - Production on 22-AUG-2011 21:19:58
Copyright (c) 1991, 2005, Oracle. All rights reserved.
Connecting to (DESCRIPTION=(address=(protocol=tcp)(host=secdb)(port=1521)))
STATUS of the LISTENER
------------------------
Alias LISTENER
Version TNSLSNR for Linux: Version 10.2.0.1.0 - Production
Start Date 22-AUG-2011 21:19:12
Uptime 0 days 0 hr. 0 min. 46 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Listener Parameter File /oracle/ora10gR2/product/10.2.0/db_2/network/admin/listener.ora
Listener Log File /oracle/ora10gR2/product/10.2.0/db_2/network/log/listener.log
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=secdb.localdomain)(PORT=1521)))
Services Summary...
Service "ora10g" has 1 instance(s).
Instance "ora10g", status READY, has 1 handler(s) for this service...
Service "ora10g_XPT" has 1 instance(s).
Instance "ora10g", status READY, has 1 handler(s) for this service...
The command completed successfully
其中“ora10g_XPT”便是我们所提到的_XPT服务。我们的目标就是去除这个注册信息。
3.将“__dg_broker_service_names”隐含参数置空
sys@ora10g> alter system set "__dg_broker_service_names" = '';
System altered.
注意,此隐含参数为动态参数,可以直接进行调整。
4.重启监听器后查看监听状态
1)停止监听器
LSNRCTL> stop
Connecting to (DESCRIPTION=(address=(protocol=tcp)(host=secdb)(port=1521)))
The command completed successfully
2)启动监听器
LSNRCTL> start
Starting /oracle/ora10gR2/product/10.2.0/db_2/bin/tnslsnr: please wait...
TNSLSNR for Linux: Version 10.2.0.1.0 - Production
System parameter file is /oracle/ora10gR2/product/10.2.0/db_2/network/admin/listener.ora
Log messages written to /oracle/ora10gR2/product/10.2.0/db_2/network/log/listener.log
Listening on: (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=secdb.localdomain)(PORT=1521)))
Connecting to (DESCRIPTION=(address=(protocol=tcp)(host=secdb)(port=1521)))
STATUS of the LISTENER
------------------------
Alias LISTENER
Version TNSLSNR for Linux: Version 10.2.0.1.0 - Production
Start Date 22-AUG-2011 21:22:40
Uptime 0 days 0 hr. 0 min. 0 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Listener Parameter File /oracle/ora10gR2/product/10.2.0/db_2/network/admin/listener.ora
Listener Log File /oracle/ora10gR2/product/10.2.0/db_2/network/log/listener.log
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=secdb.localdomain)(PORT=1521)))
The listener supports no services
The command completed successfully
3)等待数据库实例注册到监听后查看监听器状态
ora10g@secdb /home/oracle$ lsnrctl
LSNRCTL for Linux: Version 10.2.0.1.0 - Production on 22-AUG-2011 21:23:00
Copyright (c) 1991, 2005, Oracle. All rights reserved.
Welcome to LSNRCTL, type "help" for information.
LSNRCTL> status
Connecting to (DESCRIPTION=(address=(protocol=tcp)(host=secdb)(port=1521)))
STATUS of the LISTENER
------------------------
Alias LISTENER
Version TNSLSNR for Linux: Version 10.2.0.1.0 - Production
Start Date 22-AUG-2011 21:22:40
Uptime 0 days 0 hr. 0 min. 21 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Listener Parameter File /oracle/ora10gR2/product/10.2.0/db_2/network/admin/listener.ora
Listener Log File /oracle/ora10gR2/product/10.2.0/db_2/network/log/listener.log
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=secdb.localdomain)(PORT=1521)))
Services Summary...
Service "ora10g" has 1 instance(s).
Instance "ora10g", status READY, has 1 handler(s) for this service...
The command completed successfully
此时ora10g_XPT服务已经不在监听中注册。任务完成。
5.小结
在非Data Guard环境的Oracle 10.2版本及以上环境,我们都可以使用此方法实现禁止_XPT服务注册到监听器。消除一切疑惑的内容,将数据库的运行状态掌握在自己的手中。