$working_dir/$logfile echo "Current working directory $working_dir" >> $working_dir/$logfile echo "operatation began `date`" >> $working_dir/$logfile for i in `db2 list db directory | grep 'Database name' | awk '{print $4}'`; do echo "==============================" >> $working_dir/$logfile ; echo "getting :DB AUTH,USER AUTH,PLAN AUTH for: $i" >> $working_dir/$logfile ; echo "==============================" >> $working_dir/$logfile ; echo "checking database state"..." /> $working_dir/$logfile echo "Current working directory $working_dir" >> $working_dir/$logfile echo "operatation began `date`" >> $working_dir/$logfile for i in `db2 list db directory | grep 'Database name' | awk '{print $4}'`; do echo "==============================" >> $working_dir/$logfile ; echo "getting :DB AUTH,USER AUTH,PLAN AUTH for: $i" >> $working_dir/$logfile ; echo "==============================" >> $working_dir/$logfile ; echo "checking database state"..." /> $working_dir/$logfile echo "Current working directory $working_dir" >> $working_dir/$logfile echo "operatation began `date`" >> $working_dir/$logfile for i in `db2 list db directory | grep 'Database name' | awk '{print $4}'`; do echo "==============================" >> $working_dir/$logfile ; echo "getting :DB AUTH,USER AUTH,PLAN AUTH for: $i" >> $working_dir/$logfile ; echo "==============================" >> $working_dir/$logfile ; echo "checking database state"..."> DB2安全审核

DB2安全审核

2012年1月10日 杰克vamvas.

sysibm.sysdbauth在数据库上维护用户权限

sysibm.sysplanauth. 维护计划的用户权限

sysibm.sysuserauth.   maintain 系统上的用户权限。

此shell脚本收集并记录这些记录集。适用于定期DB2安全审核。

 

working_dir=$PWD
logfile="AUTH_`date +%d%m%y`.log"
#export working_dir
#export logfile
touch $working_dir/$logfile
>$working_dir/$logfile
echo "Current working directory $working_dir" >> $working_dir/$logfile
echo "operatation began `date`" >> $working_dir/$logfile
for i in `db2 list db directory | grep 'Database name' | awk '{print $4}'`;
do
echo "=============================="  >> $working_dir/$logfile ;
echo "getting :DB AUTH,USER AUTH,PLAN AUTH for: $i"  >> $working_dir/$logfile ;
echo "=============================="  >> $working_dir/$logfile ;
echo "checking database state"  >> $working_dir/$logfile ;
state=$(db2 get db cfg for $i | grep 'HADR database role' | awk '{print $5}');
echo "Current state is $state"  >> $working_dir/$logfile ;

if [ $state = "STANDBY"  ]
then
echo "THIS DATABASE IS THE STANDBY, THIS OPERATION SHOULD BE PERFORMED AT THE PRIMARY"  >> $working_dir/$logfile
else
echo "command : db2 connect to $i "  >> $working_dir/$logfile ;
db2  connect to $i  >> $working_dir/$logfile ;

echo "command : select * from SYSIBM.SYSDBAUTH"  >> $working_dir/$logfile ;
db2 "select * from SYSIBM.SYSDBAUTH"  >> $working_dir/$logfile;

echo "command : select * from SYSIBM.SYSPLANAUTH"  >> $working_dir/$logfile ;
db2 "select * from SYSIBM.SYSPLANAUTH"  >> $working_dir/$logfile;

echo "command : select * from SYSIBM.SYSUSERAUTH"  >> $working_dir/$logfile ;
db2 "select * from SYSIBM.SYSUSERAUTH"  >> $working_dir/$logfile;

db2 terminate 

fi

echo "=============================="  >> $working_dir/$logfile ;
echo "";
done
echo "operatation ended `date`" >> $working_dir/$logfile

 

也可以看看

DB2 - 安全底漆

作者:杰克vamvas(http://www.ysaijiu.com)
作者:杰克vamvas(http://www.ysaijiu.com)

分享:

验证您的评论

预览您的评论

这仅仅是一个预览。您的评论尚未发布。

在职的...
您的评论无法发布。错误类型:
您的评论已保存。评论受到审核,并不会出现在作者批准之前。发布另一个评论

您输入的字母和数字与图像不匹配。请再试一次。

作为发布评论之前的最后一步,输入您在下面的图像中看到的字母和数字。这可以防止自动化程序发表评论。

难以阅读此图片吗?查看一个替代品。

在职的...

发表评论DB2安全审核

评论被审核,直到提交人批准之前就不会出现。


dba-db2.com. | DB2性能调整 | dba db2:一切 | 常问问题 | 接触 | Copyright