0

I'm creating a bash script to automate a process to create an Oracle database. Basically I want to invoke dbca. I already found two ways to do it but I still did not like those solutions. I was just wondering if has a better way to do it.

First I already have the sys_password defined on my script 

read -p -s "SYS Password: " sys_password

The simplest way is to create a temporary file with the password and pass it via STDIN.

echo $sys_password > /tmp/file_pwd.txt
echo $sys_password >> /tmp/file_pwd.txt
echo "" >> /tmp/file_pwd.txt
dbca -silent -createDatabase -responseFile /assets/dbca.rsp < /tmp/file_pwd.txt

However, this approach has a security issue because I'm creating a physical file with a sensitive information in the filesystem, even after removed in somehow it can be recovered.

So, the best solution that I could imagine was using the heredocs and pass it via pipe to dbca.

cat <<EOF | dbca -silent -createDatabase  -responseFile /assets/dbca.rsp
${sys_password}
${sys_password}
EOF

I have tried echo and printf combined with pipe but it did not produce the same result, anyway, it does not work. Bellow is the code not working:

printf "${sys_password}\n${sys_password}\n" | \
    dbca -silent -createDatabase  -responseFile /assets/dbca.rsp

I would like to know if there is another way to send the printf or echo output to dbca STDIN in jut one line

Wellington Souza
  • 2,200
  • 2
  • 22
  • 33
  • 1
    Heredocs aren't in memory -- they're written to disk. You don't want to put a password in them. (Though they're better than a *hardcoded* filename in `/tmp`, which is subject to symlink attacks and other precreation-based tricks). – Charles Duffy Nov 14 '17 at 23:46
  • 1
    And if you're going to use `printf`, keep your data outside of your format strings. That is to say, `printf '%s\n' "$foo" "$bar"`, not `printf "$foo\n$bar\n"`. – Charles Duffy Nov 14 '17 at 23:47
  • Anyhow, if you want "in just one line", then take out the backslash and newline, and there you are -- just one line. That is: `printf '%s\n' "$SYS_PASSWORD" "$SYS_PASSWORD" | dbca ...` – Charles Duffy Nov 14 '17 at 23:48
  • (btw, if it's your choice, using all-caps variable names is not great practice -- that namespace is reserved for variables with meaning to the operating system and shell, whereas names with at least one lowercase character are guaranteed not to conflict; see relevant spec @ http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap08.html). – Charles Duffy Nov 14 '17 at 23:49
  • The format is re-used as necessary to consume all of the arguments, so `printf '%s\n' "$foo" "$bar"` is shorthand for `printf '%s\n%s\n' "$foo" "$bar"` – tom Nov 14 '17 at 23:50
  • @tom, ...do you have reason to believe anyone here was unclear on that point? (The OP is asking for one line of code, not one line of output, and it's in that context I said "in just one line"). – Charles Duffy Nov 14 '17 at 23:51
  • @CharlesDuffy: It's not a well-known feature and I thought it was worth pointing out. I'm not trying to accuse you of producing multiple lines of output ;) – tom Nov 14 '17 at 23:56
  • @WellingtonSouza: Did you try using `printf '%s\n'` as Charles Duffy described? It should work. If it doesn't, replace the `dbca ...` command with `cat` to see what's being printed. – tom Nov 15 '17 at 00:09
  • 1
    Strictly speaking, whether the here document is in memory or on disk is an implementation detail: "It is unspecified whether the file descriptor is opened as a regular file, a special file, or a pipe. [POSIX spec]" – chepner Nov 15 '17 at 00:41

1 Answers1

2

With tom's hints, I could solve this question. Also, Charles Duffy gave me valuable advisor to make the code better. Thanks for all your support! Here is the final code:

printf "%s\n%s\n" "${sys_password}" "${sys_password}" | \
    dbca -silent -createDatabase -responseFile /assets/dbca.rsp
Wellington Souza
  • 2,200
  • 2
  • 22
  • 33