Document Type | Technical Information
Category | Security
Applicable Product Version | Tibero7
Document Number | TSETI006
Overview
This guide explains how to log in when the .passwd file is lost in Tibero7 version.
Method
You can log in by using the parameter _MOUNT_MODE_WITHOUT_PASSWD_FILE.
Parameter Information
- You need to apply _MOUNT_MODE_WITHOUT_PASSWD_FILE=Y in the tip file.
- If the .passwd file is corrupted, you can log in in mount state by setting _MOUNT_MODE_WITHOUT_PASSWD_FILE=Y in the tip file and then logging in.
Related Tibero Security Policy
It is assumed that a dba who can modify the .passwd tip file can log in with the sys account.
In other words, allowing connection to the sys account via tbsql, etc., in mount mode is a security risk,
but if you can modify the tip file and then connect to the sys account, it is recognized as having DBA privileges and connection is allowed.
(For proper use, change the port number to block access from other clients before applying.)
Comparison Before and After Applying the Parameter
1. Before applying _MOUNT_MODE_WITHOUT_PASSWD_FILE=Y
[tibero@tibero ~]$ tbboot mount Listener port = 8629 Tibero 7 TmaxTibero Corporation Copyright (c) 2020-. All rights reserved. Tibero instance started up (MOUNT mode). - Rename the .passwd file [tibero@tibero tibero7]$ mv .passwd .passwd_back [tibero@tibero tibero7]$ ls -alrt total 945320 drwxr-xr-x. 3 tibero dba 4096 Oct 20 16:03 .. -rw-------. 1 tibero dba 104857600 Oct 20 16:03 temp001.dtf -rw-r--r--. 1 tibero dba 44 Oct 20 16:03 .passwd_back -rw-------. 1 tibero dba 104857600 Oct 20 16:04 redo001.redo -rw-------. 1 tibero dba 104857600 Oct 20 16:04 redo011.redo drwxr-xr-x. 3 tibero dba 4096 Oct 20 16:06 . drwx------. 3 tibero dba 4096 Oct 20 16:06 java -rw-------. 1 tibero dba 104857600 Oct 20 16:06 usr001.dtf -rw-------. 1 tibero dba 27262976 Oct 20 16:06 syssub001.dtf -rw-------. 1 tibero dba 209715200 Oct 20 16:06 undo001.dtf -rw-------. 1 tibero dba 121634816 Oct 20 16:07 system001.dtf -rw-------. 1 tibero dba 104857600 Oct 20 16:07 redo021.redo -rw-------. 1 tibero dba 84885504 Oct 20 16:08 c1.ctl [tibero@tibero tibero7]$ tbsql sys/tibero tbSQL 7 TmaxTibero Corporation Copyright (c) 2020-. All rights reserved. TBR-17001: Login failed: invalid user name or password. SQL>
2. After applying _MOUNT_MODE_WITHOUT_PASSWD_FILE=Y
[tibero@tibero tibero7]$ tbdown immediate Tibero instance terminated (IMMEDIATE mode). [tibero@tibero tibero7]$ vi $TB_HOME/config/$TB_SID.tip # tip file generated from /tibero/tibero7/config/tip.template (2025. 10. 20. (Mon) 15:48:25 KST) #------------------------------------------------------------------------------- # # RDBMS initialization parameter # #------------------------------------------------------------------------------- DB_NAME=tibero LISTENER_PORT=8629 CONTROL_FILES="/tibero/tibero7/database/tibero/c1.ctl" #CERTIFICATE_FILE="/tibero/tibero7/config/tb_wallet/tibero.crt" #PRIVKEY_FILE="/tibero/tibero7/config/tb_wallet/tibero.key" #WALLET_FILE="/tibero/tibero7/config/tb_wallet/WALLET" #ILOG_MAP="/tibero/tibero7/config/ilog.map" MAX_SESSION_COUNT=20 TOTAL_SHM_SIZE=2G MEMORY_TARGET=4G _MOUNT_MODE_WITHOUT_PASSWD_FILE=Y [tibero@tibero tibero7]$ tbboot mount Listener port = 8629 Tibero 7 TmaxTibero Corporation Copyright (c) 2020-. All rights reserved. Tibero instance started up (MOUNT mode). [tibero@tibero tibero7]$ tbsql sys/tibero tbSQL 7 TmaxTibero Corporation Copyright (c) 2020-. All rights reserved. Connected to Tibero. SQL>