ORACLE User Management

-
Check account status:
select username from dba_users;
 
Check account privileges:
select * from dba_role_privs;
select * from dba_sys_privs;
select * from role_sys_privs;
 
Create role:
create role READ_ONLY;
grant connect to READ_ONLY;
grant select any table to READ_ONLY;
 
Use role:
grant read_only to user;
 
Create account:
connect system/manager
Create user user50 identified by user50 default tablespace users temporary tablespace temp;
grant connect, resource to user50;
 
Create read-only account:
create user readonly identified by readonly default tablespace users temporary tablespace temp;
grant connect, select any table to readonly;
 
Delete account:
drop user <account> cascade;  //加上cascade则将用户连同其创建的东西全部删除
 
Modify
Modify password:
Alter user acc01 identified by "12345";
 
Modify the default tablespace:
Alter user acc01 default tablespace users;

Modify the temporary tablespace:
Alter user acc01 temporary tablespace temp_data;

Require accout to modify password:
Alter user acc01 password expire;

Modify lock status of account:
Alter user acc01 account lock;  // 加锁
Alter user acc01 account unlock;  // 解锁
 
Monitor
Check the session of account:
select username, sid, serial#, machine from v$session;

Terminate the session of account:
Alter system kill session 'sid, serial#';

Check SQL script of account:
select user_name, sql_text from v$open_cursor;

Properties of account:
Default is unlimited
Change by running sceipt: /$ORACLE_HOME/rdbms/admin/utlpwdmg.sql
quota setting:
alter user <account> quota 20M on <tablespace>;
role setting:
Admin Option:whether can grant the privilege to others
default:是否登录马上生效;否则需要命令生效:set role role名;
Priviliege setting:system:针对全局;不递归收回权限注意:select any table 权限,有的用户仍旧不能看字典表原因:O7_DICTIONARY_ACCESSIBILITY=falseobject:针对对象;递归收回权限

Grant select on v$ view to normal userExample: hr user want to view v$databaseLogin with sysgrant select on v_$database to hr;

Comments

Post a Comment

Popular posts from this blog

Nginx Proxy & Load Balance & LNMP

-
Nginx Proxy Service E-commerce website Server 1: provide image request response (  apache / nginx ) Server 2: provide dynamic request response ( php-fpm / apache-php ) Server 3: provide static request response ( apache / nginx ) Server 4: provide data request response ( mysql ) It need one additional nginx server 1. Install nginx 2. proxy to specific server Example location / {      proxy_pass http://192.168.199.187:80/; } location /bbs/ {      proxy_pass http://192.168.199.187:80/bbs/; } location ~* \.(jpg|png|gif)$  {      proxy_pass http://172.16.100.7; } Enhance the log information and specific the hostname location / {      proxy_pass  http://192.168.199.187:80/;      proxy_set_header <parameter name>  $host;  (client requst the hostname )      proxy_set_header <parameter name> $remote_addr; ...
Read more

Snort+barnyard2+Snorby CentOS 6.5_64 Installation

-
#download packages: daq-2.0.2.tar.gz ImageMagicK-6.8.9-8.tar.gz oinkmaster-2.0.tar.gz ruby-1.9.3-p547.tar.gz snort-2.9.6.2.tar.gz snortrules-snapshot-2962.tar.gz MySQL-server-5.5.40-1.rhel5.x86_64.rpm MySQL-client-5.6.21-1.rhel5.x86_64.rpm MySQL-devel-5.6.21-1.rhel5.x86_64.rpm MySQL-shared-5.6.21-1.rhel5.x86_64.rpm epel-release-6-8.noarch.rpm barnyard2-2.1.13.tar.gz #install yum package rpm -ivh epel-release-6-8.noarch.rpm yum install gcc-c++ patch readline readline-devel zlib zlib-devel flex git yum install libyaml-devel libffi-devel openssl-devel make  yum install bzip2 autoconf automake libtool bison iconv-devel libxml2-devel libxslt  yum install gcc g++ build-essential libssl-devel libreadline5-devel zlib1g-devel linux-headers-generic libsqlite3-devel libxslt-devel curl-devel sqlite-devel yum --enablerepo=epel install jasper jasper-libs jasper-devel #Mysql install yum remove mysql mysql-libs rpm -ivh MySQL-server-5.5.40-1.rh...
Read more

ORACLE Error

-
Image
oracle official error explanation  http://docs.oracle.com/cd/E11882_01/server.112/e17766/toc.htm 从服务器下载ALERT日志文件,传输方式需要选择"ASCII" ORA-01078: failure in processing system parameters 发生场景:新建数据库第一次启动时 SQL> startup ORA-01078: failure in processing system parameters LRM-00109: could not open parameter file ‘/home/oracle/oracle/product/10.2.0/db_1/dbs/initorcl.ora’ 原因:oracle_sid没有配置正确 解决方案: 1. 修改oracle用户.bash_profile文件中ORACLE_SID后的内容; 2. 重新已oracle用户登录; ORA-01157: cannot identify/lock data file string - see DBWR trace file  Cause: The background process was either unable to find one of the data files or failed to lock it because the file was already in use. The database will prohibit access to this file but other files will be unaffected. However the first instance to open the database will need to access all online data files. Accompanying error from the operating system describes why the file could not be identified. Action: Have operating system make file ...
Read more