8

Oracle

OracleOracle

8.1 Oracle OracleCONNECT scotttiger Oracle syssystem scott

[.] userluser2tuserltuserluser2tuser2userlttuserltuser2tuser2t

CREATE USERCREATE USER

jwcuser SQL>CREATE USER]WCUSer IDENTIFIED BY welcomel35 DEFAULT TABLESPACE edu TEMPORARY TABLESPACE temp QUOTA 10M ON edu QUOTA 2M ON users PASSWORD EXPIRE jwcuserwelcomel35edutemp QUOTA()edu10MBusers2MBPASSWORD EXPIRE

rscuser SQL>CREATE USER rscuser IDENTFED EXTERNALLY DEFAULT TABLESPACE users TEMPORARY TABLESPACE temp QUOTA UNLIMITED ON users rscuseruserstemp

testuser() SQL>CREATE USER testuser IDENTIFED BY 123456 ACCOUNT LOCK SYSTEM

8.1.2 (SYSDBASYSOPER) Oracle9isysREMOTE-LOGIN_PASSWORDFILEEXCLUSIVESYSDBASYSOPER Oracle9isysAs SYSDBAAS SYSOPERsys81

SYSDBASYSOPERSYSDBASYSOPER

8-1 SYSDBASYSOPER

8.1.3 1 ALTER USERDBAALTER USER SQL>ALTER USER testuser IDENTIFIED BY ertghj DBA

2 INSERTUPDATE(0RA01536 space quota exceeded for tablespaceedu)SELECTDELETE

DBA SQL>ALTER USER jwcuser QUOTA 15M ON edu SQL>ALTER USER jwcuser QUOTA 0 ON users jwcuseruserst

3 SQL>ALTER USER testuser ACCOUNT LOCK testuserSQL>ALTER USER testuser ACCOUNT UNLOCK Oracle

SQL>DROP USER testuser testuserCASCADE ORA01922CASCADE must be specified to dropTESTUSER SQL>DROP USER testuser CASCADE dba_usersdba ts quotasuser_usersuser_ts_quotas

jwcuser SQL>SELECT default_tablespace temporary_tablespace account_status FROM dba users WHERE username=JWCUSER iwcuser SQL

>SELECT tablespacename blocks nn maxblocks-- FROM usertsquotas SYSTEM 224 0 USERS 344 O TT 40 1

maxblocks1v$pwfile_users

82 SQL

8.2.1 Oracle1 (CREATE TABLESPACE) (CREATEANY TABLE)

82

2.83Oracle

Oracle

UPDATEINSERTSELECT

8.2.2 GRANTGRANT

1CREATE SESSl0Njwcuser

SQL>GRAINT CREATE SESSION TO]wcuser CREATE SESSIONCREATE TABLEtestuser SQL>GRANT CREATE SESSIONCREATE TABLE TO testuser CREATE SESSION SQL>GRANT CREATE SESSION TO PUBLIC

PUBLICOraclePUBLICPUBLICPUBLICUSER_ALL

DBAWITHADMIN OPTION83DBACREATE SESSIONCREATE VIEWgly_hebei2glysjzgly_bd" 83

2WITH GRANT OPTION iwcuserstudtestuser SQL>GRANT SELECT ON stud TO testuser jwcuserstudtestuser SQL>GRANT INSERTALTER ON stud TO testusel"

jwcusercourseuserluser2 SQL>GRANT ALL ON course TO userluser2 tempcollc012userl SQL>GRANT UPDATE(C011C012)INSERT(c011C012)0N temp T0 userl

DBMSOUTPUTuserluserlSQL>CONNAS SYSDBASQL>GRANT EXECUTE ON DBMS OUTPUT TO user WITH GRANT OPTION WITH GRANT OPTION

8.2.3 REVOKEGRANT

1 CREATE TABLEtestuserSQL>REVOKE CREATE TABLE FROM testusefCREATEJEwgly_hebei SQL>REVOKE CREATE VIEW FROM gly_hebei 83systemgly_hebeiCREATE VIEWWITH ADMIN OPTIONgly_hebeiCREATE VIEWglysjzglyhebeiCREATE VIEWglysjzCREATE VIEW84

2REVOKEjwcusertestuserstud SQL>REVOKE ALTER ON stud FROM testuser DBAtestUPDATEgly_hebeiWITH GRANT OPTIONglyhebeiglysjz85(a)DBAtestUPDATEgly_hebeiglysjztest UPDATE

8.2.4 1. DBAdba_sys_privs WITH ADMIN OPTION SQL>SELECT * FROM dbasys_privs WHERE grantee=TESTUSER

testuserGRANTEEVILEGEADMINOPTIONYESNO usersysprivs

2dba_tabprivsuser_tab_privsDBAtestuserSQL>SELECT tabie_nameprivilege f owner r grantor|grantable FROM dba_tab_privs WHERE granteeTESTUSER

UPDATESELECT8-6dba_col_privstestuserUPDATEstudSIlOsnameusercolprivs

83 (1)

(2) (3)

1 CREATEROIE fdy SQIj>CREATE ROLE fdy fdystud SQL>GRANT CREATE SESS0NCREATE VEW TO FDY SQL>GRANT SELECT ON stud TO fd3 fdy

sql>REVOKE CREATE VI EW FROM fdy bzr SQL>CREATE ROLE bzr IDENTIFIED BY teachers 2 SQL>GRANT fdy TO testuser SQL>GRANT fdy TO jwcuser REVOKE SQL>REVOKE fdy FROM testuser

3 (1)ALTER USER

fdybzrtestuser SQL>ALTER USER testuser DEFAULT ROLE fdybzr fdytestuser sQL>ALTER USER testuser DEFAULT ROLE ALL EXCEPT fdy testuser SQL>ALTER USER testuser DEFAULT ROLE none

(2)SET ROLE fdy SQL>SET ROLE fdy bzr SQL>SET ROLE bzr IDENTIFIED BY teachers j fdy SQL>SET ROLE ALL EXCEPT fdy SQL>SET ROLE NONE

4DROP ROLEOracle fdyDROPROLE SQL>DROP ROLE fdy

8.3.2Oracle (1)CONNECTRESOURCEDBAOracle (2)EXPULLDATABASEIMP_FULLDATABASE (3)DELETECATALOG_ROLEDELETE (4)EXECUTE_CATALOG_ROLEEXECUTE (5)SELECT-CATALOG_ROLESELECT

dba rolespassword_requiredSQL>SELECT rolepasswordrequired FROM dba_roles

jwcuserSQL>SELECT grante(Lrole FROM dba_role privs WHERE grantee=JWCUSERfdySQL>SELECT FROM role_sys_privs WHERE role=FDY ;SQL>SELECT * FROM role_tab_privs WHERE role=FDYsession_rolesSQL>SELECTFROM Session r01es

84 PROFILE PROFILEPROFILEPROFILE

(1)SQL (2) (3) (4) DEFAULTUNLIMITEDPROFILEOracleDEFAULT DBAPROFILEPROFILE

8.4.2 PROFILEPROFILE 7DEFAULT CPUPROFILE(SQL)

PROFILERESOURCE-LIMITTRUE jwcuser33 7103005jwcuser60min5min

PROFILESQL>CREATE PROFILE profile_jwcuser LIMIT FAILED_LOGIDLATTEMPTS 3 PASSWORD_LOCK_TIME 7 PASSWORD LIFE TIME 1 0 PASSWORD_REUSE_TIME 3 0 0 SESS0NS PER USER 5 CONNECT TIME 60 IDLE TIME 5

SQL>ALTER SYSTEM SET RESOURCE-LIMIT=true profilejwcuserjwcuserPROFILEPROFILEALTER USERSQL>ALTER USER Jwcuser PROFILE profilejwcuser

8.4.3 PROFILE ALTER PROFILEALTER PROFILEPROFILE SQL>ALTER PROFILE profile_jWCUSer LIMIT SESSIONS_PERUSER 3 FAILED_LOGIN_ATTEMPTS 5

PROFILEDROP PROFILEPROFILEPROFILECASCADE profile__]wcuserPROFILEjwcuser SQL>DROP PROFILE profile_jwcuser CASCADE ; PROFILEDEFAULT PROFILE

8.4.4 PROFILE1PROFILEdba_usersPROFILESQL>SELECT profile FROM dba users WHERE username=JWCUSER

2PROFILE PROFILEOraclePROFILEprofilesPROFILE

SQL>SELECT resource_name1lmlt FROM dba_proflles WHERE profile=PROFILE_JWCUSERAND resource_type=KERNELdba_profiles4(1)profilePROFILE(2)resourcename~PROFILE(3)resourcetypePASSWORDKERNAL(4)limitPROFILE

OraclePROFILE

1PROFILE( ) ACPU B C D2PROFILE( ) AOracle B CDEFAULT DOracle3( ) Adba_profiles Bdba_users Cdba_passwords Dv$session

4?( ) ASYSDBA BSYSOPER CDBA DCONNECT5?( ) ASELECT BUPDATE CDELETE DINSERT6QUOTA() A B0 C10MB D100MB