2013年4月27日 星期六
1、概念 |
(1)schema : user.object 就是用户创建的对象 (2)用户认证方式: os 认证 database 认证 |
2、建立 database认证的用户 |
SQL @ prod > create user rose identified by oracle default tablespace users temporary tablespace temp quota 10m on users 【用户配额限制】 password expire; ——【用户一登录密码就过期,需要重新设定】 User created. SQL @ prod > grant create session to rose; Grant succeeded. SQL @ prod > conn rose/oracle ERROR: ORA-28001: the password has expired
Changing password for rose …. New password: ... Retype new password: ... Password changed Connected. |
3、建立OS认证(操作系统认证)用户(sys 用户属于os 认证) |
SQL @ prod > show parameter auth NAME TYPE VALUE ------------------------------------ ----------- ------------------------------ os_authent_prefix string ops$ 【——创建OS认证的用户名前面一定要加上这个参数】 remote_os_authent boolean FALSE SQL @ prod > create user ops$oracle ——创建用户,不要加双引号 identified externally profile default default tablespace users temporary tablespace temp quota 10m on users
SQL @ prod > select username,account_status from dba_users;
USERNAME ACCOUNT_STATUS --------------- ------------------------- OUTLN OPEN SYS OPEN SYSTEM OPEN ROSE OPEN SCOTT OPEN ops$oracle OPEN TOM OPEN DBSNMP EXPIRED & LOCKED TSMSYS EXPIRED & LOCKED DIP EXPIRED & LOCKED SQL @ prod > select username ,password ,PROFILE,DEFAULT_TABLESPACe,TEMPORARY_TABLESPACE from dba_users; USERNAME PASSWORD PROFILE DEFAULT_TABLESP TEMPORARY_TABLE --------------- -------------------- --------------- --------------- --------------- OUTLN 4A3BA55E08595C81 DEFAULT SYSTEM TEMP SYS 8A8F025737A9097A DEFAULT SYSTEM TEMP SYSTEM 2D594E86F93B17A1 DEFAULT SYSTEM TEMP ROSE 1166A1F535AF6EFB DEFAULT USERS TEMP SCOTT F894844C34402B67 DEFAULT USERS TEMP ops$oracle EXTERNAL DEFAULT USERS TEMP TOM 0473A0A9140BFBD7 DEFAULT USERS TEMP DBSNMP E066D214D5421CCC DEFAULT SYSAUX TEMP TSMSYS 3DF26A8B17D0F29F DEFAULT USERS TEMP DIP CE4A36B8E06CA59C DEFAULT USERS TEMP SQL @ prod > grant create session to ops$oracle; Grant succeeded. SQL @ prod > exit Disconnected from Oracle Database 10g Enterprise Edition Release - Production With the Partitioning, OLAP and Data Mining options [oracle@solaris10 ~]$ id uid=100(oracle) gid=100(oinstall) [oracle@solaris10 ~]$ sqlplus / ——【登录不需要提供用户名和密码(oracle用户必须属于os的 oinstall 组 )】 SQL*Plus: Release - Production on Wed Mar 14 16:07:43 2012 Copyright (c) 1982, 2005, Oracle. All Rights Reserved. Connected to: Oracle Database 10g Enterprise Edition Release - Production With the Partitioning, OLAP and Data Mining options SQL @ prod > show user USER is "OPS$ORACLE" |
4、quota 管理:(对象的最大存储空间,用户在表空间上建立对象,必须在相应的tablespace 上获得quota) |
SQL @ prod > select TABLESPACE_NAME,USERNAME,BYTES/1024,MAX_BYTES/1024/1024 from dba_ts_quotas; TABLESPACE_NAME USERNAME BYTES/1024 MAX_BYTES/1024/1024 -------------------- --------------- ---------- ------------------- USERS ROSE 0 10 USERS OPS$ORACLE 0 10 ——【BYTES 已经使用过的配额,MAX_BYTES所分配的配额】 SQL @ prod > grant create table to rose; Grant succeeded. SQL @ prod > grant select on scott.emp to rose; Grant succeeded. SQL @ prod > conn rose/rose Connected. SQL @ prod > create table emp1 as select * from scott.emp; Table created. SQL @ prod > conn /as sysdba Connected. SQL @ prod > select TABLESPACE_NAME,USERNAME,BYTES/1024,MAX_BYTES/1024/1024 from dba_ts_quotas where username='ROSE'; TABLESPACE_NAME USERNAME BYTES/1024 MAX_BYTES/1024/1024 -------------------- --------------- ---------- ------------------- USERS ROSE 64 10 ——回收quota【只能回收用户未使用的磁盘配额】 SQL @ prod > alter user rose quota 0 on users; User altered. SQL @ prod > select TABLESPACE_NAME,USERNAME,bytes/1024,max_bytes/1024/1024 from dba_ts_quotas where username='ROSE'; no rows selected 【——已经回收,但仍然可以插入数据,因为之前已经使用的磁盘配额没用完】 SQL @ prod > conn rose/rose Connected. ROSE @ prod > insert into emp1 select * from emp1; 14 rows created. ROSE @ prod > / 28 rows created. ROSE @ prod > / 56 rows created. ROSE @ prod > insert into emp1 select * from emp1 * ERROR at line 1: 【ORA-01536: space quota exceeded for tablespace 'USERS'
ROSE @ prod > analyze table emp1 compute statistics; ——没磁盘配额了 】 Table analyzed. ROSE @ prod > select table_name,num_rows ,blocks,empty_blocks from user_tables; TABLE_NAME NUM_ROWS BLOCKS EMPTY_BLOCKS ------------------------------ ---------- ---------- ------------ EMP1 448 8 0 |
5、删除用户【会话中的用户不能被删除】 |
SYS @ prod > select username,sid,serial# from v$session where username is not null; USERNAME SID SERIAL# ---------- ---------- ---------- SYS 31 84 ROSE 39 31 SYS @ prod > drop user rose;——会话中的用户不能被删除 drop user rose * ERROR at line 1: ORA-01940: cannot drop a user that is currently connected ——强制关闭用户会话 SYS @ prod > alter system kill session '39,31';——‘SID,SERIAL#’ System altered. SYS @ prod > select * from emp1; select * from emp1 * ERROR at line 1: ORA-00028: your session has been killed SYS @ prod > drop user rose cascade; ——将用户所有的对象都一起删除 User dropped. |
磁盘配额 create user xxx quota 50m on system 指定用户在system 上50M 的磁盘空间。 alter system kill session 'sid,serial#' 杀掉用户进程 desc v$process 查找 ADDR SPID desc session_privs 用户权限。 desc session_roles set role develogment , manager desc dba_role_privs; alter user xxxx default role |