oracle12c 的SYSBACKUP、SYSDG、SYSKM系统用户
2016-03-08 17:17
295 查看
oracle12c 推出了三个新的系统用户SYSBACKUP、SYSDG、SYSKM,下面文章源自官方文档
database operations are granted through the following special system privileges:
■ SYSDBA
■ SYSOPER
■ SYSBACKUP
■ SYSDG
■ SYSKM
You must have one of these privileges granted to you, depending upon the level of
authorization you require.
Starting with Oracle Database 12c, the SYSBACKUP, SYSDG, and SYSKM administrative
privileges are available. Each new administrative privilege grants the minimum
required privileges to complete tasks ineach area of administration. The new
administrative privileges enable you to avoid granting SYSDBAadministrative privilege
for many common tasks.
来查询一下系统用户
SYSDBA ■ Perform STARTUPand SHUTDOWNoperations
■ ALTER DATABASE: open, mount, back up, or change character set
■ CREATE DATABASE
■ DROP DATABASE
■ CREATE SPFILE
■ ALTER DATABASE ARCHIVELOG
■ ALTER DATABASE RECOVER
■ Includes the RESTRICTED SESSIONprivilege
This administrative privilege allows most operations, including the
ability to view user data. It is the most powerful administrative
privilege.
SYSOPER ■ Perform STARTUPand SHUTDOWNoperations
■ CREATE SPFILE
■ ALTER DATABASE: open, mount, or back up
■ ALTER DATABASE ARCHIVELOG
■ ALTER DATABASE RECOVER(Complete recovery only. Any form of
incomplete recovery, such as UNTIL
TIME|CHANGE|CANCEL|CONTROLFILErequires connecting as
SYSDBA.)
■ Includes the RESTRICTED SESSIONprivilege
This privilege allows a user to perform basic operational tasks, but
without the ability to view user data.
SYSBACKUP This privilege allows a user to perform backup and recovery
operations either from Oracle Recovery Manager (RMAN) or
SQL*Plus.
See Oracle Database Security Guidefor the full list of operations allowed
by this administrative privilege.
SYSDG This privilege allows a user to perform Data Guard operations. You
can use this privilege with either Data Guard Broker or the DGMGRL
command-line interface.
See Oracle Database Security Guidefor the full list of operations allowed
by this administrative privilege.
SYSKM This privilege allows a user to perform Transparent Data Encryption
keystore operations.
See Oracle Database Security Guidefor the full list of operations allowed
by this administrative privilege.
session user (SYSBACKUP) when connecting with the SYSBACKUP administrative
privilege. Assume that the sample user mydba has been granted the SYSBACKUP
administrative privilege and has issued the following command and statements:
这里演示直接用户sysbackup用户登录,并查询当前用户的schema和user
1、Administrative Privileges
Administrative privileges that are required for an administrator to perform basicdatabase operations are granted through the following special system privileges:
■ SYSDBA
■ SYSOPER
■ SYSBACKUP
■ SYSDG
■ SYSKM
You must have one of these privileges granted to you, depending upon the level of
authorization you require.
Starting with Oracle Database 12c, the SYSBACKUP, SYSDG, and SYSKM administrative
privileges are available. Each new administrative privilege grants the minimum
required privileges to complete tasks ineach area of administration. The new
administrative privileges enable you to avoid granting SYSDBAadministrative privilege
for many common tasks.
来查询一下系统用户
SQL> select username from dba_users where username like 'SYS%'; USERNAME -------------------------------------------------------------------------------- SYSDG SYSKM SYSBACKUP SYSTEM SYS
2、Administrative
Privilege Operations AuthorizedSYSDBA ■ Perform STARTUPand SHUTDOWNoperations
■ ALTER DATABASE: open, mount, back up, or change character set
■ CREATE DATABASE
■ DROP DATABASE
■ CREATE SPFILE
■ ALTER DATABASE ARCHIVELOG
■ ALTER DATABASE RECOVER
■ Includes the RESTRICTED SESSIONprivilege
This administrative privilege allows most operations, including the
ability to view user data. It is the most powerful administrative
privilege.
SYSOPER ■ Perform STARTUPand SHUTDOWNoperations
■ CREATE SPFILE
■ ALTER DATABASE: open, mount, or back up
■ ALTER DATABASE ARCHIVELOG
■ ALTER DATABASE RECOVER(Complete recovery only. Any form of
incomplete recovery, such as UNTIL
TIME|CHANGE|CANCEL|CONTROLFILErequires connecting as
SYSDBA.)
■ Includes the RESTRICTED SESSIONprivilege
This privilege allows a user to perform basic operational tasks, but
without the ability to view user data.
SYSBACKUP This privilege allows a user to perform backup and recovery
operations either from Oracle Recovery Manager (RMAN) or
SQL*Plus.
See Oracle Database Security Guidefor the full list of operations allowed
by this administrative privilege.
SYSDG This privilege allows a user to perform Data Guard operations. You
can use this privilege with either Data Guard Broker or the DGMGRL
command-line interface.
See Oracle Database Security Guidefor the full list of operations allowed
by this administrative privilege.
SYSKM This privilege allows a user to perform Transparent Data Encryption
keystore operations.
See Oracle Database Security Guidefor the full list of operations allowed
by this administrative privilege.
3、Current Schema and Session User When Connecting AS SYSBACKUP
a user is assigned another schema (SYS) and anothersession user (SYSBACKUP) when connecting with the SYSBACKUP administrative
privilege. Assume that the sample user mydba has been granted the SYSBACKUP
administrative privilege and has issued the following command and statements:
这里演示直接用户sysbackup用户登录,并查询当前用户的schema和user
[oracle@test ~]$ sqlplus / as sysbackup SQL*Plus: Release 12.1.0.2.0 Production on Tue Mar 8 15:44:58 2016 Copyright (c) 1982, 2014, Oracle. All rights reserved. Connected to: Oracle Database 12c Enterprise Edition Release 12.1.0.2.0 - 64bit Production With the Partitioning, OLAP, Advanced Analytics and Real Application Testing options SQL> select sys_context('USERENV','CURRENT_SCHEMA') from dual; SYS_CONTEXT('USERENV','CURRENT_SCHEMA') -------------------------------------------------------------------------------- SYS SQL> select sys_context('USERENV','CURRENT_USER') from dual; SYS_CONTEXT('USERENV','CURRENT_USER') -------------------------------------------------------------------------------- SYSBACKUP
相关文章推荐
- ORACLE中BFILE字段的使用研究
- Oracle 树结构查询
- oracle登录时会报错 initialization error
- 管理口令(P):[INS-30011] 输入的 ADMIN 口令不符合 Oracle 建议的标准
- DB --- Oracle 入门教程基本知识
- Oracle创建用户以及授权、创建表空间
- Oracle存储过程
- Oracle - ORA-01840: input value not long enough for date format
- ORACLE管理-实用sql
- oracle存储过程异常捕获
- Oracle动态查拆分号票,合并号段
- ORACLE
- oracle不记得所有账户和密码怎么办 ?回车出现一个2
- Oracle中DELETE和TRUNCATE的区别
- 如何获得Oracle当前日期的年或月的第一天和最后一天
- Oracle备份恢复-控制文件损坏的各种场景恢复专题
- Oracle Net Manager 服务命名配置原理,方法,用途
- Oracle 11G Active DataGuard角色切换
- 首次连接oracle数据库的用户名和密码问题
- 安装oracle客户端,配置plsql