Feb
08
归家的路上
家,心灵的归宿!
在机场等班机的时候,才感觉藏在心里浓浓的挂念一拥而上,恨不能现在就可以在家门口冲屋里喊:“爸,妈,我回来了!”我想,家里的双亲肯定也在期待儿子的快点回家,虽然早已告诉他们我的归家日期。
爹妈在河南,儿子在福州,幸福就是一张机票!
亲人在家里,儿子在外地,团圆就是一路平安!
Feb
03
DBA,SYSDBA,SYSOPER三者的区别
什么是DBA?什么是SYSDBA,什么又是SYSOPER?三者究竟有何联系呢?
在Oracle数据库领域里,很多Oracle初学者(Me 2)很容易被这三个术语迷惑,就其原因还是基础概念没有弄清楚。记得自己刚开始接触Oracle的时候,也是云里雾里,现在基本弄明白,故写出来和大家分享:
DBA:在Oracle数据库里面其实只是一个角色(role)。那么什么是角色呢?可以简单的认为一个角色就是某些个权限的集合体,也就是说把多个系统权限(system privilege),对象权限(object privilege)以及角色(role)揉和在一起,然后赋给一个角色。说白了,Oracle引入角色的概念,其实是为了避免相关的系统权限和对象权限的赋予和回收的复杂性。把一堆系统权限和对象权限以及角色打包之后赋给某个新角色,然后再对这个新角色进行必要的操作就显得相当便捷和方便了。当然,在Oracle里面一个角色是可以赋给另外一个角色的,但是角色的赋给是不能够构成循环回路的。eg:先把role1给role2,然后把role2给role3,那么你就不可以再把role3给role1了。这是Oracle不允许的,其实你也不可以成功执行这样的包含回路角色的授权的!
SYSDBA:说白了就是一种系统权限而已,没有什么神秘的。当我们在SQL*PLUS命令行上执行了类似如下的操作:
SQL>conn / as sysdba;这时候,其实我们是以SYSDBA这个身份去登陆数据库的,我们当前的default schema是SYS。那么SYSDBA这个系统权限究竟允许执行哪些操作呢?
■ Perform STARTUP and SHUTDOWN operations
■ ALTER DATABASE: open, mount, back up, or change character set
■ CREATE DATABASE
■ DROP DATABASE
■ CREATE SPFILE
■ ALTER DATABASE ARCHIVELOG
■ ALTER DATABASE RECOVER
■ Includes the RESTRICTED SESSION privilege
■ Perform STARTUP and SHUTDOWN operations
■ ALTER DATABASE: open, mount, back up, or change character set
■ CREATE DATABASE
■ DROP DATABASE
■ CREATE SPFILE
■ ALTER DATABASE ARCHIVELOG
■ ALTER DATABASE RECOVER
■ Includes the RESTRICTED SESSION privilege
以SYSDBA登陆Oracle数据库时,上述几种操作是允许执行的。
SYSOPER:也是一种系统权限,只不过跟SYSOPER略有区别而已。SQL>conn /as sysoper 这种连接下,我们的default schema是PUBLIC.允许执行的操作如下:
■ Perform STARTUP and SHUTDOWN operations
■ CREATE SPFILE
■ ALTER DATABASE OPEN/MOUNT/BACKUP
■ ALTER DATABASE ARCHIVELOG
■ ALTER DATABASE RECOVER (Complete recovery only. Any form of incomplete recovery, such as UNTIL
TIME|CHANGE|CANCEL|CONTROLFILE requires connecting as SYSDBA.)
■ Includes the RESTRICTED SESSION privilege
简单区别如下:
SQL> conn sys/oracle as sysdba;
Connected to an idle instance.
SQL> show user;
USER is “SYS”
SQL> conn sys/oracle as sysoper;
Connected to an idle instance.
SQL> show user;
USER is “PUBLIC”
SQL>
Note: The SYSDBA and SYSOPER system privileges allow access to a database instance even when the database is not open. Control of these privileges is totally outside of the database itself.
SYSDBA和SYSOPER系统权限允许我们在数据库打开之前以这两种身份去访问实例。
当然,DBA还可以理解成另外两个术语的简写;Database Administrator,Data Block Address。
一句话总结三者之间的关系:
Note: The DBA role does not include the SYSDBA or SYSOPER system privileges. These are special administrative privileges that allow an administrator to perform basic database administration tasks, such as creating the database and instance startup and shutdown.
DBA 角色并未包含SYSDBA,SYSOPER这两个系统权限。他们是一类特殊的系统管理权限,允许管理员以这两种身份对数据库进行特殊的管理工作。
还有就是,不要轻易将SYSDBA,SYSOPER这两种系统权限授权给数据库的普通用户。也不要轻易将DBA角色赋给普通用户。在对数据库进行普通操作的时候,也不要以SYSDBA,SYSOPER登录。
Feb
01
《Oracle DBA手记》“享受”中
《Oracle DBA手记》新书到手,正在“啃食”中!感谢邹先生(banping)赠送此书与我。同样要感谢其他几位作者,感谢Oracle高手前辈写出如此好的技术性书籍,给我等newbie指点学习的方向和解决问题的方法。
2010.1.30下午在厦门市湖滨南路中山医院门口初见邹先生,特别高兴,也很欣慰,不单是他赠送此书给我,更为重要的是认识一位Oracle从业前辈。两个陌生的北方男人认识在南方的厦门,完全是因为Oracle。初次拿到书的时候感觉封面很凝重,随后慢慢翻阅学习的时候,才发觉内容是如此之精华!得知他母亲身体不好在医院治疗,他也一直忙着照顾老人。在此,祝福老人家,早日康复,祝福邹先生合家团圆,家人平安快乐!
Feb
01
2010.02.01
How time flyes!
2009在默默的工作和平静的生活中转瞬即逝了,还没来得及回味,2010又溜走了1/12.
Work hard & smart,Focus on Oracle & Linux.
Cherish the precious time,enjoy the colorful life,do the meaningful things.
Jan
27
oracle 10g SYSAUX tablespace
The SYSAUX(System Auxiliary) tablespace is a new feature of Oracle 10g database,before 10g release,there wasn’t this tablespace.After you created your database via DBCA(Database Configuration Assistant) tool,the SYSAUX tablespace was created for you automatically.
But what’s the mainly function of that tablespace? Why Oracle present the SYSAUX tablespace? Does it bring some benefit for the database or the DBA?
Yep,the answer is ture.The SYSAUX tablespace is an auxiliary tablespace of the SYSTEM tablespace.In the earlier release before 10g,there is only way to store the components and other metadata in the SYSTEM tablespace.But now,with the SYSAUX tablespace,Oracle separate some components from SYSTEM tablespace,bring ’sth’ from the SYSTEM tablespace to SYSAUX tablespace.By that,the workload of SYSTEM tablespace becomes light,decreases the space fragment in the SYSTEM tablespace,and it becomes easy to manage the SYSTEM tablespace for DBAs.
In addition,if the status of SYSAUX tablespace becomes offline(in fact we can bring it offline explicitly) or invalid,the Oracle database can works normally still.
Now,let’s find out which components were stored in the SYSTEM tablespace logically.First,we should be familar with the V$SYSAUX_OCCUPANTS dictionary table. V$SYSAUX_OCCUPANTS displays SYSAUX tablespace occupant information.
So,we need to do is only to issue a query against of the V$SYSAUX_OCCUPANTS view.
SQL> select occupant_name,schema_name,move_procedure,space_usage_kbytes from v$sysaux_occupants;
OCCUPANT_NAME SCHEMA_NAME MOVE_PROCEDURE SPACE_USAGE_KBYTES
———————- —————— ——————————– ——————
LOGMNR SYSTEM SYS.DBMS_LOGMNR_D.SET_TABLESPACE 6080
LOGSTDBY SYSTEM SYS.DBMS_LOGSTDBY.SET_TABLESPACE 896
STREAMS SYS 512
XDB XDB XDB.DBMS_XDB.MOVEXDB_TABLESPACE 49728
AO SYS DBMS_AW.MOVE_AWMETA 20160
XSOQHIST SYS DBMS_XSOQ.OlapiMoveProc 20160
XSAMD OLAPSYS DBMS_AMD.Move_OLAP_Catalog 15936
SM/AWR SYS 31552
SM/ADVISOR SYS 5824
SM/OPTSTAT SYS 29760
SM/OTHER SYS 7488
OCCUPANT_NAME SCHEMA_NAME MOVE_PROCEDURE SPACE_USAGE_KBYTES
———————- —————— ——————————– ——————
STATSPACK PERFSTAT 0
ODM DMSYS MOVE_ODM 256
SDO MDSYS MDSYS.MOVE_SDO 33216
WM WMSYS DBMS_WM.move_proc 7040
ORDIM ORDSYS 512
ORDIM/PLUGINS ORDPLUGINS 0
ORDIM/SQLMM SI_INFORMTN_SCHEMA 0
EM SYSMAN emd_maintenance.move_em_tblspc 56896
TEXT CTXSYS DRI_MOVE_CTXSYS 4736
ULTRASEARCH WKSYS MOVE_WK 0
ULTRASEARCH_DEMO_USER WK_TEST MOVE_WK 0
OCCUPANT_NAME SCHEMA_NAME MOVE_PROCEDURE SPACE_USAGE_KBYTES
———————- —————— ——————————– ——————
EXPRESSION_FILTER EXFSYS 3712
EM_MONITORING_USER DBSNMP 1600
TSM TSMSYS 256
JOB_SCHEDULER SYS 512
26 rows selected.
SQL>
For a test purpose,we can bring the LogMiner component to the EXAMPLES tablespace.
SQL> exec dbms_logmnr_d.set_tablespace(’example’);
PL/SQL procedure successfully completed
and then we issue a query against the V$SYSAUX_OCCUPANTS to obtain the effect:
SQL> select occupant_name,schema_name,move_procedure,space_usage_kbytes from v$sysaux_occupants where occupant_name like ‘LOG%’;
OCCUPANT_NAME SCHEMA_NAME MOVE_PROCEDURE SPACE_USAGE_KBYTES
———————- —————— ——————————– ——————
LOGMNR SYSTEM SYS.DBMS_LOGMNR_D.SET_TABLESPACE 0
LOGSTDBY SYSTEM SYS.DBMS_LOGSTDBY.SET_TABLESPACE 896
ok,the SPACE_USAGE_KBYTES value of the LOGMNR is 0,instead of the original value of 6080.
SQL> select occupant_name,schema_name,move_procedure,space_usage_kbytes from v$sysaux_occupants;
OCCUPANT_NAME SCHEMA_NAME MOVE_PROCEDURE SPACE_USAGE_KBYTES
———————- —————- ——————————– ——————
LOGMNR SYSTEM SYS.DBMS_LOGMNR_D.SET_TABLESPACE 6080
LOGSTDBY SYSTEM SYS.DBMS_LOGSTDBY.SET_TABLESPACE 896
STREAMS SYS 512
XDB XDB XDB.DBMS_XDB.MOVEXDB_TABLESPACE 49728
AO SYS DBMS_AW.MOVE_AWMETA 20160
XSOQHIST SYS DBMS_XSOQ.OlapiMoveProc 20160
XSAMD OLAPSYS DBMS_AMD.Move_OLAP_Catalog 15936
SM/AWR SYS 31552
SM/ADVISOR SYS 5824
SM/OPTSTAT SYS 29760
SM/OTHER SYS 7488
OCCUPANT_NAME SCHEMA_NAME MOVE_PROCEDURE SPACE_USAGE_KBYTES
———————- —————- ——————————– ——————
STATSPACK PERFSTAT 0
ODM DMSYS MOVE_ODM 256
SDO MDSYS MDSYS.MOVE_SDO 33216
WM WMSYS DBMS_WM.move_proc 7040
ORDIM ORDSYS 512
ORDIM/PLUGINS ORDPLUGINS 0
ORDIM/SQLMM SI_INFORMTN_SCHE 0
MA
EM SYSMAN emd_maintenance.move_em_tblspc 56896
TEXT CTXSYS DRI_MOVE_CTXSYS 4736
OCCUPANT_NAME SCHEMA_NAME MOVE_PROCEDURE SPACE_USAGE_KBYTES
———————- —————- ——————————– ——————
ULTRASEARCH WKSYS MOVE_WK 0
ULTRASEARCH_DEMO_USER WK_TEST MOVE_WK 0
EXPRESSION_FILTER EXFSYS 3712
EM_MONITORING_USER DBSNMP 1600
TSM TSMSYS 256
JOB_SCHEDULER SYS 512
26 rows selected.
SQL>
last,let’s bring it back to the SYSAUX tablespace.
SQL> exec dbms_logmnr_d.set_tablespace(’SYSAUX’);
PL/SQL procedure successfully completed.
Furthermore,we can do some more experiences on the SYSAUX tablespce.
SQL> drop tablespace sysaux ;
drop tablespace sysaux
*
ERROR at line 1:
ORA-13501: Cannot drop SYSAUX tablespace
we can’t drop the SYSAUX tablespace.
SQL> alter tablespace sysaux offline;
Tablespace altered.
SQL> alter tablespace sysaux online;
Tablespace altered.
we can switch the status of the SYSAUX tablespace manually.
SQL> alter tablespace sysaux read only;
alter tablespace sysaux read only
*
ERROR at line 1:
ORA-13505: SYSAUX tablespace can not be made read only
we can not alter the SYSAUX tablespace to read only status.
SQL> alter tablespace sysaux rename to new_sys;
alter tablespace sysaux rename to new_sys
*
ERROR at line 1:
ORA-13502: Cannot rename SYSAUX tablespace
Also,we can not rename the SYSAUX tablespace.
———————————-The End—————————–
Jan
21
revoke sysdba from user_name
把sysdba权限授予给user1之后,orapwSID文件中记录了user1的信息,但是将sysdba权限从user1收回之后,orapwSID文件中依然有user1用户。这是为什么呢???
可是联机文档上明明说:
A user’s name remains in the password file only as long as that user has at least one of these two privileges. If you revoke both of these privileges, Oracle Database removes the user from the password file.
以下是我的实验步骤:
1看到字典里面记录的只有SYS用户拥有SYSDBA和SYSOPER系统权限:
SQL> select * from v$pwfile_users;
USERNAME SYSDB SYSOP
—————————— —– —–
SYS TRUE TRUE
2给普通用户user1授予sysdba的权限:
SQL> grant sysdba to user1;
Grant succeeded.
3再次查看字典验证,看到授权成功,user1也拥有了sysdba权限:
SQL> select * from v$pwfile_users;
USERNAME SYSDB SYSOP
—————————— —– —–
SYS TRUE TRUE
USER1 TRUE FALSE
4并且user1也记录到了orapwSID文件(我的ORACLE_SID=asher)
SQL> !strings $ORACLE_HOME/dbs/orapwasher
]\[Z
ORACLE Remote Password file
INTERNAL
AB27B53EDC5FEF41
8A8F025737A9097A
USER1
BBE7786A584F9103
5并且user1也可以以sysdba登录:
SQL> conn user1/user1 as sysdba;
Connected.
SQL> show user;
USER is "SYS"
SQL> conn sys/oracle as sysdba;
Connected.
6收回权限:
SQL> revoke sysdba from user1;
Revoke succeeded.
7接着查看字典,发现user1已经没了sysdba的权限:
SQL> select * from v$pwfile_users;
USERNAME SYSDB SYSOP
------------------------------ ----- -----
SYS TRUE TRUE
8可是user1依然在orapwSID文件中存在:
SQL> !strings $ORACLE_HOME/dbs/orapwasher
]\[Z
ORACLE Remote Password file
INTERNAL
AB27B53EDC5FEF41
8A8F025737A9097A
USER1
BBE7786A584F9103
9重启数据再次查看:
SQL> shutdown immediate;
Database closed.
Database dismounted.
ORACLE instance shut down.
SQL> statup;
SP2-0042: unknown command "statup" - rest of line ignored.
SQL> startup;
ORACLE instance started.
Total System Global Area 293601280 bytes
Fixed Size 1219016 bytes
Variable Size 75499064 bytes
Database Buffers 209715200 bytes
Redo Buffers 7168000 bytes
Database mounted.
Database opened.
10查看字典:
SQL> select * from v$pwfile_users;
USERNAME SYSDB SYSOP
------------------------------ ----- -----
SYS TRUE TRUE
11orapwSID文件依然存在:
SQL> !strings $ORACLE_HOME/dbs/orapwasher
]\[Z
ORACLE Remote Password file
INTERNAL
AB27B53EDC5FEF41
8A8F025737A9097A
USER1
BBE7786A584F9103
SQL>
以上所有实验环境:
SQL> !uname -a
Linux RHEL4 2.6.9-89.ELsmp #1 SMP Mon Apr 20 10:34:33 EDT 2009 i686 i686 i386 GNU/Linux
SQL> select * from v$version;
BANNER
—————————————————————-
Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 – Prod
PL/SQL Release 10.2.0.1.0 – Production
CORE 10.2.0.1.0 Production
TNS for Linux: Version 10.2.0.1.0 – Production
NLSRTL Version 10.2.0.1.0 – Production
恳请各位看官指点迷津!谢谢!此环境下,我的数据库没有屏蔽操作系统认证(不知道跟这个有没有关系?)!实验的结果跟联机文档上说的出现冲突,我就很是纳闷???user1根本没有赋予sysoper的权限,所以我就没有revoke sysoper from user1,我想跟这个也没有关系吧?再次谢过!希望这个问题能得到高手的解决~~~
Dec
31
Plan is a keyword to succeed
Planning is a key to the success of many scholars because it forces you to examine yourself, to improve your performance, and to help overcome the three inherent problems of humans – laziness, greed, and selfishness! If you want to succeed, be serious about this.