Oracle basis
User Management Oracle-
- Oracle basis
- A, Oracle Database Architecture
- Two, Oracle database logical structure
- Three, Oracle database users
- 1, Oracle database default account
- 2, the difference between the two systems sysoper Sysdba and rights
- 3, some of the SQL * Plus command
- 4, Oracle user operation
- Fourth, access control
- Fifth, the role of control
A, Oracle Database Architecture
1, database: database
Oracle Database is the physical storage of the data. Comprising: ORA or the DBF data files, control files, online log, file parameters). In fact, Oracle is an operating system has only one library. Oracle can be seen as only one large database.
2, examples
Oracle instance has a series of background processes and memory structures. A database can have n instances.
3, data files (dbf)
Data files are physically stored in the database unit. If you want to delete a data file, table space can only delete the job to which it belongs.
4, table space
Oracle is a logical mapping related data files on the physical database. A data file can only belong to one table space.
5, the user
The user is established under instance. Different instances can be built with the same name of the user.
Two, Oracle database logical structure
- Table space formed by a plurality of data files
- Data files can only belong to one table space
- Tablespace as a logical concept, the concept of the physical data file
- Segment is a collection zone
- Region is a collection of data blocks
- Data block is mapped to disk blocks
Three, Oracle database users
To access the database, the user must specify a valid database user accounts, but also according to the requirements of the user account successfully verified. Each database has a unique user account database.
When you create a new database, oracle will be common some default database users, such as SYS, SYSTEM, and SCOTT and other users. SYSTEM SYS and user management are oracle user, while the user is an exemplary user SCOTT oracle database, SCOTT database table which contains a number of tests show exemplary use (for learning exchange)
1, Oracle database default account
1.1、SYS
SYS user is a super user in the oracle, database and all data dictionary views exist SYS mode, data dictionary for storing all of the information management database objects, it is very important oracle database system information. SYS user information system is mainly used to maintain and manage instances. SYS user with SYSOPER or SYSDBA role can only log into the system.
1.2、SYSTEM
SYSTEM user is in default oracle database administrator, it has DBA privileges. This user model stores the internal tables and views oracle management tool. Usually by users, privileges, and stored SYSTEM user management database and so on. Not recommended to create a user table in the SYSTEM mode. SYSTEM can not log in to the SYSOPER and SYSDBA role, only to default login.
1.3、SCOTT
SCOTT is an exemplary user oracle user database, the database is generally created when installed. SCOTT exemplary user mode contains four tables, one of which is the EMP table, the storage mode using the USERS tablespace objects.
Usually for security reasons, table for different uses require different access privileges, at this time, we need to create a different user, oracle in the create user command to create users, each user has a default and a temporary table space table space. If not specified, oracle USERS will be set as the default table space, set the TEMP temporary table space.
2, the difference between the two systems sysoper Sysdba and rights
sysdba and sysoper belong to system privilege, also known as administrative privilege, such as the database has permission to open some of the closed system like the management level. sysdba and sysoper specific permissions as follows:
[] SYSOPER privileges that database operator privileges, rights include:
- Open the database server
- Shut down the database server
- backup database
- Database recovery
- Log Archive
- Session limit
[] SYSDBA privilege that the database administrator privileges, rights include: - Open the database server
- Shut down the database server
- Backup Database Recovery Database
- Log Archive
- Session limit
- Management function
- Create a database
[sysdba] has the highest system privileges, after landing is sys.
[Sysoper] is mainly used to start, shut down the database, the user is landing sysoper public.
3, some of the SQL * Plus command
Explanation: The command is not case sensitive
3.1, the average user login
- Method 1: Perform sqlplus -> enter a user name -> password.
- Second way: performing sqlplus {username} -> password.
- Three ways: performing sqlplus {} username / password {}.
Examples:
sqlplus -> Input scott -> Enter the Tiger
sqlplus scott -> enter a password.
sqlplus scott / tiger
3.2, log on to Administrator
Execute sqlplus / as sysdba
3.3, quit exit
Description: The user name is not case-sensitive password is case.
4, Oracle user operation
4.1, create a user basic commands
create user username identified by the new password;
create a test1 user password is 123
create user test1 identified by 123;
4.2, change the user password command
alter user username identified by a new password;
the user's password test1 test1 replaced by the 123;
alter user identified by test1 test1;
4.3, user passwords expire command
alter user username password expire;
the user's password is set to expire test1 state, using dba_tables look at the current status of the account
alter user test1 password expire;
4.4, set the user to lock / unlock
username alter user account lock / unlock;
user test1 disposed locking
alter user test1 account lock;
4.5, user permissions recovery
revoke permission name from a user name;
recovery test1 select privilege
revoke select from test1;
4.6, delete users
drop user new cascade; (cascade delete)
Fourth, access control
"Rights" are used to perform specific types of SQL statements or other objects to access one kind permission of the user. Oracle DB allows you to control what users can (or can not) be executed in the database. Permissions can be divided into the following two categories:
- System Permissions : each system privilege allows a user to perform a specific class of database operations or operations database. For example, permission to create table space is a system privilege. The system administrator privileges can be granted, or granted by the user explicitly authorized administrative privileges. There are more than 170 distinct system privileges. Many system privileges contain ANY clause.
- Object Permissions : The user can perform a specific operation on a specific object (e.g., tables, views, sequences, procedure, function, or package) using object permissions. In the absence of specific privileges, users can only access the objects they own. Object privileges can be granted by the owner or administrator of the object can be granted by explicitly granted permission you can assign permissions on an object for other personnel staff.
Authorized basic commands
grant permission name / role name to the user;
Fifth, the role of control
In most systems, the necessary permissions are granted to each user is a very time-consuming, and error prone. Oracle software provides a simple and controlled privilege management through roles. Roles are granted to users or other roles, the group designated by the relevant authority thereof. The role of design is to simplify rights management database, thereby enhancing the security of the database.
Predefined roles
| Character | Including rights |
|---|---|
| CONNECT | CREATE SESSION |
| RESOURCE | CREATE CLUSTER、CREATE INDEXTYPE、CREATE PROCEDURE、CREATE SEQUENCE、CREATE TABLE、CREATE TRIGGER、CREATE TYPE |
| SCHEDULER_ADMIN | CREATE ANY JOB、CREATE EXTERNAL JOB、CREATE JOB、EXECUTE ANY CLASS、EXECUTE ANY PROGRAM、MANAGE SCHEDULER |
| DBA | Most system privileges; several other roles. Do not grant non-administrators |
| SELECT_CATALOG_ROLE | Five system privileges; HS_ADMIN_ROLE more than 1,700 objects and rights to the data dictionary |
1, connect Role
role has permission to connect most general application developers need, after the establishment of a user, in most cases, as long as the user grants connect and resource roles is enough, then connect role has the following system privileges:
the ALTER the session
the Create Cluster
the Create Database Link
Create the session
Create View
Create Sequence
2, resource role
resource role has additional permissions needed for application developers, such as the establishment of stored procedures, triggers and so on. It should be noted that the resource roles implicit unlimited tablespace system privileges. resource role includes the following system privileges:
the Create Cluster
the Create indextype
the Create Sequence tablecreate
the Create of the type
the Create Procedure
the Create the Trigger
3, dba role
dba role has all the system privileges, and with admin option option, the default dba sys and system users who can grant any system privilege other users. However, to note that the role of dba and sysdba do not have the privilege of sysoper (start-up and shut down the database). If you want to know what role, and what data dictionary views permission roles included, you can view shown in the table owned by the user.
