-
加我公众号(orasos)
加我微信(17813235971)
加我QQ(107644445)
标签云
asm恢复 bbed bootstrap$ dul kcbzib_kcrsds_1 kccpb_sanity_check_2 kcratr_nab_less_than_odr MySQL恢复 ORA-00312 ORA-00704 ORA-00742 ORA-01110 ORA-01200 ORA-01555 ORA-01578 ORA-01595 ORA-600 2662 ORA-600 2663 ORA-600 3020 ORA-600 4000 ORA-600 4137 ORA-600 4193 ORA-600 4194 ORA-600 16703 ORA-600 kcbzib_kcrsds_1 ORA-600 KCLCHKBLK_4 ORA-600 kcratr_nab_less_than_odr ORA-600 kdsgrp1 ORA-15042 ORA-15196 ORACLE 12C oracle dul ORACLE PATCH Oracle Recovery Tools oracle加密恢复 oracle勒索 oracle勒索恢复 oracle异常恢复 ORACLE恢复 Oracle 恢复 ORACLE数据库恢复 oracle 比特币 OSD-04016 YOUR FILES ARE ENCRYPTED 比特币加密文章分类
- Others (2)
- 中间件 (2)
- WebLogic (2)
- 操作系统 (110)
- 数据库 (1,833)
- DB2 (22)
- MySQL (81)
- Oracle (1,662)
- Data Guard (53)
- EXADATA (8)
- GoldenGate (24)
- ORA-xxxxx (168)
- ORACLE 12C (72)
- ORACLE 18C (6)
- ORACLE 19C (15)
- ORACLE 21C (3)
- Oracle 23ai (8)
- Oracle ASM (69)
- Oracle Bug (8)
- Oracle RAC (54)
- Oracle 安全 (6)
- Oracle 开发 (28)
- Oracle 监听 (29)
- Oracle备份恢复 (628)
- Oracle安装升级 (103)
- Oracle性能优化 (62)
- 专题索引 (5)
- 勒索恢复 (88)
- PostgreSQL (37)
- pdu工具 (7)
- PostgreSQL恢复 (13)
- SQL Server (34)
- SQL Server恢复 (14)
- TimesTen (7)
- 达梦数据库 (3)
- 达梦恢复 (1)
- 生活娱乐 (2)
- 至理名言 (11)
- 虚拟化 (2)
- VMware (2)
- 软件开发 (47)
- Asp.Net (9)
- JavaScript (12)
- PHP (2)
- 小工具 (30)
-
最近发表
- .wman扩展名勒索mysql数据库恢复
- Oracle数据库被勒索加密一键open工具–OraFHR
- 通过alert日志回顾其他dba oracle异常恢复故障处理以及后续open数据库操作
- 年前几例Oracle数据库被加密为.wman的数据库故障恢复
- 文件系统损坏导致数据库异常故障处理
- expdp导出xml列报ORA-22924故障处理
- obet处理ORA-704 ORA-604 ORA-1578故障
- obet修复csc higher than block scn类型坏块
- ORA-600 kcratr_nab_less_than_odr和ORA-600 4193故障处理
- aix环境10g由于控制器异常导致ORA-600 4000故障处理
- ORA-600 3716故障处理
- 不当恢复truncate数据导致数据库不能open处理
- 注意:PostgreSQL库出现readme_to_recover勒索
- Oracle 19c 202601补丁(RUs+OJVM)-19.30
- Patch_SCN快速解决ORA-600 2663故障
- 在生产环境错误执行dd命令破坏asm磁盘故障恢复
- obet实现对数据文件坏块检测功能
- oracle linux 8.10注意pmlogger导致空间被大量占用
- obet快速修改scn/resetlogs恢复数据库(缺少归档,ORA-00308)
- 使用DBMS_PDB.RECOVER抢救单个pdb
标签归档:Oracle 只读用户
Oracle read only用户—23ai新特性:只读用户
23ai版本支持用户级别设置read only特性,对于在某些情况下,为了数据的一致性,是一个比较方便的特性,而不是以前版本通过权限控制实现只读,比如授权create session+表/视图等查询权限
下面创建一个用户u_readonly,并授权dba权限,创建一个表进行测试
[oracle@xifenfei ~]$ ss
SQL*Plus: Release 23.0.0.0.0 - for Oracle Cloud and Engineered Systems on Sat Jan 11 21:12:09 2025
Version 23.5.0.24.07
Copyright (c) 1982, 2024, Oracle. All rights reserved.
Connected to:
Oracle Database 23ai Enterprise Edition Release 23.0.0.0.0 - for Oracle Cloud and Engineered Systems
Version 23.5.0.24.07
SQL>
SQL> select banner from v$version;
BANNER
--------------------------------------------------------------------------------
Oracle Database 23ai Enterprise Edition Release 23.0.0.0.0 - for Oracle Cloud an
d Engineered Systems
SQL> show pdbs;
CON_ID CON_NAME OPEN MODE RESTRICTED
---------- ------------------------------ ---------- ----------
2 PDB$SEED READ ONLY NO
3 XIFENFEI MOUNTED
SQL> alter session set container=xifenfei;
Session altered.
SQL> alter database open;
Database altered.
SQL> create user u_readonly identified by oracle;
User created.
SQL> grant dba to u_readonly;
Grant succeeded.
SQL> conn u_readonly/oracle@127.0.0.1/xifenfei
Connected.
SQL> create table t_xff as select * from dba_objects;
Table created.
SQL> select count(1) from t_xff;
COUNT(1)
----------
70951
修改用户为只读特性,然后进行dml/ddl操作会报ORA-28194: Can perform read operations only
SQL> conn / as sysdba
Connected.
SQL> alter session set container=xifenfei;
Session altered.
SQL> alter user u_readonly read only;
User altered.
SQL> conn u_readonly/oracle@127.0.0.1/xifenfei
Connected.
SQL> delete from t_xff;
delete from t_xff
*
ERROR at line 1:
ORA-28194: Can perform read operations only
SQL> insert into t_xff select * from dba_objects;
insert into t_xff select * from dba_objects
*
ERROR at line 1:
ORA-28194: Can perform read operations only
SQL> select count(1) from t_xff;
COUNT(1)
----------
70951
SQL> create table t1 as select * from dba_users;
create table t1 as select * from dba_users
*
ERROR at line 1:
ORA-28194: Can perform read operations only
直接使用create user命令创建一个只读用户
SQL> conn / as sysdba Connected. SQL> alter session set container=xifenfei; Session altered. SQL> create user u_readonly2 identified by oracle read only; User created. SQL> grant dba to u_readonly2; Grant succeeded. SQL> conn u_readonly2/oracle@127.0.0.1/xifenfei Connected. SQL> create table t_xifenfei as select * from dba_objects; create table t_xifenfei as select * from dba_objects * ERROR at line 1: ORA-28194: Can perform read operations only
修改只读用户为读写模式
SQL> conn / as sysdba Connected. SQL> alter session set container=xifenfei; Session altered. SQL> alter user u_readonly2 read write; User altered. SQL> conn u_readonly2/oracle@127.0.0.1/xifenfei Connected. SQL> create table t_xifenfei as select * from dba_objects; Table created. SQL> delete from t_xifenfei where rownum<100; 99 rows deleted. SQL> commit; Commit complete.
查看用户是否处于只读状态
SQL> select username,read_only from dba_users where created>sysdate-1; USERNAME READ_O ------------------------------ ------ U_READONLY2 NO U_READONLY YES
在只读用户中,使用动态plsql直接直接dml也报ORA-28194: Can perform read operations only
SQL> conn u_readonly/oracle@127.0.0.1/xifenfei
Connected.
SQL> select count(1) from t_xff;
COUNT(1)
----------
70951
SQL> delete from t_xff;
delete from t_xff
*
ERROR at line 1:
ORA-28194: Can perform read operations only
SQL> DECLARE
2 v_sql VARCHAR2(1000);
3 BEGIN
4 v_sql := 'delete from t_xff where rownum<1000';
5 EXECUTE IMMEDIATE v_sql;
6 END;
7 /
DECLARE
*
ERROR at line 1:
ORA-28194: Can perform read operations only
ORA-06512: at line 5
判断用户是否只读的底层基表属性user$.spare1
SQL> conn / as sysdba Connected. SQL> alter session set container=xifenfei; Session altered. SQL> COL NAME FOR A30 SQL> select name,decode(bitand(spare1, 67108864), 67108864, 'YES', 'NO') 2 read_only from user$ where name like 'U_READONLY%' 3 / NAME READ_O ------------------------------ ------ U_READONLY YES U_READONLY2 NO
