How silly I was!. Sorry for the trouble.
Prince, April 19, 2002 - 1:56 pm UTC
Sorry tom for the trouble.
I guess I wasn't reading the error message properly and wasn't thinking that the user himself has the procedure.
Thanks.
even after dropping the local procedure I recieve the error
Prince, April 19, 2002 - 2:21 pm UTC
11:13:31 SQL> connect testusr/testpass
Connected.
11:13:41 SQL> desc tmproc
PROCEDURE tmproc
Argument Name Type In/Out Default?
------------------------------ ----------------------- ------ --------
VAR_NAME VARCHAR2 IN
VAR_VALUE VARCHAR2 IN
11:13:45 SQL> execute tmproc('readtime',sysdate) ;
BEGIN tmproc('readtime',sysdate) ; END;
*
ERROR at line 1:
ORA-06550: line 1, column 7:
PLS-00201: identifier 'TMPROC' must be declared
ORA-06550: line 1, column 7:
PL/SQL: Statement ignored
11:13:59 SQL> execute myowner.TMPROC('readtime',sysdate) ;
PL/SQL procedure successfully completed.
SQL> select owner, SYNONYM_name, TBLE_OWNER, TABLE_NAME
from dba_synonyms where synonym_name like 'TMPROC';
OWNER SYNONYM_NAME TBLE_OWNER TABLE_NAME
----------- ---------------- ------------ -------------MYUSER TMPROC MYOWNER TMPROC
PUBLIC TMPROC MYOWNER TMPROC
11:17:53 DBUSR> desc myowner.tmproc
PROCEDURE myowner.tmproc
Argument Name Type In/Out Default?
------------------------------ ----------------------- ------ --------
VAR_NAME VARCHAR2 IN
VAR_VALUE VARCHAR2 IN
Note: Execute privilege is granted to the public.
April 19, 2002 - 3:00 pm UTC
You have a synonym to a synonym going there.
Your DESCRIPTION of your ENVIRONMENT doesn't match REALITY.
Read the output:
public synonym tmproc -> myowner.tmproc
myowner.tmproc -> myuser.tmproc
You <b>told me</b>
SQL> create public synonym TMProc for myowner.tmproc ;
Synonym created.
Well, <b>that is just not what is in place here!!!</b>.
Start over, clean up your example. You have procedures in schemas that shouldn't have them. You have synonyms pointing to synonyms. You don't have the procedure in myowner like you say. You don't have public synonyms as you describe.
I set up a clean test case -- this works <b>as advertised, perfectly</b>. It only works when the procedure is in the right schema, the synonym points to the procedure in the correct schema and the other schema has not obscured the synonym!!!
Let me try with a clean schema, but before that..
Prince, April 19, 2002 - 4:08 pm UTC
I do not have synonyms pointing to synonyms.
I have one private synonym owned by MYUSER.
I am testing as the user "TESTOWNER", who does not have any private synonyms.
OWNER SYNONYM_NAME TBLE_OWNER TABLE_NAME
----------- ---------------- ------------ -------------
MYUSER TMPROC MYOWNER TMPROC
PUBLIC TMPROC MYOWNER TMPROC
you said, "You don't have the procedure in myowner like you say"
SQL> select owner, object_name, object_type from dba_objects where object_name = 'TMPROC' and owner = 'MYOWNER' ;
OWNER OBJECT_NAME OBJECT_TYPE
------------------- ------------------- --------------
MYOWNER TMPROC PROCEDURE
I may be doing something really wrong. I will cleanup everything and try again. But before trying this I would like to find how it resolves "TMPROC". Is there anyway to find this info? (Like the unix which command)
I tried this, "alter session set events '10046 trace name context forever, level 12';" , but don't find much info (as there is no sql to execute).
thanks,
April 19, 2002 - 4:51 pm UTC
Look- this is your stuff I just cut and pasted here:
<quote>
11:13:45 SQL> execute tmproc('readtime',sysdate) ;
BEGIN tmproc('readtime',sysdate) ; END;
*
ERROR at line 1:
ORA-06550: line 1, column 7:
PLS-00201: identifier 'TMPROC' must be declared
ORA-06550: line 1, column 7:
PL/SQL: Statement ignored
11:13:59 SQL> execute myowner.TMPROC('readtime',sysdate) ;
PL/SQL procedure successfully completed.
SQL> select owner, SYNONYM_name, TBLE_OWNER, TABLE_NAME
from dba_synonyms where synonym_name like 'TMPROC';
OWNER SYNONYM_NAME TBLE_OWNER TABLE_NAME
----------- ---------------- ------------ -------------MYUSER TMPROC
MYOWNER TMPROC
PUBLIC TMPROC MYOWNER TMPROC
11:17:53 DBUSR> desc myowner.tmproc
</quote>
So, looking at the results from dba_synonyms.
MYOWNER.TMPPROC -> MYUSER.TMPROC
PUBLIC.TMPROC -> MYOWNER.TMPROC
You execute tmproc, that is really tmproc, that is really myowner.tmproc, which is REALLY myuser.tmproc.
That is a synonym to a synonym.
Now, when you run myowner.tmproc, that is really myuser.tmproc. myuser.tmproc is really a procedure.
I'm not making this up!!!! it is facts based on your screen shots!
I know what you are saying.
Prince, April 19, 2002 - 5:38 pm UTC
I guess it is due to the cut and paste (and fitting to the page) problem.
I guess, it misses a "linebreak" after the "--------"
OWNER SYNONYM_NAME TBLE_OWNER TABLE_NAME
----------- ---------------- ------------ -------------MYUSER TMPROC
MYOWNER TMPROC
PUBLIC TMPROC MYOWNER TMPROC
It should be,
OWNER SYNONYM_NAME TBLE_OWNER TABLE_NAME
----------- ---------------- ------------ ------------
MYUSER TMPROC MYOWNER TMPROC
PUBLIC TMPROC MYOWNER TMPROC
See ,
MYUSER.TMPROC --> MYOWNER.TMPROC
PUBLIC.TMPROC --> MYOWNER.TMPROC
Note:
I am not saying "You are making this up". I understand that you analyze and test the question completely before answering it.
April 19, 2002 - 6:26 pm UTC
Run this:
drop user myowner cascade;
drop user test_owner cascade;
grant dba to myowner identified by mypass;
grant connect, resource to test_owner identified by test_pass;
connect myowner/mypass
CREATE OR REPLACE PROCEDURE TMProc ( Var_name in varchar2, var_value in varchar2) as
begin
dbms_session.set_context( 'TMCtx', var_name, var_value );
end;
/
create or replace context TMCtx using TMproc ;
drop public synonym tmproc;
create public synonym TMProc for myowner.tmproc ;
grant execute on tmproc to public ;
connect test_owner/test_pass
desc tmproc
execute tmproc ('var',sysdate) ;
<b>you should get this</b>
ops$tkyte@ORA817DEV.US.ORACLE.COM> drop user myowner cascade;
User dropped.
ops$tkyte@ORA817DEV.US.ORACLE.COM> drop user test_owner cascade;
User dropped.
ops$tkyte@ORA817DEV.US.ORACLE.COM>
ops$tkyte@ORA817DEV.US.ORACLE.COM> grant dba to myowner identified by mypass;
Grant succeeded.
ops$tkyte@ORA817DEV.US.ORACLE.COM> grant connect, resource to test_owner identified by test_pass;
Grant succeeded.
ops$tkyte@ORA817DEV.US.ORACLE.COM>
ops$tkyte@ORA817DEV.US.ORACLE.COM> @connect myowner/mypass
ops$tkyte@ORA817DEV.US.ORACLE.COM> set termout off
myowner@ORA817DEV.US.ORACLE.COM> REM GET afiedt.buf NOLIST
myowner@ORA817DEV.US.ORACLE.COM> set termout on
myowner@ORA817DEV.US.ORACLE.COM>
myowner@ORA817DEV.US.ORACLE.COM> CREATE OR REPLACE PROCEDURE TMProc ( Var_name in varchar2, var_value in varchar2) as
2 begin
3 dbms_session.set_context( 'TMCtx', var_name, var_value );
4 end;
5 /
Procedure created.
myowner@ORA817DEV.US.ORACLE.COM>
myowner@ORA817DEV.US.ORACLE.COM> create or replace context TMCtx using TMproc ;
Context created.
myowner@ORA817DEV.US.ORACLE.COM>
myowner@ORA817DEV.US.ORACLE.COM> drop public synonym tmproc;
Synonym dropped.
myowner@ORA817DEV.US.ORACLE.COM> create public synonym TMProc for myowner.tmproc ;
Synonym created.
myowner@ORA817DEV.US.ORACLE.COM>
myowner@ORA817DEV.US.ORACLE.COM> grant execute on tmproc to public ;
Grant succeeded.
myowner@ORA817DEV.US.ORACLE.COM>
myowner@ORA817DEV.US.ORACLE.COM> @connect test_owner/test_pass
myowner@ORA817DEV.US.ORACLE.COM> set termout off
test_owner@ORA817DEV.US.ORACLE.COM> REM GET afiedt.buf NOLIST
test_owner@ORA817DEV.US.ORACLE.COM> set termout on
test_owner@ORA817DEV.US.ORACLE.COM>
test_owner@ORA817DEV.US.ORACLE.COM> desc tmproc
PROCEDURE tmproc
Argument Name Type In/Out Default?
------------------------------ ----------------------- ------ --------
VAR_NAME VARCHAR2 IN
VAR_VALUE VARCHAR2 IN
test_owner@ORA817DEV.US.ORACLE.COM>
test_owner@ORA817DEV.US.ORACLE.COM> execute tmproc ('var',sysdate) ;
PL/SQL procedure successfully completed.
test_owner@ORA817DEV.US.ORACLE.COM>
<b>showing this works as it shoud</b>
I already removed the entries and tried! It worked
Prince, April 19, 2002 - 6:35 pm UTC
I couldn't find where and what I was doing wrong. I cleaned up all the TM* related stuff and recreated and it worked fine.
Thanks,
ORA--01031 ?
Tatiane, April 10, 2003 - 4:21 pm UTC
Tom, I am getting this strange ora 1031 error. It does not make any sense to me. Can you help me ? I am using 9.2.0.1
DB_EQUIP@ORADES> show user
USER is "DB_EQUIP"
DB_EQUIP@ORADES> create table t (a number);
Table created.
DB_EQUIP@ORADES> insert into t values ('10');
1 row created.
DB_EQUIP@ORADES> commit;
Commit complete.
DB_EQUIP@ORADES> grant select on t to api_equip;
Grant succeeded.
DB_EQUIP@ORADES> @connect api_equip@orades
Enter password: ***********
Connected.
API_EQUIP@ORADES> create view v as select * from db_equip.t;
View created.
API_EQUIP@ORADES> select * from v;
A
----------
10
API_EQUIP@ORADES> grant select on v to api_rede;
Grant succeeded.
API_EQUIP@ORADES> @connect api_rede@orades
Enter password: **********
Connected.
API_REDE@ORADES> select * from api_equip.v;
select * from api_equip.v
*
ERROR at line 1:
ORA-01031: insufficient privileges
API_REDE@ORADES>
API_REDE@ORADES> @connect db_equip@orades
Enter password: **********
Connected.
DB_EQUIP@ORADES> grant select on t to api_rede;
Grant succeeded.
DB_EQUIP@ORADES> @connect api_rede@orades
Enter password: **********
Connected.
API_REDE@ORADES> select * from api_equip.v;
select * from api_equip.v
*
ERROR at line 1:
ORA-01031: insufficient privileges
API_REDE@ORADES> select * from db_equip.t;
A
----------
10
April 11, 2003 - 8:16 am UTC
I cannot reproduce your error exactly, but I see what the problem is.
the owner of the view needs to be granted the select priv WITH GRANT OPTION if they want to be able to convey select on that to others. Here is an example:
ops$tkyte@ORA920> select * from v$version;
BANNER
----------------------------------------------------------------
Oracle9i Enterprise Edition Release 9.2.0.1.0 - Production
PL/SQL Release 9.2.0.1.0 - Production
CORE 9.2.0.1.0 Production
TNS for Solaris: Version 9.2.0.1.0 - Production
NLSRTL Version 9.2.0.1.0 - Production
ops$tkyte@ORA920> create user a identified by a;
User created.
ops$tkyte@ORA920> grant create view, create session to a;
Grant succeeded.
ops$tkyte@ORA920> create user b identified by b;
User created.
ops$tkyte@ORA920> grant create session to b;
Grant succeeded.
ops$tkyte@ORA920> create table t ( x int );
Table created.
ops$tkyte@ORA920> grant select on t to a;
Grant succeeded.
ops$tkyte@ORA920> @connect a/a
a@ORA920> create view v as select * from ops$tkyte.t;
View created.
a@ORA920> grant select on v to b;
grant select on v to b
*
ERROR at line 1:
ORA-01720: grant option does not exist for 'OPS$TKYTE.T'
<b>that is what you should be getting -- without a test case from you with create users and all -- I did not reproduce your exact example but close enough</b>
b@ORA920> @connect /
ops$tkyte@ORA920> grant select on t to a WITH GRANT OPTION;
Grant succeeded.
ops$tkyte@ORA920> @connect a/a
a@ORA920> grant select on v to b;
Grant succeeded.
<b>now it works</b>
a@ORA920> @connect b/b
b@ORA920> select * from a.v;
no rows selected
<b>and B can in fact access the table.</b>
That's it !
Tatiane, April 11, 2003 - 8:37 am UTC
Ok, Tom... it worked when I granted WITH GRANT OPTION.
Later I saw this posting on Metalink:
Doc ID: Note:18622.1
...
Error: ORA 1031 Text: insufficient privileges ------------------------------------------------------------------------------- Cause: An attempt was made to change the current username or password without the appropriate privilege. This error also occurs if attempting to UPDATE a table with only SELECT privileges, if attempting to CONNECT INTERNAL, or if attempting to install a database without the necessary operating system privileges. Action: Ask the database administrator to perform the operation or grant the required privileges. *** Important: The notes below are for experienced users - See [NOTE:22080.1] Explanation: You do not have permission to perform the requested action. Diagnosis: - What user is the user connected as ? - What is the SQL statement being issued ? - Who owns the objects referenced in the statement ? Scenarios (in no particular order):
...
2. Granting a privilege on a table/view/procedure etc. not owned by you. You need the privilege granted to you by the owner of the object WITH GRANT OPTION in order to be able to do this. Having the dba role granted to you is not sufficient. (This restriction even applies to user SYS - or when connected internal.)
...
Thank you soooooooooooooooo much ! ;)
Difference betweeen 8.0.6 and 8.1.7.4
Leonardo Zacché, June 20, 2003 - 2:35 pm UTC
Has this behavior changed since Oracle 8.0.6?
Because I've got a similar trouble (not entirely tested) that seems to be the same, but worked fine in 8.0.6.
As we're moving and application from 8.0.6 to 8.1.7.4, Could you tell me where to get (your own site or Oracle's) the differences between this versions?
Thanks in advance,
LZ
June 20, 2003 - 5:47 pm UTC
which behaviour? big thread here.
A reader, July 16, 2003 - 5:47 pm UTC
Hi Tom,
Can you help me to find out what I am doing wrong?
Public has execute privileges over sys.dbms_session.
thanks for your help.
SQL>drop user comodin cascade;
User dropped.
SQL_>grant dba to comodin identified by joker;
Grant succeeded.
SQL>conn comodin@db
Enter password: *****
Connected.
SQL>show user
USER is "COMODIN"
SQL>CREATE or replace PROCEDURE set_additional_attr ( var_contx in varchar2, Var_name in varchar2, var_value in varchar2) as
2 begin
3 sys.dbms_session.set_context( var_contx, var_name, var_value );
4 end;
5 /
Procedure created.
SQL>create or replace context db_context using set_additional_attr ;
Context created.
SQL>execute set_additional_attr('db_name','db_context','RRRR');
BEGIN set_additional_attr('db_name','db_context','RRRR'); END;
*
ERROR at line 1:
ORA-01031: insufficient privileges
ORA-06512: at "SYS.DBMS_SESSION", line 62
ORA-06512: at "COMODIN.SET_ADDITIONAL_ATTR", line 3
ORA-06512: at line 1
July 16, 2003 - 6:03 pm UTC
you created a context named db_context
you are trying to set a context named "DB_NAME"
appears you have the first 2 params mixed up in your set_add... call
A reader, July 16, 2003 - 7:20 pm UTC
Thanks Tom, you are totally right. Sorry for my mistake, I can't believe I missed that.
SQL>execute set_additional_attr('db_context','db_name','RRRR');
PL/SQL procedure successfully completed.
Thanks for you help.
can we change the database connection at runtime
sanjay mamgain, July 30, 2003 - 6:08 am UTC
is it possible to change the database connection at runtime .
i mean form are connect to system/manager and at run time i want to connect to scott user .
July 30, 2003 - 7:36 am UTC
what environment are we talking here.
Oracle Developer
Dawar, September 10, 2004 - 12:25 pm UTC
I did exp/imp from Oracle 7.3.4 to Oracle 10.1.0.2.0.
After logon to dbconsole.
I found alert messages for Invalid objects.
One of the common error message as follows;
Name: IW_SQL_FULL_TEXT
Schema: IS_USER
Object_type: VIEW
ERROR
Line # = 0 Column # = 0 Error Text = ORA-01031: insufficient privileges
After Compile:
SQL Error
Failed to compile: ORA-01031: insufficient privilege
Regards,
Dawar
September 10, 2004 - 12:34 pm UTC
so, fix it?
Oracle Developer
Dawar, September 10, 2004 - 12:51 pm UTC
Do I need to give role to is_user? OR grant SYSTEM Privileges OR OBJECT PRIVELIGES?
Test 1:
OBJECT PRIVILEGE:
GRANT ANY OBJECT PRIVILEGE checked admin option from dbconsole under IS_USER edit page.
But getting same error.
Test 2:
Object Privileges:
SELECT SYS ALL_OBJECTS, I granted and check the Grant option button from dbconsole.
But still gettings error.
Regards,
Dawar
September 10, 2004 - 12:58 pm UTC
check out the text of the view and see what object it is accessing that you don't have the privilege to access.
(please, this is really basic, simple -- Oracle 101 sort of stuff, in the same manner that doing an exp/imp is. I am *not* support. I know you don't have a DBA, you don't have Oracle experience, but you really need to get someone working with you that does)
Oracle Developer
Dawar, September 10, 2004 - 2:14 pm UTC
Tom,
I fixed it.
It was my error.
I did not explain you error completely.
ERROR:
ORA-02030: can only select from fixed tables/views when granting
It was V$ object issue not very straight for some folks.
But I fixed it.
I the view name of the object appears as V$FILESTAT but if try to give this object grant I got above error message.
SQL> select SYNONYM_NAME,TABLE_OWNER,TABLE_NAME
2 from dba_synonyms
3 where SYNONYM_NAME ='V$FILESTAT';
SYNONYM_NAME TABLE_OWNER TABLE_NAME
--------------- --------------- ---------------
V$FILESTAT SYS V_$FILESTAT
But If I grant to V_$FILESTAT
Regards,
Dawar
ORA-01031: insufficient privileges at "SYS.DBMS_SESSION"
Dennis, January 04, 2005 - 12:46 am UTC
SQL> select * from v$version;
BANNER
----------------------------------------------------------------
Oracle9i Enterprise Edition Release 9.0.1.1.1 - Production
PL/SQL Release 9.0.1.1.1 - Production
CORE 9.0.1.1.1 Production
TNS for 32-bit Windows: Version 9.0.1.1.0 - Production
NLSRTL Version 9.0.1.1.1 - Production
SQL> connect / as sysdba
Connected.
SQL> alter user sys identified by sys;
User altered.
SQL> grant sysdba to sys;
Grant succeeded.
SQL> connect sys/sys as sysdba
Connected.
SQL>begin
2 dbms_session.set_context('my_ctx','ename','dennis');
3 dbms_output.put_line(sys_context('my_ctx','ename'));
4* end;
SQL> /
begin
*
ERROR at line 1:
ORA-01031: insufficient privileges
ORA-06512: at "SYS.DBMS_SESSION", line 78
ORA-06512: at line 2
January 04, 2005 - 8:27 am UTC
do not, repeat do not, as in NEVER, as in DON'T DO IT with sys
don't use sys
don't change sys
don't log in as sys
don't use sys
except when you connect your_name/your_password as sysdba to startup, shutodnw.
anyway, this error has NOTHING to do with the privs granted to the user running this.
this error has everything to do with the fact that when you create a context, you bound it to a package or procedure - and ONLY that package or that procedure is allowed to MODIFY it.
ORA-01031: insufficient privileges
Dennis, January 04, 2005 - 10:42 pm UTC
Hi Tom,
I forgot my sys,system user name and password. I reset the password by your advice at the below link.
http://asktom.oracle.com/pls/asktom/f?p=100:11:::::P11_QUESTION_ID:670117794561
It connects me fine in server SQL*Plus.
But i can't connect in client machine SQL*Plus.
OUTPUT FROM SERVER:
==================
SQL> select * from v$version;
BANNER
----------------------------------------------------------------
Oracle9i Enterprise Edition Release 9.0.1.1.1 - Production
PL/SQL Release 9.0.1.1.1 - Production
CORE 9.0.1.1.1 Production
TNS for 32-bit Windows: Version 9.0.1.1.0 - Production
NLSRTL Version 9.0.1.1.1 - Production
SQL> connect / as sysdba
Connected.
SQL> alter user sys identified by sys;
User altered.
SQL> grant sysdba to sys;
Grant succeeded.
SQL> connect sys/sys as sysdba
Connected.
OUTPUT FROM CLIENT:
==================
SQL> connect sys/sys@kigimp as sysdba;
ERROR:
ORA-01031: insufficient privileges
SQL> connect scott/tiger@kigimp as sysdba;
ERROR:
ORA-01031: insufficient privileges
January 05, 2005 - 9:28 am UTC
what is your remote_login_passwordfile set to and did you in fact create the password file for remote SYSDBA logins
and stop playing with SYS, just stop doing that. don't use SYS except maybe to grant YOUR OWN account sysdba.
ORA-01031 insufficient privilege error
Anurag Mehrotra, February 09, 2005 - 2:49 pm UTC
I came across a very good suggestion for ORA-01031 error:
I found this on ora-code.com
I has setup the environment variable 'TWO_TASK' on Solaris and I was running into the problem of ORA-01031 while trying to start up the database.
I hope this helps:
If you are on UNIX and use OS authentification then if someone set the
TWO_TASK environment and you tried to connect like 'sqlplus "user/pasword as
sysdba " ' you would get ORA-01031 (See ORA-01031.ora-code.com): insufficient privileges. In this case
unset TWO_TASK and you are good to go.
If you use other authentification models or are getting a different error
message then the cause is probably different.
ORA-01031:
MG, February 17, 2005 - 5:52 am UTC
Hi Tom,
I have a job to execute one procedure:
In this procedure has select statement from remote database:
SELECT fld1, fld2, fld3
FROM myusr.mytab@ActikPro.UNIX_AA
This job is running ok, but once a month we get an error
ORA-01031: Unzureichende Berechtigungen
We dont know why? Could you please tell me what can be the reason for this?
February 17, 2005 - 9:18 am UTC
nope, this falls into "my car won't start from time to time, why". insufficient data.
what do you do to "fix" it?
MG, February 17, 2005 - 11:37 am UTC
Sorry,
Here are some more details:
I have a job which is executing following procedure in every 15 min.
myusr.p1(TRUNC(SYSDATE))
The schema of the job=122 => myusr
And the p1 is as :
Create or replace procedure p1(DDATUM DATE) is
Begin
..
P2(DDATUM);
..
EXCEPTION
WHEN OTHERS THEN
mypkg.CREATE_LOG('Error ', 'p1', 'I', (SUBSTR(TO_CHAR(SQLCODE)||': '||SQLERRM, 1, 2000)), 1);
RAISE;
End;
/
Create or replace procedure p2(DDATUM DATE) is
Begin
mypkg.CREATE_LOG('Step level1', 'p2', 'I', 'copy start', 0);
..
INSERT INTO CALL_DATUM_BONDS
(SELECT wpknr, MAX(c_date) AS c_date
FROM (SELECT '00000' || somenr AS wpknr, somedat as c_date
FROM V3ESB_fd_gat_wmag9
WHERE synonym4remotedb not in ('V','R','H',' ')
And dat1 IS NULL
AND dat2 >= DDATUM
AND dat3 IS NOT NULL
)
GROUP BY wpknr);
COMMIT;
..
mypkg.CREATE_LOG('Step level2', 'p2', 'I', 'copy ends', 0);
End;
/
I have synonym called synonym4remotedb
create synonym myusr.synonym4remotedb for remusr.remtab@ActikPro.UNIX_AA;
So my current database is working on Windows environment and version ora9i and the remote database is working on Unix environment and the same version( ora 9i).
Important:
---------
(**).Then our log file recorded as following error.
mypkg.CREATE_LOG('Step level1', 'p2', 'I', 'copy start', 0);
09-02-2005 22:33:09 Step level1 942201
P2 Insert
copy start
09-02-2005 22:34:56 Error 942202
P1 Insert
-1031: ORA-01031: Unzureichende Berechtigungen
But mypkg.CREATE_LOG('Step level2', 'p2', 'I', 'copy ends', 0);
hasnt executed in p2 procedure.
So these INSERT INTO CALL_DATUM_BONDS .. command would have failed.
Do I think I explain the situation in detail.
This job is working fine for whole month, but fails only once in a month.
Do you have any idea, of gets this error?
Thankx
February 17, 2005 - 1:46 pm UTC
when it fails, what do you do to fix it?
which happens:
a) fix itself by magic (that would be hard to diagnose from my point)
b) you do something and it gets fixed.
if b) what do you do
MG, February 17, 2005 - 5:46 pm UTC
Actually I didn't do anything yet. Job fails at that time, and next execution of the job will succeeded.
So far I have analysed the background, but still didn't find any clue regarding to this error.
We are not connecting as : sysdba
My question is, can this error happens because of any status or dynamic situation of the database?
February 17, 2005 - 7:39 pm UTC
nope, it sounds like someone is mucking about on the remote system, you run -- hit error, scratch head, re-run and they've undone what they did (seriously -- that is what I would think this is)
MG, February 18, 2005 - 11:14 am UTC
I have setup same database on another server too. Now same jobs are running from both servers at the same time.
Original Server = Srv1
New server = Srv2
This job is getting data from remote database tables and insert/update into local database.
Yesterday night I got this error(ORA-01031: Unzureichende Berechtigungen ) on Srv1, but not in Srv2.
Log Details in Srv1:
-------------------
mypkg.CREATE_LOG('Step level1', 'p2', 'I', 'copy start', 0);
17-02-2005 22:31:18 Step level1 942301
P2 Insert
copy start
17-02-2005 22:42:56 Error 942302
P1 Insert
-1031: ORA-01031: Unzureichende Berechtigungen
Log Details in Srv2:
-------------------
mypkg.CREATE_LOG('Step level1', 'p2', 'I', 'copy start', 0);
17-02-2005 22:31:26 Step level1 125487
P2 Insert
copy start
17-02-2005 22:56:12 Step level1 125488
P2 Insert
copy ends
Note:
-----
- It seems, that Srv2 is waiting till the Successful connection gets, and then work done. Rather Srv1 tries to do the work, if it fails in any case, then giveup.
- User resource limits are same for both servers.
- We dont have rights to administer/monitor in detail of remote database.
So tom could you please give me some clue on this.
February 18, 2005 - 2:23 pm UTC
I don't agree with your conclusions (at least I see no supporting evidence of them -- the "it seems, that svr2..."
but it just looks like you "do not have the privs", is that job *ever* running, i see the copy start -- the failure. did it EVER run to completetion
(this really looks like "hey, you don't have the privs to do what you are trying to do)
MG, February 21, 2005 - 4:36 am UTC
Yes job continues successfully, at its 2nt attempt in Srv1.
Tom, is there any settings affecting to wait till sql execution finished? (or to say try once/ twice then continue/fail) ?
February 21, 2005 - 10:24 am UTC
enable sql_trace=true and see if you cannot see what statement is actually failing.
also, please open a tar with support, they can help you set an event to get more diagnostic information.
jobs are already set to try themselves 16 times automatically -- I think you'll need to work this with support to diagnose what is going wrong -- never saw/heard of this myself and without a reproducible test -- I won't get very far.
insufficient privilege
A reader, December 30, 2005 - 8:35 am UTC
Tom,
I am trying to run below on procedure "procedure1" in schema1 from schema2. I have "create any procedure" and "alter any procedure" rights on schema1. Also I have select, insert, update, delete priviliges on tables referenced by procedure1.
[1] I can execute procedure1 from schema2
[2] I can run DML's on tables referenced by procedure1
Sql I am tring to run is below:
declare
result varchar2(150);
begin
PROCEDURE1 (
'VALUE1',
'VALUE2',
.......
.......
'VALUEN');
dbms_output.PUT_LINE('>>>'||result||'<<<');
end;
It is giving error:
Error on line 0
declare
result varchar2(150);
begin
SP_SERVICE_1 (
'IdentityUpdate',
'J
ORA-06550: line 5, column 1:
PLS-00904: insufficient privilege to access object OPLADMIN.SP_SERVICE_1
ORA-06550: line 5, column 1:
PL/SQL: Statement ignored
I don't understand why it is. Am I missing some more rights?
December 30, 2005 - 9:59 am UTC
you would need to provide a full example.
If schema1 has in fact granted you access to schema2 on procedure1 AND procedure1 is a normal definers rights procedure (no authid current_user on the create of the procedure), it would work.
Insufficient data here to comment.
insufficient privilege
A reader, December 30, 2005 - 8:37 am UTC
You can take it.
PLS-00904: insufficient privilege to access object schema1.procedure1
dbms session
sam, October 05, 2006 - 4:32 pm UTC
Tom:
To fix this error do you need for DBA to give ATTADMIN user access for DBMS_SESSION or the "Create any context" privilege.
Thu, 5 Oct 2006 20:02:13 GMT
ORA-01031: insufficient privileges
ORA-06512: at "SYS.DBMS_SESSION", line 78
ORA-06512: at "ATTADMIN.ST_LIST", line 97
ORA-06512: at line 10
October 06, 2006 - 7:55 am UTC
NO,
someone creates a context:
create context my_ctx using SCHEMA.THING
where schema is optional and would be a "username", an "owner"
where thing is mandatory and would be a packge, procedure or function name.
Once that is done ONLY that schema.thing can modify the context.
So, if you have the conext, you just need to use the procedure/function/package that was defined as being able to set that context.
context
sam, October 06, 2006 - 8:13 am UTC
Tom:
It seems the export/import does not do contexts and I have to create those manually. correct?
Is there a dicitonary view to check which contexts exist for the user.
October 06, 2006 - 9:06 am UTC
they are owned by public, much like a public synonym
they are not owned by a schema.
hence a schema export would never see them.
desc dba_context;
but it won't show the "user that owns them" since they are not owned by anyone. However, you can "probably" assume that the owner of the package/procedure/function they are bound to is the "owner" for all intents and purposes (and dba_context has that)
sam, October 06, 2006 - 11:15 am UTC
Tom:
You are right. None of the contexts have been moved even though it is linked to the schema in DBA_CONTEXTS.
Is there a way to move those throug exp/imp or you have to run SQL commands and recreate it.
October 06, 2006 - 1:31 pm UTC
it is NOT linked to the schema - that is what I said - a context is NOT OWNED by anyone.
A context points to some procedure/package/function in some schema (that is what you see in dba_context)
that owner is NOT the owner of the context, it is the owner of the procedure the context may be set by. context's are "global"
I said you can use that column (PROBABLY) to find your contexts of interest. You'll have to generate the sql for them from that.
for example, this would PROBABLY get all of the context's that the SYSMAN schema was interested in (probably, not definitely)
ops$tkyte%ORA10GR2> column ddl format a50 word_wrapped
ops$tkyte%ORA10GR2> select dbms_metadata.get_ddl( 'CONTEXT', namespace ) ddl from dba_context
2 where schema = 'SYSMAN';
DDL
--------------------------------------------------
CREATE OR REPLACE CONTEXT "EM_GLOBAL_CONTEXT"
USING "SYSMAN"."SETEMUSERCONTEXT" ACCESSED
GLOBALLY
CREATE OR REPLACE CONTEXT "EM_USER_CONTEXT" USING
"SYSMAN"."SETEMUSERCONTEXT"
ORA-01031
A reader, January 03, 2012 - 10:00 am UTC
Hi Tom,
When execute create table from a procedure,I get this error, but when execute same SQL from anonymous block, it ran successfully. What is the problem? Here is the sample code.
Thanks
SQL> create or replace procedure test_p as
2 begin
3 execute immediate 'create table test_tbl(c number)';
4 end;
5 /
Procedure created.
SQL> exec test_p;
BEGIN test_p; END;
*
ERROR at line 1:
ORA-01031: insufficient privileges
ORA-06512: at "USER1.TEST_P", line 3
ORA-06512: at line 1
SQL> begin execute immediate 'create table test_tbl(c number)'; end;
2 /
PL/SQL procedure successfully completed.
SQL> desc test_tbl
Name Null? Type
----------------------------------------- -------- ----------------------------
C NUMBER
SQL>
January 03, 2012 - 11:48 am UTC