Skip to Main Content
  • Questions

  • How to make My Account Eqivalent to DBA !

Breadcrumb

Question and Answer

Tom Kyte

Thanks for the question, OP.

Asked: October 22, 2000 - 10:23 pm UTC

Last updated: August 12, 2004 - 9:32 am UTC

Version: 8.1.6

Viewed 1000+ times

You Asked

Dear Tom,
Hi !

Thanks Alot for your help in the recent past.

I have been assigned a new ROLE OF DBA in my organisation.

Ques) I have created My account with the name "OP" in the
database.
After this I also wrote
"Grant dba to OP" .This I did by logged as "SYSTEM/MANAGER"

Now when I login as OP,It works but it seems that I do
not have all the rights which a DBA is suppose to have.
Because when I wrote "select * from V$DATABASE ",it said
insuffient privileges.


WHAT ADDITIONAL PRIVILEGES DO I NEED TO GIVE TO MY ACCOUNT
SO THAT IT HAS ALL THE RIGHTS WHICH A DBA IS SUPPOSE
TO HAVE ?


Thanks & Regards
OP

and Tom said...

If that did not convey access to that table, then someone has modified your definition of DBA. DBA is just a role -- you can grant and revoke to/from it.

catalog.sql has the following:

create or replace view v_$database as select * from v$database;
drop public synonym v$database;
create public synonym v$database for v_$database;
grant select on v_$database to select_catalog_role;


So, anyone with select_catalog_role should have access to that view. DBA has select_catalog_role (this is done in sql.bsq which should be run when you create the database).

To see what exactly DBA has, you can use the view

create view user_role_hierarchy
as
select u2.name granted_role
from ( select *
from sys.sysauth$
connect by prior privilege# = grantee#
start with grantee# = uid or grantee# = 1) sa,
sys.user$ u2
where u2.user#=sa.privilege#
union all select user from dual
union all select 'PUBLIC' from dual
/
grant select on user_role_hierarchy to public;
create public synonym user_role_hierarchy for user_role_hierarchy;

(create that as SYS, it is a hierarchy of every role you have and every role that role has and so on)

and then, create a temp user (or use your OP user) and:

sys@DEV816> grant dba to xxx identified by xxx;
Grant succeeded.

sys@DEV816> connect xxx/xxx
Connected.

xxx@DEV816> select * from user_role_hierarchy;

GRANTED_ROLE
------------------------------
DBA
SELECT_CATALOG_ROLE
EXECUTE_CATALOG_ROLE
DELETE_CATALOG_ROLE
EXP_FULL_DATABASE
SELECT_CATALOG_ROLE
EXECUTE_CATALOG_ROLE
IMP_FULL_DATABASE
SELECT_CATALOG_ROLE
EXECUTE_CATALOG_ROLE
JAVA_ADMIN
XXX
PUBLIC

13 rows selected.

If your list is smaller -- someone has changed what is means to be a DBA in your database


YOU DON'T HAVE TO SHOUT. I can hear you just fine ;)



Rating

  (5 ratings)

Is this answer out of date? If it is, please let us know via a Comment

Comments

A reader, August 06, 2004 - 2:44 pm UTC

Tom,
I think you need to do lower function in the select statement.

Otherwise the readers will feel that you are shouting

Like select lower(GRANTED_ROLE) from dba_role_hierarchy

cheers


Tom Kyte
August 06, 2004 - 2:47 pm UTC

how useful, THANKS.

don't even try to be funny - it doesn't suit you

graeme king, August 06, 2004 - 3:37 pm UTC

yeah. stop wasting tom's and all our time.

A reader, August 11, 2004 - 11:36 am UTC

That's not useful

Tom Kyte
August 11, 2004 - 1:43 pm UTC

how useful of you :) thanks much.

if they are on 8.1.6 user_role_hierachy doesn't exist

Gary, August 12, 2004 - 2:32 am UTC

user_role_hierarchy doesn't exist in my 8.1.6 database so that may be troubling the original poster (he says 8.1.6 in the Question header).

Try (as the user) session_privs or (as system)
select * from dba_role_privs
where grantee='DBA'

If this is an inexperienced DBA, another possibility is the poster may just need to do a
set role all and/or
alter user default role all

before they can use the DBA role privs.

PS. I hope, when they wrote SYSTEM/MANAGER, that isn't REALLY the system password.

Tom Kyte
August 12, 2004 - 8:50 am UTC

user_role_hierarchy is my view, it is above.

SYS...

Connor, August 12, 2004 - 8:56 am UTC

"create that as SYS"

Oh dear...thats breaking some rules

:-)

Tom Kyte
August 12, 2004 - 9:32 am UTC

never say never, never say always i always say ;)

more

Connor and Chris don't just spend all day on AskTOM. You can also catch regular content via Connor's blog and Chris's blog. Or if video is more your thing, check out Connor's channel and Chris's channel from their Youtube channels. And of course, keep up to date with AskTOM via the official twitter account.

More to Explore

PL/SQL demos

Check out more PL/SQL tutorials on our LiveSQL tool.

PL/SQL docs

PL/SQL reference manual from the Oracle documentation library