Grant privileges to a user for user_lock

user_lock.sleep (3000);
i am using it in my procedure.
is it require to grant privileges to a user for user_lock.

There is no built-in package namely user_lock. Actually it is dbms_lock.
http://download-east.oracle.com/docs/cd/B19306_01/appdev.102/b14258/d_lock.htm#sthref3898
I was using dbms_lock few days ago. Yes dba has to give the privilege to use this package.
SQL> grant execute on dbms_lock to scott;
Grant succeeded.
[My experiment]
http://mamohiuddin.blogspot.com/2007/02/plsql-block-abnormal-termination-ed.html

Similar Messages

How to restrict a schema owner from granting privileges to other users.

How can we restrict a schema owner from granting privileges to other users on his objects (e.g. tables). Lets say we have user called XYZ and he has tables in his schema TAB1, TAB2 an TAB3. How can we restrict user XYZ from granting privileges on TAB1, TAB2 and TAB3 to other users in the database. Is it possible in Oracle 10g R2? Any indirect or direct way to achieve this? Please help on this.
Thanks,
Manohar

Whenever someone is trying to prevent an object owner from doing something, that's generally a sign of a deeper problem. In a production database, the object owner shouldn't generally have CREATE SESSION privileges, so the user shouldn't be able to log in, which would prevent the user from issuing any grants.
As a general rule, you cannot stop an object owner from granting privileges on the objects it owns. You can work around this by creating a database-level DDL trigger that throws an exception if the user issuing the statement is XYZ and the DDL is a GRANT. But long term, you probably want to get to the root of the problem.
Justin
Edited by: Justin Cave on Nov 6, 2008 9:52 PM
Enrique beat me to it.

Grant Privileges to another user

Hi,
I am new to plsql. In course of my learning. I created two tables BOOKS and AUTHORS in orcl database(10g) through SYSDBA.
Again i logged in to SCOTT user account and am unable to see the BOOKS and AUTHORS tables.
Please let me know how do i grant administrative privileges(to edit,delete,insert,update) to SCOTT user for these tables.
Thanks & Regards,
Amrutha.

808099 wrote:
1. Got now that SYSDBA is a role and SYS is user.
2. I was able to login to sqlplus through giving "/ as SYSDBA" as the username. Hence i thought it as user."/ as sysdba" connects to the database as the SYS user using operating system authentication with the SYSDBA role enabled.
3. Secondly, I dont know which schema does my BOOKS table belong to. Because i just ran a create table script in scott/tiger@orcl. PLease suggest how i can know which schema it belongs to.If you connected to the database as the SCOTT user and ran the script to create the table, the table would almost certainly be owned by SCOTT. If you connected to the database as the SYS user and ran the script to create the table, the table would most likely be owned by SYS. If the script specified the schema owner, i.e.
CREATE TABLE library.book ...the table would be created in the specified schema. But you need to have very powerful privileges in order to create objects in other user's schemas and SCOTT does not have those privileges unless you've specifically granted them.
4. Thirdly, I will delete the BOOKS and AUTHORS from SYS and create them in SCOTT user. But thought if GRANT privileges can be an alternative.Not really. It's much better to have the tables owned by the correct schema in the first place. You use grants to allow other users to access (or modify) tables but other users are not going to have the same level of privileges (for example, they're not going to be able to run DDL against the table).
Justin

Error while granting privileges to new user

hi all,
I created new user and i tried to grant privileges to that new user by using ( SQL> CONNECT / AS sysdba;
Connected.
SQL> CREATE USER cdcproj IDENTIFIED BY cdcproj
2 QUOTA UNLIMITED ON SYSTEM
3 QUOTA UNLIMITED ON SYSAUX;
User created.
SQL> GRANT CREATE SESSION TO cdcproj;
Grant succeeded.
SQL> GRANT CREATE TABLE TO cdcproj;
Grant succeeded.
SQL> GRANT SELECT_CATALOG_ROLE TO cdcproj;
Grant succeeded.
SQL> GRANT EXECUTE_CATALOG_ROLE TO cdcproj;
Grant succeeded.
SQL> EXECUTE DBMS_STREAMS_AUTH.GRANT_ADMIN_PRIVILEGE(grantee => 'cdcproj'); PL/SQL procedure successfully completed.
SQL> GRANT ALL ON PL.PROJ_HISTORY TO cdcproj;
Grant succeeded. ). All the commands worked except last command. It is giving error i.e (GRANT ALL ON PL.PROJ_HISTORY TO cdcproj; ) error is ( table / view not exists ).
What i can do. Any help.
Otherwise is there any other method to grant privileges.
Thanks in advance.

What is your Oracle version ?
Are you sure the object PL.PROJ_HISTORY exists ?
What is the output of (using the Oracle account that executes the GRANT):
select * from session_roles;
select * from session_privs;

Granting read/write to user for SQL agent

Hi all, I'm new to SQL, SSMS, TSQL etc. How do I grant read/write permission to a user for SQL agent, so they can see the SQL Server Agent part in object explorer?
Thanks in advance :)

Hi all, I'm new to SQL, SSMS, TSQL etc. How do I grant read/write permission to a user for SQL agent, so they can see the SQL Server Agent part in object explorer?
Thanks in advance :)
Please refer to below two links
http://msdn.microsoft.com/en-us/library/ms187901.aspx
http://msdn.microsoft.com/en-us/library/ms188283.aspx
Please mark this reply as answer if it solved your issue or vote as helpful if it helped so that other forum members can benefit from it.
My TechNet Wiki Articles

Grant privileges to the user to edit only his own information

Hi all,
my Portal version is 9.0.4.0.99
I would like to grant to all users the privilege to change/edit only his own information.
When I go to the Administer Tab, enter the username in the portlet User, and then I check the checkbox: "Allow User editing", then this User can edit all users.
How can I grant the privilege to edit only his own information?
Regards
Leonid Pavlov

The Portal does not expose the DAS Edit My Profile link until version 10.1.4. Prior to this version, if the associated DAS actually supports this, you can just add the link on your portal page as a URL item:
http://host.domain.com:7777/oiddas/ui/oracle/ldap/das/mypage/AppEditMyPage?homeURL=http%3A%2F%2Fhost.domain.com%3A7778%2Fpls%2Fportal &doneURL=http%3A%2F%2Fhost.domain.com%3A7778%2Fpls%2Fportal&cancelURL=http%3A%2F%2Fhost.domain.com%3A7778%2Fpls%2Fportal
I.e., it takes the url:
<infra-host>/oiddas/ui/oracle/ldap/das/mypage/AppEditMyPage
with 3 url-encoded parameters:
homeURL - link rendered with Home icon in DAS
doneURL - target for [ OK ] in DAS
cancelURL - target for [ Cancel ] in DAS

Grant Privileges in Database Vault for DATAPUMP.

HI,
I am using ORACLE DATABASE 11g R2.
I have installed/enabled DATABASE VAULT 11g on it.
I have configured many user in it for privileges like 'SELECT on table','INSERT on table' ,DELETE .....
I want to give a user DATAPUMP privilege so that he can export and import.
I have 2 users.
1) MAIN
2) BACKUP
MAIN user is the owner and the most important schema. Now i want one more schema named 'BACKUP' which will be able to take backup from MAIN schema. NO OTHER SCHEMA SHOULD BE ALLOWED TO TAKE BACKUP OF MAIN SCHEMA NOT EVEN SYS.
*Can anyone tell me how i can grant proper privilege to BACKUP schema so that he can use DATAPUMP and import/export from OS prompt on the MAIN schema.
NOTE :- I have Database vault installed on my server. Please let me know what all RULES or RULE SETS I need to make to make this happen.
Thanks in advance.

I have managed with privileges to grant BACKUP user right to start an IMPORT but i get these errors while importing :-
Failing sql is:
CREATE TABLE "MAIN"."FLX_PM_OFFER_SELECTOR_B" ("USER_NAME" VARCHAR2(50 BYTE), "PRODUCT_GROUP" VARCHAR2(5 BYTE), "REFERENCE_NUM" VARCHAR2(30 BYTE) NOT NULL ENABLE, "SESSION_STATE" VARCHAR2(5 BYTE), "OFFER_FEATURES" BLOB, "RECOMMENDED_OFFERS" VARCHAR2(500 BYTE), "SELECTED_OFFERS" VARCHAR2(500 BYTE), "MAKER_NAME" VARCHAR2(12 BYTE), "MAK
ORA-39083: Object type TABLE:"MAIN"."FLX_PM_ACCOUNT_ROLE_FLOW" failed to create with error:
ORA-47401: Realm violation for CREATE TABLE on MAIN.FLX_PM_ACCOUNT_ROLE_FLOW
{code}
I am getting this error for all the objects :- SYSNONMY,SEQUENCE,
I have granted MAIN users all the privileges but still i am getting these errors. Do i need to create any realm or rule set for this?
Thanks.

Grant privileges to new user + few tables

Hi all. How can I give my new user all privileges for inserting deleting records in some tables...
CREATE USER user1 IDENTIFIED BY user1

May be it will be better to make nobody the owner of the tables?It's definitely a good idea to make somebody else the owner of the table rather than SYSTEM... you shouldn't really be putting your own objects in the SYSTEM schema anyway if you can help it.
Whether NOBODY is the best schema to use depends on what you want the table for. If this is just a test system you are playing about with then it doesn't really matter... but if you are trying to put together a proper development/test system with a plan to move into a production environment then think through what you want (and whether NOBODY is the best name for your application schema).
Saying that, if this is just a database you are 'playing' with to learn some Oracle then you might want to look at granting system privileges rather than object privileges.
GRANT SELECT ANY TABLE TO ALEX;
Will let ALEX select form any table (other than the data dictionary).
Again, though, a word of caution - if you intend to put this into a 'real' system (rather than just one you are learning on) then think it through and only grant what you need. If you go for the 'easy' system privilege now you'll find you'll always be stuck with it because you'll never be 100% certain that you can revoke it without affecting your application.

OID-DAS Granting privileges to User

Hi All,
I am using OID to store user information from different organizations. I am using OIDDAS ( Delegated Administrative Services) to enter user information. To incorporate the delegation model I am able to create a user and give him privilege to add other users. I can also give him privilege to grant privilege to other users. However, for security purposes I do not want them to be able to grant or use the 'Allow Oracle Delegated Administration Services configuration' privilege, that appears by default in the window. Is there I can alter this.
Any help on this will be much appreciated.
Thanks

It can be done but is not as trivial as GRANT priv TO user. The disco privs are stored in the EULx_ACCESS_PRIVS table. Theoretically, you would just have to add records there to implement the privileges.
You'll need to look in the EULx_EUL_USERS to get the user IDs, and youd need to find out the application privilege IDs. They are stored in the EULx_ACCESS_PRIVS table, and there are no descriptions. What you would need to do is create a test user, add one privilege, and see what got added to the EULx_ACCESS_PRIVS table. You could then repeat this process for each priv you would want to grant through a script.

Granting Privileges question

This is not a duplicate post. User Wilhem posted it in the wrong forum.
In the below mentioned link, user CD has provided a quick way to grant privileges to another user. But it didn't work for me. Is there something wrong with with the DECODE expressions?
Re: Granting Privileges question

Instead of granting privileges to a user, i wanted to grant these privileges to a role. So i created a role
CREATE ROLE jenrole;
And then i tried the below mentioned script. But i am getting error
DECLARE
v_sql VARCHAR2(4000);
BEGIN
FOR obj IN (SELECT object_name
, object_type
, DECODE (OBJECT_TYPE,
'PROCEDURE','EXECUTE',
'FUNCTION' ,'EXECUTE',
'PACKAGE' ,'EXECUTE',
'SYNONYM' ,'SELECT' ,
'SELECT, INSERT, UPDATE, DELETE') rights
FROM user_objects)
LOOP
v_sql := 'GRANT '|| obj.rights ||' ON '|| obj.object_name ||' TO JENROLE' ;
dbms_output.put_line(v_sql);
EXECUTE IMMEDIATE v_sql; END LOOP;
END;
ERROR at line 1:
ORA-00911: invalid character
ORA-06512: at line 16
Why am i getting error? The error line is boldened

Can't grant privilege on column to user via role?

Hi:
From what I read in the docs I should be able to create a role that has UPDATE privs on a column of a table, and then grant that role to a user, who should be able to update the column of the table. I get "insufficient privileges" when I try that, although it works as advertised if I grant directly to the user. Am I mis-reading the docs?
Session GAFF:
CREATE TABLE "GAFF"."FOO2"
   (    "F1" NUMBER,
    "F2" NUMBER,
    "F3" VARCHAR2(50),
    "F4" NUMBER,
     CONSTRAINT "FOO2_PK" PRIMARY KEY ("F1")
create role foo2_u_f2;
grant update (f2) on foo2 to foo2_u_f2 ;
grant select on gaff.foo2 to play ;
grant foo2_u_f2 to play ;session PLAY:
update gaff.foo2 set f2 = 1 where f1 = 1ORA-01031: insufficient privileges

Most likely role foo2_u_f2 is not a default role for user play. Initially, when user is created default role is set to ALL. Later it can be changed to NONE or a set of roles. Login as play and issue:
select * from session_roles
/I bet you will not see foo2_u_f2. Then issue:
select granted_role,default_role from user_role_privs
/That will give you a list of user play default roles. You can either issue:
set role foo2_u_f2
/This will enable foo2_u_f2 role in current session. Or you can login as privileged user and issue ALTER USER DEFUALT ROLE ...,foo2_u_f2.
SY.

Granting privilege through role not working for PL/SQL

Version: 11.2.0.2
In our shop, we don't grant privileges directly to a user, we grant it to a role and grant that role to the intended grantee.
Granting privileges through a role seems to be fine with SQL Engine. But it doesn't work from PL/SQL engine.
In the below example GLS_DEV user is granted SELECT access on SCOTT.pets table through a role called tstrole. GLS_DEV can select this table from SQL. But PL/SQL Engine doesn't seem to know this.
Reproducing the issue:
SQL> show user
USER is "SCOTT"
SQL> select * from pets;
NAME
PLUTO
SQL> conn / as sysdba
Connected.
SQL> create user GLS_DEV identified by test1234 default tablespace TSTDATA;
User created.
SQL> alter user GLS_DEV quota 25m on TSTDATA;
User altered.
SQL> grant create session, resource to GLS_DEV;
Grant succeeded.
--- Granting SELECT privilege on scott.pets to tstrole and then grant this role to GLS_DEV.
SQL> conn / as sysdba
Connected.
SQL>
SQL> create role tstrole;
Role created.
SQL> grant select on scott.pets to tstrole;
Grant succeeded.
SQL> grant tstrole to GLS_DEV;
Grant succeeded.
SQL> conn GLS_DEV/test1234
Connected.
SQL>
SQL> select * From scott.pets;
NAME
PLUTO
---- All fine till here. From SQL engine , GLS_DEV user can SELECT scott.pets table.
--- Now , I am going to create a PL/SQL object in GLS_DEV which tries to refer scott.pets
SQL> show user
USER is "GLS_DEV"
create or replace procedure my_proc
is
myvariable varchar2(35);
begin
     select name into myvariable from scott.pets ;
     dbms_output.put_line(myvariable);
end my_proc;
Warning: Procedure created with compilation errors.
SQL> show errors
Errors for PROCEDURE MY_PROC:
LINE/COL ERROR
6/2      PL/SQL: SQL Statement ignored
6/41     PL/SQL: ORA-01031: insufficient privileges
SQL>
SQL> 6
6*    select name into myvariable from scott.pets ;
--- PL/SQL Engine doesn't seem to know that GLS_DEV has select privilege on scott.pets indirectly granted through a role
--- Fix
--- Instead of granting privilege through a role, I am granting the SELECT privilege on scott.pets to GLS_DEV directly.
--- The error goes away, I can compile and execute the procedure !!
SQL> conn / as sysdba
Connected.
SQL>
SQL> grant select on scott.pets to GLS_DEV;
Grant succeeded.
SQL> conn GLS_DEV/test1234
Connected.
SQL>
SQL> create or replace procedure my_proc
is
myvariable varchar2(35);
begin
        select name into myvariable from scott.pets ;
        dbms_output.put_line(myvariable);
end my_proc; 2    3    4    5    6    7    8    9   10
11 /
Procedure created.
SQL> set serveroutput on
SQL> exec my_proc;
PLUTO
PL/SQL procedure successfully completed.Has anyone encountered the same issue ?

You really should start your own new thread for this question instead of resurrecting an old one, but to answer your question.
There are two things going on here. First, there are a number of aler session commands that can be used by any user regardless of what privileges they are granted. Although I do not have the entire list at hand, things like nls_date_format and current_schema are available to all users, sort of like the grants to public in the data dictionary.
Second, when you use execute immediate, the PL/SQL engine never really sees the statement, as far as the compiler is concerned it is just a string. It is only when the string is passed to the sql engine that permissions are checked, and there roles are not enabled.
SQL> create role t_role;
Role created.
SQL> grant select on ops$oracle.t to t_role;
Grant succeeded.
SQL> create user a identified by a default tablespace users;
User created.
SQL> grant create session, create procedure to a;
Grant succeeded.
SQL> grant t_role to a;
Grant succeeded.
SQL> connect a/a
Connected.
SQL> select * from ops$oracle.t;
        ID DESCR
         1 One
         1 Un
SQL> create function f (p_descr in varchar2) return number as
2     l_num number;
3 begin
4     select id into l_num
5     from ops$oracle.t
6     where descr = p_descr;
7     return l_num;
8 end;
9 /
Warning: Function created with compilation errors.
SQL> show error
Errors for FUNCTION F:
LINE/COL ERROR
4/4      PL/SQL: SQL Statement ignored
5/20     PL/SQL: ORA-00942: table or view does not exist
SQL> create or replace function f (p_descr in varchar2) return number as
2     l_num number;
3 begin
4     execute immediate 'select id from ops$oracle.t where descr = :b1'
5                       into l_num using p_descr;
6     return l_num;
7 end;
8 /
Function created.
SQL> select f('One') from dual;
select f('One') from dual
ERROR at line 1:
ORA-00942: table or view does not exist
ORA-06512: at "A.F", line 4John

To grant privileges to user or/and group

Hi,
I need information about to grant privileges on content area and folders.
For example, if I grant privilege to view content on Content area and I grant privilege of Manage Items on folder. Can the users or group add items to folder? Or can they view the content?
Thank you for information,
Noel

I changed the file (sudo vi $ORACLE_HOME/rdbms/admin/externaljob.ora) to read run_user = oracle and run_group = dba. The error remains the same - also after restart of dbconsole. Anyway, the file has note: The user and group specified here should be a lowly privileged user and group for your platform. For Linux this is nobody and nobody. Which it was, and I changed it back to that.
Btw:
SQL> SELECT owner, credential_name, username FROM dba_scheduler_credentials;
no rows selected
SQL> execute DBMS_SCHEDULER.CREATE_CREDENTIAL('oracle','oracle','password');
After the above I was able to select "sys.oracle" as the credential name pull-down menu of the scheduler job edit mode.
And the job succeeded: EXTERNAL_LOG_ID="job_73826_863", USERNAME="oracle"
How does one set credentials if not in the "preferred credential setup" in dbconsole EM?
Edited by: Dude on Jan 14, 2011 2:11 PM

Which view I can query to get the granted objects privilege to a user?

Hi all,
which view I can query to get the granted objects privilege to a user?
for example:
grant execute on accounting.get_name to scott;
Which view has above object granted information?
Thanks

SQL> select * FROM all_tab_privs where grantor = upper('accounting');
no rows selected

Granting Privileges to User

Hi,
Is it possible to grant privileges (like "Manage Scheduled Workbooks
") to the users through backend instead of through OD Administrator? Who can do it and how?
thanks

It can be done but is not as trivial as GRANT priv TO user. The disco privs are stored in the EULx_ACCESS_PRIVS table. Theoretically, you would just have to add records there to implement the privileges.
You'll need to look in the EULx_EUL_USERS to get the user IDs, and youd need to find out the application privilege IDs. They are stored in the EULx_ACCESS_PRIVS table, and there are no descriptions. What you would need to do is create a test user, add one privilege, and see what got added to the EULx_ACCESS_PRIVS table. You could then repeat this process for each priv you would want to grant through a script.

Grant privileges to a user for user_lock

Similar Messages

Maybe you are looking for