I am very new to postgres. One of my project is using an RDS postgres instance, the application team created a user and use that user to create the database.
I am trying to grant default privilege to the default postgres user to this application database by running the command below but I am getting an error message.
ALTER DEFAULT PRIVILEGES
FOR USER postgres
IN SCHEMA public
GRANT SELECT, INSERT, UPDATE, DELETE ON TABLES TO postgres;
Error message
ERROR: must be member of role "postgres"
SQL state: 42501
Please advise how I can grant default privilege to postgres user for the database.
You must connect as a superuser to run this command.
I misunderstood my case earlier. Apparently, postgres user was the owner of the database not the app user. So I logged in as postgres and executed the command and it works.
If you did a pgdump to export the database, and then were getting this error on trying to import it. Use -O when creating the pgdump - https://www.postgresql.org/docs/current/app-pgdump.html
Related
I am trying to create a link between two schemas in SQL Developer and I have an error. The querie I am executing is:
CREATE DATABASE LINK dblink
CONNECT TO Matecode IDENTIFIED BY Matecode
USING 'Matecode';
Where Matecode it's the remote user, password and database Schema I want to be conected. Like this:
CREATE DATABASE LINK dblink
CONNECT TO remote_user IDENTIFIED BY password
USING 'remote_database';
But I am receiving this error
00000 - "insufficient privileges"
*Cause: An attempt was made to perform a database operation without
the necessary privileges.
*Action: Ask your database administrator or designated security
administrator to grant you the necessary privileges
The password and the user are ok.
Check you have "create database link" privilege to the schema where you are creating the Database link. if the privilege is not granted use below statement as 'sysdba' user to grant the "create database link" and then try to create the database link.
SQL:
grant CREATE DATABASE LINK to username;
Why a privileged user can't access newly created partition?
PostgreSQL version: 10.0
Suppose my PostgreSQL sever has a user called app with following permissions:
GRANT SELECT, INSERT, UPDATE ON ALL TABLES IN SCHEMA public TO app;
GRANT USAGE ON ALL SEQUENCES IN SCHEMA public to app;
Now this user app can do select, insert and update action for "existing" table/partition (for example: mytable_partition_old) just as my expectation, everything goes well so far.
However, a master account creates a new partition of a table after the GRANT command above by following:
CREATE TABLE IF NOT EXISTS "mytable_partition_new" PARTITION OF mytable FOR VALUES IN('some_value');
After mytable_partition_new is created, the user app got "permission denied for this relation" by executing INSERT INTO mytable_partition_new values (...) command.
I understand it can be resolved by issue GRANT SELECT, .... TO app again.
My question is if there any better way to achieve it?
(we don't have a dedicated DBA and got stucked in this situation for a while..)
The GRANTs you have shown, only granted the privileges for existing objects. To grant the privileges for "future" objects, you need to alter the default privileges:
alter default privileges in schema public
for role master
GRANT SELECT, INSERT, UPDATE ON TABLES TO app;
alter default privileges in schema public
for role master
GRANT USAGE ON SEQUENCES TO app;
The above will only affect future objects, so for the tables (or partitions) you have already created, you need to re-run you original GRANT statements once again.
i want to create a user in oracle 12c but i have a problem.after i enter my user name and psw, this warning displatyed: ORA-65096: invalid common user or role name
If you see this error then first you need to alter the session for oracle 12c:
alter session set "_ORACLE_SCRIPT"=true;
after running above command you can create the user. it will work for sure.
CREATE USER your_username IDENTIFIED BY your_password;
Connect first to your pluggableDB
CONN system/systempassword#//localhost:1521/pluggabledatabase
Than you can create your user:
create user marcopolo identified by marco9274;
Note:
You must have created the database as a container database. While, you are trying to create user in the container, i.e. CDB$ROOT, however, you should create the user in the PLUGGABLE database.
You are not supposed to create objects in the container, the container holds the metadata for the pluggable databases. You should use the pluggable database for you general database operations. Else, do not create it as container, and not use multi-tenancy.
See (error: ORA-65096: invalid common user or role name in oracle)
connect system/manager as sysdba
alter session set "_ORACLE_SCRIPT"=true;
create user your_user_name identified by your_password;
grant dba to your_user_name;
I am trying to set up a user in my Oracle 11g database as such
create user BARRY6 IDENTIFIED by password123;
grant connect to BARRY6;
grant create session to BARRY6;
grant UNLIMITED TABLESPACE to BARRY6;
commit;
This should create the user and provides them with the basic permissions.
All commands executes successfully, However i can not connect with this user.
I get an error
An error was encountered performing the requested operation:
ORA-01031: insufficient privileges
01031. 00000 - "insufficient privileges"
*Cause: An attempt was made to perform a database operation without
the necessary privileges.
*Action: Ask your database administrator or designated security
administrator to grant you the necessary privileges
Vendor code 1031
When i view the USER_ROLE_PRIVS table , there is no permissions in that table for my user
This was happening because the role i was trying to login in as was sysdba. While it should be default.
I know, stupid, but it posting the solution in case other people are creating a user and they make this simple mistake. It was caused by loading the sys connection and just changing the password and not changing the role
There is a table which when I use to execute a query it gets normally executed but when I compile it in a package it is giving an error for that table saying
insufficient privileges
Any idea what I can do about it ?
The user you are using got the privilege to access the table through a role.
Privileges obtained through roles are not in effect inside a PL/SQL program. You need to grant the select (insert,update,delete) privilege directly to the user in question.