关于expdp,impdp操作需要的权限

一直对 DATAPUMP_EXP_FULL_DATABASE 和 DATAPUMP_IMP_FULL_DATABASE 这两个权限有误解，以为是导全库的时候才需要这个权限，翻了文档后才知道，不是的.

Many Data Pump Export and Import operations require the user to have the DATAPUMP_EXP_FULL_DATABASE role and/or the DATAPUMP_IMP_FULL_DATABASE role. These roles are automatically defined for Oracle databases when you run the standard scripts that are part of database creation. (Note that although the names of these roles contain the word FULL, these roles are actually required for all export and import modes, not only Full mode.)

我们可以从$ORACLE_HOME/rdbms/admin/catdpb.sql 一窥该权限的全貌。

-- $ORACLE_HOME/rdbms/admin/catdpb.sql

...
Rem    NAME
Rem      catdpb.sql - Main install script for all DataPump package body
Rem                   components

...

-------------------------------------------------------------------------
Rem Set up application roles to to be enabled for privileged users
-------------------------------------------------------------------------

CREATE ROLE datapump_exp_full_database;
CREATE ROLE datapump_imp_full_database;

GRANT exp_full_database          TO datapump_exp_full_database;
Rem Following grant needed for fgac test in dpx3f2
GRANT create table               TO datapump_exp_full_database;
GRANT create session             TO datapump_exp_full_database;

GRANT alter resource cost        TO datapump_imp_full_database;
GRANT alter user                 TO datapump_imp_full_database;
GRANT audit any                  TO datapump_imp_full_database;
GRANT audit system               TO datapump_imp_full_database;
GRANT create session             TO datapump_imp_full_database;
GRANT alter profile              TO datapump_imp_full_database;
GRANT create profile             TO datapump_imp_full_database;
GRANT delete any table           TO datapump_imp_full_database;
GRANT execute any operator       TO datapump_imp_full_database;
GRANT grant any privilege        TO datapump_imp_full_database;
GRANT grant any object privilege TO datapump_imp_full_database;
GRANT grant any role             TO datapump_imp_full_database;
GRANT imp_full_database          TO datapump_imp_full_database;
GRANT select any table           TO datapump_imp_full_database;
GRANT alter database             TO datapump_imp_full_database;

Rem The following grant is needed to make loopback network jobs work right
Rem Since the application role makes it disappear otherwise.

GRANT exp_full_database          TO datapump_imp_full_database;

GRANT export full database TO dba;
GRANT import full database TO dba;
GRANT datapump_exp_full_database TO dba;
GRANT datapump_imp_full_database TO dba;

Rem DataPump roles are not documented so also grant them to old exp/imp roles

Rem Following grant needed for fgac test in dpx3f2
GRANT create table               TO exp_full_database;
GRANT create session             TO exp_full_database;

GRANT alter resource cost        TO imp_full_database;
GRANT alter user                 TO imp_full_database;
GRANT audit any                  TO imp_full_database;
GRANT audit system               TO imp_full_database;
GRANT create session             TO imp_full_database;
GRANT alter profile              TO imp_full_database;
GRANT create profile             TO imp_full_database;
GRANT delete any table           TO imp_full_database;
GRANT execute any operator       TO imp_full_database;
GRANT grant any privilege        TO imp_full_database;
GRANT grant any object privilege TO imp_full_database;
GRANT grant any role             TO imp_full_database;
GRANT select any table           TO imp_full_database;
GRANT alter database             TO imp_full_database;



-------------------------------------------------------------------------
--     Public view defs (DBA_/USER_*) go here.
-------------------------------------------------------------------------

--  Fixed (virtual) View Declarations, Synonyms, and Grants
CREATE OR REPLACE VIEW SYS.V_$DATAPUMP_JOB AS
  SELECT * FROM SYS.V$DATAPUMP_JOB;
CREATE OR REPLACE PUBLIC SYNONYM V$DATAPUMP_JOB FOR SYS.V_$DATAPUMP_JOB;
GRANT SELECT ON SYS.V_$DATAPUMP_JOB TO SELECT_CATALOG_ROLE;

CREATE OR REPLACE VIEW SYS.V_$DATAPUMP_SESSION AS
  SELECT * FROM SYS.V$DATAPUMP_SESSION;
CREATE OR REPLACE PUBLIC SYNONYM V$DATAPUMP_SESSION FOR
  SYS.V_$DATAPUMP_SESSION;
GRANT SELECT ON SYS.V_$DATAPUMP_SESSION TO SELECT_CATALOG_ROLE;

CREATE OR REPLACE VIEW SYS.GV_$DATAPUMP_JOB AS
  SELECT * FROM SYS.GV$DATAPUMP_JOB;
CREATE OR REPLACE PUBLIC SYNONYM GV$DATAPUMP_JOB FOR SYS.GV_$DATAPUMP_JOB;
GRANT SELECT ON SYS.GV_$DATAPUMP_JOB TO SELECT_CATALOG_ROLE;

CREATE OR REPLACE VIEW SYS.GV_$DATAPUMP_SESSION AS
  SELECT * FROM SYS.GV$DATAPUMP_SESSION;
CREATE OR REPLACE PUBLIC SYNONYM GV$DATAPUMP_SESSION FOR
  SYS.GV_$DATAPUMP_SESSION;
GRANT SELECT ON SYS.GV_$DATAPUMP_SESSION TO SELECT_CATALOG_ROLE;

原文链接：https://blog.csdn.net/weixin_33681778/article/details/91671303

关于expdp,impdp操作需要的权限

继续阅读

ERROR 1 (HY000): Can't create/write to file '/tmp/#sql_4188_1.MYI' (Errcode: 28)

艰难安装LDAP,SSL认证

《Linux命令行与Shell脚本编程大全第2版.布卢姆》pdf

MySQL的4种隔离级别？出现问题

ACS基本配置-权限等级管理

XX系统实施过程问题总结

无组件上传图片到数据库中，最完整解决方案

【MySQL数据库】数据库索引事务1.索引2.事务

传说FreeBSD等比Linux更稳定，更“健壮”

无人机--飞控科普

27 Best Free Eclipse Plug-ins for Java Developer to be ProductiveCode Quality PluginsText Editor PluginsDependency ManagementVersion Control Integration PluginsFramework Development Continuous Integration Related PluginsOther Utility Plugins

neo4j之cypher使用文档

NOSQL安全攻击

mybatis_入门程序Mybatis入门

登录plsql 报错 the account is locked --用户被锁

SequoiaDB巨杉数据库C++驱动概述