I granted connect permissions to an user on a database:
$ db2 grant connect on database to user dbuser
DB20000I The SQL command completed successfully.
but when I try to grant select permissions or dbadm it gives me an error saying the user doesn't have grant permissions, but i am using for connect, select and dbam
$ db2 grant dbadm on database to user dbuser
DB21034E The command was processed as an SQL statement because it was not a
valid Command Line Processor command. During SQL processing it returned:
SQL0552N "TSSADM" does not have the privilege to perform operation "GRANT".
SQLSTATE=42502
According to the GRANT (database authorities) statement, your user have to have SECADM authority in the database to have an ability to grant DBADM. Does your user have such an authority?
Related
I can't grant a new role on all tables. A table denies the query. How can I grant the user to be able run this command?
CREATE ROLE userrole123 WITH LOGIN PASSWORD 'userrole123' VALID UNTIL '2024-01-07 09:37:39.0' INHERIT;
GRANT SELECT ON ALL TABLES IN SCHEMA public TO userrole123;
Output
SQL Error [42501]: ERROR: permission denied for table test
I run this command GRANT USAGE ON SCHEMA public to myusername but it did not solve it.
Thanks
The documentation is pretty outspoken there:
Ordinarily, only the object's owner (or a superuser) can grant or revoke privileges on an object. However, it is possible to grant a privilege “with grant option”, which gives the recipient the right to grant it in turn to others.
So obviously the user who is running the GRANT is neither a superuser, nor does it own test, nor has it been granted the SELECT privilege WITH GRANT OPTION.
I've created a new redshift user like such:
CREATE USER user WITH PASSWORD 'password';
ALTER GROUP group ADD USER user;
grant usage on schema test;
however after connecting to the database i can't run basic commands.
dev=> \dt
ERROR: permission denied for relation pg_class
What step am I missing? Thanks.
created a postgresql instance on AWS with the username ziggy. I restored a database to that instance. however I cannot even select any of the tables
select * FROM mac_childcare_parcels
gives me ERROR: permission denied for relation mac_childcare_parcels
********** Error **********
the owner of that table belongs to the postgres login.
so i tried running this: grant all privileges on all tables in schema public to ziggy but since I am not a superuser I cannot give myself privileges so that throws a permissions error. what do I have to do to get access to the tables?
this does not work either
grant select on mac_childcare_parcels to ziggy
this query returns successful but does not let the login ziggy access the tables
GRANT USAGE ON SCHEMA public TO ziggy;
First login with superuser and provide all rds superuser access to the newly created user using a command like below
GRANT rds_superuser TO ziggy;
replace rds_superuser with your rds superuser.
You need to also GRANT USAGE on the SCHEMA, e.g.
GRANT USAGE ON SCHEMA public TO ziggy;
The superuser access is needed to run the access level queries. But as you said that access is not present then i would say copy the replica of the db which you have restored from backup and grant yourself as superuser.
then provide all needed access to any users.
I created a new connection in Oracle SQL Developer. Under this new connection, I created a new user. Now, I'm trying to grant roles and System privileges to this new user. I get the following error while trying to grant system privileges to the new user:
The new user has been granted all the roles successfully. However, I'm unable to grant all system privileges to it.
UPDATE:
I followed this and this links to grant sysdba privilege to the new user using the command prompt. I'm able to grant sysdba to this new user. However, when I try to grant all system privileges from the Oracle sql Developer, I get the same error (specified in the screenshot above). I am trying to grant all the system privilege to the new user because I'm getting following error while trying to access the tables of the database.
Recently I had to change my OS to Windows 10. Earlier I had Windows 7 and I didn't have any of this issues. Is this issue related to OS? Is there any problem to use Oracle SQL Developer in Windows 10?
Please refer to this blog
The ORA-01031: "insufficient privileges" error occurs when you attempt
to execute a program or function for which you have not been granted
the appropriate privileges.
For the DBA, the ORA-01031 can happen if the target OS executables do
not have read and execute permissions (e.g. (770) in UNIX/Linux), and
ensure that the oracle user is a member of the dba group (e.g.
/etc/group). There are similar permission in the Windows registry.
Inside Oracle, the "ORA-01031: insufficient privileges" error can be
avoided by signing on "as sysdba" with unlimited database privileges.
The oerr utility notes this on the ORA-01031 error:
ORA-01031: insufficient privileges
Cause: An attempt was made to change the current username or password
without the appropriate privilege. This error also occurs if
attempting to install a database without the necessary operating
system privileges. When Trusted Oracle is configure in DBMS MAC, this
error may occur if the user was granted the necessary privilege at a
higher label than the current login.
Action: Ask the database administrator to perform the operation or
grant the required privileges. For Trusted Oracle users getting this
error although granted the appropriate privilege at a higher label,
ask the database administrator to re-grant the privilege at the
appropriate label.
You should be connected as SYS or SYSTEM in order to grant SYSDBA. Are you?
For example:
connect sys/pwd#db as sysdba
grant sysdba to santobedi;
Connect as sysdba
bash-4.2$ $ORACLE_HOME/bin/sqlplus / as sysdba
show user will show user as 'SYS'
show con_name will display CDB$ROOT
SQL> alter session set container=PDB19;
Session altered.
SQL> grant sysdba to ggadmin;
Grant succeeded.
A fresh installation of PostgreSQL 9.3 (according to the YUM Installation manual on the PostgreSQL wiki) on CentOS 6 (64-bit) will not grant permissions to any users.
I log in to the postgres user and open psql, then I create a role for my default user:
CREATE ROLE <name> WITH PASSWORD '<password>';
and then try to grant it privileges on the default postgres database:
GRANT ALL ON DATABASE postgres TO <user>;
which gives the expected output, but the user does not have any permissions on postgres.
The output of \dp <user> is quizically empty as well. Additional testing shows that I cannot give any users permissions. However, when I try to drop a role that has been granted these nonexistent permissions, it says
ERROR: role "<user>" cannot be dropped because some objects depend on it
DETAIL: privileges for database postgres
I am at a loss. I did also check to make sure the postgres Linux user has the appropriate file permissions on the PostgreSQL data directory.
Presumably you're expecting too much of GRANT ALL ON DATABASE postgres TO <user>;
ALL in this context means that the command is equivalent to:
GRANT CREATE,CONNECT,TEMPORARY ON DATABASE postgres TO <user>;
And the way you create the ROLE, it cannot login to any database anyway (you can check this with \du).
It could if it was created with:
CREATE ROLE name WITH LOGIN PASSWORD 'pass';
or use ALTER ROLE name WITH LOGIN later on.
Starting from this, to give the user permissions to create objects in the database, other forms of GRANT should be used.