Shulou(Shulou.com)06/01 Report--

Small knowledge points about OCP, limited startup of instances, many knowledge points of instance startup, are also the focus of OCP learning, so you need to read more official documents and do more tests. Restricting Access to an Instance at Startup You can start an instance, and optionally mount and open a database, in restricted mode so that the instance is available only to administrative personnel (not general database users).Use this mode of instance startup when you must accomplish one of the following tasks:--Instance start-up Restricting mode is applicable to scenarios, must be that we do not want other connections to access data, make changes to database data, backup data, loader, temporarily prevent upgraded migration will often be used.·Perform an export or import of data·Perform a data load (with SQL*Loader)·Temporarily prevent typical users from using data·Perform certain migration or upgrade operationsTypically, all users with the CREATE SESSION system privilege can connect to an open database. Opening a database in restricted mode allows database access only to users with both the CREATE SESSION and RESTRICTED SESSION system privilege. Only database administrators should have the RESTRICTED SESSION system privilege. Further, when the instance is in restricted mode, a database administrator cannot access the instance remotely through an Oracle Net listener, but can only access the instance locally from the system that the instance is running on. The following command starts an instance (and mounts and opens the database) in restricted mode: Small Experiment: [root@11g-ocp ~]# su - oracle$sqlplus / as sysdbaSQL*Plus: Release 11.2.0.4.0 Production on Wed Dec 12 18:12:11 2018Copyright (c) 1982, 2013, Oracle. All rights reserved.Connected to:Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit ProductionWith the Partitioning, Automatic Storage Management, OLAP and Real Application Testing optionsSQL> startup restrict force ORACLE instance started.-- Total System Global Area 1870647296 bytesFixed Size 2254304 bytesVariable Size 503319072 bytesDatabase Buffers 1358954496 bytesRedo Buffers 6119424 bytesDatabase mounted.Database opened.SQL> drop user roidba;--Delete test user User dropped.SQL> create user roidba identified by roidba;--Create test user User created.SQL> grant connect,resource to roidba;--Grant access succeded.SQL> conn roidba/roidba;ERROR:ORA-01035: only available to users with RESTRICTED SESSION privilege--Login error reported, missing system privileges restricted session Warning: ORACLE You are no longer connected to ORACLE.SQL> conn / as sysdbaConnected.SQL> grant restricted session to roidba;Grant succeeded.-- grant system permissions restricted session SQL> conn roidba/roidbaConnected.-- SQL> conn / as sysdbaConnected.SQL> revoke restricted session from roidba;--revoke permissions Revoke successed.SQL> alter system disable restricted session;--cancel restrictions System altered.SQL> conn roidba/roidba;--revoke permissions and cancel restrictions offset, you can continue to log in Connected.SQL> These are small knowledge points of OCP, we have time to do more tests. Be sure to do more, read more documents, and think more.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.