Versions Compared

Old Version 4

changes.mady.by.user richard.nahm

Saved on

compared with

New Version Current

changes.mady.by.user Hess Lee

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • server script
    Change the password after the -p option in the $ALTIBASE_HOME/bin/server script to the new password.

    Code Block
    $ cd $ALTIBASE_HOME/bin
$ vi server
ADMIN="${ALTIBASE_HOME}/bin/isql -u sys -p manager -sysdba -noprompt"
ISQL="${ALTIBASE_HOME}/bin/isql -s localhost -u sys -p manager -silent"

  • ls is script
    Change the password after the -p option in the $ALTIBASE_HOME/bin.ls /is script to the new password.

    Code Block
    languagebash
    $ cd $ALTIBASE_HOME/bin
$ vi is
${ALTIBASE_HOME}/bin/isql -s localhost -u sys -p manager $*

  • il script
    Change the password after the -p option in the $ALTIBASE_HOME/bin/il script to the new password.

    Code Block
    $ cd $ALTIBASE_HOME/bin
$ vi il
${ALTIBASE_HOME}/bin/iloader -S localhost -U SYS -P MANAGER $*

...

Panel

ADMIN="${ALTIBASE_HOME}/bin/isql -u sys -p manager -sysdba -noprompt"

ISQL="${ALTIBASE_HOME}/bin/isql -s localhost -u sys -p manager -silent"

...

b. If an invalid password error occurs even though the above a is applied with the changed password, it is possible that the sys password was changed only with the alter user command and altipasswd was not executed.

In this case, execute altipasswd, apply the changed password, and then try to start the server.

 

Privileges Management

 

DBA Privilege Management (System Privilege Restriction)

ALTIBASE HDB does not have the same function as Oracle's Role.

Check the privileges of the database user and delete any unnecessary system privileges.

How to check

Code Block
titleChecking the system privileges the user has
SELECT A.USER_NAME GRANTEE,
       C.USER_NAME GRANTOR,
       REPLACE(D.PRIV_NAME, '_', ' ') PRIV_NAME
  FROM SYSTEM_.SYS_USERS_ A,
       SYSTEM_.SYS_GRANT_SYSTEM_ B,
       SYSTEM_.SYS_USERS_ C,
       SYSTEM_.SYS_PRIVILEGES_ D
 WHERE C.USER_NAME <> 'SYSTEM_'
   AND B.GRANTEE_ID = A.USER_ID
   AND B.GRANTOR_ID = C.USER_ID
   AND B.PRIV_ID = D.PRIV_ID ;
Code Block
titleSYSTEM privilege of ALTIBASE HDB
languagesql
SELECT DECODE(PRIV_TYPE, 1, 'OBJECT', 'SYSTEM') PRIV_TYPE, PRIV_NAME       -- If PRIV_TYPE is SYSTEM, it means SYSTEM authority.
  FROM SYSTEM_.SYS_PRIVILEGES_
 ORDER BY 1;

How to manage

Code Block
titleRemove SYSTEM privilege
languagesql
REVODE 'System privilege' FROM user;

-- Example of execution
REVOKE CREATE TABLE FROM USER1;

 

Using WITH GRANT OPTION

With WITH GRANT OPTION, the user who has been granted object access privileges can grant the appropriate privileges to other users, so object access privileges can be abused without DBA management.