12c Pluggable Database Container Database权限与角色管理

 

pdb role privs

 

oracle@localhost:~$ oerr ora 65050
65050, 00000, “Common DDLs only allowed in CDB$ROOT”
// *Cause: An attempt was made to issue a Common DDL in a pluggable database.
// *Action: Switch to CDB$ROOT and issue the Common DDL there.
//
oracle@localhost:~$ oerr ora 65032
65032, 00000, “a Local Role may only be granted or revoked within the current Container”
// *Cause: A user issued a GRANT or REVOKE statement specifying
// CONTAINER=ALL and listing a Local Role among roles
// to be granted or revoked, which is illegal.
// *Action: If trying to revoke a Local Role, remove CONTAINER=ALL from
// the statement. If trying to revoke Common Privileges and/or
// Roles, remove Local Roles from the list of roles being granted
// or revoked.
//

 

 

LOCAL ROLE/PRIV 不能 grant to  .. CONTAINER=ALL;

 

SQL> grant c##maclean11  to maclean1 container=ALL;
grant c##macleanll to maclean1 container=ALL
*
ERROR at line 1:
ORA-65030: one may not grant a Common Privilege to a Local User or Role

 

 

oracle@localhost:~$ oerr ora 65030
65030, 00000, “one may not grant a Common Privilege to a Local User or Role”
// *Cause: A Common User issued a GRANT statement specifying
// CONTAINER=ALL and naming a Local User or Role as a grantee,
// which is illegal.
// *Action: If trying to grant a Local Privilege, remove CONTAINER=ALL from
// the statement. If trying to grant a Common Privilege, remove
// Local Users and Roles from the list of grantees.
//

 

不能 将COMMON PRIV/ROLE  grant to local user/role container=ALL;