SQL> CREATE USERuser01
IDENTIFIED BY oracle
DEFAULT TABLESPACE tbs1
TEMPORARY TABLESPACE temp
PROFILE default
SQL> GRANT create session, create table TOuser01;
While executing the command to create a table, the user gets thefollowing error message and the CREATE
TABLE.. command fails.
ERROR at line 1:
ORA-01950: no privileges on tablespace
表空间quota概述
Oracle 官网对quota的定义如下: A limit ona resource, such as a limit on the amount of database storage usedby a database user. A database administrator can set tablespacequotas for each Oracle Database username
有关Oracle Quota 这块可以参考Oracle官方文档
http://download.oracle.com/docs/cd/E11882_01/network.112/e16543
quota的日常管理
常见问题
ORA-01536:space
ORA-01950:no privileges ontablespace
解决办法:
alter
alter
grant
注:quota是为了限制用户对表空间的使用,比如你限制用户Guotu在tablespace
所以你需要:
alter
alter
grant
dba_ts_quotas
与quota相关的数据字典视图为dba_ts_quotas,以下是相关的信息
Assigning a Tablespace Quota for the User
You can assign each user a tablespace quota for any tablespace(except a temporary tablespace). Assigning a quota accomplishes thefollowing:
Users with privileges to create certain types of objects can createthose objects in the specified tablespace.
Oracle Database limits the amount of space that can be allocatedfor storage of a user's objects within the specified tablespace tothe amount of the quota.
By default, a user has no quotaon any tablespace in the database. If the user has the privilege tocreate a schema object, then you must assign a quota to allow theuser to create objects. At a minimum, assign users a quota for thedefault tablespace, and additional quotas for other tablespaces inwhich they can create objects.
可以使用下列语句来创建用户
CREATE USERjward
配额的指定可以禁止用户的对象使用过多的表空间
You can assign a user either individual quotasfor a specific amount of disk space in each tablespace or anunlimited amount of disk space in all tablespaces. Specific quotasprevent a user's objects from using too much space in thedatabase.
You can assign quotas to a user tablespace when you create theuser, or add or change quotas later. (You can find existing userquotas by querying the USER_TS_QUOTAS view.) 。
(1)If a user has already exceeded a new tablespace quota, then theobjects of a user in the tablespace cannot be allocated more spaceuntil the combined space of these objects is less than the newquota.
(2)If a user has not exceeded a new tablespace quota, or if thespace used by the objects of the user in the tablespace falls undera new tablespace quota, then the user's objects can be allocatedspace up to the new quota.
Restricting the QuotaLimits for User Objects in a Tablespace
You can restrict the quota limits for user objectsin a tablespace by using the ALTER USER SQL statement to change thecurrent quota of the user to zero.
For example, you could not insert data into one of this user'sexiting tables. The operation will fail with an ORA-1536 spacequota exceeded for tables error.
Granting Users the UNLIMITEDTABLESPACE System Privilege
To permit a user to use an unlimited amount of any tablespace inthe database, grant the user the UNLIMITED TABLESPACE systemprivilege. This overrides all explicit tablespace quotas for theuser. If you later revoke the privilege, then you must explicitlygrant quotas to individual tablespaces. You can grant thisprivilege only to users, not to roles.
Before granting the UNLIMITED TABLESPACE system privilege, you mustconsider the consequences of doing so.
Advantage:
You can grant a user unlimited access to all tablespaces of adatabase with one statement.
Disadvantages:
(1)The privilege overrides all explicit tablespace quotas for theuser.
(2)You cannot selectively revoke tablespace access from a user withthe UNLIMITED TABLESPACE privilege. You can grant selective orrestricted access only after revoking the privilege.
Listing All Tablespace Quotas
Use the DBA_TS_QUOTAS view to list all tablespace quotasspecifically assigned to each user. For example:
SELECT * FROM DBA_TS_QUOTAS;
----------
USERS
USERS
When specific quotas are assigned, the exact number isindicated in the MAX_BYTES column . This number is always amultiple of the database block size, so if you specify a tablespacequota that is not a multiple of the database block size, then it isrounded up accordingly. Unlimited quotas are indicatedby -1.
注意当对用户赋予resource角色时将同时赋予unlimitedtablespace的系统权限。详情见下文
创建用户
SQL> create user test_privs identified bytest_privs default tablespace users;
User created.
SQL> select * from dba_sys_privs whereGRANTEE='TEST_PRIVS';
no rows selected
赋予resource角色
SQL> grant resource to TEST_PRIVS;
Grant succeeded.
查询resource角色所具有的系统权限
SQL> select * from dba_sys_privs whereGRANTEE='RESOURCE';
GRANTEE
---------------------------------------------------------------------- ---
RESOURCE
RESOURCE
RESOURCE
RESOURCE
RESOURCE
RESOURCE
RESOURCE
RESOURCE
查看用户所具有的角色
SQL> select * from dba_role_privs whereGRANTEE='TEST_PRIVS';
GRANTEE
------------------------------ ------------------------------ ------
TEST_PRIVS
查询用户所具有的系统权限
SQL> select * from dba_sys_privs whereGRANTEE='TEST_PRIVS';
GRANTEE
---------------------------------------------------------------------- ---
TEST_PRIVS
可以看到,Oracle默认的把unlimitedtablespace的系统权限赋予了用户
查询表空间
SQL> selectTABLESPACE_NAME,USERNAME,BYTES,MAX_BYTES from dba_ts_quotas;
TABLESPACE_NAME
------------------------------ ---------- --------------------
INDX
SYSAUX
USERS
SYSAUX
SYSAUX
TRANS
可以看到对于具有unlimitedtablespace系统权限的用户,在dba_ts_quota上没有体现。
这里补充说一句,一般创建用户时,如果没有特殊需求只要将resource和connect角色赋予用户即可。
SQL>select * fromdba_sys_privs where GRANTEE= 'CONNECT';
ROLE
---------------------------------------------------------------------- ---
CONNECT
SQL> grant resource,connect to test_privs;
Grant succeeded.