尝试删除表时出现表权限问题
Informix-SQL(SE) 4.10.DD6 (MS-DOS 6.22):
我创建了一个表:“pcuser”.tablename。我尝试使用以下命令删除此表:
DROP TABLE tablename;
并收到以下错误消息:
545: No write permission for table pcuser.tablename.
由于我的应用程序是单用户并且我不关心限制任何表的权限,因此我安装了没有密码保护的 ISQL 4.10(即没有用户名或密码)启动 SE 引擎所需)。因此,默认且唯一的用户名/表所有者始终是“pcuser”。使用 ISQL 2.10,在删除、创建、读取或写入表时,我不必指定“table-owner”.tablename。不过,我确实将表名上的所有内容授予 public 并将 dba 授予 public。我还在 4.10 中执行了相同的 grant 语句。
删除表时是否必须指定表所有者,例如:
DROP TABLE "pcuser".tablename;
抱歉,我没有 ISQL 4.10 的文档。
以下是表名的 SYSTABAUTH 和 SYSTABLES 行的执行屏幕输出:
SYSTABAUTH:
grantor [pcuser ]
grantee [public ]
tabid [102 ]
tabauth [su-idxa]
SYSTABLES:
tabname [tablename ]
owner [pcuser ]
dirpath [C:\DBFILES.DBS\TABLENAME ]
[ ]
tabid [102 ]
rowsize [256 ]
ncols [48 ]
nindexes [5 ]
nrows [1082594 ]
created [07-13-2010]
version [9 ]
tabtype [T]
audpath [ ]
[ ]
下面是我的应用程序中的两个 sql 过程。第一个正确执行,但第二个失败,并在 drop table 语句上出现 err 545:
{CREATEDB.SQL - First SQL Proc}
DROP DATABASE dbfiles;
CREATE DATABASE dbfiles;
CREATE TABLE tablename
(
col1 char(18),
col2 char(60),
[...]
) in "C:\DBFILES.DBS\TABLENAME";
LOAD FROM "tablename.unl" INSERT INTO tablename;
CREATE UNIQUE INDEX tablename_idx1 ON tablename (col1);
GRANT ALL ON tablename TO PUBLIC;
GRANT DBA TO PUBLIC;
UPDATE STATISTICS;
---
{DROPTAB.SQL - Second SQL Proc}
DROP TABLE tablename;
^
ERROR 545: No Write Permission....
Informix-SQL(SE) 4.10.DD6 (MS-DOS 6.22):
I have a table created as: "pcuser".tablename. I attempted to drop this table with:
DROP TABLE tablename;
and received the following error message:
545: No write permission for table pcuser.tablename.
Since my app is single-user and I'm not concerned with restricting privileges for any table, I installed ISQL 4.10 without password protection (i.e. no user name or password is required to startup the SE engine). So the default and only user name/table owner is always "pcuser". With ISQL 2.10, I didn't have to specify "table-owner".tablename when dropping, creating, reading or writing to a table. However I did grant all on tablename to public and grant dba to public. I also executed the same grant statements in 4.10.
Do I have to specify the table owner when dropping a table like:
DROP TABLE "pcuser".tablename;
Sorry, I don't have the documentation for ISQL 4.10.
The following are perform.out screen outputs of SYSTABAUTH and SYSTABLES row for tablename:
SYSTABAUTH:
grantor [pcuser ]
grantee [public ]
tabid [102 ]
tabauth [su-idxa]
SYSTABLES:
tabname [tablename ]
owner [pcuser ]
dirpath [C:\DBFILES.DBS\TABLENAME ]
[ ]
tabid [102 ]
rowsize [256 ]
ncols [48 ]
nindexes [5 ]
nrows [1082594 ]
created [07-13-2010]
version [9 ]
tabtype [T]
audpath [ ]
[ ]
Below are two sql procs in my app. The first one properly execs, but the second one fails with the err 545 on the drop table statement:
{CREATEDB.SQL - First SQL Proc}
DROP DATABASE dbfiles;
CREATE DATABASE dbfiles;
CREATE TABLE tablename
(
col1 char(18),
col2 char(60),
[...]
) in "C:\DBFILES.DBS\TABLENAME";
LOAD FROM "tablename.unl" INSERT INTO tablename;
CREATE UNIQUE INDEX tablename_idx1 ON tablename (col1);
GRANT ALL ON tablename TO PUBLIC;
GRANT DBA TO PUBLIC;
UPDATE STATISTICS;
---
{DROPTAB.SQL - Second SQL Proc}
DROP TABLE tablename;
^
ERROR 545: No Write Permission....
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
运行“
finderr -545”,我得到信息:您需要查看数据库目录(dbname.dbs)的目录权限。如果您以“pcuser”身份登录,则需要拥有该目录并有权从中删除文件(以及创建文件等)。
我不确定 DOS(实际上没有用户)的 ISQL 和 SE 如何适应现代版本的 Windows(有用户)。
如果您在任何其他平台上运行,我会建议您不要“GRANT DBA TO PUBLIC”;这是灾难的根源。我仍然不相信这是一个好主意,但我没有任何具体细节可以明确反对它 - 但感觉是错误的;您应该关心谁访问数据库以及谁有能力重建数据库。
回答“我是否必须在 DROP TABLE 语句中指定用户名?”的问题时,答案是“否”。错误消息来自解析和验证查询后的阶段;它理解表名。只是运行查询的用户似乎没有足够的权限来执行请求的操作。
Running '
finderr -545', I get the information:You will need to look at the directory permissions on the database directory (dbname.dbs). If you are logged in as 'pcuser', you need to own the directory and have permission to remove files from it (and create files, etc).
I'm not sure how ISQL and SE from DOS (where there really weren't users) adapt to modern versions of Windows (where there are users).
If you were running on any other platform, I'd be counselling you against 'GRANT DBA TO PUBLIC'; that is a recipe for disaster. I'm still not convinced it is a good idea, but I don't have any specifics that I can point to that definitively argue against it - but it feels wrong; you should be caring who accesses the database and who has the ability to rebuild the database.
Answering the question about 'Do I have to specify the user name in the DROP TABLE statement?', the answer is 'No'. The error message is from a stage after the query has been parsed and validated; it understands the table name. It is just that the user running the query appears to have insufficient privilege to do the requested operation.