Saturday, 28 September 2019

Error 'ORA-28081: Insufficient privileges - the command references a redacted object'


Reason:
-----------ERROR: ORA-28081

Error 'ORA-28081: Insufficient privileges - the command references a redacted object' occurs when performing DML/DDL by a schema on a object where one of the column has a redaction policy enabled.
If a redacted column appears as the source in a DML or DDL operation, then Oracle Data Redaction considers this as an attempt to circumvent the policy and prevents it with the error:
   ORA-28081 "Insufficient privileges - the command references a redacted object."


If a redacted column appears as the source in a DML or DDL operation, then Oracle Data Redaction considers this as an attempt to circumvent the policy and prevents it
with an 'ORA-28081: Insufficient privileges - the command references a redacted object' error unless you have the EXEMPT REDACTION POLICY system privilege.

Apart from a privileges issue it also prevents redacted data to enter the database and in the process lose the original truth.

Solution:

grant exempt redaction policy to ;

grant exempt redaction policy to SAID;

Posted by at 1 comment:
Labels: , , ,

Monday, 15 July 2019

Recover MySQL or MariaDB root Password


[root@said-app ~]# systemctl stop mysqld.service
[root@said-app ~]# systemctl status mysqld.service
● mysqld.service - MySQL Server
   Loaded: loaded (/usr/lib/systemd/system/mysqld.service; enabled; vendor preset: disabled)
   Active: inactive (dead) since Mon 2019-07-15 13:02:37 +06; 9s ago
     Docs: man:mysqld(8)
           http://dev.mysql.com/doc/refman/en/using-systemd.html
  Process: 13543 ExecStart=/usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid $MYSQLD_OPTS (code=exited, status=0/SUCCESS)
  Process: 13520 ExecStartPre=/usr/bin/mysqld_pre_systemd (code=exited, status=0/SUCCESS)
 Main PID: 13546 (code=exited, status=0/SUCCESS)

Jul 15 12:54:15 said-app systemd[1]: Starting MySQL Server...
Jul 15 12:54:16 said-app systemd[1]: Started MySQL Server.
Jul 15 13:02:35 said-app systemd[1]: Stopping MySQL Server...
Jul 15 13:02:37 said-app systemd[1]: Stopped MySQL Server.

[root@said-app ~]# systemctl stop mysqld.service
[root@said-app ~]# systemctl set-environment MYSQLD_OPTS="--skip-grant-tables"
[root@said-app ~]# systemctl start mysqld.service
[root@said-app ~]# systemctl status mysqld.service
● mysqld.service - MySQL Server
   Loaded: loaded (/usr/lib/systemd/system/mysqld.service; enabled; vendor preset: disabled)
   Active: active (running) since Mon 2019-07-15 13:09:09 +06; 2s ago
     Docs: man:mysqld(8)
           http://dev.mysql.com/doc/refman/en/using-systemd.html
  Process: 17109 ExecStart=/usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid $MYSQLD_OPTS (code=exited, status=0/SUCCESS)
  Process: 17087 ExecStartPre=/usr/bin/mysqld_pre_systemd (code=exited, status=0/SUCCESS)
 Main PID: 17112 (mysqld)
   CGroup: /system.slice/mysqld.service
           â””─17112 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid --skip-grant-tables

Jul 15 13:09:08 said-app systemd[1]: Starting MySQL Server...
Jul 15 13:09:09 said-app systemd[1]: Started MySQL Server.

[root@said-app ~]# mysql -u root
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.7.26 MySQL Community Server (GPL)

Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> USE mysql;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Database changed

mysql> update user set authentication_string=PASSWORD("said@321") where User='root' AND Host = 'localhost';
Query OK, 1 row affected, 1 warning (0.00 sec)
Rows matched: 1  Changed: 1  Warnings: 1

mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)

mysql> quit
Bye

[root@said-app ~]# systemctl stop mysqld.service
[root@said-app ~]# systemctl unset-environment MYSQLD_OPTS
[root@said-app ~]# systemctl start mysqld.service
[root@said-app ~]# systemctl status mysqld.service
● mysqld.service - MySQL Server
   Loaded: loaded (/usr/lib/systemd/system/mysqld.service; enabled; vendor preset: disabled)
   Active: active (running) since Mon 2019-07-15 13:17:03 +06; 2s ago
     Docs: man:mysqld(8)
           http://dev.mysql.com/doc/refman/en/using-systemd.html
  Process: 18468 ExecStart=/usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid $MYSQLD_OPTS (code=exited, status=0/SUCCESS)
  Process: 18446 ExecStartPre=/usr/bin/mysqld_pre_systemd (code=exited, status=0/SUCCESS)
 Main PID: 18471 (mysqld)
   CGroup: /system.slice/mysqld.service
           â””─18471 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid

Jul 15 13:17:02 said-app systemd[1]: Starting MySQL Server...
Jul 15 13:17:03 said-app systemd[1]: Started MySQL Server.


[root@said-app ~]# mysql -u root -p
Enter password:
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.7.26 MySQL Community Server (GPL)

Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql>

mysql> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| baveefin           |
| mysql              |
| performance_schema |
| sys                |
+--------------------+
5 rows in set (0.00 sec)

mysql> 
Posted by at No comments:
Labels: ,

Sunday, 7 July 2019

TNS-12546: TNS:permission denied TNS-00516: Permission denied Incoming connection from ip address rejected


Error:

08-JUL-2019 10:09:57 * (CONNECT_DATA=(CID=(PROGRAM=)(HOST=badb1-t7-2)(USER=grid))(COMMAND=status)(ARGUMENTS=64)(SERVICE=LISTENER)(VERSION=202375680)) * status * 0
Incoming connection from 10.212.1.134 rejected
08-JUL-2019 10:10:12 * 12546
TNS-12546: TNS:permission denied
 TNS-12560: TNS:protocol adapter error
  TNS-00516: Permission denied
 
  Incoming connection from xx.xx.xx.xx rejected>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>Incoming connection from xx.xx.xx.xx rejected
 
Reason:

The issue is due to improper setting of tcp.invited_nodes in sqlnet.ora

The scan ip is missing tcp.invited_nodes.

tcp.invited_nodes = (,,, ............)<<<<<<<< 
Solution: 

  -bash-4.1$ cd /d01/app/12.1.0/grid/network/admin/
-bash-4.1$ cat sqlnet.ora
TCP.VALIDNODE_CHECKING = YES
TCP.INVITED_NODES = (10.11.1.134,10.11.1.126,10.11.208.167,10.11.208.115,10.11.208.70)
#TCP.EXCLUDED_NODES = (10.11.208.115,10.11.208.78)
-bash-4.1$


-bash-4.1$ vim sqlnet.ora

TCP.VALIDNODE_CHECKING = YES
#TCP.INVITED_NODES = (10.11.1.134,10.11.1.126,10.11.208.167,10.11.208.115,10.11.208.70)
#TCP.EXCLUDED_NODES = (10.11.208.115,10.11.208.78)
-bash-4.1$ 
Posted by at No comments:
Labels: , ,
Subscribe to: Comments (Atom)