【問題背景】：     DMP資料庫檔案在匯入時，提示“IMP-00013只有 DBA 才能匯入由其他 DBA 匯出的檔案”，在跟資料提供方確認是用的非DBA使用者匯出的，而且fromuser，touser的設定正確。     雖然使用者可以通過DBA臨時授權能解決匯入問題，卻使我對這個問題充滿疑惑，研究問題的根本原因，從而對oracle使用者有了新的瞭解。     執行匯入dmp檔案時候：     IMP-00013: only a DBA can Import a file Exported by another DBA     IMP-00000: Import terminated unsuccessfully  【問題原因】    比較兩邊使用者的角色許可權，‘XMISZH’多了‘IMP_FULL_DATABASE，EXP_FULL_DATABASE’許可權。 在給匯入使用者增加‘IMP_FULL_DATABASE’增加授權，解決問題。  【解決問題步驟】        一、查詢匯出資料的使用者具有的角色 1、select * from dba_role_privs where grantee='XMISZH'; GRANTEE GRANTED_ROLE ADMIN_OPTION DEFAULT_ROLE  XMISZH  R_XMISZH NO YES  XMISZH  IMP_FULL_DATABASE NO YES  XMISZH  EXP_FULL_DATABASE NO YES  XMISZH  RESOURCE NO YES  2、結構 SQL> desc dba_role_privs

 Name                                      Null?    Type  ----------------------------------------- -------- ----------------------------  GRANTEE                                            VARCHAR2(30)  GRANTED_ROLE                              NOT NULL VARCHAR2(30)  ADMIN_OPTION                                       VARCHAR2(3)  DEFAULT_ROLE                                       VARCHAR2(3) 3、檢視當前使用者的角色資訊 select * from user_role_privs;

SQL> select * from user_role_privs; USERNAME                       GRANTED_ROLE                   ADM DEF OS_ ------------------------------ ------------------------------ --- --- --- CBSSDATA                      CONNECT                        NO  YES NO CBSSDATA                      DBA                            NO  YES NO CBSSDATA                      RESOURCE                       NO  YES NO SQL> show user; USER is "CBSSDATA" 4、結構 SQL> desc user_role_privs  Name                                      Null?    Type  ----------------------------------------- -------- ----------------------------  USERNAME                                           VARCHAR2(30)  GRANTED_ROLE                                       VARCHAR2(30)  ADMIN_OPTION                                       VARCHAR2(3)  DEFAULT_ROLE                                       VARCHAR2(3)  OS_GRANTED                                         VARCHAR2(3) 二、然後查詢角色具有的系統許可權 role_sys_privs 1、角色'R_XMISZH' select * from role_sys_privs where role='R_XMISZH';   ROLE     PRIVILEGE            ADMIN_OPTION    R_XMISZH CREATE PROCEDURE       NO    R_XMISZH CREATE DATABASE LINK   NO    R_XMISZH SELECT ANY SEQUENCE    NO    R_XMISZH SELECT ANY TABLE       NO    R_XMISZH CREATE ANY TABLE       NO    R_XMISZH SELECT ANY TRANSACTION NO    R_XMISZH CREATE VIEW            NO    R_XMISZH CREATE ANY INDEX       NO    R_XMISZH SELECT ANY DICTIONARY  NO  2、角色 'RESOURCE' select * from role_sys_privs where role='RESOURCE';   ROLE     PRIVILEGE          ADMIN_OPTION    RESOURCE CREATE TRIGGER     NO    RESOURCE CREATE SEQUENCE    NO    RESOURCE CREATE CLUSTER     NO    RESOURCE CREATE TYPE        NO    RESOURCE CREATE PROCEDURE   NO    RESOURCE CREATE TABLE       NO    RESOURCE CREATE INDEXTYPE   NO    RESOURCE CREATE OPERATOR    NO  3、角色'EXP_FULL_DATABASE' select * from role_sys_privs where role='EXP_FULL_DATABASE';   ROLE PRIVILEGE ADMIN_OPTION    EXP_FULL_DATABASE READ ANY FILE GROUP         NO    EXP_FULL_DATABASE EXECUTE ANY PROCEDURE       NO    EXP_FULL_DATABASE SELECT ANY SEQUENCE         NO    EXP_FULL_DATABASE RESUMABLE                   NO    EXP_FULL_DATABASE EXECUTE ANY TYPE            NO    EXP_FULL_DATABASE BACKUP ANY TABLE            NO    EXP_FULL_DATABASE ADMINISTER RESOURCE MANAGER NO    EXP_FULL_DATABASE SELECT ANY TABLE            NO    imp_full_databae 的許可權較多，就不一一列舉 4、結構 SQL> desc role_sys_privs;  Name                                      Null?    Type  ----------------------------------------- -------- ----------------------------  ROLE                                      NOT NULL VARCHAR2(30)  PRIVILEGE                                 NOT NULL VARCHAR2(40)  ADMIN_OPTION                                       VARCHAR2(3)  三、比較匯出使用者'XMISZH'和匯入使用者'XMISDATA'的角色差別，對匯入使用者grant相應的“IMP_FULL_DATABASE”角色，解決問題，資料匯入成功。 SQL> grant imp_full_database to XMISDATA;   結束語，對於問題的解決不要隨意用DBA的最大許可權去解決，要去分析問題的原因，才能對事物有更深的瞭解 ============================================================================================= =================================================================== a、ROLE_SYS_PRIVS    顯示授予角色的系統許可權 檢視資料庫的角色 SQL> select distinct role from role_sys_privs; ROLE ------------------------------ CONNECT RESOURCE EXP_FULL_DATABASE SCHEDULER_ADMIN DBA IMP_FULL_DATABASE b、ROLE_SYS_PRIVS    顯示授予角色的系統許可權 SQL> desc dba_sys_privs;  Name                                      Null?    Type  ----------------------------------------- -------- ----------------------------  GRANTEE                                   NOT NULL VARCHAR2(30)  PRIVILEGE                                 NOT NULL VARCHAR2(40)  ADMIN_OPTION                                       VARCHAR2(3) SQL> select * from dba_sys_privs where grantee='XMIS'; GRANTEE                        PRIVILEGE                                ADM ------------------------------ ---------------------------------------- --- XMIS                       SELECT ANY TRANSACTION                   NO XMIS                       CREATE VIEW                              NO XMIS                       CREATE ANY INDEX                         NO XMIS                       CREATE SESSION                           NO XMIS                       ALTER SYSTEM                             NO c、查詢某個使用者具有的角色： select grantee,granted_role from dba_role_privs where grantee='WJW'; 查詢某個使用者具有的系統許可權： select grantee,privilege from dba_sys_privs where grantee='WJW'; 查詢某個角色中具有什麼系統許可權： select privilege from role_sys_privs where role='RESOURCE'; 查詢某個角色中包含有什麼角色 select granted_role from role_role_privs where role='SYSDBA'; 轉載自：http://blog.sina.com.cn/s/blog_53aed4430101abew.html