Skip to main content

Welcome to DBA Master – Database Tips, Tricks, and Tutorials

Welcome to DBA Master ! This blog is dedicated to all things related to database administration , SQL optimization , and performance tuning . Whether you're a beginner or a seasoned DBA, you'll find practical guides, troubleshooting tips, and real-world tutorials to help you work smarter with data. What to Expect: SQL performance tuning tips Indexing strategies Backup and recovery best practices High availability and replication techniques Database creation, configuration, and setup Monitoring queries and scripts for proactive performance management Migration guides across different database platforms Security essentials and best practices Recommended tools for DBAs Real-world error fixes and how to solve them Stay tuned — exciting content is coming soon. Feel free to bookmark and share: www.dbamaster.com ! Thanks for visiting!
Post a Comment

PostgreSQL User & Role Management

Users and Roles:

PostgreSQL manages database access permissions using the concept of roles. A role can be thought of as either a database user, or a group of database users, depending on how the role is set up. 

Roles can own database objects (for example, tables and functions) and can assign privileges on those objects to other roles to control who has access to which objects.

Furthermore, it is possible to grant membership in a role to another role, thus allowing the member role to use privileges assigned to another role.

Role Attributes:

CREATEDB                    NOCREATEDB
CREATEROLE             NOCREATEROLE
LOGIN                        NOLOGIN
SUPERUSER                NOSUPERUSER
INHERIT                    NOINHERIT
BYPASSRLS                NOBYPASSRLS
REPLICATION                NOREPLICATION
PASSWORD
ENCRYPTED PASSWORD
CONNECTION LIMIT
VALID UNTIL

work scenarios examples:

postgres=# create role readrole;
CREATE ROLE
postgres=#
postgres=# \du
                             List of roles
 Role name |                         Attributes
-----------+------------------------------------------------------------
 postgres  | Superuser, Create role, Create DB, Replication, Bypass RLS
 readrole  | Cannot login
postgres=#
postgres=# create role rwrole;
CREATE ROLE
postgres=# \du+
                                    List of roles
 Role name |                         Attributes                         | Description
-----------+------------------------------------------------------------+-------------
 postgres  | Superuser, Create role, Create DB, Replication, Bypass RLS |
 readrole  | Cannot login                                               |
 rwrole    | Cannot login                                               |

postgres=#
postgres=# grant usage ON schema public TO readrole ;
GRANT
postgres=#
postgres=# grant select on all tables in schema public TO readrole ;
GRANT
postgres=# grant usage ON schema public TO rwrole ;
GRANT
postgres=# grant all ON
aaa                       ALL SEQUENCES IN SCHEMA   emp                       information_schema.       PROCEDURE                 SEQUENCE                  TYPE
ALL FUNCTIONS IN SCHEMA   ALL TABLES IN SCHEMA      FOREIGN DATA WRAPPER      LANGUAGE                  public.                   TABLE
ALL PROCEDURES IN SCHEMA  DATABASE                  FOREIGN SERVER            LARGE OBJECT              ROUTINE                   TABLESPACE
ALL ROUTINES IN SCHEMA    DOMAIN                    FUNCTION                  PARAMETER                 SCHEMA                    test

postgres=# grant all privileges on all tables in schema public to rwrole ;
GRANT

postgres=# \c postgres dev
You are now connected to database "postgres" as user "dev".

postgres=> \dt+
                                     List of relations
 Schema | Name | Type  |  Owner   | Persistence | Access method |    Size    | Description
--------+------+-------+----------+-------------+---------------+------------+-------------
 public | aaa  | table | postgres | permanent   | heap          | 16 kB      |
 public | emp  | table | postgres | permanent   | heap          | 24 MB      |
 public | test | table | postgres | permanent   | heap          | 8192 bytes |
(3 rows)

postgres=> select * from aaa;
 id | name
----+-------
  2 | sdsad
  1 | muthu
(2 rows)

postgres=> insert into aaa values (1,'sadsa');
ERROR:  permission denied for table aaa

postgres=# \c postgres dba
You are now connected to database "postgres" as user "dba".
postgres=> select * from aaa ;
 id | name
----+-------
  2 | sdsad
  1 | muthu
(2 rows)

postgres=> insert into aaa values (3,'siva');
INSERT 0 1

How to grant access to users in PostgreSQL?

Here are some common statement to grant access to a PostgreSQL user:

Grant CONNECT to the database:

GRANT CONNECT ON DATABASE database_name TO username;

Grant USAGE on schema:

GRANT USAGE ON SCHEMA schema_name TO username;

Grant on all tables for DML statements: SELECT, INSERT, UPDATE, DELETE:

GRANT SELECT, INSERT, UPDATE, DELETE ON ALL TABLES IN SCHEMA schema_name TO username;

Grant all privileges on all tables in the schema:

GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA schema_name TO username;

Grant all privileges on all sequences in the schema:

GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA schema_name TO username;

Grant all privileges on the database:

GRANT ALL PRIVILEGES ON DATABASE database_name TO username;

Grant permission to create database:

ALTER USER username CREATEDB;

Make a user superuser:

ALTER USER myuser WITH SUPERUSER;

Remove superuser status:

ALTER USER username WITH NOSUPERUSER;

Those statements above only affect the current existing tables. To apply to newly created tables, you need to use alter default. For example:

ALTER DEFAULT PRIVILEGES FOR USER username IN SCHEMA schema_name GRANT SELECT, INSERT, UPDATE, DELETE ON TABLES TO username;

How to show particular user table privileges:

postgres=> \c postgres postgres
You are now connected to database "postgres" as user "postgres".

postgres=#
postgres=# select table_schema,table_name,privilege_type from information_schema.role_table_grants where grantee='dba';
 table_schema | table_name | privilege_type
--------------+------------+----------------
(0 rows)

postgres=# select table_schema,table_name,privilege_type from information_schema.role_table_grants where grantee='dev';
 table_schema | table_name | privilege_type
--------------+------------+----------------
(0 rows)

postgres=# select table_schema,table_name,privilege_type from information_schema.role_table_grants where grantee='rwrole';
 table_schema | table_name | privilege_type
--------------+------------+----------------
 public       | test       | INSERT
 public       | test       | SELECT
 public       | test       | UPDATE
 public       | test       | DELETE
 public       | test       | TRUNCATE
 public       | test       | REFERENCES
 public       | test       | TRIGGER
 public       | emp        | INSERT
 public       | emp        | SELECT
 public       | emp        | UPDATE
 public       | emp        | DELETE
 public       | emp        | TRUNCATE
 public       | emp        | REFERENCES
 public       | emp        | TRIGGER
 public       | aaa        | INSERT
 public       | aaa        | SELECT
 public       | aaa        | UPDATE
 public       | aaa        | DELETE
 public       | aaa        | TRUNCATE
 public       | aaa        | REFERENCES
 public       | aaa        | TRIGGER
(21 rows)

postgres=# select table_schema,table_name,privilege_type from information_schema.role_table_grants where grantee='readrole';
 table_schema | table_name | privilege_type
--------------+------------+----------------
 public       | test       | SELECT
 public       | emp        | SELECT
 public       | aaa        | SELECT
(3 rows)

Labels:

Comments

Post a Comment

Popular posts from this blog

Oracle Database 19C Performance Tunning - PART 1

Advantages: 1. Improved Query Performance •    Optimized SQL execution plans lead to faster query response times. •    Reduces unnecessary full table scans and improves indexing strategies. •    Parallel execution tuning speeds up large data processing tasks. 2. Better Resource Utilization •    Efficient use of CPU, memory, disk I/O, and network resources. •    Reduces contention on Redo Logs, Undo Tablespaces, and Buffer Cache. •    Helps in load balancing across multiple instances in RAC (Real Application Clusters). 3. Increased System Scalability •    Ensures that the database can handle a growing number of users and transactions. •    Proper tuning allows scaling without degrading performance. •    Optimized parallel processing ensures better performance on multi-core servers. 4. Lower Infrastructure Costs •    Reduces the need for add...
Post a Comment
Read more

Oracle RMAN Backup And Restore

RMAN: (Oracle 8) RMAN (Recovery Manager) is a utility provided by Oracle Database to perform backup, restore, and recovery operations. It is a command line tool. Features of RMAN in Oracle 19c Comprehensive Backup Capabilities: Full and incremental backups. Block-level backups for efficient data storage. Archived redo log backups. Fast Recovery Area (FRA) integration for centralized backup storage. Efficient Recovery Options: Point-in-time recovery (PITR). Complete and incomplete recovery. Flashback database capabilities for quick undo of changes. Multitenant Database Support: RMAN fully supports container databases (CDBs) and pluggable databases (PDBs). Provides flexibility to back up and recover individual PDBs or entire CDBs. Automatic Space Management: Manages disk space in the FRA. Automatically deletes obsolete backups and archived logs. Data Deduplication and Compression: Backup optimization through block-level deduplication. Built-in compression algorithms to reduce storage req...
Post a Comment
Read more

Oracle 19c Database Software Installation in OEL8

 Pre-requisites for OS level:            Set the static IP Address     Disable the Firewall (systemctl stop firewalld & systemctl disable firewalld)     set SELINUX=permissive on /etc/selinux/config  ##Need to restart the server use init 6 Oracle Installation Pre-requisites Methods     Automatic Setup     Manual Setup      Automatic requisites Setup: (avoid step 1 to step 5): dnf install -y oracle-database-preinstall-19c Install the dependencies: curl -o oracle-database-preinstall-19c-1.0-2.el8.x86_64.rpm https://yum.oracle.com/repo/OracleLinux/OL8/appstream/x86_64/getPackage/oracle-database-preinstall-19c-1.0-2.el8.x86_64.rpm dnf -y localinstall oracle-database-preinstall-19c-1.0-2.el8.x86_64.rpm Manual Setup: step 1: Add the karenl parameters and values vi /etc/sysctl.conf     fs.file-max = 6815744 kernel.sem = 250 32000 100 128 kernel....
Post a Comment
Read more