HiveBrain v1.2.0
Get Started
← Back to all entries
patternMinor

Do roles have an owner in oracle?

Submitted by: @import:stackexchange-dba··
0
Viewed 0 times
rolesowneroraclehave

Problem

Suppose that I have logged in to oracle database using user X, then user X creates some roles using create role command. I want to know that is user X the owner of the roles? Can I select all roles created by user X?

Solution

The roles in Oracle Database have no owner as well as directories have no owner.

When the user with CREATE ROLE or SYSDBAprivilege creates the role, he or she is automatically assigned that role WITH ADMIN OPTION which means that the user can subsequently grant that role to other users even if the privilege CREATE ROLE is revoked from the user.

You can see what roles are assigned to which users querying DBA_ROLE_PRIVS view, or USER_ROLE_PRIVS if you want to know what roles are assigned to the current user.

Also, a user cannot create a role if the role with the same name already exists. However you can audit role creation and granting. You can do that with AUDIT ROLE statement (if it was for some reason disabled with NOAUDIT ROLE), and then querying DBA_AUDIT_TRAIL view.

Context

StackExchange Database Administrators Q#39321, answer score: 5

Revisions (0)

No revisions yet.