This discussion is archived
4 Replies Latest reply: Dec 13, 2011 2:55 AM by VIRU RSS

Database Vault 11g R2 - ORA-01031: insufficient privileges

VIRU Newbie
Currently Being Moderated
Hi,
I am using ORACLE DATABASE 11g R2. I have installed Oracle Database Vault on this DB and trying to implement it. I am doing a simple exercise which is stated in the oracle doc.

[http://docs.oracle.com/cd/E11882_01/server.112/e23090/cfrulset.htm#CHDIBECJ]

I am trying to create a rule by which if the Boss user is not logged in then Patch user should not be allowed to login.

I did the followings :- (details you can see on the link)

I have created a function - check_boss_logged_in in the DB vault owner account.

Then i granted the EXECUTE privilege on to it for DVSYS user as stated in the doc.
GRANT EXECUTE ON check_boss_logged_in to DVSYS;
The i created a rule with the help of this function
BEGIN
--DVSYS.DBMS_MACADM.DELETE_RULE('Check if Boss Is Logged In');
  DVSYS.DBMS_MACADM.CREATE_RULE(
  rule_name => 'Check if Boss Is Logged In',
  rule_expr => 'SYS_CONTEXT(''USERENV'',''SESSION_USER'') = ''PATCH_USER'' and DBVOWNER.check_boss_logged_in =  ''TRUE'' ');
  COMMIT;
END;
/
Then later on i am trying to add a rule which contains this function to a RULE SET
BEGIN
/*DVSYS.DBMS_MACADM.delete_rule_from_rule_set(rule_set_name =>  'Dual Connect for Boss and Patch',
     rule_name         => 'Check if Boss Is Logged In'
   );*/
     DVSYS.DBMS_MACADM.ADD_RULE_TO_RULE_SET(
     rule_set_name     => 'Dual Connect for Boss and Patch',
     rule_name         => 'Check if Boss Is Logged In'
   );
END;
/
and i face this error :-
ORA-47362: error adding Rule Check if Boss Is Logged In to Rule Set Dual Connect for Boss and Patch, ORA-01031: insufficient privileges
ORA-06512: at "DVSYS.DBMS_MACUTL", line 55
ORA-06512: at "DVSYS.DBMS_MACUTL", line 398
ORA-06512: at "DVSYS.DBMS_MACADM", line 2676
ORA-01031: insufficient privileges
ORA-06512: at "DVSYS.DBMS_MACADM", line 2187
ORA-06512: at line 6
I have given the privilege to DVSYS , then also i get this error.
can anyone guide me what step should be done here. Please refer the link given at start for the details steps of this exercise.

Thanks in advance.

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points