我创建了一个组:JK,然后我又创建了一个新的数据库用户monitor,并且指定该用户所属组是JK.然后我在数据库中指定SYSMON_GROUP=JK,最后我用monitor连接到数据库,查询当前的权限:
Direct SYSADM authority = NO
Direct SYSCTRL authority = NO
Direct SYSMAINT authority = NO
Direct DBADM authority = NO
Direct CREATETAB authority = NO
Direct BINDADD authority = NO
Direct CONNECT authority = NO
Direct CREATE_NOT_FENC authority = NO
Direct IMPLICIT_SCHEMA authority = NO
Direct LOAD authority = NO
Direct QUIESCE_CONNECT authority = NO
Direct CREATE_EXTERNAL_ROUTINE authority = NO
Direct SYSMON authority = NO
Indirect SYSADM authority = NO
Indirect SYSCTRL authority = NO
Indirect SYSMAINT authority = NO
Indirect DBADM authority = NO
Indirect CREATETAB authority = NO
Indirect BINDADD authority = YES
Indirect CONNECT authority = NO
Indirect CREATE_NOT_FENC authority = NO
Indirect IMPLICIT_SCHEMA authority = NO
Indirect LOAD authority = NO
Indirect QUIESCE_CONNECT authority = NO
Indirect CREATE_EXTERNAL_ROUTINE authority = NO
Indirect SYSMON authority = YES
然后我又执行 db2 list tablespaces,发现monitor用户可以执行该命令,但是我记得好像SYSMON没有执行db2 list tablespaces的权限,难道是PUBLIC组里面还需要改动吗?
请指教一下。我的目的是让monitor用户不能执行db2 list tablespaces命令的权限。
收起