- About MogDB
- Quick Start
- MogDB Playground
- Container-based MogDB Installation
- Installation on a Single Node
- MogDB Access
- Use CLI to Access MogDB
- Use GUI to Access MogDB
- Use Middleware to Access MogDB
- Use Programming Language to Access MogDB
- Using Sample Dataset Mogila
- Characteristic Description
- Overview
- High Performance
- High Availability (HA)
- Primary/Standby
- Logical Replication
- Online Node Replacement
- Logical Backup
- Physical Backup
- Automatic Job Retry upon Failure
- Ultimate RTO
- Cascaded Standby Server
- Delayed Replay
- Adding or Deleting a Standby Server
- Delaying Entering the Maximum Availability Mode
- Parallel Logical Decoding
- DCF
- CM
- Global SysCache
- Using a Standby Node to Build a Standby Node
- Maintainability
- Database Security
- Access Control Model
- Separation of Control and Access Permissions
- Database Encryption Authentication
- Data Encryption and Storage
- Database Audit
- Network Communication Security
- Resource Label
- Unified Audit
- Dynamic Data Anonymization
- Row-Level Access Control
- Password Strength Verification
- Equality Query in a Fully-encrypted Database
- Ledger Database Mechanism
- Transparent Data Encryption
- Enterprise-Level Features
- Support for Functions and Stored Procedures
- SQL Hints
- Full-Text Indexing
- Copy Interface for Error Tolerance
- Partitioning
- Support for Advanced Analysis Functions
- Materialized View
- HyperLogLog
- Creating an Index Online
- Autonomous Transaction
- Global Temporary Table
- Pseudocolumn ROWNUM
- Stored Procedure Debugging
- JDBC Client Load Balancing and Read/Write Isolation
- In-place Update Storage Engine
- Publication-Subscription
- Foreign Key Lock Enhancement
- Data Compression in OLTP Scenarios
- Transaction Async Submit
- Index Creation Parallel Control
- Dynamic Partition Pruning
- COPY Import Optimization
- SQL Running Status Observation
- BRIN Index
- BLOOM Index
- Application Development Interfaces
- AI Capabilities
- Middleware
- Installation Guide
- Installation Preparation
- Container Installation
- PTK-based Installation
- OM-based Installation
- Manual Installation
- Recommended Parameter Settings
- Administrator Guide
- Localization
- Routine Maintenance
- Starting and Stopping MogDB
- Using the gsql Client for Connection
- Routine Maintenance
- Checking OS Parameters
- Checking MogDB Health Status
- Checking Database Performance
- Checking and Deleting Logs
- Checking Time Consistency
- Checking The Number of Application Connections
- Routinely Maintaining Tables
- Routinely Recreating an Index
- Data Security Maintenance Suggestions
- Slow SQL Diagnosis
- Log Reference
- Primary and Standby Management
- MOT Engine
- Introducing MOT
- Using MOT
- Concepts of MOT
- Appendix
- Column-store Tables Management
- Backup and Restoration
- Importing and Exporting Data
- Importing Data
- Exporting Data
- Upgrade Guide
- AI Features Guide
- AI Features Overview
- AI4DB: Autonomous Database O&M
- DBMind Mode
- Components that Support DBMind
- AI Sub-functions of the DBMind
- X-Tuner: Parameter Tuning and Diagnosis
- Index-advisor: Index Recommendation
- AI4DB: Root Cause Analysis for Slow SQL Statements
- AI4DB: Trend Prediction
- SQLdiag: Slow SQL Discovery
- DB4AI: Database-driven AI
- AI in DB
- Intelligence Explain: SQL Statement Query Time Prediction
- Security Guide
- Developer Guide
- Application Development Guide
- Development Specifications
- Development Based on JDBC
- Overview
- JDBC Package, Driver Class, and Environment Class
- Development Process
- Loading the Driver
- Connecting to a Database
- Connecting to the Database (Using SSL)
- Running SQL Statements
- Processing Data in a Result Set
- Closing a Connection
- Managing Logs
- Example: Common Operations
- Example: Retrying SQL Queries for Applications
- Example: Importing and Exporting Data Through Local Files
- Example 2: Migrating Data from a MY Database to MogDB
- Example: Logic Replication Code
- Example: Parameters for Connecting to the Database in Different Scenarios
- JDBC API Reference
- java.sql.Connection
- java.sql.CallableStatement
- java.sql.DatabaseMetaData
- java.sql.Driver
- java.sql.PreparedStatement
- java.sql.ResultSet
- java.sql.ResultSetMetaData
- java.sql.Statement
- javax.sql.ConnectionPoolDataSource
- javax.sql.DataSource
- javax.sql.PooledConnection
- javax.naming.Context
- javax.naming.spi.InitialContextFactory
- CopyManager
- Development Based on ODBC
- Development Based on libpq
- Dependent Header Files of libpq
- Development Process
- Example
- Link Parameters
- libpq API Reference
- Database Connection Control Functions
- Database Statement Execution Functions
- Functions for Asynchronous Command Processing
- Functions for Canceling Queries in Progress
- Psycopg-Based Development
- Commissioning
- Stored Procedure
- User Defined Functions
- PL/pgSQL-SQL Procedural Language
- Scheduled Jobs
- Autonomous Transaction
- Logical Replication
- Foreign Data Wrapper
- Materialized View
- Materialized View Overview
- Full Materialized View
- Incremental Materialized View
- Partition Management
- Partition Pruning
- Recommendations For Choosing A Partitioning Strategy
- Application Development Guide
- Performance Tuning Guide
- System Optimization
- SQL Optimization
- WDR Snapshot
- Using the Vectorized Executor for Tuning
- TPC-C Performance Tunning Guide
- Reference Guide
- System Catalogs and System Views
- Overview of System Catalogs and System Views
- System Catalogs
- GS_ASP
- GS_AUDITING_POLICY
- GS_AUDITING_POLICY_ACCESS
- GS_AUDITING_POLICY_FILTERS
- GS_AUDITING_POLICY_PRIVILEGES
- GS_CLIENT_GLOBAL_KEYS
- GS_CLIENT_GLOBAL_KEYS_ARGS
- GS_COLUMN_KEYS
- GS_COLUMN_KEYS_ARGS
- GS_DB_PRIVILEGE
- GS_ENCRYPTED_COLUMNS
- GS_ENCRYPTED_PROC
- GS_GLOBAL_CHAIN
- GS_GLOBAL_CONFIG
- GS_MASKING_POLICY
- GS_MASKING_POLICY_ACTIONS
- GS_MASKING_POLICY_FILTERS
- GS_MATVIEW
- GS_MATVIEW_DEPENDENCY
- GS_MODEL_WAREHOUSE
- GS_OPT_MODEL
- GS_PACKAGE
- GS_POLICY_LABEL
- GS_RECYCLEBIN
- GS_TXN_SNAPSHOT
- GS_UID
- GS_WLM_EC_OPERATOR_INFO
- GS_WLM_INSTANCE_HISTORY
- GS_WLM_OPERATOR_INFO
- GS_WLM_PLAN_ENCODING_TABLE
- GS_WLM_PLAN_OPERATOR_INFO
- GS_WLM_SESSION_QUERY_INFO_ALL
- GS_WLM_USER_RESOURCE_HISTORY
- PG_AGGREGATE
- PG_AM
- PG_AMOP
- PG_AMPROC
- PG_APP_WORKLOADGROUP_MAPPING
- PG_ATTRDEF
- PG_ATTRIBUTE
- PG_AUTH_HISTORY
- PG_AUTH_MEMBERS
- PG_AUTHID
- PG_CAST
- PG_CLASS
- PG_COLLATION
- PG_CONSTRAINT
- PG_CONVERSION
- PG_DATABASE
- PG_DB_ROLE_SETTING
- PG_DEFAULT_ACL
- PG_DEPEND
- PG_DESCRIPTION
- PG_DIRECTORY
- PG_ENUM
- PG_EXTENSION
- PG_EXTENSION_DATA_SOURCE
- PG_FOREIGN_DATA_WRAPPER
- PG_FOREIGN_SERVER
- PG_FOREIGN_TABLE
- PG_HASHBUCKET
- PG_INDEX
- PG_INHERITS
- PG_JOB
- PG_JOB_PROC
- PG_LANGUAGE
- PG_LARGEOBJECT
- PG_LARGEOBJECT_METADATA
- PG_NAMESPACE
- PG_OBJECT
- PG_OPCLASS
- PG_OPERATOR
- PG_OPFAMILY
- PG_PARTITION
- PG_PLTEMPLATE
- PG_PROC
- PG_PUBLICATION
- PG_PUBLICATION_REL
- PG_RANGE
- PG_REPLICATION_ORIGIN
- PG_RESOURCE_POOL
- PG_REWRITE
- PG_RLSPOLICY
- PG_SECLABEL
- PG_SHDEPEND
- PG_SHDESCRIPTION
- PG_SHSECLABEL
- PG_STATISTIC
- PG_STATISTIC_EXT
- PG_SUBSCRIPTION
- PG_SYNONYM
- PG_TABLESPACE
- PG_TRIGGER
- PG_TS_CONFIG
- PG_TS_CONFIG_MAP
- PG_TS_DICT
- PG_TS_PARSER
- PG_TS_TEMPLATE
- PG_TYPE
- PG_USER_MAPPING
- PG_USER_STATUS
- PG_WORKLOAD_GROUP
- PGXC_CLASS
- PGXC_GROUP
- PGXC_NODE
- PGXC_SLICE
- PLAN_TABLE_DATA
- STATEMENT_HISTORY
- System Views
- DV_SESSION_LONGOPS
- DV_SESSIONS
- GET_GLOBAL_PREPARED_XACTS(Discarded)
- GS_AUDITING
- GS_AUDITING_ACCESS
- GS_AUDITING_PRIVILEGE
- GS_ASYNC_SUBMIT_SESSIONS_STATUS
- GS_CLUSTER_RESOURCE_INFO
- GS_DB_PRIVILEGES
- GS_FILE_STAT
- GS_GSC_MEMORY_DETAIL
- GS_INSTANCE_TIME
- GS_LABELS
- GS_LSC_MEMORY_DETAIL
- GS_MASKING
- GS_MATVIEWS
- GS_OS_RUN_INFO
- GS_REDO_STAT
- GS_SESSION_CPU_STATISTICS
- GS_SESSION_MEMORY
- GS_SESSION_MEMORY_CONTEXT
- GS_SESSION_MEMORY_DETAIL
- GS_SESSION_MEMORY_STATISTICS
- GS_SESSION_STAT
- GS_SESSION_TIME
- GS_SQL_COUNT
- GS_STAT_SESSION_CU
- GS_THREAD_MEMORY_CONTEXT
- GS_TOTAL_MEMORY_DETAIL
- GS_WLM_CGROUP_INFO
- GS_WLM_EC_OPERATOR_STATISTICS
- GS_WLM_OPERATOR_HISTORY
- GS_WLM_OPERATOR_STATISTICS
- GS_WLM_PLAN_OPERATOR_HISTORY
- GS_WLM_REBUILD_USER_RESOURCE_POOL
- GS_WLM_RESOURCE_POOL
- GS_WLM_SESSION_HISTORY
- GS_WLM_SESSION_INFO
- GS_WLM_SESSION_INFO_ALL
- GS_WLM_SESSION_STATISTICS
- GS_WLM_USER_INFO
- GS_WRITE_TERM_LOG
- MPP_TABLES
- PG_AVAILABLE_EXTENSION_VERSIONS
- PG_AVAILABLE_EXTENSIONS
- PG_COMM_DELAY
- PG_COMM_RECV_STREAM
- PG_COMM_SEND_STREAM
- PG_COMM_STATUS
- PG_CONTROL_GROUP_CONFIG
- PG_CURSORS
- PG_EXT_STATS
- PG_GET_INVALID_BACKENDS
- PG_GET_SENDERS_CATCHUP_TIME
- PG_GROUP
- PG_GTT_ATTACHED_PIDS
- PG_GTT_RELSTATS
- PG_GTT_STATS
- PG_INDEXES
- PG_LOCKS
- PG_NODE_ENV
- PG_OS_THREADS
- PG_PREPARED_STATEMENTS
- PG_PREPARED_XACTS
- PG_PUBLICATION_TABLES
- PG_REPLICATION_ORIGIN_STATUS
- PG_REPLICATION_SLOTS
- PG_RLSPOLICIES
- PG_ROLES
- PG_RULES
- PG_RUNNING_XACTS
- PG_SECLABELS
- PG_SESSION_IOSTAT
- PG_SESSION_WLMSTAT
- PG_SETTINGS
- PG_SHADOW
- PG_STAT_ACTIVITY
- PG_STAT_ACTIVITY_NG
- PG_STAT_ALL_INDEXES
- PG_STAT_ALL_TABLES
- PG_STAT_BAD_BLOCK
- PG_STAT_BGWRITER
- PG_STAT_DATABASE
- PG_STAT_DATABASE_CONFLICTS
- PG_STAT_REPLICATION
- PG_STAT_SUBSCRIPTION
- PG_STAT_SYS_INDEXES
- PG_STAT_SYS_TABLES
- PG_STAT_USER_FUNCTIONS
- PG_STAT_USER_INDEXES
- PG_STAT_USER_TABLES
- PG_STAT_XACT_ALL_TABLES
- PG_STAT_XACT_SYS_TABLES
- PG_STAT_XACT_USER_FUNCTIONS
- PG_STAT_XACT_USER_TABLES
- PG_STATIO_ALL_INDEXES
- PG_STATIO_ALL_SEQUENCES
- PG_STATIO_ALL_TABLES
- PG_STATIO_SYS_INDEXES
- PG_STATIO_SYS_SEQUENCES
- PG_STATIO_SYS_TABLES
- PG_STATIO_USER_INDEXES
- PG_STATIO_USER_SEQUENCES
- PG_STATIO_USER_TABLES
- PG_STATS
- PG_TABLES
- PG_TDE_INFO
- PG_THREAD_WAIT_STATUS
- PG_TIMEZONE_ABBREVS
- PG_TIMEZONE_NAMES
- PG_TOTAL_MEMORY_DETAIL
- PG_TOTAL_USER_RESOURCE_INFO
- PG_TOTAL_USER_RESOURCE_INFO_OID
- PG_USER
- PG_USER_MAPPINGS
- PG_VARIABLE_INFO
- PG_VIEWS
- PG_WLM_STATISTICS
- PGXC_PREPARED_XACTS
- PLAN_TABLE
- Functions and Operators
- Logical Operators
- Comparison Operators
- Character Processing Functions and Operators
- Binary String Functions and Operators
- Bit String Functions and Operators
- Mode Matching Operators
- Mathematical Functions and Operators
- Date and Time Processing Functions and Operators
- Type Conversion Functions
- Geometric Functions and Operators
- Network Address Functions and Operators
- Text Search Functions and Operators
- JSON/JSONB Functions and Operators
- HLL Functions and Operators
- SEQUENCE Functions
- Array Functions and Operators
- Range Functions and Operators
- Aggregate Functions
- Window Functions(Analysis Functions)
- Security Functions
- Ledger Database Functions
- Encrypted Equality Functions
- Set Returning Functions
- Conditional Expression Functions
- System Information Functions
- System Administration Functions
- Configuration Settings Functions
- Universal File Access Functions
- Server Signal Functions
- Backup and Restoration Control Functions
- Snapshot Synchronization Functions
- Database Object Functions
- Advisory Lock Functions
- Logical Replication Functions
- Segment-Page Storage Functions
- Other Functions
- Undo System Functions
- Statistics Information Functions
- Trigger Functions
- Hash Function
- Prompt Message Function
- Global Temporary Table Functions
- Fault Injection System Function
- AI Feature Functions
- Dynamic Data Masking Functions
- Other System Functions
- Internal Functions
- Global SysCache Feature Functions
- Data Damage Detection and Repair Functions
- Obsolete Functions
- Supported Data Types
- Numeric Types
- Monetary Types
- Boolean Types
- Enumerated Types
- Character Types
- Binary Types
- Date/Time Types
- Geometric
- Network Address Types
- Bit String Types
- Text Search Types
- UUID
- JSON/JSONB Types
- HLL
- Array Types
- Range
- OID Types
- Pseudo-Types
- Data Types Supported by Column-store Tables
- XML Types
- Data Type Used by the Ledger Database
- SQL Syntax
- ABORT
- ALTER AGGREGATE
- ALTER AUDIT POLICY
- ALTER DATABASE
- ALTER DATA SOURCE
- ALTER DEFAULT PRIVILEGES
- ALTER DIRECTORY
- ALTER EXTENSION
- ALTER FOREIGN TABLE
- ALTER FUNCTION
- ALTER GLOBAL CONFIGURATION
- ALTER GROUP
- ALTER INDEX
- ALTER LANGUAGE
- ALTER LARGE OBJECT
- ALTER MASKING POLICY
- ALTER MATERIALIZED VIEW
- ALTER PACKAGE
- ALTER PROCEDURE
- ALTER PUBLICATION
- ALTER RESOURCE LABEL
- ALTER RESOURCE POOL
- ALTER ROLE
- ALTER ROW LEVEL SECURITY POLICY
- ALTER RULE
- ALTER SCHEMA
- ALTER SEQUENCE
- ALTER SERVER
- ALTER SESSION
- ALTER SUBSCRIPTION
- ALTER SYNONYM
- ALTER SYSTEM KILL SESSION
- ALTER SYSTEM SET
- ALTER TABLE
- ALTER TABLE PARTITION
- ALTER TABLE SUBPARTITION
- ALTER TABLESPACE
- ALTER TEXT SEARCH CONFIGURATION
- ALTER TEXT SEARCH DICTIONARY
- ALTER TRIGGER
- ALTER TYPE
- ALTER USER
- ALTER USER MAPPING
- ALTER VIEW
- ANALYZE | ANALYSE
- BEGIN
- CALL
- CHECKPOINT
- CLEAN CONNECTION
- CLOSE
- CLUSTER
- COMMENT
- COMMIT | END
- COMMIT PREPARED
- CONNECT BY
- COPY
- CREATE AGGREGATE
- CREATE AUDIT POLICY
- CREATE CAST
- CREATE CLIENT MASTER KEY
- CREATE COLUMN ENCRYPTION KEY
- CREATE DATABASE
- CREATE DATA SOURCE
- CREATE DIRECTORY
- CREATE EXTENSION
- CREATE FOREIGN TABLE
- CREATE FUNCTION
- CREATE GROUP
- CREATE INCREMENTAL MATERIALIZED VIEW
- CREATE INDEX
- CREATE LANGUAGE
- CREATE MASKING POLICY
- CREATE MATERIALIZED VIEW
- CREATE MODEL
- CREATE OPERATOR
- CREATE PACKAGE
- CREATE PROCEDURE
- CREATE PUBLICATION
- CREATE RESOURCE LABEL
- CREATE RESOURCE POOL
- CREATE ROLE
- CREATE ROW LEVEL SECURITY POLICY
- CREATE RULE
- CREATE SCHEMA
- CREATE SEQUENCE
- CREATE SERVER
- CREATE SUBSCRIPTION
- CREATE SYNONYM
- CREATE TABLE
- CREATE TABLE AS
- CREATE TABLE PARTITION
- CREATE TABLE SUBPARTITION
- CREATE TABLESPACE
- CREATE TEXT SEARCH CONFIGURATION
- CREATE TEXT SEARCH DICTIONARY
- CREATE TRIGGER
- CREATE TYPE
- CREATE USER
- CREATE USER MAPPING
- CREATE VIEW
- CREATE WEAK PASSWORD DICTIONARY
- CURSOR
- DEALLOCATE
- DECLARE
- DELETE
- DO
- DROP AGGREGATE
- DROP AUDIT POLICY
- DROP CAST
- DROP CLIENT MASTER KEY
- DROP COLUMN ENCRYPTION KEY
- DROP DATABASE
- DROP DATA SOURCE
- DROP DIRECTORY
- DROP EXTENSION
- DROP FOREIGN TABLE
- DROP FUNCTION
- DROP GLOBAL CONFIGURATION
- DROP GROUP
- DROP INDEX
- DROP LANGUAGE
- DROP MASKING POLICY
- DROP MATERIALIZED VIEW
- DROP MODEL
- DROP OPERATOR
- DROP OWNED
- DROP PACKAGE
- DROP PROCEDURE
- DROP PUBLICATION
- DROP RESOURCE LABEL
- DROP RESOURCE POOL
- DROP ROLE
- DROP ROW LEVEL SECURITY POLICY
- DROP RULE
- DROP SCHEMA
- DROP SEQUENCE
- DROP SERVER
- DROP SUBSCRIPTION
- DROP SYNONYM
- DROP TABLE
- DROP TABLESPACE
- DROP TEXT SEARCH CONFIGURATION
- DROP TEXT SEARCH DICTIONARY
- DROP TRIGGER
- DROP TYPE
- DROP USER
- DROP USER MAPPING
- DROP VIEW
- DROP WEAK PASSWORD DICTIONARY
- EXECUTE
- EXECUTE DIRECT
- EXPLAIN
- EXPLAIN PLAN
- FETCH
- GRANT
- INSERT
- LOCK
- MERGE INTO
- MOVE
- PREDICT BY
- PREPARE
- PREPARE TRANSACTION
- PURGE
- REASSIGN OWNED
- REFRESH INCREMENTAL MATERIALIZED VIEW
- REFRESH MATERIALIZED VIEW
- REINDEX
- RELEASE SAVEPOINT
- RESET
- REVOKE
- ROLLBACK
- ROLLBACK PREPARED
- ROLLBACK TO SAVEPOINT
- SAVEPOINT
- SELECT
- SELECT INTO
- SET
- SET CONSTRAINTS
- SET ROLE
- SET SESSION AUTHORIZATION
- SET TRANSACTION
- SHOW
- SHUTDOWN
- SNAPSHOT
- START TRANSACTION
- TIMECAPSULE TABLE
- TRUNCATE
- UPDATE
- VACUUM
- VALUES
- SQL Reference
- MogDB SQL
- Keywords
- Constant and Macro
- Expressions
- Type Conversion
- Full Text Search
- Introduction
- Tables and Indexes
- Controlling Text Search
- Additional Features
- Parser
- Dictionaries
- Configuration Examples
- Testing and Debugging Text Search
- Limitations
- System Operation
- Controlling Transactions
- DDL Syntax Overview
- DML Syntax Overview
- DCL Syntax Overview
- Appendix
- GUC Parameters
- GUC Parameter Usage
- GUC Parameter List
- File Location
- Connection and Authentication
- Resource Consumption
- Write Ahead Log
- HA Replication
- Memory Table
- Query Planning
- Error Reporting and Logging
- Alarm Detection
- Statistics During the Database Running
- Load Management
- Automatic Vacuuming
- Default Settings of Client Connection
- Lock Management
- Version and Platform Compatibility
- Faut Tolerance
- Connection Pool Parameters
- MogDB Transaction
- Developer Options
- Auditing
- SQL Mode
- Upgrade Parameters
- Miscellaneous Parameters
- Wait Events
- Query
- System Performance Snapshot
- Security Configuration
- Global Temporary Table
- HyperLogLog
- Scheduled Task
- Thread Pool
- User-defined Functions
- Backup and Restoration
- DCF Parameters Settings
- Flashback
- Rollback Parameters
- Reserved Parameters
- AI Features
- Global SysCache Parameters
- Appendix
- Schema
- Information Schema
- DBE_PERF
- Overview
- OS
- Instance
- Memory
- File
- Object
- STAT_USER_TABLES
- SUMMARY_STAT_USER_TABLES
- GLOBAL_STAT_USER_TABLES
- STAT_USER_INDEXES
- SUMMARY_STAT_USER_INDEXES
- GLOBAL_STAT_USER_INDEXES
- STAT_SYS_TABLES
- SUMMARY_STAT_SYS_TABLES
- GLOBAL_STAT_SYS_TABLES
- STAT_SYS_INDEXES
- SUMMARY_STAT_SYS_INDEXES
- GLOBAL_STAT_SYS_INDEXES
- STAT_ALL_TABLES
- SUMMARY_STAT_ALL_TABLES
- GLOBAL_STAT_ALL_TABLES
- STAT_ALL_INDEXES
- SUMMARY_STAT_ALL_INDEXES
- GLOBAL_STAT_ALL_INDEXES
- STAT_DATABASE
- SUMMARY_STAT_DATABASE
- GLOBAL_STAT_DATABASE
- STAT_DATABASE_CONFLICTS
- SUMMARY_STAT_DATABASE_CONFLICTS
- GLOBAL_STAT_DATABASE_CONFLICTS
- STAT_XACT_ALL_TABLES
- SUMMARY_STAT_XACT_ALL_TABLES
- GLOBAL_STAT_XACT_ALL_TABLES
- STAT_XACT_SYS_TABLES
- SUMMARY_STAT_XACT_SYS_TABLES
- GLOBAL_STAT_XACT_SYS_TABLES
- STAT_XACT_USER_TABLES
- SUMMARY_STAT_XACT_USER_TABLES
- GLOBAL_STAT_XACT_USER_TABLES
- STAT_XACT_USER_FUNCTIONS
- SUMMARY_STAT_XACT_USER_FUNCTIONS
- GLOBAL_STAT_XACT_USER_FUNCTIONS
- STAT_BAD_BLOCK
- SUMMARY_STAT_BAD_BLOCK
- GLOBAL_STAT_BAD_BLOCK
- STAT_USER_FUNCTIONS
- SUMMARY_STAT_USER_FUNCTIONS
- GLOBAL_STAT_USER_FUNCTIONS
- Workload
- Session/Thread
- SESSION_STAT
- GLOBAL_SESSION_STAT
- SESSION_TIME
- GLOBAL_SESSION_TIME
- SESSION_MEMORY
- GLOBAL_SESSION_MEMORY
- SESSION_MEMORY_DETAIL
- GLOBAL_SESSION_MEMORY_DETAIL
- SESSION_STAT_ACTIVITY
- GLOBAL_SESSION_STAT_ACTIVITY
- THREAD_WAIT_STATUS
- GLOBAL_THREAD_WAIT_STATUS
- LOCAL_THREADPOOL_STATUS
- GLOBAL_THREADPOOL_STATUS
- SESSION_CPU_RUNTIME
- SESSION_MEMORY_RUNTIME
- STATEMENT_IOSTAT_COMPLEX_RUNTIME
- LOCAL_ACTIVE_SESSION
- Transaction
- Query
- STATEMENT
- SUMMARY_STATEMENT
- STATEMENT_COUNT
- GLOBAL_STATEMENT_COUNT
- SUMMARY_STATEMENT_COUNT
- GLOBAL_STATEMENT_COMPLEX_HISTORY
- GLOBAL_STATEMENT_COMPLEX_HISTORY_TABLE
- GLOBAL_STATEMENT_COMPLEX_RUNTIME
- STATEMENT_RESPONSETIME_PERCENTILE
- STATEMENT_USER_COMPLEX_HISTORY
- STATEMENT_COMPLEX_RUNTIME
- STATEMENT_COMPLEX_HISTORY_TABLE
- STATEMENT_COMPLEX_HISTORY
- STATEMENT_WLMSTAT_COMPLEX_RUNTIME
- STATEMENT_HISTORY
- Cache/IO
- STATIO_USER_TABLES
- SUMMARY_STATIO_USER_TABLES
- GLOBAL_STATIO_USER_TABLES
- STATIO_USER_INDEXES
- SUMMARY_STATIO_USER_INDEXES
- GLOBAL_STATIO_USER_INDEXES
- STATIO_USER_SEQUENCES
- SUMMARY_STATIO_USER_SEQUENCES
- GLOBAL_STATIO_USER_SEQUENCES
- STATIO_SYS_TABLES
- SUMMARY_STATIO_SYS_TABLES
- GLOBAL_STATIO_SYS_TABLES
- STATIO_SYS_INDEXES
- SUMMARY_STATIO_SYS_INDEXES
- GLOBAL_STATIO_SYS_INDEXES
- STATIO_SYS_SEQUENCES
- SUMMARY_STATIO_SYS_SEQUENCES
- GLOBAL_STATIO_SYS_SEQUENCES
- STATIO_ALL_TABLES
- SUMMARY_STATIO_ALL_TABLES
- GLOBAL_STATIO_ALL_TABLES
- STATIO_ALL_INDEXES
- SUMMARY_STATIO_ALL_INDEXES
- GLOBAL_STATIO_ALL_INDEXES
- STATIO_ALL_SEQUENCES
- SUMMARY_STATIO_ALL_SEQUENCES
- GLOBAL_STATIO_ALL_SEQUENCES
- GLOBAL_STAT_DB_CU
- GLOBAL_STAT_SESSION_CU
- Utility
- REPLICATION_STAT
- GLOBAL_REPLICATION_STAT
- REPLICATION_SLOTS
- GLOBAL_REPLICATION_SLOTS
- BGWRITER_STAT
- GLOBAL_BGWRITER_STAT
- GLOBAL_CKPT_STATUS
- GLOBAL_DOUBLE_WRITE_STATUS
- GLOBAL_PAGEWRITER_STATUS
- GLOBAL_RECORD_RESET_TIME
- GLOBAL_REDO_STATUS
- GLOBAL_RECOVERY_STATUS
- CLASS_VITAL_INFO
- USER_LOGIN
- SUMMARY_USER_LOGIN
- GLOBAL_GET_BGWRITER_STATUS
- GLOBAL_SINGLE_FLUSH_DW_STATUS
- GLOBAL_CANDIDATE_STATUS
- Lock
- Wait Events
- Configuration
- Operator
- Workload Manager
- Global Plancache
- RTO
- DBE_PLDEBUGGER Schema
- Overview
- DBE_PLDEBUGGER.turn_on
- DBE_PLDEBUGGER.turn_off
- DBE_PLDEBUGGER.local_debug_server_info
- DBE_PLDEBUGGER.attach
- DBE_PLDEBUGGER.info_locals
- DBE_PLDEBUGGER.next
- DBE_PLDEBUGGER.continue
- DBE_PLDEBUGGER.abort
- DBE_PLDEBUGGER.print_var
- DBE_PLDEBUGGER.info_code
- DBE_PLDEBUGGER.step
- DBE_PLDEBUGGER.add_breakpoint
- DBE_PLDEBUGGER.delete_breakpoint
- DBE_PLDEBUGGER.info_breakpoints
- DBE_PLDEBUGGER.backtrace
- DBE_PLDEBUGGER.disable_breakpoint
- DBE_PLDEBUGGER.enable_breakpoint
- DBE_PLDEBUGGER.finish
- DBE_PLDEBUGGER.set_var
- DB4AI Schema
- DBE_PLDEVELOPER
- Tool Reference
- Tool Overview
- Client Tool
- Server Tools
- Tools Used in the Internal System
- mogdb
- gs_backup
- gs_basebackup
- gs_ctl
- gs_initdb
- gs_install
- gs_install_plugin
- gs_install_plugin_local
- gs_preinstall
- gs_sshexkey
- gs_tar
- gs_uninstall
- gs_upgradectl
- gs_expansion
- gs_dropnode
- gs_probackup
- gstrace
- kdb5_util
- kadmin.local
- kinit
- klist
- krb5kdc
- kdestroy
- pg_config
- pg_controldata
- pg_recvlogical
- pg_resetxlog
- pg_archivecleanup
- pssh
- pscp
- transfer.py
- Unified Database Management Tool
- FAQ
- Functions of MogDB Executable Scripts
- System Catalogs and Views Supported by gs_collector
- Extension Reference
- Error Code Reference
- Description of SQL Error Codes
- Third-Party Library Error Codes
- GAUSS-00001 - GAUSS-00100
- GAUSS-00101 - GAUSS-00200
- GAUSS 00201 - GAUSS 00300
- GAUSS 00301 - GAUSS 00400
- GAUSS 00401 - GAUSS 00500
- GAUSS 00501 - GAUSS 00600
- GAUSS 00601 - GAUSS 00700
- GAUSS 00701 - GAUSS 00800
- GAUSS 00801 - GAUSS 00900
- GAUSS 00901 - GAUSS 01000
- GAUSS 01001 - GAUSS 01100
- GAUSS 01101 - GAUSS 01200
- GAUSS 01201 - GAUSS 01300
- GAUSS 01301 - GAUSS 01400
- GAUSS 01401 - GAUSS 01500
- GAUSS 01501 - GAUSS 01600
- GAUSS 01601 - GAUSS 01700
- GAUSS 01701 - GAUSS 01800
- GAUSS 01801 - GAUSS 01900
- GAUSS 01901 - GAUSS 02000
- GAUSS 02001 - GAUSS 02100
- GAUSS 02101 - GAUSS 02200
- GAUSS 02201 - GAUSS 02300
- GAUSS 02301 - GAUSS 02400
- GAUSS 02401 - GAUSS 02500
- GAUSS 02501 - GAUSS 02600
- GAUSS 02601 - GAUSS 02700
- GAUSS 02701 - GAUSS 02800
- GAUSS 02801 - GAUSS 02900
- GAUSS 02901 - GAUSS 03000
- GAUSS 03001 - GAUSS 03100
- GAUSS 03101 - GAUSS 03200
- GAUSS 03201 - GAUSS 03300
- GAUSS 03301 - GAUSS 03400
- GAUSS 03401 - GAUSS 03500
- GAUSS 03501 - GAUSS 03600
- GAUSS 03601 - GAUSS 03700
- GAUSS 03701 - GAUSS 03800
- GAUSS 03801 - GAUSS 03900
- GAUSS 03901 - GAUSS 04000
- GAUSS 04001 - GAUSS 04100
- GAUSS 04101 - GAUSS 04200
- GAUSS 04201 - GAUSS 04300
- GAUSS 04301 - GAUSS 04400
- GAUSS 04401 - GAUSS 04500
- GAUSS 04501 - GAUSS 04600
- GAUSS 04601 - GAUSS 04700
- GAUSS 04701 - GAUSS 04800
- GAUSS 04801 - GAUSS 04900
- GAUSS 04901 - GAUSS 05000
- GAUSS 05001 - GAUSS 05100
- GAUSS 05101 - GAUSS 05200
- GAUSS 05201 - GAUSS 05300
- GAUSS 05301 - GAUSS 05400
- GAUSS 05401 - GAUSS 05500
- GAUSS 05501 - GAUSS 05600
- GAUSS 05601 - GAUSS 05700
- GAUSS 05701 - GAUSS 05800
- GAUSS 05801 - GAUSS 05900
- GAUSS 05901 - GAUSS 06000
- GAUSS 06001 - GAUSS 06100
- GAUSS 06101 - GAUSS 06200
- GAUSS 06201 - GAUSS 06300
- GAUSS 06301 - GAUSS 06400
- GAUSS 06401 - GAUSS 06500
- GAUSS 06501 - GAUSS 06600
- GAUSS 06601 - GAUSS 06700
- GAUSS 06701 - GAUSS 06800
- GAUSS 06801 - GAUSS 06900
- GAUSS 06901 - GAUSS 07000
- GAUSS 07001 - GAUSS 07100
- GAUSS 07101 - GAUSS 07200
- GAUSS 07201 - GAUSS 07300
- GAUSS 07301 - GAUSS 07400
- GAUSS 07401 - GAUSS 07480
- GAUSS 50000 - GAUSS 50999
- GAUSS 51000 - GAUSS 51999
- GAUSS 52000 - GAUSS 52999
- GAUSS 53000 - GAUSS 53699
- Error Log Reference
- System Catalogs and System Views
- Common Faults and Identification
- Common Fault Locating Methods
- Common Fault Locating Cases
- Core Fault Locating
- Permission/Session/Data Type Fault Location
- Service/High Availability/Concurrency Fault Location
- Table/Partition Table Fault Location
- File System/Disk/Memory Fault Location
- After You Run the du Command to Query Data File Size In the XFS File System, the Query Result Is Greater than the Actual File Size
- File Is Damaged in the XFS File System
- Insufficient Memory
- "Error:No space left on device" Is Displayed
- When the TPC-C is running and a disk to be injected is full, the TPC-C stops responding
- Disk Space Usage Reaches the Threshold and the Database Becomes Read-only
- SQL Fault Location
- Index Fault Location
- Source Code Parsing
- FAQs
- Glossary
- Mogeaver
Managing Users and Their Permissions
Default Permission Mechanism
A user who creates an object is the owner of this object. By default, Separation of Duties is disabled after database installation. A database system administrator has the same permissions as object owners. After an object is created, only the object owner or system administrator can query, modify, and delete the object, and grant permissions for the object to other users through GRANT by default.
To enable another user to use the object, grant required permissions to the user or the role that contains the user.
MogDB supports the following permissions: SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, CREATE, CONNECT, EXECUTE, USAGE, ALTER, DROP, COMMENT, INDEX, and VACUUM. Permission types are associated with object types. For permission details, see GRANT.
To remove permissions, run REVOKE. Object owners have implicit permissions (such as ALTER, DROP, COMMENT, INDEX, VACUUM, GRANT, and REVOKE) on objects. That is, once becoming the owner of an object, the owner is immediately granted the implicit permissions on the object. Object owners can remove their own common permissions, for example, making tables read-only to themselves or others, except the system administrator.
System catalogs and views are visible to either system administrators or all users. System catalogs and views that require system administrator permissions can be queried only by system administrators. For details, see System Catalogs and System Views.
The database provides the object isolation feature. If this feature is enabled, users can view only the objects (tables, views, columns, and functions) that they have the permission to access. System administrators are not affected by this feature. For details, see ALTER DATABASE.
Administrators
Initial Users
The account automatically generated during MogDB installation is called an initial user. An initial user is the system, monitoring, O&M, and security policy administrator who has the highest-level permissions in the system and can perform all operations. This account has the same name as the OS user used for MogDB installation. You need to manually set the password during the installation. After the first login, change the initial user's password in time.
An initial user bypasses all permission checks. You are advised to use an initial user as a database administrator only for database management other than service running.
System Administrators
A system administrator is an account with the SYSADMIN attribute. By default, a database system administrator has the same permissions as object owners but does not have the object permissions in dbe_perf mode.
To create a system administrator, connect to the database as the initial user or a system administrator and run the CREATE USER or ALTER USER statement with SYSADMIN specified.
mogdb=# CREATE USER sysadmin WITH SYSADMIN password "xxxxxxxxx";
or
mogdb=# ALTER USER joe SYSADMIN;
To run the ALTER USER statement, the user must exist.
Monitor Administrators
A monitoring administrator is an account with the MONADMIN attribute that has the privilege to view views and functions in dbe_perf mode and to grant or withdraw privileges to objects in dbe_perf mode.
To create a monitor administrator, connect to the database as the system administrator and run the CREATE USER or ALTER USER statement with MONADMIN specified.
mogdb=# CREATE USER monadmin WITH MONADMIN password "xxxxxxxxx";
or
mogdb=# ALTER USER joe MONADMIN;
To run the ALTER USER statement, the user must exist.
O&M Administrators
An O&M administrator is an account with the OPRADMIN attribute and has permission to perform backup restores using the Roach tool.
To create an O&M administrator, connect to the database as the initial user and run the CREATE USER or ALTER USER statement with OPRADMIN specified.
mogdb=# CREATE USER opradmin WITH OPRADMIN password "xxxxxxxxx";
or
mogdb=# ALTER USER joe OPRADMIN;
To run the ALTER USER statement, the user must exist.
Security Policy Administrators
A security policy administrator is an account with POLADMIN attributes and has permission to create resource tags, desensitization policies, and unified audit policies.
To create an security policy administrator, connect to the database as the system administrator and run the CREATE USER or ALTER USER statement with POLADMIN specified.
mogdb=# CREATE USER poladmin WITH POLADMIN password "xxxxxxxxx";
or
mogdb=# ALTER USER joe POLADMIN;
To run the ALTER USER statement, the user must exist.
Separation of Duties
Descriptions in Default Permission Mechanism and Administrators are about the initial situation after a cluster is created. By default, a system administrator with the SYSADMIN attribute has the highest-level permissions.
In actual service management, you can set separation of duties to prevent system administrators from having excessive centralized permissions, which may cause high risks. Some permissions of the system administrator are transferred to the security administrator and audit administrator, implementing separation of duties among the system administrator, security administrator, and audit administrator.
After separation of duties is enabled, a system administrator does not have the CREATEROLE attribute (security administrator) and AUDITADMIN attribute (audit administrator). That is, the system administrator does not have the permissions to create roles and users and the permissions to view and maintain database audit logs. For details about the CREATEROLE and AUDITADMIN attributes, see CREATE ROLE.
After separation of duties is enabled, system administrators have the permissions only for the objects owned by them.
Separation of duties does not take effect for an initial user. Therefore, you are advised to use an initial user as a database administrator only for database management other than service running.
To enable separation of duties, set enableSeparationOfDuty to on.
For details about permission changes before and after enabling separation of duties, see Table 1 and Table 2.
Table 1 Default user permissions
Object Name | Initial User (ID: 10) | System Administrator | Monitor Administrator | O&M Administrator | Security Policy Administrator | Security Administrator | Audit Administrator | Common User |
---|---|---|---|---|---|---|---|---|
Tablespaces | Has all permissions except the one to access private tables. | Can create, modify, delete, access, or grant permissions for tablespaces. | Cannot create, modify, delete, or grant permissions for tablespaces and can access tablespaces if the access permission is granted. | |||||
Tables | Has permissions for all tables. | Has all permissions for their own tables, but does not have permissions for other users' tables. | ||||||
Indexes | Can create indexes on all tables. | Can create indexes on their own tables. | ||||||
Schemas | Has all permissions for all schemas except dbe_perf. | Has all permissions for their own schemas and dbe_perf, but does not have permissions for other users' schemas. | Has all permissions for their own schemas, but does not have permissions for other users' schemas. | |||||
Functions | Has all permissions for all functions except those in the dbe_perf schema. | Has permissions for their own functions and those in the dbe_perf schema, has the call permission for other users' functions in the public schema, but does not have permissions for other users' functions in other schemas. | Has permissions for their own functions, has the call permission for other users' functions in the public schema, but does not have permissions for other users' functions in other schemas. | |||||
Customized views | Has all permissions on all views except the dbe_perf schema view. | Has permissions for their own views and the dbe_perf schema view, but does not have permissions for other users' views. | Has permissions for their own views, but does not have permissions for other users' views. | |||||
System catalogs and system views | Has permissions to query all system catalogs and views. | Has permissions to query only some system catalogs and views. For details, see System Catalogs and System Views. |
Object Name | Initial User (ID: 10) | System Administrator | Monitor Administrator | O&M Administrator | Security Policy Administrator | Security Administrator | Audit Administrator | Common User |
---|---|---|---|---|---|---|---|---|
Tablespaces | N/A. Has all permissions except the one to access private tables. |
N/A | N/A | |||||
Tables | Permissions reduced Has all permissions for their own tables and other users' tables in the public schema, but does not have permissions for other users' tables in other schemas. |
N/A | ||||||
Indexes | Permissions reduced Can create indexes for their own tables and other users' tables in the public schema. |
N/A | ||||||
Schemas | Permissions reduced Has all permissions for their own schemas, but does not have permissions for other users' schemas. |
N/A | N/A | |||||
Functions | Permissions reduced Has all permissions for their own functions and other users' functions in the public schema, but does not have permissions for other users' functions in other schemas. |
N/A | N/A | |||||
Customized views | Permissions reduced Has all permissions for their own views and other users' views in the public schema, but does not have permissions for other users' views in other schemas. |
N/A | N/A | |||||
System catalogs and system views | N/A | N/A |
Users
You can use CREATE USER and ALTER USER to create and manage database users, respectively. MogDB contains one or more named database users and roles that are shared across MogDB. However, these users and roles do not share data. That is, a user can connect to any database, but after the connection is successful, any user can access only the database declared in the connection request.
In non-separation-of-duties scenarios, MogDB user accounts can be created and deleted only by a system administrator or a security administrator with the CREATEROLE attribute. In separation-of-duties scenarios, a user account can be created only by an initial user or a security administrator.
When a user logs in, MogDB authenticates the user. A user can own databases and database objects (such as tables), and grant permissions of these objects to other users and roles. In addition to system administrators, users with the CREATEDB attribute can create databases and grant permissions on these databases.
Adding, Modifying, and Deleting Users
-
To create a user, use the SQL statement CREATE USER.
For example, create a user joe and set the CREATEDB attribute for the user.
mogdb=# CREATE USER joe WITH CREATEDB PASSWORD "XXXXXXXXX"; CREATE ROLE
-
To create a system administrator, use the CREATE USER statement with the SYSADMIN parameter.
-
To delete an existing user, use DROP USER.
-
To change a user account (for example, rename the user or change the password), use ALTER USER.
-
To view a user list, query the PG_USER view.
mogdb=# SELECT * FROM pg_user;
-
To view user attributes, query the system catalog PG_AUTHID.s
mogdb=# SELECT * FROM pg_authid;
Private Users
If multiple service departments use different database user accounts to perform service operations and a database maintenance department at the same level uses database administrator accounts to perform maintenance operations, service departments may require that database administrators, without specific authorization, can manage (DROP, ALTER, and TRUNCATE) their data but cannot access (INSERT, DELETE, UPDATE, SELECT, and COPY) the data. That is, the management permissions of database administrators for tables need to be isolated from their access permissions to improve the data security of common users.
In separation-of-duties mode, a database administrator does not have permissions for the tables in schemas of other users. In this case, database administrators have neither management permissions nor access permissions, which does not meet the requirements of the service departments mentioned above. Therefore, MogDB provides private users to solve the problem. That is, create private users with the INDEPENDENT attribute in non-separation-of-duties mode.
mogdb=# CREATE USER user_independent WITH INDEPENDENT IDENTIFIED BY "1234@abc";
System administrators and security administrators with the CREATEROLE attribute can manage (DROP, ALTER, and TRUNCATE) objects of private users but cannot access (INSERT, DELETE, SELECT, UPDATE, COPY, GRANT, REVOKE, and ALTER OWNER) the objects before being authorized.
NOTICE: PG_STATISTIC and PG_STATISTIC_EXT store sensitive information about statistical objects, such as high-frequency MCVs. The system administrator can still access the two system catalogs to obtain the statistics of the tables to which private users belong.
Permanent Users
MogDB provides the permanent user solution, that is, create a permanent user with the PERSISTENCE property.
mogdb=# CREATE USER user_persistence WITH persistence IDENTIFIED BY "1234@abc";
Only the initial user is allowed to create, modify, and delete permanent users with the PERSISTENCE attribute.
Roles
A role is a set of users. After a role is granted to a user through GRANT, the user will have all the permissions of the role. It is recommended that roles be used to efficiently grant permissions. For example, you can create different roles of design, development, and maintenance personnel, grant the roles to users, and then grant specific data permissions required by different users. When permissions are granted or revoked at the role level, these changes take effect on all members of the role.
MogDB provides an implicitly defined group PUBLIC that contains all roles. By default, all new users and roles have the permissions of PUBLIC. For details about the default permissions of PUBLIC, see GRANT. To revoke permissions of PUBLIC from a user or role, or re-grant these permissions to them, add the PUBLIC keyword in the REVOKE or GRANT statement.
To view all roles, query the system catalog PG_ROLES.
SELECT * FROM PG_ROLES;
Adding, Modifying, and Deleting Roles
In non-separation-of-duties scenarios, a role can be created, modified, and deleted only by a system administrator or a user with the CREATEROLE attribute. In separation-of-duties scenarios, a role can be created, modified, and deleted only by an initial user or a user with the CREATEROLE attribute.
- To create a role, use CREATE ROLE.
- To add or delete users in an existing role, use ALTER ROLE.
- To delete a role, use DROP ROLE. DROP ROLE deletes only a role, rather than member users in the role.
Built-in roles
MogDB provides a group of default roles whose names start with gs_role_. These roles are provided to access to specific, typically high-privileged operations. You can grant these roles to other users or roles within the database so that they can use specific functions. These roles should be given with great care to ensure that they are used where they are needed. Table 3 describes the permissions of built-in roles.
Table 3 Permission description of built-in roles
Role | Permission |
---|---|
gs_role_copy_files | Permission to run the copy… to/from filename command. However, the GUC parameter enable_copy_server_files must be set first to enable the function of copying server files. |
gs_role_signal_backend | Permission to call the pg_cancel_backend, pg_terminate_backend, and pg_terminate_session functions to cancel or terminate other sessions. However, this role cannot perform operations on sessions of the initial user or PERSISTENCE user. |
gs_role_tablespace | Permission to create a tablespace. |
gs_role_replication | Permission to call logical replication functions, such as kill_snapshot, pg_create_logical_replication_slot, pg_create_physical_replication_slot, pg_drop_replication_slot, pg_replication_slot_advance, pg_create_physical_replication_slot_extern, pg_logical_slot_get_changes, pg_logical_slot_peek_changes, pg_logical_slot_get_binary_changes, and pg_logical_slot_peek_binary_changes. |
gs_role_account_lock | Permission to lock and unlock users. However, this role cannot lock or unlock the initial user or users with the PERSISTENCE attribute. |
gs_role_pldebugger | Permission to debug functions in dbe_pldebugger. |
The restrictions on built-in roles are as follows:
-
The role names starting with gs_role_ are reserved for built-in roles in the database. Do not create users or roles starting with gs_role_ or rename existing users or roles starting with gs_role_.
-
Do not perform ALTER or DROP operations on built-in roles.
-
By default, built-in roles do not have the LOGIN permission and do not have preset passwords.
-
The gsql meta-commands \du and \dg do not display information about built-in roles. However, if pattern is set to a specific built-in role, the information is displayed.
-
When separation-of-duty is disabled, the initial user, users with the SYSADMIN permission, and users with the ADMIN OPTION built-in role permission have the permission to perform GRANT and REVOKE operations on built-in roles. When separation of duty is enabled, the initial user and users with the ADMIN OPTION built-in role permission have the permission to perform GRANT and REVOKE operations on built-in roles. Example:
GRANT gs_role_signal_backend TO user1; REVOKE gs_role_signal_backend FROM user1;
Schemas
Schemas allow multiple users to use the same database without interference. In this way, database objects can be organized into logical groups that are easy to manage, and third-party applications can be added to corresponding schemas without causing conflicts.
Each database has one or more schemas. Each schema contains tables and other types of objects. When a database is initially created, it has a schema named public by default, and all users have the usage permission on the schema. Only the system administrator and initial users can create functions, stored procedures, and synonyms in the public schema. Other users cannot create the three types of objects even if they have the create permission. You can group database objects by schema. A schema is similar to an OS directory but cannot be nested. By default only the initializing user can create objects in pg_catalog mode.
The same database object name can be used in different schemas of the same database without causing conflicts. For example, both a_schema and b_schema can contain a table named mytable. Users with required permissions can access objects across multiple schemas of the same database.
When you run the CREATE USER command to create a user, the system creates a schema with the same name as the user in the database where the command is executed.
Database objects are generally created in the first schema in a database search path. For details about the first schema and how to change the schema order, see Search Path.
Creating, Modifying, and Deleting Schemas
-
To create a schema, use CREATE SCHEMA. By default, the initial user and system administrator can create schemas. Other users can create schemas in the database only when they have the CREATE permission on the database. For details about how to grant the permission, see the syntax in GRANT.
-
To change the name or owner of a schema, use ALTER SCHEMA. The schema owner can change the schema.
-
To delete a schema and its objects, use DROP SCHEMA. Schema owners can delete schemas.
-
To create a table in a schema, use the schema_name.table_name format to specify the table. If schema_name is not specified, the table will be created in the first schema in search path.
-
To view the owner of a schema, perform the following join query on the system catalogs PG_NAMESPACE and PG_USER. Replace schema_name in the statement with the name of the schema to be queried.
mogdb=# SELECT s.nspname,u.usename AS nspowner FROM pg_namespace s, pg_user u WHERE nspname='schema_name' AND s.nspowner = u.usesysid;
-
To view a list of all schemas, query the system catalog PG_NAMESPACE.
mogdb=# SELECT * FROM pg_namespace;
-
To view a list of tables in a schema, query the system catalog PG_TABLES. For example, the following query will return a table list from PG_CATALOG in the schema.
mogdb=# SELECT distinct(tablename),schemaname from pg_tables where schemaname = 'pg_catalog';
A search path is defined in the search_path parameter. The parameter value is a list of schema names separated by commas (,). If no target schema is specified during object creation, the object will be added to the first schema listed in the search path. If there are objects with the same name across different schemas and no schema is specified for an object query, the object will be returned from the first schema containing the object in the search path.
-
To view the current search path, use SHOW.
mogdb=# SHOW SEARCH_PATH; search_path ---------------- "$user",public (1 row)
The default value of search_path is
"$user",public.
$user indicates the name of the schema with the same name as the current session user. If the schema does not exist, $user will be ignored. By default, after a user connects to a database that has schemas with the same name, objects will be added to all the schemas. If there are no such schemas, objects will be added to only the public schema. -
To change the default schema of the current session, run the SET statement.
Run the following command to set search_path to myschema and public (myschema will be searched first):
mogdb=# SET SEARCH_PATH TO myschema, public; SET
Setting User Permissions
-
To grant permissions for an object to a user, see GRANT.
When permissions for a table or view in a schema are granted to a user or role, the USAGE permission of the schema must be granted together. Otherwise, the user or role can only see these objects but cannot access them.
In the following example, permissions for the schema tpcds are first granted to user joe, and then the SELECT permission for the tpcds.web_returns table is also granted.
mogdb=# GRANT USAGE ON SCHEMA tpcds TO joe; mogdb=# GRANT SELECT ON TABLE tpcds.web_returns to joe;
-
Grant a role to a user to allow the user to inherit the object permissions of the role.
-
Create a role.
Create a role lily and grant the system permission CREATEDB to the role.
mogdb=# CREATE ROLE lily WITH CREATEDB PASSWORD "XXXXXXXXX";
-
Grant object permissions to the role by using GRANT.
For example, first grant permissions for the schema tpcds to the role lily, and then grant the SELECT permission of the tpcds.web_returns table to lily.
mogdb=# GRANT USAGE ON SCHEMA tpcds TO lily; mogdb=# GRANT SELECT ON TABLE tpcds.web_returns to lily;
-
Grant the role permissions to a user.
mogdb=# GRANT lily to joe;
NOTE: When the permissions of a role are granted to a user, the attributes of the role are not transferred together.
-
-
To revoke user permissions, use REVOKE.
Row-Level Access Control
The row-level access control feature enables database access control to be accurate to each row of data tables. In this way, the same SQL query may return different results for different users.
You can create a row-level access control policy for a data table. The policy defines an expression that takes effect only for specific database users and SQL operations. When a database user accesses the data table, if a SQL statement meets the specified row-level access control policies of the data table, the expressions that meet the specified condition will be combined by using AND or OR based on the attribute type (PERMISSIVE | RESTRICTIVE) and applied to the execution plan in the query optimization phase.
Row-level access control is used to control the visibility of row-level data in tables. By predefining filters for data tables, the expressions that meet the specified condition can be applied to execution plans in the query optimization phase, which will affect the final execution result. Currently, the SQL statements that can be affected include SELECT, UPDATE, and DELETE.
Scenario 1: A table summarizes the data of different users. Users can view only their own data.
--Create users alice, bob, and peter.
mogdb=# CREATE ROLE alice PASSWORD 'Enmo@123';
mogdb=# CREATE ROLE bob PASSWORD 'Enmo@123';
mogdb=# CREATE ROLE peter PASSWORD 'Enmo@123';
--Create the all_data table that contains user information.
mogdb=# CREATE TABLE all_data(id int, role varchar(100), data varchar(100));
--Insert data into the data table.
mogdb=# INSERT INTO all_data VALUES(1, 'alice', 'alice data');
mogdb=# INSERT INTO all_data VALUES(2, 'bob', 'bob data');
mogdb=# INSERT INTO all_data VALUES(3, 'peter', 'peter data');
--Grant the read permission for the all_data table to users alice, bob, and peter.
mogdb=# GRANT SELECT ON all_data TO alice, bob, peter;
--Enable row-level access control.
mogdb=# ALTER TABLE all_data ENABLE ROW LEVEL SECURITY;
--Create a row-level access control policy to specify that the current user can view only their own data.
mogdb=# CREATE ROW LEVEL SECURITY POLICY all_data_rls ON all_data USING(role = CURRENT_USER);
--View table details.
mogdb=# \d+ all_data
Table "public.all_data"
Column | Type | Modifiers | Storage | Stats target | Description
--------+------------------------+-----------+----------+--------------+-------------
id | integer | | plain | |
role | character varying(100) | | extended | |
data | character varying(100) | | extended | |
Row Level Security Policies:
POLICY "all_data_rls"
USING (((role)::name = "current_user"()))
Has OIDs: no
Location Nodes: ALL DATANODES
Options: orientation=row, compression=no, enable_rowsecurity=true
--Switch to user alice and run SELECT * FROM public.all_data.
mogdb=# SELECT * FROM public.all_data;
id | role | data
----+-------+------------
1 | alice | alice data
(1 row)
mogdb=# EXPLAIN(COSTS OFF) SELECT * FROM public.all_data;
QUERY PLAN
----------------------------------------------------------------
Streaming (type: GATHER)
Node/s: All datanodes
-> Seq Scan on all_data
Filter: ((role)::name = 'alice'::name)
Notice: This query is influenced by row level security feature
(5 rows)
--Switch to user peter and run SELECT * FROM public.all_data.
mogdb=# SELECT * FROM public.all_data;
id | role | data
----+-------+------------
3 | peter | peter data
(1 row)
mogdb=# EXPLAIN(COSTS OFF) SELECT * FROM public.all_data;
QUERY PLAN
----------------------------------------------------------------
Streaming (type: GATHER)
Node/s: All datanodes
-> Seq Scan on all_data
Filter: ((role)::name = 'peter'::name)
Notice: This query is influenced by row level security feature
(5 rows)
Notice: PG_STATISTIC system table and PG_STATISTIC_EXT system table store some sensitive information of statistical objects, such as high frequency value MCV. After the separation of powers is carried out, the system administrator can still obtain the information in the statistical information by accessing the two system tables.
Setting Security Policies
Setting Account Security Policies
Background
For data security purposes, MogDB provides a series of security measures, such as automatically locking and unlocking accounts, manually locking and unlocking abnormal accounts, and deleting accounts that are no longer used.
Automatically Locking and Unlocking Accounts
-
If the number of incorrect password attempts (failed_login_attempts) of an account reaches the upper limit (10 by default), the system automatically locks the account. Smaller parameter values result in higher account security. However, if the value of this parameter is set too small, inconvenience may occur.
-
If the time during which a user is locked exceeds the preset value (password_lock_time, one day by default), the system automatically unlocks the user. Larger parameter values bring higher account security. However, if the value of this parameter is set too large, inconvenience may occur.
NOTE:
- The integral part of the password_lock_time value indicates the number of days and its decimal part can be converted into hours, minutes, and seconds.
- If the failed_login_attempts parameter is set to 0, an account is never locked due to incorrect password attempts. If the password_lock_time parameter is set to 0, an account is quickly unlocked after it is locked due to incorrect password attempts. Therefore, only when both parameters are set to positive values, the following operations can be performed: password failure check, account locking, and account unlocking.
- The default values of the two parameters meet the security requirements. You can change the parameter values as needed for higher security. You are advised to retain the default values.
Configure the failed_login_attempts parameter.
-
Log in as the OS user omm to the primary node of the database.
-
Run the following command to connect to the database:
gsql -d mogdb -p 8000
mogdb is the name of the database to be connected, and 8000 is the port number of the database primary node.
-
View the current value.
mogdb=# SHOW failed_login_attempts; failed_login_attempts ----------------------- 10 (1 row)
If the command output is not 10, run the \q command to exit the database.
-
Run the following command to set the parameter to its default value 10:
gs_guc reload -D /mogdb/data/dbnode -c "failed_login_attempts=10"
Configure the password_lock_time parameter.
-
Log in as the OS user omm to the primary node of the database.
-
Run the following command to connect to the database:
gsql -d mogdb -p 8000
mogdb is the name of the database to be connected, and 8000 is the port number of the database primary node.
-
View the current value.
mogdb=# SHOW password_lock_time; password_lock_time ----------------------- 1 (1 row)
If the command output is not 1, run the \q command to exit the database.
-
Run the following command to set the parameter to its default value 1:
gs_guc reload -N all -I all -c "password_lock_time=1"
Manually Locking and Unlocking Accounts
Once detecting that an account is stolen or the account is used to access the database without being authorized, administrators can manually lock the account.
Administrators can manually unlock the account if the account becomes normal again.
For details about how to create a user, see Users. To manually lock and unlock user joe, run commands in the following format:
-
To manually lock the account, run the following command:
mogdb=# ALTER USER joe ACCOUNT LOCK; ALTER ROLE
-
To manually unlock the account, run the following command:
mogdb=# ALTER USER joe ACCOUNT UNLOCK; ALTER ROLE
Deleting Accounts That Are No Longer Used
Administrators can delete an account that is no longer used. This operation cannot be rolled back.
When an account to be deleted is in the active state, it is deleted after the session is disconnected.
For example, if you want to delete account joe, run the following command:
mogdb=# DROP USER joe CASCADE;
DROP ROLE
Setting the Validity Period of an Account
Precautions
When creating a user, you need to specify the validity period of the user, including the start time and end time.
To enable a user not within the validity period to use its account, set a new validity period.
Procedure
-
Log in as the OS user omm to the primary node of the database.
-
Run the following command to connect to the database:
gsql -d mogdb -p 8000
mogdb is the name of the database to be connected, and 8000 is the port number of the database primary node.
-
Run the following command to create a user and specify the start time and end time:
CREATE USER joe WITH PASSWORD 'XXXXXXXXX' VALID BEGIN '2015-10-10 08:00:00' VALID UNTIL '2016-10-10 08:00:00';
The user is created if the following information is displayed:
CREATE ROLE
-
If the user is not within the specified validity period, run the following command to set the start time and end time of a new validity period.
ALTER USER joe WITH VALID BEGIN '2016-11-10 08:00:00' VALID UNTIL '2017-11-10 08:00:00';
The start time and end time of the new validity period is set successfully if the following information is displayed:
ALTER ROLE
NOTE: If VALID BEGIN is not specified in the CREATE ROLE or ALTER ROLE statement, the start time of the validity period is not limited. If VALID UNTIL is not specified, the end time of the validity period is not limited. If both of the parameters are not specified, the user is always valid.
Setting Password Security Policies
Procedure
User passwords are stored in the system catalog pg_authid. To prevent password leakage, MogDB encrypts user passwords before storing them. The encryption algorithm is determined by the configuration parameter password_encryption_type.
- If parameter password_encryption_type is set to 0, passwords are encrypted using MD5. MD5 is not recommended because it is insecure.
- If parameter password_encryption_type is set to 1, passwords are encrypted using SHA-256 and MD5. MD5 is not recommended because it is insecure.
- If parameter password_encryption_type is set to 2, passwords are encrypted using SHA-256. This is the default configuration.
- If parameter password_encryption_type is set to 3, passwords are encrypted using sm3. This is the default configuration.
-
Log in as the OS user omm to the primary node of the database.
-
Run the following command to connect to the database:
gsql -d postgres -p 8000
postgres is the name of the database to be connected, and 8000 is the port number of the database primary node.
-
View the configured encryption algorithm.
mogdb=# SHOW password_encryption_type; password_encryption_type -------------------------- 2 (1 row)
If the command output is 0 or 1, run the \q command to exit the database.
-
Set gs_guc reload -Z coordinator -D using a secure encryption algorithm:
gs_guc reload -N all -I all -c "password_encryption_type=2"
NOTICE: To prevent password leakage, when running CREATE USER/ROLE to create a database user, do not specify the UNENCRYPTED attribute. In this way, the password of the newly created user must be encrypted for storage.
-
Configure password security parameters.
-
Password complexity
You need to specify a password when initializing a database, creating a user, or modifying a user. The password must meet the complexity check rules (see password_policy). Otherwise, you are prompted to enter the password again.
- If parameter password_policy is set to 1, the default password complexity rule is used to check passwords.
- If parameter password_policy is set to 0, the password complexity is not verified. You are not advised to set the parameter to this value because it is insecure. Password complexity is skipped only if the password_policy parameter is set to 0 for all MogDB nodes.
Configure the password_policy parameter.
a. Run the following command to connect to the database:
gsql -d postgres -p 8000
postgres is the name of the database to be connected, and 8000 is the port number of the database primary node.
b. View the current value.
mogdb=# SHOW password_policy; password_policy --------------------- 1 (1 row)
If the command output is not 1, run the \q command to exit the database.
c. Run the following command to set the parameter to its default value 1:
gs_guc reload -N all -I all -c "password_policy=1"
Note:
The password complexity requirements are as follows:
-
Minimum number of uppercase letters (A-Z) (password_min_uppercase)
-
Minimum number of lowercase letters (a-z) (password_min_lowercase)
-
Minimum number of digits (0-9) (password_min_digital)
-
Minimum number of special characters (password_min_special) (Table 4 lists special characters.)
-
Minimum password length (password_min_length)
-
Maximum password length (password_max_length)
-
A password must contain at least three types of the characters (uppercase letters, lowercase letters, digits, and special characters)
-
A password is case insensitive and cannot be the username or the username spelled backwards.
-
A new password cannot be the current password and the current password spelled backwards.
-
A weak password is not allowed.
-
A weak password means that the password complexity is low and is easily cracked. For different users or groups, the definition of a weak password varies. Users need to define the weak password rule.
-
The password of a weak password dictionary is stored in the gs_global_config system table. When a user needs to set a password during user creation or modification, the system will compare the password set by a user with the passwords in the weak password dictionary. If the set password is defined as a weak password, the system prompts the user of changing the password.
-
The weak password dictionary is left blank by default. The user can run the following command to create or delete a weak password dictionary.
mogdb=# CREATE WEAK PASSWORD DICTIONARY WITH VALUES ('password1'), ('password2'); mogdb=# DROP WEAK PASSWORD DICTIONARY;
-
Password reuse
An old password can be reused only when it meets the requirements on reuse days (password_reuse_time) and reuse times (password_reuse_max). Table 5 lists the parameter configurations.
NOTE: The default values of the password_reuse_time and password_reuse_max parameters are 60 and 0, respectively. Large values of the two parameters bring higher security. However, if the values of the parameters are set too large, inconvenience may occur. The default values of the two parameters meet the security requirements. You can change the parameter values as needed for higher security.
Configure the password_reuse_time parameter.
a. Run the following command to connect to the database:
gsql -d postgres -p 8000
postgres is the name of the database to be connected, and 8000 is the port number of the database primary node.
b. View the current value.
mogdb=# SHOW password_reuse_time; password_reuse_time --------------------- 60 (1 row)
If the command output is not 60, run the \q command to exit the database.
c. Run the following command to set the parameter to its default value 60:
NOTE: You are not advised to set the parameter to 0. This value is valid only when password_reuse_time for all MogDB nodes is set to 0.
gs_guc reload -N all -I all -c "password_reuse_time=60"
Configure the password_reuse_max parameter.
a. Run the following command to connect to the database:
gsql -d postgres -p 8000
postgres is the name of the database to be connected, and 8000 is the port number of the database primary node.
b. View the current value.
mogdb=# SHOW password_reuse_max; password_reuse_max -------------------- 0 (1 row)
If the command output is not 0, run the \q command to exit the database.
c. Run the following command to set the parameter to its default value 0:
gs_guc reload -N all -I all -c "password_reuse_max = 0"
-
Password validity period
A validity period (password_effect_time) is set for each database user password. If the password is about to expire (password_notify_time), the system displays a message to remind the user to change it upon login.
NOTE: Considering the usage and service continuity of a database, the database still allows a user to log in after the password expires. A password change notification is displayed every time the user logs in to the database until the password is changed.
Configure the password_effect_time parameter.
a. Run the following command to connect to the database:
gsql -d postgres -p 8000
postgres is the name of the database to be connected, and 8000 is the port number of the database primary node.
b. View the current value.
mogdb=# SHOW password_effect_time; password_effect_time ---------------------- 90 (1 row)
If the command output is not 90, run the \q command to exit the database.
c. Run the following command to set the parameter to 90 (0 is not recommended):
gs_guc reload -N all -I all -c "password_effect_time = 90"
Configure the password_notify_time parameter.
a. Run the following command to connect to the database:
gsql -d postgres -p 8000
postgres is the name of the database to be connected, and 8000 is the port number of the database primary node.
b. View the current value.
mogdb=# SHOW password_notify_time; password_notify_time ---------------------- 7 (1 row)
c. If 7 is not displayed, run the following command to set the parameter to 7 (0 is not recommended):
gs_guc reload -N all -I all -c "password_notify_time = 7"
-
Password change
-
During database installation, an OS user with the same name as the initial user is created. The password of the OS user needs to be periodically changed for account security.
To change the password of user user1, run the following command:
passwd user1
Change the password as prompted.
- System administrators and common users need to periodically change their passwords to prevent the accounts from being stolen.
For example, to change the password of user user1, connect to the database as the system administrator and run the following commands:
mogdb=# ALTER USER user1 IDENTIFIED BY "1234@abc" REPLACE "5678@def"; ALTER ROLE
NOTE: 1234@abc and 5678@def represent the new password and the original password of user user1, respectively. If the new password does not have the required complexity, the change will not take effect.
-
-
Administrators can change their own and common users' passwords. If common users forget their passwords, they can ask administrators to change the passwords.
To change the password of user joe, run the following command:
mogdb=# ALTER USER joe IDENTIFIED BY "xxxxxxxx"; ALTER ROLE
NOTE:
- System administrators are not allowed to change passwords for each other.
- A system administrator can change the password of a common user without being required to provide the common user's old password.
- A system administrator can change their own password but is required to provide the old password.
-
Password verification
Password verification is required when you set the user or role in the current session. If the entered password is inconsistent with the stored password of the user, an error is reported.
If user joe needs to be set, run the following command:
mogdb=# SET ROLE joe PASSWORD "abc@1234"; ERROR: Invalid username/password,set role denied.
No. Character No. Character No. Character No. Character 1 ~ 9 * 17 | 25 < 2 ! 10 ( 18 [ 26 . 3 @ 11 ) 19 { 27 > 4 # 12 - 20 } 28 / 5 $ 13 _ 21 ] 29 ? 6 % 14 = 22 ; - - 7 ^ 15 + 23 : - - 8 & 16 </p> 24 , - - Table 5 Parameter description for reuse days and reuse times
Parameter Value Range Description Number of days during which a password cannot be reused (password_reuse_time) Positive number or 0. The integral part of a positive number indicates the number of days and its decimal part can be converted into hours, minutes, and seconds.
By default, the number of days is set to 60.- If the parameter value is changed to a smaller one, new passwords will be checked based on the new parameter value.
- If the parameter value is changed to a larger one (for example, changed from a to b), the historical passwords before b days probably can be reused because these historical passwords may have been deleted. New passwords will be checked based on the new parameter value.
NOTE:
The absolute time is used. Historical passwords are recorded using absolute time and unaffected by local time changes.Number of consecutive times that a password cannot be reused (password_reuse_max) Positive integer or 0.The value 0 indicates that the number of consecutive times that a password cannot be reused is not checked. - If the parameter value is changed to a smaller one, new passwords will be checked based on the new parameter value.
- If the parameter value is changed to a larger one (for example, changed from a to b), the historical passwords before the last b passwords probably can be reused because these historical passwords may have been deleted. New passwords will be checked based on the new parameter value.
-
-
Set user password expiration.
A user with the CREATEROLE permission can create a user with the password expiration feature. The command format is as follows:
mogdb=# CREATE USER joe PASSWORD "abc@1234" EXPIRED; CREATE ROLE
A user with the CREATEROLE permission can force a user password to expire or force a user to change the forcibly expired password. The command format is as follows:
mogdb=# ALTER USER joe PASSWORD EXPIRED; ALTER ROLE
mogdb=# ALTER USER joe PASSWORD "abc@2345" EXPIRED; ALTER ROLE
NOTE:
- After logging in to the database, a user with the password expiration feature is prompted to change the password when the user tries to perform a simple or extended query. The user can then execute the statement after changing the password.
- Only initial users, system administrators, or users who have permission to create users can set password expiration. Password expiration can be set by system administrators for themselves and other system administrators. Additionally, the password expiration cannot be set for initial users.