Roles and privileges, I'm really confused, 1st edition

I'm having some trouble with the privileges assigned through roles. I read a few articles on the topic, but I'm still confused. I have actually some problems and I am speaking to them in two separate threads: this one and 'roles and privileges, I'm really confused, 2nd edition.

To begin with, I am familiar with the following statement.
, The owner of the schema containing the view must have the necessary privileges to either select, insert, update, or delete rows from all tables or views on which the opinion is based. The owner must be granted these privileges directly, rather than a role.
Here's what's happening.

I have a role, say ROLE1 has the privilege of system CREATE SEQUENCE (without the GRANT OPTION) are attributed to him. I then set ROLE1 User1 (it's just a dummy user and a role, if they conflict with reserved roles or accounts, they are not the real names of role and the user that I use). User1 has also created a package in its schema that calls a SEQUENCE to CREATE breast in a package procedure.

When the user runs the package procedure we get an insufficient privileges error. When we do a SELECT * FROM SESSION_PRIVS the CREATE SEQUENCE privilege is listed; This should mean that the user can create a sequence, right? However, when the privilege is assigned directly to the user directly to the user, not by a role, the statement runs without error.

I don't understand this. The user has the CREATE SEQUENCE privilege through the role, verified by the SESSION_PRIVS table (or view), but is not able to create the sequence, unless this privilege is assigned directly to the user - if this is true, that I seem to contradict the purpose of having roles.

Anyway, anyone know how I can get it to work properly?

DBelt wrote:
We are talking about all rights of the DEFINER vs applicant rights. I won't use the rights of the appellant, I like the guarantee of the rights of the author. WO what should I do to get things to work with the rights of the author?

Grant privilege explicitly to the user, not a role.

Tags: Database

Similar Questions

  • Cannot run script queued for roles and privileges


    Hi all;


    I'm recreating a u1 user and also try to attempt to define the roles and privilege from the file put on hold.

    but I get the error message.


    $ cat f1.sql

    GRANT CONNECT to u1

    Grant RESOURCE to u1

    Grant CREATE SESSION to u1

    Grant UNLIMITED TABLESPACE to u1

    Grant CREATE TABLE to u1

    Grant CREATE ANY TABLE to u1

    Grant CREATE the CLUSTER to u1

    Grant CREATE SYNONYM to u1

    Grant CREATE VIEW to u1

    Grant CREATE SEQUENCE to u1

    Grant CREATE ANY SEQUENCE to u1

    Grant CREATE DATABASE LINK to u1

    Grant CREATE PROCEDURE for u1

    Grant CREATE TRIGGER to u1

    Grant CREATE TYPE U1

    GRANT CREATE OPERATOR to u1

    Grant CREATE INDEXTYPE U1

    SYS > create the u1 user identified by u1;

    Created by the user.

    SYS > @f1.sql;

    5

    DB version is 11.2.0.1 on redhat 4.7

    Thank you

    Where are you semicolons?  Each command must end with a semicolon.

    Hemant K Collette

  • Trying to auto generate roles and privileges

    Hello all,.

    Oracle 11g v11.2.0.1.0 on Windows Server 2008 Enterprise

    I have a database with many schemas. One of the patterns is referred to as the CM_MASTER schema in that it was granted the following: s/n, create user, drop user, alter user, create any table, select any table and a few others, all with the clause "with admin option".

    We have developers who need to select only the access to tables and views non-maitre patterns. My plan was to create a unique ROLE for each schema, then grant select on each table and discovers in this scheme to this unique role. Then grant the role appropriate to every developer therefore giving them only read access.

    I can accomplish the above manually when you are logged in as the CM_MASTER schema.

    I am creating a procedure owned and run by the schema CM_MASTER which creates a new role and then give this role. The procedure accepts a parameter that contains the username of the target schema. The procedure is able to create the role (create a role scott_r) successfully.

    However, I get an error of insufficient privileges (see below), after that the role was created, trying to issue the command "grant select on scott.some_table to scott_r" via "immediate execution".

    Any ideas, what privilege (s) the user needs CM_MASTER to be able to issue the grant (s) for the role?

    Error message below:

    exec ('scott') gen_schema_role;
    Error report:
    ORA-01031: insufficient privileges
    ORA-06512: at "CM_MASTER. GEN_SCHEMA_ROLE', line 30
    ORA-06512: at line 1
    01031 00000 - "insufficient privileges".


    The procedure code is below:
    Utl_file.put_line commands have been added for debugging, but nothing came out.
    When the "immediate execution" lines are commented, the utl_file.put_line command output displays the correct SQL create and grant statements.

    create or replace
    procedure gen_schema_role (p_db_user in varchar)
    as
    v_role_name varchar2 (30);

    v_bat_out utl_file.file_type;

    cursor get_object_names is
    Select object_name dba_objects
    where owner = upper (p_db_user)
    and object_type in ('TABLE', 'SEE')
    and status = "VALID".
    and object_name not like "DR$ %.
    and object_name not like '% XT;

    Start

    v_bat_out: = utl_file.fopen ('SR_BACKUP', 'Create_Roles.sql', 'W');

    v_role_name: = substr (p_db_user, 1, 28). '_r';

    UTL_FILE.put_line (v_bat_out, ' ');
    UTL_FILE.put_line (v_bat_out, 'create role' | v_role_name);

    run immediately "create role" | " v_role_name; < <-this seems to work, the role is created

    for a get_object_names in
    loop
    UTL_FILE.put_line (v_bat_out,' grant select on ' | p_db_user |) '.' || a.object_name | « à » || v_role_name);

    run immediately ' grant select on "| p_db_user | '.' || a.object_name | « à » || v_role_name;
    end loop;

    UTL_FILE.fclose (v_bat_out);

    end gen_schema_role;



    Thank you
    Snyds

    Hello

    It seems that CM_MASTER needs to GRANT any OBJECT PRIVILEGE.

    And this should be given directly to him (not by the role DBA, which you shouldn't use anyway)

    My guess is, however, that this will not work unless scott has actually created his own one or more tables.

    Concerning
    Peter

  • Roles and privileges of the sys schema default APPS

    Dear all

    What are all the privileges system & roles should be there, and unlimited tablespace should be there?

    Guru cleared my doubt that DBA should not be there for apps schema. but I need information please.

    Thank you and best regards,

    Apps user must have quota access on the following storage spaces:

    APPS_TS_ARCHIVE

    APPS_TS_INTERFACE

    APPS_TS_MEDIA

    APPS_TS_NOLOGGING

    APPS_TS_QUEUES

    APPS_TS_SEED

    APPS_TS_SUMMARY

    APPS_TS_TX_DATA

    APPS_TS_TX_IDX

    APPS_TS_TX_INTERFACE

    You can use this command for the applications of the user to have unlimited quotas on the tablesapces above - alter apps on unlimited user quota.

    Thank you

    Hussein

  • vCenter roles and privileges to migrate virtual machines

    I created a custom role named 'Build VMs' that I have assigned to an ad group.  This role is assigned in the data centers, all spread and no. folder where elsewhere.  The role was designed to allow a specific group of users to manage virtual machines (create, move, delete, but not clone, etc.).

    For the most part, it works fine, but I have a problem: they cannot migrate powered off VMs.  vMotion is available and works, but I need to move a cluster virtual machines to a different (more old hw & 3.5 to new hw & 4.1).

    The role has the following privileges:

    Name                                Id
    ----                                --
    Anonymous System.Anonymous
    View System.View
    Read System.Read
    Create the folder Folder.Create
    Allocate space Datastore.AllocateSpace
    Update of virtual machine files Datastore.UpdateVirtualMachineFiles
    Configure Network.Config
    Affect the Network.Assign network
    Change DVSwitch.Modify
    Operation of DVSwitch.PortConfig port configuration
    Setting of port DVSwitch.PortSetting operation
    Change DVPortgroup.Modify
    Create the virtual machine Host.Local.CreateVM
    Reconfigure the virtual machine Host.Local.ReconfigVM
    Create new VirtualMachine.Inventory.Create
    Create existing VirtualMachine.Inventory.CreateF...
    Register VirtualMachine.Inventory.Register
    Delete VirtualMachine.Inventory.Delete
    Unregister VirtualMachine.Inventory.Unregister
    Move VirtualMachine.Inventory.Move
    Power VirtualMachine.Interact.PowerOn
    VirtualMachine.Interact.PowerOff power off
    Suspension VirtualMachine.Interact.Suspend
    Discount to zero VirtualMachine.Interact.Reset
    Question answer VirtualMachine.Interact.AnswerQu...
    Console interaction VirtualMachine.Interact.ConsoleI...
    Device connection VirtualMachine.Interact.DeviceCo...
    Configure support CD VirtualMachine.Interact.SetCDMedia
    Configure floppy media VirtualMachine.Interact.SetFlopp...
    VMware Tools install VirtualMachine.Interact.ToolsIns...
    Buy tickets to control comments VirtualMachine.Interact.GuestCon...
    Defragmentation of disks all VirtualMachine.Interact.Defragme...
    Turn on the VirtualMachine.Interact.CreateSe of fault tolerance...
    Disable VirtualMachine.Interact.TurnOffF of fault tolerance...
    Test failover VirtualMachine.Interact.MakePrimary
    Restarting the VM VirtualMachine.Interact.Terminat secondary...
    Disable VirtualMachine.Interact.DisableS of fault tolerance...
    Enable fault tolerance VirtualMachine.Interact.EnableSe...
    Record session on Machine virtual VirtualMachine.Interact.Record
    Review the session on virtual computer VirtualMachine.Interact.Replay
    Backup operation on a virtual machine VirtualMachine.Interact.Backup
    Create a screenshot VirtualMachine.Interact.CreateSc...
    Rename VirtualMachine.Config.Rename
    Add a disk existing VirtualMachine.Config.AddExistin...
    Add the new disk VirtualMachine.Config.AddNewDisk
    Remove the VirtualMachine.Config.RemoveDisk disc
    Raw device VirtualMachine.Config.RawDevice
    Host VirtualMachine.Config.HostUSBDevice USB device
    Change the number of CPU VirtualMachine.Config.CPUCount
    Memory VirtualMachine.Config.Memory
    Add or remove devices VirtualMachine.Config.AddRemoveD...
    Change the settings of the device VirtualMachine.Config.EditDevice
    Parameters VirtualMachine.Config.Settings
    Change resources VirtualMachine.Config.Resource
    Updating of the virtual hardware VirtualMachine.Config.UpgradeVir...
    Reset the VirtualMachine.Config.ResetGuest customer information...
    Advanced VirtualMachine.Config.AdvancedCo...
    Lease of disk VirtualMachine.Config.DiskLease
    Swapfile placement VirtualMachine.Config.SwapPlacement
    Extend the virtual disk VirtualMachine.Config.DiskExtend
    Change disk monitoring VirtualMachine.Config.ChangeTrac...
    Unlock the virtual machine VirtualMachine.Config.Unlock
    Queries files without owner VirtualMachine.Config.QueryUnown...
    Reloading the way VirtualMachine.Config.ReloadFrom...
    Compatibility VirtualMachine.Config.QueryFTCom of the fault tolerance of queries...
    Customize the VirtualMachine.Provisioning.Cust...
    Promote records VirtualMachine.Provisioning.Prom...
    Deploy the model of VirtualMachine.Provisioning.Depl...
    Clone model VirtualMachine.Provisioning.Clon...
    Mark as virtual machine VirtualMachine.Provisioning.Mark...
    Read about the customization VirtualMachine.Provisioning.Read...
    Edit the VirtualMachine.Provisioning.Modi customization specifications...
    Allow access to the disk VirtualMachine.Provisioning.Disk...
    Allow access to the read-only disc VirtualMachine.Provisioning.Disk...
    Assign the virtual machine resources... Resource.AssignVMToPool
    Migrate from Resource.HotMigrate
    Query vMotion Resource.QueryVMotion

    It is the main thing I thought it would take to a simple move of a virtual machine while it is turned off:

    Name                                Id
    ----                                --
    Move VirtualMachine.Inventory.Move

    I gave to create a folder because some of the permissions were not yet allowing the creation of virtual machines, even though it probably isn't necessary.

    Any ideas?

    ~ Luc
    http://thephuck.com

    What happens if you add resources > permission to move?

  • problem users, roles and privileges!

    Hello world
    I use oracle 10.2.0.

    I have a (dba1) user who is the owner of the tables in my database. I have connected to sqlplus as sysdba and created the admin role < b > < /b > and granted the admin privileges.
    SQL> grant all privileges to admin;

Grant succeeded.

SQL>
    Then I gave the admin < /b > < b > user dba1 role:
    SQL> grant admin to dba1;

Grant succeeded.
    I created another role, sel_role and gave privileges to select tables. For example:
    SQL> grant select on kund to sel_role;

Grant succeeded.
    Now, I created another user, Anton and gave this user the sel_role role:
    grant sel_role to Anton;

Grant succeeded.
    Now when I try to login as anton and try to use the select statement that is given to Anton by sysdba, using the sel_role, to select the kund table, I get an error:
    SQL> connect anton/oracle
Connected.

SQL> select * from kund;
select * from kund
              *
ERROR at line 1:
ORA-00942: table or view does not exist
    What could be the solution to this problem?
    Thanks in advance

    Oops, has nothing to do with provoleges. Kund table is not owner by user anton, right? Therefore, you must perfix with the owner, that is, based on "I have a (dba1) user who is the owner of the tables in my database", dba1. Then issue:

    Select * from dba1.kund;

    SY.

  • A query involving roles and privileges.

    I am trying to create the following query:
    Given a table (or view) and a user, I wish that the query to list all the ways of the roles with which the user has been granted given privilege (for example "SELECT") to the selected table. The path will look something like
    TABLE = > ROLE1 = > ROLE2 = > 3 = > USER
    If the user only has the right to SELECT on the table that the query will return well on lines. If there is more than one path through which the user gets the privilege, then the query returns multiple lines.

    Can someone help please
    George

    Hi, Girard,.

    Sorry, I can't reproduce the problem. I get ouptut like this:

    PATH
--------------------------------------------------------------------------------
DBA_TS_QUOTAS => SELECT_CATALOG_ROLE => DBA => FUBAR
DBA_TS_QUOTAS => SELECT_CATALOG_ROLE => FUBAR
DBA_TS_QUOTAS => SELECT_CATALOG_ROLE => EXP_FULL_DATABASE => DBA => FUBAR
DBA_TS_QUOTAS => SELECT_CATALOG_ROLE => IMP_FULL_DATABASE => DBA => FUBAR
DBA_TS_QUOTAS => SELECT_CATALOG_ROLE => OLAP_DBA => DBA => FUBAR

    Message from the query that you run in fact, even if you copied it just of my message. There may be an error in editing.
    All the names within quotation marks are correctly capitalized?
    This query works for any table and the user? Try on a few cases where you know exactly why (or at least a reason why) a certain user has privileges on a table of some.

    What system user privileges GEO2 there? View the results of

    SELECT  privilege
FROM    dba_sys_privs
WHERE   grantee  = 'GEO2'
;

    This doesn't apply right now, but remember that the name you may know a synonym. The view used in this query, dba_role_privs, and dba_tab_privs, only covers the real table names. DBA_SYS_PRIVS is a synonym, but it happens be the actual name of the display also, so, as I said, which is not causing your current problem. Just keep in mind if you use the data dictionary views that contain $ in their names.

    Published by: Frank Kulash, 17 December 2010 15:34

    I just saw your discussion with Justin; I see you have already posted the system privileges.
    I guess that any role GEO2 has, directly or indirectly, might have a privilege of system as SELECT ANY DICTIONARY.
    What happened to you?

    WITH     all_roles     AS
(
     SELECT  granted_role
     ,     SYS_CONNECT_BY_PATH (granted_role, '/')     AS path
     FROM     dba_role_privs
     START WITH     grantee     = 'GEO2'
     CONNECT BY     grantee     = PRIOR granted_role
)
SELECT     r.granted_role
,     r.path
,     p.privilege
FROM     all_roles     r
JOIN     dba_sys_privs     p  ON     r.granted_role = p.grantee
WHERE     privilege     LIKE 'SELECT ANY%'
;

    Published by: Frank Kulash, 17 December 2010 15:47

  • roles and privileges

    I created a user and the roles to access the tables.

    SQL > create role trans_role;

    SQL > grant select, insert, delete, update on pmms.table1 to trans_role;

    SQL > grant select, insert, delete, update on pmms.table2 to trans_role;

    SQL > grant trans_role User1, User2.

    SQL > grant connect User1, User2.

    But there is error when user1, user2 connected and tried to select tables.

    SQL > select * from pmms.table1;
    Select * from pmms.table1
    *
    ERROR on line 1:
    ORA-00942: table or view does not exist


    SQL >

    Hello

    don123 wrote:

    ... I know that the password is case sensitive but I don't know if username is also case sensitive in oracle? ...

    Yes, the user names are case-sensitive in Oracle.  "User1" is not the same user name "user1".

    (Passwords are case-sensitive in Oracle 11.1 and upward, not in earlier versions.)

  • Export and privileges

    Hi, I am using db oracle 10g, sql developer 4.0.2

    I create a user called "MED" and he has granted privileges "Role DBA, ALTER SYSTEM, SELECT ON V_$ SESSION."

    I export it and then import it again, it will have these privileges or any other privilege I granted him his?

    -I do not understand because each user you create, you must grant "create session and select,..." etc", but when I tried after him granting the privileges above,.

    I found it can establish a connection and can choose, but cannot select session $ v for example (as I remember)!

    What is the role here please? and what do I do to import the user with privileges, I give him?

    Thank you

    Hello

    Export will retrieve roles and privileges of access granted to a user. However, it will not extract direct subsidies to the system objects. So in your case, all will be loaded by import outside the selection on v_$ session

    see you soon,

    rich

  • Dump the roles and permissions

    I want to empty the roles and privileges for my virtual Center for audit purposes. How can I do this? Sorry for not not googling and asking questions here directly.

    Get-PSSnapin -Registered | Add-PSSnapin -ErrorAction SilentlyContinue
Connect-VIServer -Server myVC.fqdn -User myUser -Password myPass

$si = Get-View ServiceInstance
$am = Get-View $si.Content.AuthorizationManager

$am.RoleList | % {
 $_.Name
 $_.Privilege | Sort | % { "`t" + $_ }
} | Out-File c:\dumpRole.txt | Notepad c:\dumpRole.txt

  • CUCM: Roles and permissions for Reset/restart of the phone or apply Config

    Can someone tell me what the authorization must be added to a role to allow a user to this role of restart/reset (or apply config - same thing really) a phone device?

    The popup once you press reset/retart or apply config shows just "user is not authorized to access this page."

    Thank you

    Ben.

    Hi Ben,

    What is your version CUCM? you use any custom for these end-users role which reset/restart?

    If so, please add privileges to read/set up-to-date for the resource ' Voice Mail pilot web pages "to the custom role and check.

    Please check this bug ID: CSCug29903

  • Roles and owner Details

    Hello

    We use an Oracle 8i server.

    We need to extract the roles and names of owner created the roles. Please let us know in which data dictionary table, I'll have these details.

    Note: I already checked DBA_ROLES, ROLE_TAB_PRIVS and ROLE_SYS_PRIVS. I do not have the details.

    Thank you
    Suri

    A role is simply called a collection of privileges, there is no owner. As far as I know, there is no simple way to determine which user created a role.

    If by "we need extract roles and names of owner created the roles ', you hear really want to know which users have specific roles, then something like:

    SELECT grantee, granted_role
FROM dba_role_privs
WHERE granted_role IN ()

    John

  • New user and privileges - curious

    Hello
    I know I'm missing something here. It is quite confusing.

    I have a User1 scheme - which has public synonyms.
    created a new schema USER2 with the roles and the following privileges
    WRITING ARTICLES, READ THE DIRECTORY "SYS. TEMPDATA.
    PRV CREATE PROCEDURE
    PRV CREATE VIEW
    PRV UNLIMITED TABLESPACE
    ROL CONNECT
    PERMISSION OF ROL
    ROL IMP_FULL_DATABASE
    RESOURCE OF ROL

    But when I login as long as User2, I can access, update and delete rows of USER1. It's not what I want. I checked the user_tab_privs_recd and nothing shows here. How is it has User2 of privileges to update/change the tables of USER1? By just having a public synonym, that shouldn't be the case.
    I don't think that "grant all on tablename to the public" was given.
    for example. I have the EMP table to User1
    s
    elect * from dba_tab_privs where table_name = 'EMP '.
    ----------------------------------------------------------------------------------------------------------------------------------------------------
    DEALERSHIP OWNER TABLE_NAME GRANTOR PRIVILEGE HIERARCHY
    ----------------------------------------------------------------------------------------------------------------------------------------------------
    USER1_READONLY USER1 USER1 EMP SELECT NO
    ABC USER1 USER1 EMP SELECT YES NO
    CDE USER1 USER1 EMP SELECT YES NO
    ZZZ_READONLY ZZZ ZZZ EMP SELECT NO


    Any ideas? I'm confused, because since USER1_READONLY is not granted User2, even with a public synonym, USER2 does NOT have read access. But USER2 can day/remove and perform on User1. EMP

    Thank you

    Hello

    But when I login as long as User2, I can access, update and delete rows of USER1.

    The role of permission has the system SELECT ANY TABLEprivilege:

    SQL> select * from dba_sys_privs
  2  where grantee='EXP_FULL_DATABASE';

GRANTEE                        PRIVILEGE                                ADM
------------------------------ ---------------------------------------- ---
EXP_FULL_DATABASE              READ ANY FILE GROUP                      NO
EXP_FULL_DATABASE              RESUMABLE                                NO
EXP_FULL_DATABASE              EXECUTE ANY PROCEDURE                    NO
EXP_FULL_DATABASE              EXECUTE ANY TYPE                         NO
EXP_FULL_DATABASE              SELECT ANY TABLE                         NO
EXP_FULL_DATABASE              ADMINISTER SQL MANAGEMENT OBJECT         NO
EXP_FULL_DATABASE              ADMINISTER RESOURCE MANAGER              NO
EXP_FULL_DATABASE              BACKUP ANY TABLE                         NO
EXP_FULL_DATABASE              CREATE SESSION                           NO
EXP_FULL_DATABASE              SELECT ANY SEQUENCE                      NO
EXP_FULL_DATABASE              CREATE TABLE                             NO

11 ligne(s) sÚlectionnÚe(s).

    It may explain why the USER2 can select rows in the Tables of USER1.

    The IMP_FULL_DATABASE role has DELETE ANY TABLE and update ANY TABLEsystem privileges. So he can explain why User2 can remove and update Tables of USER1 lines.

    Hope this helps.
    Best regards
    Jean Valentine

    Published by: Lubiez John Valentine on April 4, 2011 17:44

  • Re: Script to retrieve vCenter roles and responsibilities

    Hello guys,.

    I need a script to do the following

    The script should generate the following details in a csv format: vCenter roles and responsibilities-> AD groups assigned to this role-> privileges assigned to this role.

    vCenter roles name
    (List of all roles)    		Details on using
    (Inscription on the groups or users
    added to the particular role)    		List each of the role privilege.
    For example: data center-> Global etc...

    Thank you

    VK

    Hello

    Always try to LucD scripts, it is one of the best scripter, check below one of his screenplay

    http://communities.VMware.com/message/1642302

    Thank you

  • Role and authorization in VC for each user

    Hello world
    I want to pull-out user role and permissions for all users exist in the VC findout this privilege they have and that members that they belong and also at what level of Powercli script in csv. Any help on this appreciated.

    Thank you
    vmguy

    You want to say that the XML file attached to your previous answer?

    Yes, I did. And it is empty (except for the XML framework).

    This seems to indicate that the script was not able to retrieve the roles and permissions.

    Led me to believe that the 'Get-View Manager' does not work for one reason or the other.

Maybe you are looking for

  • had to install the new operating system and bookmarks are gone

    Hiya. I had problems with the computer and the fix was to install a new operating system (windows 7 it was old, windows 8 is the new). Most of my old files make the switch, but when I downloaded firefox, my favorites have disappeared. I looked in my

  • Satellite U300 - noise problems

    Just got a U300. Beautiful machine, but it's impossible to use in a silent room: (1) CPU fan turns on and off all the time; It is calibrated to vary with the temperature of the CPU in a really annoying way: nothing in to 51 degrees, then half speed u

  • Trying to solve a problem with the list under display properties screensaver!

    When I try to put my screensaver, gout dwon displays a completely blank entry followed by (None) & the list of available screensavers.  Every time I choose (none), it is up to the last installed screen saver. An example: the last installed screen sav

  • Passport unlocked blackBerry Blackberry version

    I have difficulties to find details about the compatibility of the unlocked version of the passport with international carriers.  The phone would be founded in the United States with ATT but would have to work almost everywhere in Europe and Africa. 

  • dba_hist_snapshot DBA_HIST_SQLTEXT dba_hist_sqlstat gap

    HelloI am trying to get a particular SQL execution statistics. I get the sql_id of DBA_HIST_SQLTEXT but I can not find this sql_id in dba_hist_sqlstat. Now, I understand that not all SQL is captured by dba_hist_sqlstat but this SQL is responsible for