ORA-01031: insufficient privileges

mohsink · May 4, 2021, 2:19pm

Leveraging Oracle’s schema only user (18c+) and heres the LB properties file :

url=jdbc:oracle:thin:least_priv_user/@0.0.0.0:1521/XEPDB1
username: liquibase_admin
password: liquibase_admin123

Pre-Steps ( outside of the liquibase )
grant create session to liquibase_admin;
alter user least_priv_user grant connect through liquibase_admin;

Question : Upon doing an liquibase update

why does this work only if GRANT ALL PRIVILEGES to liquibase_admin;
db change logs tables gets created in both schemas - Not sure why

If a GRANT ALL PRIVILEGES to liquibase_admin privileges is not given :

The below error occurs :

Unexpected error running Liquibase: ORA-01031: insufficient privileges
[Failed SQL: (1031) CREATE TABLE LIQUIBASE_ADMIN.DATABASECHANGELOGLOCK (ID INTEGER NOT NULL, LOCKED NUMBER(1) NOT NULL, LOCKGRANTED TIMESTAMP, LOCKEDBY VARCHAR2(255), CONSTRAINT PK_DATABASECHANGELOGLOCK PRIMARY KEY (ID))]

If the lb_admin is only given create TABLE privileges then the below error occurs when processing changelog :
Reason: liquibase.exception.DatabaseException: ORA-01031: insufficient privileges
…

Topic		Replies	Views
Proxy user and "create any" privileges : oracle General Discussion	6	1081	December 24, 2024
generateChangeLog - required priveges? (Oracle) General Discussion	1	386	January 14, 2022
Liquibase 4.0.0 failing against HANA General Discussion	4	826	July 20, 2020
Getting ORA-00955 for CREATE TABLE LIQUIBASE.DATABASECHANGELOG General Discussion	0	494	April 10, 2023
Permissions Error with MSSQL General Discussion	2	1139	November 23, 2021

ORA-01031: insufficient privileges

Related topics