Oracle DBMS_MACADM
Version 26ai

General Information
Library Note Morgan's Library Page Header
The best Oracle News for FY2026

Oracle Database 26ai is now availble. If you haven't you downloaded already: Why?
Purpose Database Vault Administration Utilities
AUTHID DEFINER
Constants
Name Data Type Value
 Global
REGULAR_REALM BINARY_INTEGER 0
MANDATORY_REALM BINARY_INTEGER 1
ACTOR_TYPE_CREATION_AUDIT PLS_INTEGER 20032
FACTOR_TYPE_DELETION_AUDIT PLS_INTEGER 20033
FACTOR_TYPE_UPDATE_AUDIT PLS_INTEGER 20034
FACTOR_TYPE_RENAME_AUDIT PLS_INTEGER 20035
FACTOR_CREATION_AUDIT PLS_INTEGER 20036
FACTOR_DELETION_AUDIT PLS_INTEGER 20037
FACTOR_UPDATE_AUDIT PLS_INTEGER 20038
FACTOR_RENAME_AUDIT PLS_INTEGER 20039
ADD_FACTOR_LINK_AUDIT PLS_INTEGER 20040
DELETE_FACTOR_LINK_AUDIT PLS_INTEGER 20041
ADD_POLICY_FACTOR_AUDIT PLS_INTEGER 20042
DELETE_POLICY_FACTOR_AUDIT PLS_INTEGER 20043
IDENTITY_CREATION_AUDIT PLS_INTEGER 20044
IDENTITY_DELETION_AUDIT PLS_INTEGER 20045
IDENTITY_UPDATE_AUDIT PLS_INTEGER 20046
CHANGE_IDENTITY_FACTOR_AUDIT PLS_INTEGER 20047
CHANGE_IDENTITY_VALUE_AUDIT PLS_INTEGER 20048
IDENTITY_MAP_CREATION_AUDIT PLS_INTEGER 20049
IDENTITY_MAP_DELETION_AUDIT PLS_INTEGER 20050
POLICY_LABEL_CREATION_AUDIT PLS_INTEGER 20051
POLICY_LABEL_DELETION_AUDIT PLS_INTEGER 20052
MAC_POLICY_CREATION_AUDIT PLS_INTEGER 20053
MAC_POLICY_UPDATE_AUDIT PLS_INTEGER 20054
MAC_POLICY_DELETION_AUDIT PLS_INTEGER 20055
ROLE_CREATION_AUDIT PLS_INTEGER 20056
ROLE_DELETION_AUDIT PLS_INTEGER 20057
ROLE_UPDATE_AUDIT PLS_INTEGER 20058
ROLE_RENAME_AUDIT PLS_INTEGER 20059
DOMAIN_IDENTITY_CREATION_AUDIT PLS_INTEGER 20060
DOMAIN_IDENTITY_DROP_AUDIT PLS_INTEGER 20061
 DV Policy States
G_DISABLED NUMBER 0
G_ENABLED NUMBER 1
G_SIMULATION NUMBER 2
G_PARTIAL NUMBER 3
 DV Object Types
G_REALM NUMBER 1
G_COMMAND_RULE NUMBER 2
 Participant Realm Authorizations
G_REALM_AUTH_PARTICIPANT NUMBER 0
G_REALM_AUTH_OWNER NUMBER 1
Dependencies
DBMS_ASSERT DV_ADMIN_GRANTEES GET_REQUIRED_SCOPE
DBMS_MACUTL DV_DICT_OBJ_NAME IDENTITY$
DBMS_STANDARD DV_OWNER_GRANTEES KZV$ADM_LIBT
DUAL DV_SQL_TEXT KZV$RSRC_LIBT
DV$RULE_SET_RULE DV_SYSEVENT  
Documented Database Vault Administrator's Guide
Exceptions
Error Code Reason
ORA-20081 Command not found
ORA-20100 Command rule already defined
ORA-20102 Error creating Command Rule
ORA-47503 Database Vault is not enabled in CDB$ROOT or application root.
First Available 12.1
Security Model Owned by DVSYS with EXECUTE granted to the DV_ADMIN and DV_POLICY_OWNER roles.

Direct access to some subprograms in this package is prevented by an Accessible By clause.
Source {ORACLE_HOME}/rdbms/admin/catmacp.sql
{ORACLE_HOME}/rdbms/admin/prvtmacp.sql
Subprograms
ADD_APP_EXCEPTION CREATE_MAC_POLICY GET_DB_CHARSET
ADD_AUTH_TO_REALM CREATE_POLICY GET_INSTANCE_INFO
ADD_CMD_RULE_TO_POLICY CREATE_POLICY_LABEL GET_ORA_LANG
ADD_FACTOR_LINK CREATE_REALM GET_SESSION_INFO
ADD_INDEX_FUNCTION CREATE_ROLE IS_ALTER_USER_ALLOW_VARCHAR
ADD_NLS_DATA CREATE_RULE IS_DROP_USER_ALLOW_VARCHAR
ADD_OBJECT_TO_REALM CREATE_RULE_SET RENAME_FACTOR
ADD_OWNER_TO_POLICY CREATE_SESSION_EVENT_CMD_RULE RENAME_FACTOR_TYPE
ADD_POLICY_FACTOR CREATE_SYSTEM_EVENT_CMD_RULE RENAME_POLICY
ADD_REALM_TO_POLICY DELETE_APP_EXCEPTION RENAME_REALM
ADD_RULE_TO_RULE_SET DELETE_AUTH_FROM_REALM RENAME_ROLE
ALLOW_COMMON_OPERATION DELETE_CMD_RULE_FROM_POLICY RENAME_RULE
AUTHORIZE_AUDIT_ADMIN DELETE_COMMAND_RULE RENAME_RULE_SET
AUTHORIZE_AUDIT_VIEWER DELETE_CONNECT_COMMAND_RULE SET_DV_TRACE_LEVEL
AUTHORIZE_DATAPUMP_USER DELETE_FACTOR SET_PRESERVE_CASE
AUTHORIZE_DBCAPTURE DELETE_FACTOR_LINK UNAUTHORIZE_AUDIT_ADMIN
AUTHORIZE_DBREPLAY DELETE_FACTOR_TYPE UNAUTHORIZE_AUDIT_VIEWER
AUTHORIZE_DDL DELETE_IDENTITY UNAUTHORIZE_DATAPUMP_USER
AUTHORIZE_DEBUG_CONNECT DELETE_IDENTITY_MAP UNAUTHORIZE_DBCAPTURE
AUTHORIZE_DIAGNOSTIC_ADMIN DELETE_INDEX_FUNCTION UNAUTHORIZE_DBREPLAY
AUTHORIZE_MAINTENANCE_USER DELETE_MAC_POLICY_CASCADE UNAUTHORIZE_DDL
AUTHORIZE_PREPROCESSOR DELETE_OBJECT_FROM_REALM UNAUTHORIZE_DEBUG_CONNECT
AUTHORIZE_PROXY_USER DELETE_OWNER_FROM_POLICY UNAUTHORIZE_DIAGNOSTIC_ADMIN
AUTHORIZE_RAS_ATTACH_SESSION DELETE_POLICY_FACTOR UNAUTHORIZE_MAINTENANCE_USER
AUTHORIZE_SCHEDULER_USER DELETE_POLICY_LABEL UNAUTHORIZE_PREPROCESSOR
AUTHORIZE_SQL_FIREWALL DELETE_REALM UNAUTHORIZE_PROXY_USER
AUTHORIZE_TTS_USER DELETE_REALM_CASCADE UNAUTHORIZE_RAS_ATTACH_SESSION
AUTH_DATAPUMP_CREATE_USER DELETE_REALM_FROM_POLICY UNAUTHORIZE_SCHEDULER_USER
AUTH_DATAPUMP_GRANT DELETE_ROLE UNAUTHORIZE_SQL_FIREWALL
AUTH_DATAPUMP_GRANT_ROLE DELETE_RULE UNAUTHORIZE_TTS_USER
AUTH_DATAPUMP_GRANT_SYSPRIV DELETE_RULE_FROM_RULE_SET UNAUTH_DATAPUMP_CREATE_USER
CHANGE_IDENTITY_FACTOR DELETE_RULE_SET UNAUTH_DATAPUMP_GRANT
CHANGE_IDENTITY_VALUE DELETE_SESSION_EVENT_CMD_RULE UNAUTH_DATAPUMP_GRANT_ROLE
CHECK_BACKUP_PARM_VARCHAR DELETE_SYSTEM_EVENT_CMD_RULE UNAUTH_DATAPUMP_GRANT_SYSPRIV
CHECK_DB_FILE_PARM_VARCHAR DISABLE_APP_PROTECTION UPDATE_COMMAND_RULE
CHECK_DUMP_DEST_PARM_VARCHAR DISABLE_DV UPDATE_CONNECT_COMMAND_RULE
CHECK_DYNRLS_PARM_VARCHAR DISABLE_DV_DICTIONARY_ACCTS UPDATE_FACTOR
CHECK_O7_PARM_VARCHAR DISABLE_DV_PATCH_ADMIN_AUDIT UPDATE_FACTOR_TYPE
CHECK_OPTIMIZER_PARM_VARCHAR DISABLE_EVENT UPDATE_IDENTITY
CHECK_PLSQL_PARM_VARCHAR DISABLE_ORADEBUG UPDATE_MAC_POLICY
CHECK_SECURITY_PARM_VARCHAR DROP_DOMAIN_IDENTITY UPDATE_POLICY_DESCRIPTION
CHECK_SYS_SEC_PARM_VARCHAR DROP_POLICY UPDATE_POLICY_STATE
CHECK_TRIG_PARM_VARCHAR DV_SANITY_CHECK UPDATE_REALM
CREATE_COMMAND_RULE ENABLE_APP_PROTECTION UPDATE_REALM_AUTH
CREATE_CONNECT_COMMAND_RULE ENABLE_DV UPDATE_ROLE
CREATE_DOMAIN_IDENTITY ENABLE_DV_DICTIONARY_ACCTS UPDATE_RULE
CREATE_FACTOR ENABLE_DV_PATCH_ADMIN_AUDIT UPDATE_RULE_SET
CREATE_FACTOR_TYPE ENABLE_EVENT UPDATE_SESSION_EVENT_CMD_RULE
CREATE_IDENTITY ENABLE_ORADEBUG UPDATE_SYSTEM_EVENT_CMD_RULE
CREATE_IDENTITY_MAP    
 
ADD_APP_EXCEPTION
Add a package to exception list dbms_macadm.add_app_exception(
owner        IN VARCHAR2,
package_name IN VARCHAR2);
exec dvsys.dbms_macadm.add_app_exception('C##UWCLASS','COMMON_UTILS');
     *
ORA-47503: Database Vault is not enabled in CDB$ROOT or application root.
 
ADD_AUTH_TO_REALM
Authorize a user or role to access a Realm as a participant or owner

Overload 1		 dbms_macadm.add_auth_to_realm(
realm_name    IN VARCHAR2,
grantee       IN VARCHAR2,
rule_set_name IN VARCHAR2,
auth_options  IN NUMBER,
auth_scope    IN NUMBER := dvsys.dbms_macutl.g_scope_local);
TBD
Authorize a user or role to access a Realm as a participant

Overload 2		 dbms_macadm.add_auth_to_realm(
realm_name IN VARCHAR2,
grantee    IN VARCHAR2);
exec dbms_macadm.add_auth_to_realm('UWREALM', 'UWCLASS');
Authorize a user or role to access a Realm as an owner or participant (no Rule Set)

Overload 3		 dbms_macadm.add_auth_to_realm(
realm_name   IN VARCHAR2,
grantee      IN VARCHAR2,
auth_options IN NUMBER);
TBD
Authorize a user or role to access a Realm as a participant (optional)

Overload 4		 dbms_macadm.add_auth_to_realm(
realm_name    IN VARCHAR2,
grantee       IN VARCHAR2,
rule_set_name IN VARCHAR2);
TBD
 
ADD_CMD_RULE_TO_POLICY
Add a command rule to a Database Vault policy dbms_macadm.add_cmd_rule_to_policy(
policy_name    IN VARCHAR2,
command        IN VARCHAR2,
object_owner   IN VARCHAR2,
object_name    IN VARCHAR2,
clause_name    IN VARCHAR2 := '%',
parameter_name IN VARCHAR2 := '%',
event_name     IN VARCHAR2 := '%',
component_name IN VARCHAR2 := '%',
action_name    IN VARCHAR2 := '%',
scope          IN NUMBER   := dvsys.dbms_macutl.g_scope_local);
TBD
 
ADD_FACTOR_LINK
Specify a parent-child relationship for two factors. The relationship may be used to compute the Factor's identity or label dbms_macadm.add_factor_link(
parent_factor_name IN VARCHAR2,
child_factor_name  IN VARCHAR2,
label_indicator    IN VARCHAR2);
TBD
 
ADD_INDEX_FUNCTION
Add a function to the index functions list for function based index dbms_macadm.add_index_function(objname IN VARCHAR2);
TBD
 
ADD_NLS_DATA
BUG FIX 10225918 - Procedure to insert DV metadata in supported languages dbms_macadm.add_nls_data(ang IN VARCHAR2);
exec dvsys.dbms_macadm.add_nls_data('TRADITIONAL CHINESE');

PL/SQL procedure successfully completed.
 
ADD_OBJECT_TO_REALM
Register a set of objects for Realm protection dbms_macadm.add_object_to_realm(
realm_name   IN VARCHAR2,
object_owner IN VARCHAR2,
object_name  IN VARCHAR2,
object_type  IN VARCHAR2);
TBD
 
ADD_OWNER_TO_POLICY
Add an owner to Database Vault policy dbms_macadm.add_owner_to_policy(
policy_name IN VARCHAR2,
owner_name  IN VARCHAR2);
TBD
 
ADD_POLICY_FACTOR
Specifies that the label for a Factor contributes to the MAC OLS Label for a policy dbms_macadm.add_policy_factor(
policy_name IN VARCHAR2,
factor_name IN VARCHAR2);
TBD
 
ADD_REALM_TO_POLICY
Add a realm to a Database Vault policy dbms_macadm.add_realm_to_policy(
policy_name IN VARCHAR2,
realm_name  IN VARCHAR2);
TBD
 
ADD_RULE_TO_RULE_SET
Add a Rule to a Rule Set

Overload 1		 dbms_macadm.add_rule_to_rule_set(
rule_set_name IN VARCHAR2,
rule_name     IN VARCHAR2,
rule_order    IN NUMBER,
enabled       IN VARCHAR2);
TBD
Add an enabled Rule to a Rule Set

Overload 2		 dbms_macadm.add_rule_to_rule_set(
rule_set_name IN VARCHAR2,
rule_name     IN VARCHAR2,
rule_order    IN NUMBER);
TBD
Add an enabled Rule to the end of Rule Set (i.e. evaluated last)

Overload 3		 dbms_macadm.add_rule_to_rule_set(
rule_set_name IN VARCHAR2,
rule_name     IN VARCHAR2);
TBD
 
ALLOW_COMMON_OPERATION
set allow common operation status to TRUE or FALSE for the whole CDB dbms_macadm.allow_common_operation(status IN BOOLEAN DEFAULT TRUE);
exec dvsys.dbms_macadm.allow_common_operation(TRUE);

PL/SQL procedure successfully completed.
 
AUTHORIZE_AUDIT_ADMIN (new 23ai)
Undocumented dbms_macadm.authorize_audit_admin(uname IN VARCHAR2);
TBD
 
AUTHORIZE_AUDIT_VIEWER (new 23ai)
Undocumented dbms_macadm.authorize_audit_viewer(uname IN VARCHAR2);
TBD
 
AUTHORIZE_DATAPUMP_USER
Undocumented dbms_macadm.authorize_datapump_user(
uname   IN VARCHAR2,
sname   IN VARCHAR2 DEFAULT NULL,
objname IN VARCHAR2 DEFAULT NULL,
action  IN VARCHAR2 DEFAULT NULL);
TBD
 
AUTHORIZE_DBCAPTURE
Authorize a user as Database Replay admin to run capture dbms_macadm.authorize_dbcapture(uname IN VARCHAR2);
TBD
 
AUTHORIZE_DBREPLAY
Authorize a user as Database Replay admin to run replay dbms_macadm.authorize_dbreplay(uname IN VARCHAR2);
TBD
 
AUTHORIZE_DDL
Authorize a user to execute DDLs on another user's schema dbms_macadm.authorize_ddl(
uname IN VARCHAR2,
sname IN VARCHAR2 DEFAULT NULL);
TBD
 
AUTHORIZE_DEBUG_CONNECT
Authorize a user to connect to  another user's session to a PL/SQL debugger dbms_macadm.authorize_debug_connect(
uname IN VARCHAR2,
sname IN VARCHAR2 DEFAULT NULL);
TBD
 
AUTHORIZE_DIAGNOSTIC_ADMIN
Authorize a user to access a list of diagnostic fixed tables/views dbms_macadm.authorize_diagnostic_admin(uname IN VARCHAR2);
TBD
 
AUTHORIZE_MAINTENANCE_USER
Authorize a user to execute maintenance related DDL dbms_macadm.authorize_maintenance_user(
uname   IN VARCHAR2,
sname   IN VARCHAR2 DEFAULT NULL,
objname IN VARCHAR2 DEFAULT NULL,
objtype IN VARCHAR2 DEFAULT '%',
action  IN VARCHAR2 DEFAULT NULL);
TBD
 
AUTHORIZE_PREPROCESSOR
Authorize a user to execute PREPROCESSOR directive in external tables dbms_macadm.authorize_preprocessor(uname IN VARCHAR2);
TBD
 
AUTHORIZE_PROXY_USER
Authorize a user to proxy as another user dbms_macadm.authorize_proxy_user(
uname IN VARCHAR2,
sname IN VARCHAR2 DEFAULT NULL);
-- found in $ORACLE_HOME/rdbms/admin/catmacpost.sql
BEGIN
  dbms_macadm.authorize_scheduler_user('SYS', 'EXFSYS');
  EXCEPTION
    WHEN OTHERS THEN
      -- ignore the error if EXFSYS is not created
      IF SQLCODE IN (-47324, -47951) THEN
        NULL;
  ELSE
    RAISE;
  END IF;
END;
/
 
AUTHORIZE_RAS_ATTACH_SESSION (new 23ai)
Undocumented dbms_macadm.authorize_ras_attach_session(
grantee  IN VARCHAR2,
ras_user IN VARCHAR2);
TBD
 
AUTHORIZE_SCHEDULER_USER
Authorize a user to run jobs in the schema of other users dbms_macadm.authorize_scheduler_user(
uname IN VARCHAR2,
sname IN VARCHAR2 DEFAULT NULL);
TBD
 
AUTHORIZE_SQL_FIREWALL (new 23ai)
Undocumented dbms_macadm.authorize_sql_firewall(
uname            IN VARCHAR2,
manage_dv_admins IN VARCHAR2);
TBD
 
AUTHORIZE_TTS_USER
Undocumented dbms_macadm.authorize_tts_user(
uname  IN VARCHAR2,
tsname IN VARCHAR2);
TBD
 
AUTH_DATAPUMP_CREATE_USER
Undocumented dbms_macadm.auth_datapump_create_user(uname IN VARCHAR2);
TBD
 
AUTH_DATAPUMP_GRANT
Undocumented dbms_macadm.auth_datapump_grant(uname IN VARCHAR2);
TBD
 
AUTH_DATAPUMP_GRANT_ROLE
Undocumented dbms_macadm.auth_datapump_grant_role(
uname IN VARCHAR2,
role  IN VARCHAR2 DEFAULT '%');
TBD
 
AUTH_DATAPUMP_GRANT_SYSPRIV
Undocumented dbms_macadm.auth_datapump_grant_syspriv(uname IN VARCHAR2);
TBD
 
CHANGE_IDENTITY_FACTOR
Associate an identity with a different Factor dbms_macadm.change_identity_factor(
factor_name     IN VARCHAR2,
value           IN VARCHAR2,
new_factor_name IN VARCHAR2);
TBD
 
CHANGE_IDENTITY_VALUE
Alters the value of an Identity dbms_macadm.change_identity_value(
factor_name IN VARCHAR2,
value       IN VARCHAR2,
new_value   IN VARCHAR2);
TBD
 
CHECK_BACKUP_PARM_VARCHAR
Undocumented dbms_macadm.check_backup_parm_varchar(
TBD
 
CHECK_DB_FILE_PARM_VARCHAR
Check if the ALTER SYSTEM CONTROL_FILES parameter is allowed dbms_macadm.check_db_file_parm_varchar RETURN VARCHAR2;
SELECT dvsys.dbms_macadm.check_db_file_parm_varchar;

CHECK_DB_FILE_PARM_VARCHAR
---------------------------
Y
 
CHECK_DUMP_DEST_PARM_VARCHAR
Determine if the ALTER SYSTEM RECYCLEBIN backup restore parameter is allowed dbms_macadm.check_dump_dest_parm_varchar RETURN VARCHAR2;
SELECT dvsys.dbms_macadm.check_dump_dest_parm_varchar;

CHECK_DUMP_DEST_PARM_VARCHAR
-----------------------------
Y
 
CHECK_DYNRLS_PARM_VARCHAR
Determine if 3 ALTER SYSTEM _dynamic_rls_policies parameters are allowed dbms_macadm.check_dynrls_parm_varchar RETURN VARCHAR2;
SELECT dvsys.dbms_macadm.check_dynrls_parm_varchar;

CHECK_DYNRLS_PARM_VARCHAR
--------------------------
Y
 
CHECK_O7_PARM_VARCHAR
Determine if the ALTER SYSTEM O7_DICTIONARY _ACCESSIBILITY parameter is allowed dbms_macadm.check_o7_parm_varchar RETURN VARCHAR2;
SELECT dvsys.dbms_macadm.check_o7_parm_varchar;

CHECK_O7_PARM_VARCHAR
----------------------
Y
 
CHECK_OPTIMIZER_PARM_VARCHAR
Check if the ALTER SYSTEM  OPTIMIZER_SECURE_VIEW _MERGING parameter is allowed dbms_macadm.check_optimizer_parm_varchar RETURN VARCHAR2;
SELECT dvsys.dbms_macadm.check_optimizer_parm_varchar;

CHECK_OPTIMIZER_PARM_VARCHAR
-----------------------------
Y
 
CHECK_PLSQL_PARM_VARCHAR
Check if the ALTER SYSTEM PLSQL_DEBUG and UTL_FILE_DIR parameters are allowed dbms_macadm.check_plsql_parm_varchar RETURN VARCHAR2;
SELECT dvsys.dbms_macadm.check_plsql_parm_varchar;

CHECK_PLSQL_PARM_VARCHAR
-------------------------
Y
 
CHECK_SECURITY_PARM_VARCHAR
Check if X ALTER SYSTEM parameters are allowed dbms_macadm.check_security_parm_varchar RETURN VARCHAR2;
SELECT dvsys.dbms_macadm.check_security_parm_varchar;

CHECK_SECURITY_PARM_VARCHAR
----------------------------
Y
 
CHECK_SYS_SEC_PARM_VARCHAR
Determine if 6 ALTER SYSTEM security system parameters are allowed dbms_macadm.check_sys_sec_parm_varchar RETURN VARCHAR2;
SELECT dvsys.dbms_macadm.check_sys_sec_parm_varchar;

CHECK_SYS_SEC_PARM_VARCHAR
---------------------------
Y
 
CHECK_TRIG_PARM_VARCHAR
Check state of alter system set system_trig_enabled dbms_macadm.check_trig_parm_varchar RETURN VARCHAR2;
SELECT dvsys.dbms_macadm.check_trig_parm_varchar;

CHECK_TRIG_PARM_VARCHAR
------------------------
Y
 
CREATE_COMMAND_RULE
Protect a database command by associating it with a Rule Set

The command can only be executed if the Rule Set evaluates to TRUE		 dbms_macadm.create_command_rule(
command         IN VARCHAR2,
rule_set_name   IN VARCHAR2,
object_owner    IN VARCHAR2,
object_name     IN VARCHAR2,
enabled         IN VARCHAR2,
privilege_scope IN NUMBER   DEFAULT NULL,
clause_name     IN VARCHAR2 := '%',
parameter_name  IN VARCHAR2 := '%',
event_name      IN VARCHAR2 := '%',
component_name  IN VARCHAR2 := '%',
action_name     IN VARCHAR2 := '%',
scope           IN NUMBER   := dvsys.dbms_macutl.g_scope_local,
pl_sql_stack    IN BOOLEAN  DEFAULT FALSE);
TBD
 
CREATE_CONNECT_COMMAND_RULE
Create a CONNECT Command Rule declaration dbms_macadm.create_connect_command_rule(
user_name     IN VARCHAR2,
rule_set_name IN VARCHAR2,
enabled       IN VARCHAR2,
scope         IN NUMBER := dvsys.dbms_macutl.g_scope_local);
TBD
 
CREATE_DOMAIN_IDENTITY
Add a RAC database node to a domain dbms_macadm.create_domain_identity(
domain_name  IN VARCHAR2,
domain_host  IN VARCHAR2,
policy_name  IN VARCHAR2 DEFAULT NULL,
domain_label IN VARCHAR2 DEFAULT NULL);
TBD
 
CREATE_FACTOR
Create a new Factor dbms_macadm.create_factor(
factor_name         IN VARCHAR2,
factor_type_name    IN VARCHAR2,
description         IN VARCHAR2,
rule_set_name       IN VARCHAR2,
get_expr            IN VARCHAR2,
validate_expr       IN VARCHAR2,
identify_by         IN NUMBER,
labeled_by          IN NUMBER,
eval_options        IN NUMBER,
audit_options       IN NUMBER,
fail_options        IN NUMBER,
namespace           IN VARCHAR2 DEFAULT NULL,
namespace_attribute IN VARCHAR2 DEFAULT NULL);
TBD
 
CREATE_FACTOR_TYPE
Creates a Factor Type dbms_macadm.create_factor_type(
name        IN VARCHAR2,
description IN VARCHAR2);
TBD
 
CREATE_IDENTITY
Creates an Identity dbms_macadm.create_identity(
factor_name IN VARCHAR2,
value       IN VARCHAR2,
trust_level IN NUMBER);
TBD
 
CREATE_IDENTITY_MAP
Define a set of tests that are used to derive the identity of a Factor from the value of linked child factors (sub-factors) dbms_macadm.create_identity_map(
identity_factor_name  IN VARCHAR2,
identity_factor_value IN VARCHAR2,
parent_factor_name    IN VARCHAR2,
child_factor_name     IN VARCHAR2,
operation             IN VARCHAR2,
operand1              IN VARCHAR2,
operand2              IN VARCHAR2);
TBD
 
CREATE_MAC_POLICY
Specify the algorithm that is used to merge labels when computing the label for a Factor, or the MAC OLS Session label dbms_macadm.create_mac_policy(
policy_name IN VARCHAR2,
algorithm   IN VARCHAR2,
error_label IN VARCHAR2 DEFAULT NULL);
TBD
 
CREATE_POLICY
Create a Database Vault policy dbms_macadm.create_policy(
policy_name  IN VARCHAR2,
description  IN VARCHAR2,
policy_state IN NUMBER,
pl_sql_stack IN BOOLEAN DEFAULT FALSE);
TBD
 
CREATE_POLICY_LABEL
Label an Identity within a MAC OLS Policy dbms_macadm.create_policy_label(
identity_factor_name  IN VARCHAR2,
identity_factor_value IN VARCHAR2,
policy_name           IN VARCHAR2,
label                 IN VARCHAR2);
TBD
 
CREATE_REALM
Create a Realm dbms_macadm.create_realm(
realm_name    IN VARCHAR2,
description   IN VARCHAR2,
enabled       IN VARCHAR2,
audit_options IN NUMBER,
realm_type    IN NUMBER  DEFAULT NULL,
realm_scope   IN NUMBER  := dvsys.dbms_macutl.g_scope_local,
pl_sql_stack  IN BOOLEAN DFAULT FALSE);
TBD
 
CREATE_ROLE
Create a DV Secure Application Role with role access protected by a Rule Set dbms_macadm.create_role(
role_name     IN VARCHAR2,
enabled       IN VARCHAR2,
rule_set_name IN VARCHAR2);
TBD
 
CREATE_RULE
Create a Rule dbms_macadm.create_rule(
rule_name IN VARCHAR2,
rule_expr IN VARCHAR2,
scope     IN NUMBER := dvsys.dbms_macutl.g_scope_local);
TBD
 
CREATE_RULE_SET
Create a Rule Set dbms_macadm.create_rule_set(
rule_set_name   IN VARCHAR2,
description     IN VARCHAR2,
enabled         IN VARCHAR2,
eval_options    IN NUMBER,
audit_options   IN NUMBER,
fail_options    IN NUMBER,
fail_message    IN VARCHAR2,
fail_code       IN NUMBER,
handler_options IN NUMBER,
handler         IN VARCHAR2,
is_static       IN BOOLEAN DEFAULT FALSE,
scope           IN NUMBER  := dvsys.dbms_macutl.g_scope_local);
TBD
 
CREATE_SESSION_EVENT_CMD_RULE
Create a session event command rule declaration dbms_macadm.create_session_event_cmd_rule(
rule_set_name  IN VARCHAR2,
enabled        IN VARCHAR2,
event_name     IN VARCHAR2 := '%',
component_name IN VARCHAR2 := '%',
action_name    IN VARCHAR2 := '%',
scope          IN NUMBER   := dvsys.dbms_macutl.g_scope_local,
pl_sql_stack   IN BOOLEAN  DEFAULT FALSE);
TBD
 
CREATE_SYSTEM_EVENT_CMD_RULE
Create a system event command rule declaration dbms_macadm.create_system_event_cmd_rule(
rule_set_name  IN VARCHAR2,
enabled        IN VARCHAR2,
event_name     IN VARCHAR2 := '%',
component_name IN VARCHAR2 := '%',
action_name    IN VARCHAR2 := '%',
scope          IN NUMBER   := dvsys.dbms_macutl.g_scope_local,
pl_sql_stack   IN BOOLEAN  DEFAULT FALSE);
TBD
 
DELETE_APP_EXCEPTION
Remove a package to exception list dbms_macadm.delete_app_exception(
owner        IN VARCHAR2,
package_name IN VARCHAR2);
exec dvsys.dbms_macadm.delete_app_exception('C##UWCLASS','COMMON_UTILS');
     *
ORA-47503: Database Vault is not enabled in CDB$ROOT or application root.
 
DELETE_AUTH_FROM_REALM
Remove the authorization of a user or role to access a Realm dbms_macadm.delete_auth_from_realm(
realm_name IN VARCHAR2,
grantee    IN VARCHAR2,
auth_scope IN NUMBER := dvsys.dbms_macutl.g_scope_local);
TBD
 
DELETE_CMD_RULE_FROM_POLICY
Delete a command rule from a Database Vault policy dbms_macadm.delete_cmd_rule_from_policy(
policy_name    IN VARCHAR2,
command        IN VARCHAR2,
object_owner   IN VARCHAR2,
object_name    IN VARCHAR2,
clause_name    IN VARCHAR2 := '%',
parameter_name IN VARCHAR2 := '%',
event_name     IN VARCHAR2 := '%',
component_name IN VARCHAR2 := '%',
action_name    IN VARCHAR2 := '%',
scope          IN NUMBER   := dvsys.dbms_macutl.g_scope_local);
TBD
 
DELETE_COMMAND_RULE
Drop a Command Rule declaration dbms_macadm.delete_command_rule(
command        IN VARCHAR2,
object_owner   IN VARCHAR2,
object_name    IN VARCHAR2,
clause_name    IN VARCHAR2 := '%',
parameter_name IN VARCHAR2 := '%',
event_name     IN VARCHAR2 := '%',
component_name IN VARCHAR2 := '%',
action_name    IN VARCHAR2 := '%',
scope          IN NUMBER   := dvsys.dbms_macutl.g_scope_local);
TBD
 
DELETE_CONNECT_COMMAND_RULE
Delete a CONNECT Command Rule declaration dbms_macadm.delete_connect_command_rule(
user_name IN VARCHAR2,
scope     IN NUMBER := dvsys.dbms_macutl.g_scope_local);
TBD
 
DELETE_FACTOR
Deletes a Factor dbms_macadm.delete_factor(factor_name IN VARCHAR2);
TBD
 
DELETE_FACTOR_LINK
Remove a parent-child relationship between two factors dbms_macadm.delete_factor_link(
parent_factor_name IN VARCHAR2,
child_factor_name  IN VARCHAR2);
TBD
 
DELETE_FACTOR_TYPE
Deletes a Factor Type dbms_macadm.delete_factor_type(name IN VARCHAR2);
TBD
 
DELETE_IDENTITY
Drops an Identity dbms_macadm.delete_identity(
factor_name IN VARCHAR2,
value       IN VARCHAR2);
TBD
 
DELETE_IDENTITY_MAP
Drops the Identity Map for a Factor dbms_macadm.delete_identity_map(
identity_factor_name  IN VARCHAR2,
identity_factor_value IN VARCHAR2,
parent_factor_name    IN VARCHAR2,
child_factor_name     IN VARCHAR2,
operation             IN VARCHAR2,
operand1              IN VARCHAR2,
operand2              IN VARCHAR2);
TBD
 
DELETE_INDEX_FUNCTION
Delete a function from the index functions list for function based index dbms_macadm.delete_index_function(objname IN VARCHAR2);
TBD
 
DELETE_MAC_POLICY_CASCADE
Deletes all DV objects related to an OLS policy dbms_macadm.delete_mac_policy_cascade(policy_name IN VARCHAR2);
TBD
 
DELETE_OBJECT_FROM_REALM
Remove a set of objects from Realm protection dbms_macadm.delete_object_from_realm(
realm_name   IN VARCHAR2,
object_owner IN VARCHAR2,
object_name  IN VARCHAR2,
object_type  IN VARCHAR2);
TBD
 
DELETE_OWNER_FROM_POLICY
Delete an owner from a Database Vault policy dbms_macadm.delete_owner_from_policy(
policy_name IN VARCHAR2,
owner_name  IN VARCHAR2);
TBD
 
DELETE_POLICY_FACTOR
Removes the Factor from contributing to the MAC OLS Label dbms_macadm.delete_policy_factor(
policy_name IN VARCHAR2,
factor_name IN VARCHAR2);
TBD
 
DELETE_POLICY_LABEL
Drop the Label from an Identity within a MAC OLS Policy dbms_macadm.delete_policy_label(
identity_factor_name  IN VARCHAR2,
identity_factor_value IN VARCHAR2,
policy_name           IN VARCHAR2,
label                 IN VARCHAR2);
TBD
 
DELETE_REALM
Drop a Realm dbms_macadm.delete_realm(realm_name IN VARCHAR2);
TBD
 
DELETE_REALM_CASCADE
Deletes Realm including the related Realm objects (realm_object$), and authorizations (realm_auth$) dbms_macadm.delete_realm_cascade(realm_name IN VARCHAR2);
TBD
 
DELETE_REALM_FROM_POLICY
Delete a realm from a Database Vault policy dbms_macadm.delete_realm_from_policy(
policy_name IN VARCHAR2,
realm_name  IN VARCHAR2);
TBD
 
DELETE_ROLE
Drop a DV Secure Application Role dbms_macadm.delete_role(role_name IN VARCHAR2);
TBD
 
DELETE_RULE
Delete a Rule dbms_macadm.delete_rule(rule_name IN VARCHAR2);
TBD
 
DELETE_RULE_FROM_RULE_SET
Delete a Rule from a Rule Set dbms_macadm.delete_rule_from_rule_set(
rule_set_name IN VARCHAR2,
rule_name     IN VARCHAR2);
TBD
 
DELETE_RULE_SET
Delete a Rule Set dbms_macadm.delete_rule_set(rule_set_name IN VARCHAR2);
TBD
 
DELETE_SESSION_EVENT_CMD_RULE
Delete a session event command rule declaration dbms_macadm.delete_session_event_cmd_rule(
event_name     IN VARCHAR2 := '%',
component_name IN VARCHAR2 := '%',
action_name    IN VARCHAR2 := '%',
scope          IN NUMBER   := dvsys.dbms_macutl.g_scope_local);
TBD
 
DELETE_SYSTEM_EVENT_CMD_RULE
Delete a system event command rule declaration dbms_macadm.delete_system_event_cmd_rule(
event_name     IN VARCHAR2 := '%',
component_name IN VARCHAR2 := '%',
action_name    IN VARCHAR2 := '%',
scope          IN NUMBER   := dvsys.dbms_macutl.g_scope_local);
TBD
 
DISABLE_APP_PROTECTION
Disable application protection for whole CDB or one of the PDBs dbms_macadm.disable_app_protection(pdb_name IN VARCHAR2 DEFAULT NULL);
TBD
 
DISABLE_DV
Disable  DV enforcement dbms_macadm.disable_dv;
TBD
 
DISABLE_DV_DICTIONARY_ACCTS
Disable user login to DVSYS and DVF accounts dbms_macadm.disable_dv_dictionary_accts;
TBD
 
DISABLE_DV_PATCH_ADMIN_AUDIT
Disables auditing on dv_patch_admin bypass of DV protection dbms_macadm.disable_dv_patch_admin_audit;
TBD
 
DISABLE_EVENT
Disable Event dbms_macadm.disable_event(event IN NUMBER);
TBD
 
DISABLE_ORADEBUG
Disable ORADEBUG in a DV environment dbms_macadm.disable_oradebug;
TBD
 
DROP_DOMAIN_IDENTITY
Remove a RAC database node from a domain dbms_macadm.drop_domain_identity(
domain_name IN VARCHAR2,
domain_host IN VARCHAR2);
TBD
 
DROP_POLICY
Drop Database Vault policy dbms_macadm.drop_policy(policy_name IN VARCHAR2);
TBD
 
DV_SANITY_CHECK
Sanity check before configure DV dbms_macadm.dv_sanity_check;
exec dvsys.dbms_macadm.dv_sanity_check;

PL/SQL procedure successfully completed.
 
ENABLE_APP_PROTECTION
Enable application protection for whole CDB or one of the PDBs dbms_macadm.enable_app_protection(pdb_name IN VARCHAR2 DEFAULT NULL);
TBD
 
ENABLE_DV
Enabl DV enforcement dbms_macadm.enable_dv(strict_mode IN VARCHAR2 DEFAULT 'N');
TBD
 
ENABLE_DV_DICTIONARY_ACCTS
Enable user login to DVSYS and DVF accounts dbms_macadm.enable_dv_dictionary_accts;
TBD
 
ENABLE_DV_PATCH_ADMIN_AUDIT
Enables auditing on activities performed by user with the DV_PATCH_ADMIN role dbms_macadm.enable_dv_patch_admin_audit;
TBD
 
ENABLE_EVENT
Enable Event dbms_macadm.enable_event(event IN NUMBER);
TBD
 
ENABLE_ORADEBUG
Enable ORADEBUG in a DV environment dbms_macadm.enable_oradebug;
conn dvsys
Enter password:
Connected.

exec dvsys.dbms_macadm.enable_oradebug;
 
GET_DB_CHARSET
Returns the character set for the database dbms_macadm.get_db_charset RETURN VARCHAR2;
SELECT dvsys.dbms_macadm.get_db_charset;

GET_DB_CHARSET
---------------
AL32UTF8
 
GET_INSTANCE_INFO
Returns information from the sys.v_$instance view dbms_macadm.get_instance_info(p_parameter IN VARCHAR2) RETURN VARCHAR2;
SELECT dvsys.dbms_macadm.get_instance_info('HOST_NAME');
 
GET_ORA_LANG
Returns the 2 or 3 character Oracle language for the current administration session dbms_macadm.get_ora_lang RETURN VARCHAR2;
SELECT dvsys.dbms_macadm.get_ora_lang;

GET_ORA_LANG
-------------
us
 
GET_SESSION_INFO
Returns information from the sys.v_$session view for the current session dbms_macadm.get_session_info(p_parameter IN VARCHAR2) RETURN VARCHAR2;
SELECT dvsys.dbms_macadm.get_session_info('MACHINE');

DVSYS.DBMS_MACADM.GET_SESSION_INFO('MACHINE')
----------------------------------------------
PERRITO5

SELECT dvsys.dbms_macadm.get_session_info('PROGRAM');

DVSYS.DBMS_MACADM.GET_SESSION_INFO('PROGRAM')
----------------------------------------------
sqlplus.exe
 
IS_ALTER_USER_ALLOW_VARCHAR
Check to see if ALTER DVSYS is allowed by the specified user dbms_macadm.is_alter_user_allow_varchar(login_user VARCHAR2) RETURN VARCHAR2;
SELECT dvsys.dbms_macadm.is_alter_user_allow_varchar('MDSYS');

DVSYS.DBMS_MACADM.IS_ALTER_USER_ALLOW_VARCHAR('MDSYS')
-------------------------------------------------------
N
 
IS_DROP_USER_ALLOW_VARCHAR
Undocumented dbms_macadm.is_drop_user_allow_varchar(login_user VARCHAR2) RETURN VARCHAR2;
SELECT dvsys.dbms_macadm.is_drop_user_allow_varchar('MDSYS');

DVSYS.DBMS_MACADM.IS_DROP_USER_ALLOW_VARCHAR('MDSYS')
------------------------------------------------------
Y
 
RENAME_FACTOR
Renames a Factor dbms_macadm.rename_factor(
factor_name     IN VARCHAR2,
new_factor_name IN VARCHAR2);
TBD
 
RENAME_FACTOR_TYPE
Renames a Factor Type dbms_macadm.rename_factor_type(
old_name IN VARCHAR2,
new_name IN VARCHAR2);
TBD
 
RENAME_POLICY
Rename exiting Database Vault policy dbms_macadm.rename_policy(
policy_name     IN VARCHAR2,
new_policy_name IN VARCHAR2);
TBD
 
RENAME_REALM
Rename a Realm dbms_macadm.rename_realm(
realm_name IN VARCHAR2,
new_name   IN VARCHAR2);
TBD
 
RENAME_ROLE
Rename a DV Secure Application Role dbms_macadm.rename_role(
role_name     IN VARCHAR2,
new_role_name IN VARCHAR2);
TBD
 
RENAME_RULE
Rename a Rule dbms_macadm.rename_rule(
rule_name IN VARCHAR2,
new_name  IN VARCHAR2);
TBD
 
RENAME_RULE_SET
Rename a Rule Set dbms_macadm.rename_rule_set(
rule_set_name IN VARCHAR2,
new_name      IN VARCHAR2);
TBD
 
SET_DV_TRACE_LEVEL (new 23ai)
Sets the Database Vault trace level dbms_macadm.set_dv_trace_level(trace_level IN NUMBER);
TBD
 
SET_PRESERVE_CASE
Allows mixed case identifiers that are, by default, not allowed dbms_macadm.set_preserve_case(setting IN BOOLEAN);
exec dvsys.dbms_macadm.set_preserve_case(TRUE);

PL/SQL procedure successfully completed.
 
UNAUTHORIZE_AUDIT_ADMIN (new 23ai)
Undocumented dbms_macadm.unauthorize_audit_admin(uname IN VARCHAR2);
TBD
 
UNAUTHORIZE_AUDIT_VIEWER (new 23ai)
Undocumented dbms_macadm.unauthorize_audit_viewer(uname IN VARCHAR2);
TBD
 
UNAUTHORIZE_DATAPUMP_USER
Undocumented dbms_macadm.unauthorize_datapump_user(
uname   IN VARCHAR2,
sname   IN VARCHAR2 DEFAULT NULL,
objname IN VARCHAR2 DEFAULT NULL,
action  IN VARCHAR2 DEFAULT NULL);
TBD
 
UNAUTHORIZE_DBCAPTURE
Revoke authorization for a user as Database Replay admin to run capture dbms_macadm.unauthorize_dbcapture(uname IN VARCHAR2);
TBD
 
UNAUTHORIZE_DBREPLAY
Revoke authorization for a user as Database Replay admin to run replay dbms_macadm.unauthorize_dbreplay(uname IN VARCHAR2);
TBD
 
UNAUTHORIZE_DDL
Revoke authorize to execute DDLs on another user's schema dbms_macadm.unauthorize_ddl(
uname IN VARCHAR2,
sname IN VARCHAR2 DEFAULT NULL);
TBD
 
UNAUTHORIZE_DEBUG_CONNECT
Revoke authorization froma user to connect to  another user's session to a PL/SQL debugger dbms_macadm.unauthorize_debug_connect(
uname IN VARCHAR2,
sname IN VARCHAR2 DEFAULT NULL);
TBD
 
UNAUTHORIZE_DIAGNOSTIC_ADMIN
Revoke authorization to a user to access a list of diagnostic fixed tables/views dbms_macadm.unauthorize_diagnostic_admin(uname IN VARCHAR2);
TBD
 
UNAUTHORIZE_MAINTENANCE_USER
Revoke authorize for a user to execute maintenance related DDL dbms_macadm.unauthorize_maintenance_user(
uname   IN VARCHAR2,
sname   IN VARCHAR2 DEFAULT NULL,
objname IN VARCHAR2 DEFAULT NULL,
objtype IN VARCHAR2 DEFAULT '%',
action  IN VARCHAR2 DEFAULT NULL);
TBD
 
UNAUTHORIZE_PREPROCESSOR
Revoke authorization to execute PREPROCESSOR directives in external tables dbms_macadm.unauthorize_preprocessor(uname IN VARCHAR2);
TBD
 
UNAUTHORIZE_PROXY_USER
Remove authorization to proxy as another user dbms_macadm.unauthorize_proxy_user(
uname IN VARCHAR2,
sname IN VARCHAR2 DEFAULT NULL);
TBD
 
UNAUTHORIZE_RAS_ATTACH_SESSION (new 23ai)
Undocumented dbms_macadm.unauthorize_ras_attach_session(
grantee  IN VARCHAR2,
ras_user IN VARCHAR2);
TBD
 
UNAUTHORIZE_SCHEDULER_USER
Remove authorization for a user to run jobs in the schema of other than their own dbms_macadm.unauthorize_scheduler_user(
uname IN VARCHAR2,
sname IN VARCHAR2 DEFAULT NULL);
TBD
 
UNAUTHORIZE_SQL_FIREWALL (new 23ai)
Undocumented dbms_macadm.unauthorize_sql_firewall(
uname            IN VARCHAR2,
manage_dv_admins IN VARCHAR2);
TBD
 
UNAUTHORIZE_TTS_USER
Undocumented dbms_macadm.unauthorize_tts_user(
uname  IN VARCHAR2,
tsname IN VARCHAR2);
TBD
 
UNAUTH_DATAPUMP_CREATE_USER
Undocumented dbms_macadm.unauth_datapump_create_user(uname IN VARCHAR2);
TBD
 
UNAUTH_DATAPUMP_GRANT
Undocumented dbms_macadm.unauth_datapump_grant(uname IN VARCHAR2);
TBD
 
UNAUTH_DATAPUMP_GRANT_ROLE
Undocumented dbms_macadm.unauth_datapump_grant_role(
uname IN VARCHAR2,
role  IN VARCHAR2 DEFAULT '%');
TBD
 
UNAUTH_DATAPUMP_GRANT_SYSPRIV
Undocumented dbms_macadm.unauth_datapump_grant_syspriv(uname IN VARCHAR2);
TBD
 
UPDATE_COMMAND_RULE
Alter a Command Rule declaration dbms_macadm.update_command_rule(
command         IN VARCHAR2,
rule_set_name   IN VARCHAR2,
object_owner    IN VARCHAR2,
object_name     IN VARCHAR2,
enabled         IN VARCHAR2,
privilege_scope IN NUMBER   DEFAULT NULL,
clause_name     IN VARCHAR2 := '%',
parameter_name  IN VARCHAR2 := '%',
event_name      IN VARCHAR2 := '%',
component_name  IN VARCHAR2 := '%',
action_name     IN VARCHAR2 := '%',
scope           IN NUMBER   := dvsys.dbms_macutl.g_scope_local,
pl_sql_stack    IN BOOLEAN  DEFAULT NULL);
-- found in $ORACLE_HOME/rdbms/admin/catmacpost.sql
BEGIN
  FOR command_rule_rec IN (SELECT * FROM dvsys.dba_dv_command_rule) LOOP
    dbms_macadm.update_command_rule(
      command       => command_rule_rec.command,
      rule_set_name => command_rule_rec.rule_set_name,
      object_owner  => command_rule_rec.object_owner,
      object_name   => command_rule_rec.object_name,
      enabled       => dbms_macutl.g_yes);
  END LOOP;
  COMMIT;
END;
/
 
UPDATE_CONNECT_COMMAND_RULE
Update a CONNECT Command Rule declaration dbms_macadm.update_connect_command_rule(
user_name IN VARCHAR2,
rule_set_name IN VARCHAR2,
enabled IN VARCHAR2,
scope IN NUMBER := dvsys.dbms_macutl.g_scope_local);
TBD
 
UPDATE_FACTOR
Updates a Factor dbms_macadm.update_factor(
factor_name         IN VARCHAR2,
factor_type_name    IN VARCHAR2,
description         IN VARCHAR2,
rule_set_name       IN VARCHAR2,
get_expr            IN VARCHAR2,
validate_expr       IN VARCHAR2,
identify_by         IN NUMBER,
labeled_by          IN NUMBER,
eval_options        IN NUMBER,
audit_options       IN NUMBER,
fail_options        IN NUMBER,
namespace           IN VARCHAR2 DEFAULT NULL,
namespace_attribute IN VARCHAR2 DEFAULT NULL);
TBD
 
UPDATE_FACTOR_TYPE
Updates a Factor Type dbms_macadm.update_factor_type(
name        IN VARCHAR2,
description IN VARCHAR2);
TBD
 
UPDATE_IDENTITY
Updates an Identity dbms_macadm.update_identity(
factor_name IN VARCHAR2,
value       IN VARCHAR2,
trust_level IN NUMBER);
TBD
 
UPDATE_MAC_POLICY
Specify the algorithm that is used to merge labels when computing the label for a Factor, or the MAC OLS Session label dbms_macadm.update_mac_policy(
policy_name IN VARCHAR2,
algorithm   IN VARCHAR2,
error_label IN VARCHAR2 DEFAULT NULL);
TBD
 
UPDATE_POLICY_DESCRIPTION
Update the description of exiting Database Vault policy dbms_macadm.update_policy_description(
policy_name IN VARCHAR2,
description IN VARCHAR2);
TBD
 
UPDATE_POLICY_STATE
Update the state of existing Database Vault policy dbms_macadm.update_policy_state(
policy_name  IN VARCHAR2,
policy_state IN NUMBER,
pl_sql_stack IN BOOLEAN DEFAULT NULL);
TBD
 
UPDATE_REALM
Alter a Realm dbms_macadm.update_realm(
realm_name    IN VARCHAR2,
description   IN VARCHAR2,
enabled       IN VARCHAR2,
audit_options IN NUMBER  DEFAULT NULL,
realm_type    IN NUMBER  DEFAULT NULL,
pl_sql_stack  IN BOOLEAN DEFAULT NULL);
TBD
 
UPDATE_REALM_AUTH
Update the authorization of a user or role to access a Realm dbms_macadm.update_realm_auth(
realm_name    IN VARCHAR2,
grantee       IN VARCHAR2,
rule_set_name IN VARCHAR2,
auth_options  IN NUMBER,
auth_scope    IN NUMBER := dvsys.dbms_macutl.g_scope_local);
TBD
 
UPDATE_ROLE
Update a DV Secure Application Role with.access protected by a Rule Set dbms_macadm.update_role(
role_name     IN VARCHAR2,
enabled       IN VARCHAR2,
rule_set_name IN VARCHAR2);
TBD
 
UPDATE_RULE
Update a Rule dbms_macadm.update_rule(
rule_name IN VARCHAR2,
rule_expr IN VARCHAR2);
TBD
 
UPDATE_RULE_SET
Update a Rule Set dbms_macadm.update_rule_set(
rule_set_name   IN VARCHAR2,
description     IN VARCHAR2,
enabled         IN VARCHAR2,
eval_options    IN NUMBER,
audit_options   IN NUMBER,
fail_options    IN NUMBER,
fail_message    IN VARCHAR2,
fail_code       IN NUMBER,
handler_options IN NUMBER,
handler         IN VARCHAR2,
is_static       IN BOOLEAN DEFAULT FALSE);
TBD
 
UPDATE_SESSION_EVENT_CMD_RULE
Update a session event command rule declaration dbms_macadm.update_session_event_cmd_rule(
rule_set_name  IN VARCHAR2,
enabled        IN VARCHAR2,
event_name     IN VARCHAR2 := '%',
component_name IN VARCHAR2 := '%',
action_name    IN VARCHAR2 := '%',
scope          IN NUMBER   := dvsys.dbms_macutl.g_scope_local,
pl_sql_stack   IN BOOLEAN  DEFAULT NULL);
TBD
 
UPDATE_SYSTEM_EVENT_CMD_RULE
Update a system event command rule declaration dbms_macadm.update_system_event_cmd_rule(
rule_set_name  IN VARCHAR2,
enabled        IN VARCHAR2,
event_name     IN VARCHAR2 := '%',
component_name IN VARCHAR2 := '%',
action_name    IN VARCHAR2 := '%',
scope          IN NUMBER   := dvsys.dbms_macutl.g_scope_local,
pl_sql_stack   IN BOOLEAN  DEFAULT NULL);
TBD

Related Topics
Built-in Functions
Built-in Packages
Database Security
DBMS_MACOLS
DBMS_MACOLS_SESSION
DBMS_MACOUT
DBMS_MACSEC
DBMS_MACSEC_FUNCTION
DBMS_MACSEC_ROLES
DBMS_MACSEC_RULES
DBMS_MACUTL
What's New In 21c
What's New In 26ai

Morgan's Library Page Footer
This site is maintained by Daniel Morgan. Last Updated: This site is protected by copyright and trademark laws under U.S. and International law. © 1998-2026 Daniel A. Morgan All Rights Reserved