As an instance owner on the host running db2, issue the following command
$ db2start
Stopping the instance
$ db2stop
Connect to the database as instance owner
$ db2
as a user of the database:
$source ~instance/sqllib/db2cshrc (csh users)
$ . ~instance/sqllib/db2profile (sh users)
$ db2 connect to databasename
Create a table
$ db2-> create table employee
(ID SMALLINT NOT NULL,
NAME VARCHAR(9),
DEPT SMALLINT CHECK (DEPT BETWEEN 10 AND 100),
JOB CHAR(5) CHECK (JOB IN ('Sales', 'Mgr', 'Clerk')),
HIREDATE DATE,
SALARY DECIMAL(7,2),
COMM DECIMAL(7,2),
PRIMARY KEY (ID),
CONSTRAINT YEARSAL CHECK (YEAR(HIREDATE) > 1986 OR SALARY > 40500) )
A simple version:
db2-> create table employee ( Empno smallint, Name varchar(30))
Create a schema
If a user has SYSADM or DBADM authority, then the user can create a schema with any valid name. When a database is created, IMPLICIT_SCHEMA authority is granted to PUBLIC (that is, to all users). The following example creates a schema for an individual user with the authorization ID 'joe'
CREATE SCHEMA joeschma AUTHORIZATION joe
Create an alias
The following SQL statement creates an alias WORKERS for the EMPLOYEE table:
CREATE ALIAS WORKERS FOR EMPLOYEE
You do not require special authority to create an alias, unless the alias is in a schema other than the one owned by your current authorization ID, in which case DBADM authority is required.
Create an Index:
The physical storage of rows in a base table is not ordered. When a row is inserted, it is placed in the most convenient storage location that can accommodate it. When searching for rows of a table that meet a particular selection condition and the table has no indexes, the entire table is scanned. An index optimizes data retrieval without performing a lengthy sequential search. The following SQL statement creates a
non-unique index called LNAME from the LASTNAME column on the EMPLOYEE table, sorted in ascending order:
CREATE INDEX LNAME ON EMPLOYEE (LASTNAME ASC)
The following SQL statement creates a unique index on the phone number column:
CREATE UNIQUE INDEX PH ON EMPLOYEE (PHONENO DESC)
Drop a database:
Db2 drop database sample
Alter tablespace
Adding a Container to a DMS Table Space You can increase the size of a DMS table space (that is, one created with the MANAGED BY DATABASE clause) by adding one or more containers to the table
space. The following example illustrates how to add two new device containers (each with 40 000 pages) to a table space on a UNIX-based system:
ALTER TABLESPACE RESOURCE
ADD (DEVICE '/dev/rhd9' 10000,
DEVICE '/dev/rhd10' 10000)
The following SQL statement drops the table space ACCOUNTING:
DROP TABLESPACE ACCOUNTING
You can reuse the containers in an empty table space by dropping the table space but you must COMMIT the DROP TABLESPACE command, or have had AUTOCOMMIT on, before attempting to reuse the containers. The following SQL statement creates a new temporary table space called TEMPSPACE2:
CREATE TEMPORARY TABLESPACE TEMPSPACE2 MANAGED BY SYSTEM USING ('d')
Once TEMPSPACE2 is created, you can then drop the original temporary table space TEMPSPACE1 with the command: DROP TABLESPACE TEMPSPACE1
Add Columns to an Existing Table
When a new column is added to an existing table, only the table description in the system catalog is modified, so access time to the table is not affected immediately. Existing records are not physically altered
until they are modified using an UPDATE statement. When retrieving an existing row from the table, a null or default value is provided for the new column, depending on how the new column was defined. Columns that are added after a table is created cannot be defined as NOT NULL: they must be defined as either NOT NULL WITH DEFAULT or as nullable. Columns can be added with an SQL statement. The following statement uses the ALTER TABLE statement to add three columns to the EMPLOYEE table:
ALTER TABLE EMPLOYEE
ADD MIDINIT CHAR(1) NOT NULL WITH DEFAULT
ADD HIREDATE DATE
ADD WORKDEPT CHAR(3)
GrantPermissions by Users
The following example grants SELECT privileges on the EMPLOYEE table to the user HERON:
GRANT SELECT ON EMPLOYEE TO USER HERON
The following example grants SELECT privileges on the EMPLOYEE table to the group HERON:
GRANT SELECT ON EMPLOYEE TO GROUP HERON
GRANT SELECT,UPDATE ON TABLE STAFF TO GROUP PERSONNL
If a privilege has been granted to both a user and a group with the same name, you must specify the GROUP or USER keyword when revoking the privilege. The following example revokes the SELECT privilege on the EMPLOYEE table from the user HERON:
REVOKE SELECT ON EMPLOYEE FROM USER HERON
To Check what permissions you have within the database
SELECT * FROM SYSCAT.DBAUTH WHERE GRANTEE = USER AND GRANTEETYPE = 'U'
SELECT * FROM SYSCAT.COLAUTH WHERE GRANTOR = USER
At a minimum, you should consider restricting access to the SYSCAT.DBAUTH, SYSCAT.TABAUTH, SYSCAT.PACKAGEAUTH, SYSCAT.INDEXAUTH, SYSCAT.COLAUTH, and SYSCAT.SCHEMAAUTH catalog views. This would prevent information on user privileges, which could be used to target an authorization name for break-in, becoming available to everyone with access to the database. The following statement makes the view available to every authorization name:
GRANT SELECT ON TABLE MYSELECTS TO PUBLIC
And finally, remember to revoke SELECT privilege on the base table:
REVOKE SELECT ON TABLE SYSCAT.TABAUTH FROM PUBLIC
Delete Records from a table
db2-> delete from employee where empno = '001'
db2-> delete from employee
The first example will delete only the records with emplno field = 001 The second example deletes all the records
Import Command
Requires one of the following options: sysadm, dbadm, control privileges on each participating table or view, insert or select privilege, example:
db2->import from testfile of del insert into workemployee
where testfile contains the following information 1090,Emp1086,96613.57,55,Secretary,8,1983-8-14
or your alternative is from the command line:
db2 " import from 'testfile' of del insert into workemployee"
db2 < test.sql where test.sql contains the following line:
db2 import from test file of del insert into workemployee
Load Command:
Requires the following auithority: sysadm, dbadm, or load authority on the database:
example: db2 "load from 'testfile' of del insert into workemployee"
You may have to specify the full path of testfile in single quotes
Authorization Level:
One of the following:
sysadm
dbadm
load authority on the database and
INSERT privilege on the table when the load utility is invoked in INSERT mode, TERMINATE mode
(to terminate a previous load insert operation), or RESTART mode (to restart a previous load insert
operation)
INSERT and DELETE privilege on the table when the load utility is invoked in REPLACE mode,
TERMINATE mode (to terminate a previous load replace operation), or RESTART mode (to restart a
previous load replace operation)
INSERT privilege on the exception table, if such a table is used as part of the load operation.
Caveat:
If you are performing a load operation and you CTRL-C out of it, the tablespace is left in a load pending state. The only way to get out of it is to reload the data with a terminate statement
First to view tablestate:
Db2 list tablespaces show detail will display the tablespace is in a load pending state.
Db2tbst
Here is the original query
Db2 "load from '/usr/seela/a.del' of del insert into A";
If you break out of the load illegally (ctrl-c), the tablespace is left load pending.
To correct:
Db2 "load form '/usr/seela/a.del' of del terminate into A";
This will return the table to it's original state and roll back the entries that you started loading.
If you try to reset the tablespace with quiesce, it will not work . It's an integrety issue
DB2BATCH- command
Reads SQL statements from either a flat file or standard input, dynamically prepares and describes the statements and returns an answer set: Authorization: sysadmin .and Required Connection -None..eg
db2batch -d databasename -f filename -a userid/passwd -r outfile
DB2expln - DB2 SQL Explain Tool
Describes the access plan selection for static SQL statements in packages that are stored in the DB2 common server systems catalog. Given the database name, package name ,package creator abd section
number the tool interprets and describes the information in these catalogs.
DB2exfmt - Explain Table Format Tool
DB2icrt - Create an instance
DB2idrop - Dropan instance
DB2ilist - List instances
DB2imigr - Migrate instances
DB2iupdt - Update instances
Db2licm - Installs licenses file for product ;
db2licm -a db2entr.lic
DB2look - DB2 Statistics Extraction Tool
Generates the updates statements required to make the catalog statistics of a test database match those of a production. It is advantageous to have a test system contain asubset of your production system's data.
This tool queries the system catalogs of a database and outputs a tablespace n table index, and column information about each table in that database Authorization: Select privelege on system catalogs Required
Connection - None. Syntax
db2look -d databasename -u creator -t Tname -s -g -a -p -o
Fname -e -m -c -r -h
where -s : generate a postscript file, -g a graph , -a for all users in the database, -t limits output to a particular tablename, -p plain text format , -m runs program in mimic mode, examples:
db2look -d db2res -o output will write stats for tables created in db
db2res in latex format
db2look -p -a -d db2res -o output - will write stats in plain text format
DB2 -list tablespaces show detail
displays the following information as an example:
Tablespaces for Current Database
Tablespace ID = 0
Name = SYSCATSPACE
Type = System managed space
Contents = Any data
State = 0x0000
Detailed explanation:
Normal
Total pages = 2925
Useable pages = 2925
Used pages = 2925
Free pages = Not applicable
High water mark (pages) = Not applicable
Page size (bytes) = 4096
Extent size (pages) = 32
Prefetch size (pages) = 32
Number of containers = 1
db2tbst - Get tablespace state.
Authorization - none , Required connection none, syntax db2tbst tabpespace-state:The state value is part of the output of list tablespaces example
db2tbst 0X0000 returns state normal
db2tbst 2 where 2 indicates tablespace id 2 will also work
DB2dbdft - environment variable
Defining this environment variable with the database you want to connect to automatically connects you to the database . example setenv db2dbdft sample will allow you to connect to sample by default.
CLP - Command Line Processor Invocation:
db2 starts the command line processor. The clp is used to execute database utilities, sql statements and online help. It offers a variety of command options and can be started in :
1. interactive mode : db2->
2. command mode where each command is prefixed by db2
3. batch mode which uses the -f file input option
Update the configuration in the database :
Db2 =>update db cfg for sample using maxappls 60
MAXFILOP = 64 2 - 9150
db2 => update db cfg for sample using maxappls 160
db2 => update db cfg for sample using AVG_APPLS 4
db2 =>update db cfg for sample using MAXFILOP 256
can see updated parameters from client
tcpip ..... not started up properly Check the DB2COMM variable if it it is set
db2set DB2COMM
How to terminate the database if processes are still attached:
db2 force applications all
db2stop
db2start
db2 connect to dbname (locally)
How to trace logs withing the db2diag.log file:
Connections to db fails:
Move the db2diag.log from the sqllib/db2dump directory to some other working directory ( mv db2diag.log
db2 update dbm cfg using diaglevel 4
db2stop
db2start
db2trc on -l 8000000 -e 10
db2 connect to dbname (locally)
db2trc dump 01876.trc
db2trc flw 01876.trc 01876.flw
db2trc fmt 01876.trc 01876.fmt
db2trc off
Import data from ascii file to database
db2 " import from inp.data of del insert into test"
db2 "load from '/cs/home/tech1/seela/inp.data' of del insert into seela.seela"
db2 < test.sql
Revoke permissions from the database from public:
db2 => create database GO3421
DB20000I The CREATE DATABASE command completed successfully.
Now I want to revoke connect, createtab bindadd on database from public
On server: db2 => revoke connect , createtab, bindadd on database from public
Now on client, as techstu, I tried to connect to go3421
db2 => connect to go3421
SQL1060N User "TECHSTU " does not have the CONNECT privilege. SQLSTATE=08004
Now I have to grant connect privilege to group ugrad
On server:
db2 => grant connect, createtab on database to group ugrad
DB20000I The SQL command completed successfully.
Tested on client I can connect successfully.
Now on the client, I can connect as a student, list tables but not select. I
can still describe tables
To prevent this:
On server
revoke select on table syscat.columns from public
Now on client, I cannot describe but also on my tables.
db2 => revoke select on table syscat.columns from public
DB20000I The SQL command completed successfully.
db2 => grant select on table syscat.columns to group ugrad
On server:
db2 => revoke select on table syscat.indexes from public
DB20000I The SQL command completed successfully.
select * from syscat.dbauth will display all the privileges for
dbadm authority:
DBADMAUTH CREATETABAUTH BINDADDAUTH CONNECTAUTH
NOFENCEAUTH IMPLSCHEMAAUTH LOAD AUTH
select
TABNAME,DELETEAUTH,INSERTAUTH,SELECTAUTH from
syscat.tabauth
grant connect, createtab
grant connect, createtab on database to user techstu
to group ugrad
Instance Level Authority
db2 get dbm cfg
db2 get admin cfg
db2 get db cfg
CLP using filename on the command line
Db2 -f filename.clp
The -f option directs the clp to accept input from file.
Db2 +c -v +t infile .. The option can be prefixed by a + sign or turned on by a letter with a -sign
+c is turned off, -v turned on and -f turned on
c is for commit, v for verbose and f for filename
-t termination character is set to semicolon
No comments:
Post a Comment