Page tree
Skip to end of metadata
Go to start of metadata

Supported Privileges

ClustrixDB supports the following privileges:

  • ALL [PRIVILEGES]: All Privileges with the exception of GRANT OPTION
  • ALTER
  • ALTER ROUTINE: Allow ALTER or DROP of stored routines (procedures and functions)
  • CREATE: Allow CREATE TABLE and CREATE DATABASE
  • CREATE ROUTINE
  • CREATE TEMPORARY TABLES 
  • CREATE USER: Allow CREATE USER and DROP USER
  • CREATE VIEW 
  • DELETE 
  • DROP: Allow DROP TABLEDROP DATABASE, and DROP VIEW
  • EXECUTE
  • FILE: Gives the user permission to use SELECT ... INTO OUTFILE statements. ClustrixDB’s LOAD DATA INFILE does not need this.
  • GRANT OPTION
  • INDEX: Allow CREATE INDEX and DROP INDEX
  • INSERT
  • PROCESS: The privilege enables use of SHOW PROCESSLIST and SHOW ENGINE
  • REFERENCES: The creation of a foreign key constraint requires the REFERENCES for the parent table
  • RELOAD: Enable use of FLUSH operations
  • REPLICATION CLIENT: Allow SHOW MASTER STATUS and SHOW SLAVE STATUS
  • REPLICATION SLAVE: Allow reading binary logs
  • SELECT
  • SHOW DATABASES
  • SHOW VIEW: Enables use of the SHOW CREATE VIEW statement
  • SHUTDOWN: Clustrix recommends using clx dbstop instead
  • SUPER: Allow administrative commands and grants all privileges associated with the TRIGGER permission
  • TRIGGER
  • UPDATE
  • USAGE

Unsupported Privileges

ClustrixDB ignores the following privileges:

  • CREATE TABLESPACE: Not applicable for ClustrixDB.
  • EVENT: Not applicable for ClustrixDB.
  • LOCK TABLES: Enables the use of explicit LOCK TABLES statements to lock tables for which you have the SELECT privilege.
  • PROXY: Not applicable for ClustrixDB.

Clustrix-Specific Privileges

ClustrixDB implements an OSAuth privilege that allows users with this privilege to be authenticated by the OS. This allows a SQL user to log in without a password as long as they have been authenticated as the corresponding OS user.

sql> GRANT OSAUTH ON *.* to 'clxd'@'localhost';

The OSAuth privilege is granted to the database management user (clxm) for use with clx, and the database daemon user (clxd) for use by statd and ClustrixGUI. 

Other Differences

The _ and % wild cards are not supported in database name specifications.

The GRANT statement ignores REQUIRE, if included.

The DEFINER and SQL SECURITY arguments for views are ignored.

The following GRANT WITH options are not supported and generate a syntax error:

  • MAX_QUERIES_PER_HOUR
  • MAX_UPDATES_PER_HOUR
  • MAX_CONNECTIONS_PER_HOUR
  • MAX_USER_CONNECTIONS

RENAME USER, CURRENT_USER, CURRENT_USER() and SESSION_USER() are not supported.


  • No labels