Xpand supports the following privileges:
- ALL [PRIVILEGES]: All Privileges with the exception of GRANT OPTION
- ALTER ROUTINE: Allow ALTER or DROP of stored routines (procedures and functions)
- CREATE: Allow CREATE TABLE and CREATE DATABASE
- CREATE ROUTINE
- CREATE TEMPORARY TABLES
- CREATE USER: Allow CREATE USER and DROP USER
- CREATE VIEW
- DROP: Allow DROP TABLE, DROP DATABASE, and DROP VIEW
- GRANT OPTION
- INDEX: Allow CREATE INDEX and DROP INDEX
- PROCESS: The privilege enables use of SHOW PROCESSLIST and SHOW ENGINES
- REFERENCES: The creation of a foreign key constraint requires the REFERENCES for the parent table
- RELOAD: Enable use of FLUSH operations
- REPLICATION CLIENT: Allow SHOW MASTER STATUS and SHOW SLAVE STATUS
- REPLICATION SLAVE: Allow reading binary logs
- SHOW DATABASES
- SHOW VIEW: Enables use of the SHOW CREATE VIEW statement
- SHUTDOWN: Xpand recommends using clx dbstop instead
- SUPER: Allow administrative commands and grants all privileges associated with the TRIGGER permission
Xpand ignores the following privileges:
- CREATE TABLESPACE: Not applicable for Xpand.
- EVENT: Not applicable for Xpand.
- LOCK TABLES: Enables the use of explicit LOCK TABLES statements to lock tables for which you have the SELECT privilege.
- PROXY: Not applicable for Xpand.
Xpand implements an OSAuth privilege that allows users with this privilege to be authenticated by the OS. This allows a SQL user to log in without a password as long as they have been authenticated as the corresponding OS user.
sql> GRANT OSAUTH ON *.* to 'xpand'@'localhost';
The OSAuth privilege is granted to the database management user (xpandm) for use with clx, and the database daemon user (xpand) for use by statd and XpandGUI.
- The _ and % wild cards are not supported in database name specifications.
- The GRANT statement ignores REQUIRE, if included.
- The GRANT and REVOKE commands ignore values supplied for column_list and object_type
- The DEFINER and SQL SECURITY arguments for views are ignored.
- The following GRANT WITH options are not supported and generate a syntax error:
- RENAME USER, CURRENT_USER, CURRENT_USER() and SESSION_USER() are not supported.