Package privileges
Resources: Packages
Resource type: K
Db2 privileges
BIND
XAPLPRIV value: BINDAUTK
Privcode 65 (x'41')
Does the user or the role associated with the user own the package?
If so, XAPLUPRM must match the owner name passed from Db2 by the XAPLOWNR parameter when XAPLONRT indicates an authorization ID, or XAPLUCHK must match XAPLOWNR and XAPLUCKT must match XAPLONRT.
If not, the user must have sufficient authority to:
| One of these resources: | In class: |
|---|---|
| Db2-subsystem.collection-ID.package-ID.BIND | MDSNPK or GDSNPK |
| Db2-subsystem.owner.BINDAGENT | MDSNSM or GDSNSM |
| Db2-subsystem.collection-ID.PACKADM | DSNADM |
| Db2-subsystem.SYSDBADM | DSNADM |
| Db2-subsystem.SYSCTRL | DSNADM |
| Db2-subsystem.SYSADM | DSNADM |
COMMENT ON
XAPLPRIV value: COMNTAUTK
Privcode 97 (x'61')
Does the user or the role associated with the user own the package?
If so, XAPLUPRM must match the owner name passed from Db2 by the XAPLOWNR parameter when XAPLONRT indicates an authorization ID, or XAPLUCHK must match XAPLOWNR and XAPLUCKT must match XAPLONRT.
If not, the user must have sufficient authority to:
| One of these resources: | In class: |
|---|---|
| Db2-subsystem.owner.BINDAGENT | MDSNSM or GDSNSM |
| Db2-subsystem.collection-ID.PACKADM | DSNADM |
| Db2-subsystem.SYSDBADM | DSNADM |
| Db2-subsystem.SYSCTRL | DSNADM |
| Db2-subsystem.SYSADM | DSNADM |
COPY
XAPLPRIV value: COPYAUTK
Privcode 225 (x'E1')
Does the user or the role associated with the user own the package?
If so, XAPLUPRM must match the owner name passed from Db2 by the XAPLOWNR parameter when XAPLONRT indicates an authorization ID, or XAPLUCHK must match XAPLOWNR and XAPLUCKT must match XAPLONRT.
If not, the user must have sufficient authority to:
| One of these resources: | In class: |
|---|---|
| Db2-subsystem.collection-ID.package-ID.COPY | MDSNPK or GDSNPK |
| Db2-subsystem.owner.BINDAGENT | MDSNSM or GDSNSM |
| Db2-subsystem.collection-ID.PACKADM | DSNADM |
| Db2-subsystem.SYSDBADM | DSNADM |
| Db2-subsystem.SYSCTRL | DSNADM |
| Db2-subsystem.SYSADM | DSNADM |
DROP
XAPLPRIV value: DROPAUTK
Privcode 73 (x'49')
The user must have sufficient authority to:
| One of these resources: | In class: |
|---|---|
| Db2-subsystem.owner.BINDAGENT | MDSNSM or GDSNSM |
| Db2-subsystem.collection-ID.PACKADM | DSNADM |
| Db2-subsystem.SYSDBADM | DSNADM |
| Db2-subsystem.SYSCTRL | DSNADM |
| Db2-subsystem.SYSADM | DSNADM |
EXECUTE
XAPLPRIV value: CHKEXECK
Privcode 64 (x'40')
The user must have sufficient authority to:
| One of these resources: | In class: |
|---|---|
| Db2-subsystem.collection-ID.package-ID.EXECUTE | MDSNPK or GDSNPK |
| Db2-subsystem.collection-ID.PACKADM | DSNADM |
| Db2-subsystem.SQLADM This check is only done for system defined packages. |
MDSNSM or GDSNSM |
| Db2-subsystem.SYSDBADM This check is only done for system defined packages. |
DSNADM |
| Db2-subsystem.DATAACCESS | DSNADM |
| Db2-subsystem.SYSADM | DSNADM |
All package privileges (PACKADM or SYSADM)
XAPLPRIV value: ALLPKAUTK
Privcode 228 (x'E4')
There are no authorization checks (return code 4).
All package privileges
XAPLPRIV value: SUBPKAUTK
Privcode 229 (x'E5')
The user must have sufficient authority to:
| One of these resources: | In class: |
|---|---|
|
Db2-subsystem.collection-ID.PACKADM
The user has authority to collection-ID. |
DSNADM |
| Db2-subsystem.ACCESSCTRL | DSNADM |
| Db2-subsystem.SYSCTRL Bypass if SEPARATE_SECURITY= Yes |
DSNADM |
| Db2-subsystem.SYSADM Bypass if SEPARATE_SECURITY= Yes |
DSNADM |
| Db2-subsystem.SECADM | DSNADM |