OWNER bind option

The OWNER option determines the authorization ID of the owner of a plan, package, or service.

Command option Option values Used with
OWNER
(authorization-id)
(authorization-id)OWNERTYPE (ROLE)
(authorization-id)OWNERTYPE (USER)
Note:
  1. Start of changeThe OWNER bind option is not valid for REBIND of packages for functions, native SQL procedures, or advanced triggers.End of change

Option descriptions for OWNER

(authorization-id)
Specifies an authorization ID to own the plan, package, or service.

The owner must have the privileges required to execute the SQL statements contained in the object.

If ownership changes, all grants for privileges on the object that the previous owner issued change to name the new owner as the grantor. The new owner has the privileges BIND and EXECUTE on the object and grants them to the previous owner.

You can bind or rebind only the objects for which the authorization ID has bind privileges. If you do not specify an authorization ID, the process rebinds only the objects for which the primary ID has bind privileges.

Start of changeFL 500 OWNERTYPE(ROLE)End of change
Start of changeSpecifies that the authorization-id is a role that exists on the current server.End of change
Start of changeFL 500 OWNERTYPE(USER)End of change
Start of changeSpecifies that the authorization-id is an authorization ID.End of change

Notes

Interactions with the PLANMGMT option: If you plan to change this option and the PLANMGMT option in a REBIND command, see PLANMGMT bind option for the implications.

OWNER for BIND and REBIND in trusted context:
Start of changeWhen BIND and REBIND commands are issued in a trusted context that is defined with the role as object owner attribute and the OWNERTYPE option is not specified, the default owner is determined as follows:
  • If the OWNER option is not specified, BIND uses the role that is associated with the binder as the owner. REBIND uses the existing owner as the owner.
  • If the OWNER option is specified, the role specified in the OWNER option becomes the owner. In a trusted context, the default OWNER must be a role. For the bind to succeed, the binder needs BINDAGENT privilege from the role specified in the OWNER option. The binder also receives BINDAGENT privilege, if the role associated with the binder has BINDAGENT privilege.
If the trusted context is not defined with the role as object owner attribute, the current rules for BIND and REBIND ownership apply and are determined by the OWNERTYPE option. If a role is associated in a trusted context, the role privileges are included in the binder's privilege set to determine if the binder is allowed to perform the bind.End of change
For remote BIND or REBIND PACKAGE only:
The value of OWNER is subject to translation when sent to the remote system.

Default values for OWNER

Process Default value
BIND SERVICE Primary authorization ID of the agent that runs the bind process
BIND PLAN Primary authorization ID of the agent that runs the bind process
BIND PACKAGE Primary authorization ID of the agent that runs the bind process
REBIND PLAN Existing value
REBIND PACKAGE Existing value

Catalog records for OWNER

See the OWNER column in SYSPACKAGE catalog table, the GRANTOR column in SYSPACKAUTH catalog table, and the CREATOR column in SYSPLAN catalog table.