SYSPACKAUTH catalog table

The SYSPACKAUTH table records the privileges that are held by users over packages. The schema is SYSIBM.

Column name Data type Description Use
GRANTOR
VARCHAR(128)
NOT NULL
 Authorization ID of the user who granted the privilege. Could also be PUBLIC. G
GRANTEE
VARCHAR(128)
NOT NULL
 Authorization ID of the user who holds the privileges, the name of a plan that uses the privileges or PUBLIC for a grant to PUBLIC. G
LOCATION
VARCHAR(128)
NOT NULL
 Always contains blanks S
COLLID
VARCHAR(128)
NOT NULL
 Collection name for the package or packages on which the privilege was granted. G
NAME
VARCHAR(128)
NOT NULL
 Name of the package on which the privileges are held. An asterisk (*) if the privileges are held on all packages in a collection. G
CONTOKEN
CHAR(8)
NOT NULL
FOR BIT DATA
 Start of change

Consistency token for the package, as stored in the SYSPACKAGE catalog table.

The value can also be blank.

Db2 does not use this value to determine authorization for package operations such as bind, copy, or execution.

End of change		 Start of changeSEnd of change
TIMESTAMP
TIMESTAMP
NOT NULL
 Timestamp indicating when the privilege was granted. G
GRANTEETYPE
CHAR(1)
NOT NULL
 Type of grantee:
blank
An authorization ID
L
Role
P
An application plan
 G
AUTHHOWGOT
CHAR(1)
NOT NULL
 Authorization level of the user from whom the privileges were received. This authorization level is not necessarily the highest authorization level of the grantor.
blank
Not applicable
A
PACKADM (on collection *)
C
DBCTRL
D
DBADM
E
SECADM
G
ACCESSCTRL
L
SYSCTRL
M
DBMAINT
P
PACKADM (on a specific collection)
S
SYSADM
T
DATAACCESS
 G
BINDAUTH
CHAR(1)
NOT NULL
 Whether GRANTEE can use the BIND and REBIND subcommands on the package:
blank
Privilege is not held
G
Privilege is held with the GRANT option
Y
Privilege is held without the GRANT option
 G
COPYAUTH
CHAR(1)
NOT NULL
 Whether GRANTEE can COPY the package:
blank
Privilege is not held
G
Privilege is held with the GRANT option
Y
Privilege is held without the GRANT option
 G
EXECUTEAUTH
CHAR(1)
NOT NULL
 Whether GRANTEE can execute the package:
blank
Privilege is not held
G
Privilege is held with the GRANT option
Y
Privilege is held without the GRANT option
 G
IBMREQD
CHAR(1)
NOT NULL
 A value of Y indicates that the row was provided with the Db2 product code. For all other values, see Release dependency indicators.

The value in this field is not a reliable indicator of release dependencies.

 G
GRANTORTYPE
CHAR(1)
NOT NULL WITH
DEFAULT
 Indicates the type of grantor:
blank
Authorization ID
L
Role
 G
Start of changeSYS_STARTEnd of change Start of change
TIMESTAMP(12)
NOT NULL
GENERATED ALWAYS
AS ROW BEGIN
End of change		 Start of changeReserved for future IBM® use.The row-begin column of the SYSTEM_TIME period, for system-period data versioning.End of change Start of changeGEnd of change
Start of changeSYS_ENDEnd of change Start of change
TIMESTAMP(12)
NOT NULL
GENERATED ALWAYS
AS ROW END
End of change		 Start of changeReserved for future IBM use.The row-end column of the SYSTEM_TIME period, for system-period data versioning.End of change Start of changeGEnd of change
Start of changeTRANS_STARTEnd of change Start of change
TIMESTAMP(12)
NOT NULL
GENERATED ALWAYS
AS TRANSACTION
START ID
End of change		 Start of changeReserved for future IBM use. End of change Start of changeGEnd of change