In the newly created database, when executing Db2look, there is a problem
| [Email protected] ~]$ db2look-d sample-e-l-o db2look.ddl Error Message =
--an error has occured during Binding Error Message =
|
Try to run the command DB2 ' bind DB2LKFUN.BND blocking all grant public ', got the error about authorization.
[Email protected] bnd]$ DB2 "bind db2lkfun.bnd blocking all grant public"
Line MESSAGES for DB2LKFUN.BND
------ --------------------------------------------------------------------
SQL0061W the binder is in progress.
12291 sql0440n No Authorized routine named "RTRIM" of type
"FUNCTION" had compatible arguments was found.
sqlstate=42884
12987 sql0440n No Authorized routine named "RTRIM" of type
"FUNCTION" had compatible arguments was found.
sqlstate=42884
SQL0082C An error had occurred which has terminated
Processing.
SQL0092N No package was created because of previous errors.
SQL0091N Binding is ended with "4" Errors and "0" warnings.
Check the authorizations for the user
[Email protected] ~]$ DB2 "SELECT SUBSTR (Grantor, 1, ten) as grantor,--grantor of the authority
> SUBSTR (GRANTEE, 1, ten) as GRANTEE,--Holder of the Authority
>--G = Grantee is a group R = Grantee is a role
> Granteetype,--U = Grantee is an individual user
> Bindaddauth,
> Connectauth,
> Createtabauth,
> Dbadmauth,
> Implschemaauth,
> Dataaccessauth,
> Loadauth
> from SYSCAT. Dbauth
> ORDER by GRANTEE with UR "
Grantor GRANTEE granteetype bindaddauth connectauth createtabauth dbadmauth implschemaauth DATAACCESSAUTH LOADAUTH
---------- ---------- ----------- ----------- ----------- ------------- --------- -------------- -------------- --------
SYSIBM db2v97i1 U n n n y N y N
SYSIBM public G y y y n y n N
[Email protected] ~]$ CD SQLLIB/BND
[[Email protected] bnd]$ DB2 BIND db2lkfun.bnd BLOCKING all GRANT public
Line MESSAGES for DB2LKFUN.BND
------ --------------------------------------------------------------------
SQL0061W the binder is in progress.
12291 sql0440n No Authorized routine named "RTRIM" of type
"FUNCTION" had compatible arguments was found.
sqlstate=42884
12987 sql0440n No Authorized routine named "RTRIM" of type
"FUNCTION" had compatible arguments was found.
sqlstate=42884
SQL0082C An error had occurred which has terminated
Processing.
SQL0092N No package was created because of previous errors.
SQL0091N Binding is ended with "4" Errors and "0" warnings.
Grant SECADM to the user, solve the issue.
DB2 Grant SECADM on the database to user Db2v97i1
Security Administration Authority (SECADM)
SECADM Authority is the Security Administration authority for a specific database. This authority allows the create and manage Security-related database objects and to grant and revoke all database auth Orities and privileges. Additionally, the security administrator can execute, and manage who else can execute, the audit system routines.
SECADM authority have the ability to SELECT from the catalog tables and catalog views, but cannot access data stored in use R tables.
SECADM authority can be granted-the security administrator (who holds SECADM authority) and can is granted to a US Er, a group, or a role. Public cannot obtain the SECADM authority directly or indirectly.
The database must has at least one authorization ID of type USER with the SECADM authority. The SECADM authority cannot is revoked from every authorization ID of type USER
SECADM authority gives a user the ability to perform the following operations:
Create, Alter, comment on, and drop:
Audit Policies
Security Label Components
Security Policies
Trusted contexts
Create, comment on, and drop:
Roles
Security Labels
Grant and REVOKE database privileges and authorities
Execute the following audit routines to perform the specified tasks:
The Sysproc. Audit_archive stored procedure and table function ARCHIVE AUDIT logs.
The Sysproc. Audit_list_logs table function allows you to locate LOGS of interest.
The Sysproc. Audit_delim_extract stored procedure extracts data into delimited files for analysis.
Also, the security administrator can grant and revoke EXECUTE privilege on these routines, therefore enabling the security Administrator to delegate these tasks, if desired. Only the security administrator can grant EXECUTE privilege on these routines. EXECUTE privilege with GRANT OPTION cannot is granted for these routines (SQLSTATE 42501).
Use of the AUDIT statement to associate an AUDIT policy with a particular database or database object at the server
Use of the TRANSFER OWNERSHIP statement to TRANSFER objects not owned by the authorization ID of the statement
No Other authority gives these abilities.
Only the security administrator have the ability to grant other users, groups, or roles the Accessctrl, DataAccess, Dbadm, and SECADM authorities.
In Version 9.7, the DB2? Authorization model had been updated to clearly separate the duties of the system administrator, the database Administrato R, and the security administrator. As part of this enhancement, the abilities given by the SECADM authority has been extended. In releases prior to Version 9.7, SECADM Authority do not provide the ability to grant and revoke all privileges and auth Orities. Also, SECADM authority could is granted only to a user, not to a role or a group. Additionally, SECADM authority did not provide the ability-grant EXECUTE privilege to other users on the audit system-d efined Procedures and table function.
Newly created database, when executing Db2look, encountered package db2lkfun.bnd bind failed
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
