Information about the current users of a database and about their permissions is stored in the database system tables and system views.
For a description of each of these tables, see Chapter 9, “System Tables” in Sybase IQ Reference Manual.
Most system tables are owned by the special user ID SYS. It is not possible to connect to the SYS user ID.
The DBA has SELECT access to all system tables, just as to any other tables in the database. The access of other users to some of the tables is limited. For example, only the DBA has access to the SYS.SYSUSERPERM table, which contains all information about the permissions of users of the database, as well as the passwords of each user ID. However, SYS.SYSUSERPERMS is a view containing all information in SYS.SYSUSERPERM except for the password, and by default all users have SELECT access to this view. All permissions and group memberships set up in a new database for SYS, PUBLIC, and DBA can be fully modified.
The following table summarizes the system tables containing information about user IDs, groups, and permissions. All tables and views are owned by user ID SYS, and so their qualified names are SYS.SYSUSERPERM and so on.
Appropriate SELECT queries on these tables generate all the user ID and permission information stored in the database.
Table |
Default |
Contents |
---|---|---|
SYSUSERPERM |
DBA only |
Database-level permissions and password for each user ID |
SYSGROUP |
PUBLIC |
One row for each member of each group |
SYSTABLEPERM |
PUBLIC |
All permissions on table given by the GRANT commands |
SYSCOLPERM |
PUBLIC |
All columns with UPDATE permission given by the GRANT command |
SYSDUMMY |
PUBLIC |
Dummy table, can be used to find the current user ID |
SYSPROCPERM |
PUBLIC |
Each row holds one user granted permission to use one procedure |
The following table summarizes the system views containing information about user IDs, groups, and permissions.
View |
Default |
Contents |
---|---|---|
SYSUSERAUTH |
DBA only |
All information in SYSUSERPERM except for user numbers |
SYSUSERPERMS |
PUBLIC |
All information in SYSUSERPERM except for passwords |
SYSUSERLIST |
PUBLIC |
All information in SYSUSERAUTH except for passwords |
SYSGROUPS |
PUBLIC |
Information from SYSGROUP in a more readable format |
SYSTABAUTH |
PUBLIC |
Information from SYSTABLEPERM in a more readable format |
SYSCOLAUTH |
PUBLIC |
Information from SYSCOLPERM in a more readable format |
SYSPROCAUTH |
PUBLIC |
Information from SYSPROCPERM in a more readable format |
The following table lists system tables used by Sybase IQ Login Management. The user DBA owns these tables, so their qualified names are DBA.IQ_SYSTEM_LOGIN_INFO_TABLE and so on.
Table |
Default |
Contents |
---|---|---|
IQ_SYSTEM_LOGIN_INFO_TABLE |
DBA only |
Each row holds Sybase IQ Login Management database defaults and status for connections, passwords, and locked logins. |
IQ_USER_LOGIN_INFO_TABLE |
DBA only |
Each row holds Sybase IQ Login Management definitions and locked login status for one user |
SYSOPTIONDEFAULTS |
DBA only |
Each row holds Sybase IQ default option settings. |
In addition to these, there are tables and views containing information about each object in the database.