DB users and grants
NetYCE database permissions are dependent on the database user. The NetYCE application primarily uses the “touchup” user. This user is permitted to access all databases and modify their contents, but cannot modify or create tables.
Those adninistration tasks are delegated to the “netYCE” user. It is used strictly for maintenance purposes.
The “justread” user can be used to access the content of all databases, but is not permitted to make changes to the data or their definitions.
To create custom tables in the “NMS” database, the “nmsadmin” user should be used. This user has most of the available privileges but limited to the “NMS” database. It can access the data of the other databases, but cannot make changes. Note that the “nmsadmin” user is intended as an administator for this tablespace, it should not be used for normal production integrations as it has extensive privileges - albeit limited to one database. The “touchup” or “justread” users are intended for those production tasks.
The cmdbadmin user is the equivalent of the “nmsadmin” user but for the “CMDB” database.
user name | root | netYCE | touchup | justread | cmdbadmin | nmsadmin | |
---|---|---|---|---|---|---|---|
hosts | localhost | % | % | % | % | % | |
default passwd | <witheld> | <witheld> | mmtwga | gmngmhhw | cmdbadmin | nmsadmin | |
Global privileges | |||||||
– db and tables – | |||||||
select | y | y | y | y | y | y | |
insert | y | y | y | ||||
update | y | y | y | ||||
delete | y | y | y | ||||
references | y | y | y | ||||
create | y | y | |||||
drop | y | y | |||||
alter | y | y | |||||
index | y | y | |||||
trigger | y | y | |||||
– replication – | |||||||
repl client | (y) | (y) | (y) | (y) | |||
repl slave | y | y | y | y | |||
– views – | |||||||
create view | y | y | |||||
show view | y | y | y | y | y | y | |
create routine | y | y | |||||
alter routine | y | y | |||||
exec | y | y | y | y | y | y | |
– admin – | |||||||
reload | y | y | y | y | |||
shut | y | y | y | y | |||
file | y | y | y | y | y | ||
process | y | y | y | y | |||
super | y | y | y | y | |||
temp table | y | y | y | y | y | ||
lock table | y | y | y | y | y | ||
show db | y | y | y | y | y | y | |
create user | y | y | |||||
grant | y | y | |||||
event | y | y | y | y | |||
create space | y | y | |||||
Schema privileges (extending Global priv) | |||||||
YCE | - | - | - | - | - | - | |
LOGS | - | - | - | - | - | - | |
NCCM | - | - | - | - | - | - | |
CMDB | - | - | - | - | CMDB set | - | |
NMS | - | - | - | - | - | NMS set | |
Per schema privileges | |||||||
Privilege | – CMDB set – | – NMS set – | |||||
alter | y | y | |||||
alter routine | y | y | |||||
create | y | y | |||||
create routine | y | y | |||||
create temp | y | y | |||||
create view | y | y | |||||
delete | y | y | |||||
drop | y | y | |||||
execute | y | y | |||||
index | y | y | |||||
insert | y | y | |||||
lock table | y | y | |||||
select | y | y | |||||
show view | y | y | |||||
update | y | y | |||||
event | |||||||
grant | |||||||
references | |||||||
trigger |