Using the utility database

User's Guide
PART 4. Database Administration and Advanced Use
CHAPTER 23. Working with Database Files

Using the utility database

You can connect to a server using the utility database, a phantom database that has no physical representation(that is, there is no database file for this database, and it can contain no data.

The utility database can be loaded by specifying utility_db as the database name when connecting. The utility database permits only a narrow range of specialized functions. It is provided so that you can execute database file manipulation statements such as CREATE DATABASE, or ALTER WRITEFILE, without first connecting to a physical database.

Sybase Central

You cannot connect to the utility database from Sybase Central. However, as you can already create and delete a database from Sybase Central without first connecting to a database, this is not a practical limitation.

Starting a server with no database

Normally when you start a database server, you specify the database you wish to load. However, you can start a server that does not load a database.

For example, the following command from the command line starts a personal database server named TestEng but does not load a database.

dbeng6 -n TestEng

To load and connect to the utility database:

Start a database server with the following command:
```
dbeng6.exe -n TestEng
```
Start Interactive SQL.
On the Login tab of the Connection Window, enter DBA as the user ID and SQL as the password. On the Database tab, enter utility_db as the database name.
Click OK to connect.

Interactive SQL connects to the utility database on the personal server named TestEng. No real database is actually loaded.

You can now execute the database file administration statements. For example, executing the following statement after having connected to the utility database creates a database named new.db in the directory C:\temp.

CREATE DATABASE 'C:\\temp\\new.db'

For Info For more information on the syntax of those statements, see CREATE DATABASE statement.

Utility database server security

There are two aspects to utility database server security:

Who can connect to the utility database?
Who can execute file administration statements?

These are discussed in this section.

Utility database passwords

There is a different security model for the personal server and the network server.

For the personal server, you must specify the user ID DBA. You can use any password; as the personal server is intended for single machine use, a security restriction is not needed.

For the network server, you must specify the user ID DBA, but the password is held in a file named util_db.ini, which is stored in the server executable directory. As this directory is on the server, you can control access to the file, and thereby control who has access to the password.

util_db.ini

The util_db.ini file has the following contents:

[UTILITY_DB]
PWD=password

Use of the utility_db security level relies on the physical security of the computer hosting the database server since the util_db.ini file can be easily read using a text editor.

Permission to execute file administration statements

Based on the utility database, a new level of security has been added for the ability to create and drop databases. The -gu database server command-line option controls who can execute the file administration statements.

There are four levels of permission for the use of file administration statements. These levels are: all, none, dba, and utility_db. The utility_db level permits only a person able to connect to the utility database to use the file administration statements.

-gu switch option

Effect

applies to

all

Anyone can execute file administration statements

Any database including utility database

none

No one can execute file administration statements

Any database including utility database

dba

Only dba-authority users can execute file administration statements

Any database including utility database

utility_db

Only the user who can connect to utility database can execute file administration statements

Only the utility database

-gu switch option	Effect	applies to
all	Anyone can execute file administration statements	Any database including utility database
none	No one can execute file administration statements	Any database including utility database
dba	Only dba-authority users can execute file administration statements	Any database including utility database
utility_db	Only the user who can connect to utility database can execute file administration statements	Only the utility database

For Info For more information on the database server -gu command line switch, see The database server.

Examples

To prevent the use of the file administration statements, start the database server using the none permission level of the -gu switch. The following command starts a database server and names it TestSrv, loads the sample database, but prevent anyone from using that server to create or delete a database.
```
dbsrv6.exe -n TestSrv -gu none asademo.db
```
With the database server named TestSrv started in this manner, all users are prevented from using the server to create or add a database, regardless of their resource creation rights, or whether or not they can load and connect to the utility database.
To permit only the user knowing the utility database password to connect to create or delete databases, start the server at the command line with the following command.
```
dbsrv6 -n TestSrv -gu utility_db
```
Assuming the utility database password has been set during installation to asa, the following command starts the Interactive SQL utility as a client application, connects to the server named TestSrv, loads the utility database and connects the user.
```
dbisql -c "uid=dba;pwd=asa;dbn=utility_db;eng=TestSrv"
```
Having executed the above statement successfully, the user is connected to the utility database, and is able to create or delete databases.