How to resolve a -554, ERROR: AN AUTHORIZATION ID OR ROLE CANNOT GRANT A PRIVILEGE TO ITSELF error message.

search cancel

How to resolve a -554, ERROR: AN AUTHORIZATION ID OR ROLE CANNOT GRANT A PRIVILEGE TO ITSELF error message.

book

Article ID: 19505

calendar_today

Updated On:

Products

RC/Secure for DB2 for z/OS

Issue/Introduction

The user is RC/Secure for Db2 for z/OS (RCS) SECADM.
User is trying to give this privilege to another USER ID he has which is tied to the primary one.

The following message gets generated:

DSNT408I SQLCODE = -554, ERROR:  AN AUTHORIZATION ID OR ROLE CANNOT      
        GRANT A PRIVILEGE TO ITSELF                                     
DSNT418I SQLSTATE   = 42502 SQLSTATE RETURN CODE                         
DSNT415I SQLERRP    = DSNXA07 SQL PROCEDURE DETECTING ERROR              
DSNT416I SQLERRD    = -120  0  0  -1  0  0 SQL DIAGNOSTIC INFORMATION    
DSNT416I SQLERRD    = X'FFFFFF88'  X'00000000'  X'00000000'              
        X'FFFFFFFF'  X'00000000'  X'00000000' SQL DIAGNOSTIC            
        INFORMATION                                                     
        SQL error in PLAN AUTHPLAN in DBRM CSAAUCMO statement     331

SQL error in PLAN AUTHPLAN in DBRM CSAAUCMO statement 331
An authorization ID cannot grant a privilege to itself.

Resolution

SET CURRENT RULES = 'STD' which will specify whether certain SQL statements
are executed in accordance with DB2 rules or the rules of the SQL.

An example is:

SET CURRENT RULES = 'STD';                                                     
SET CURRENT SQLID = A36467D;                                                   
GRANT EXECUTE ON PLAN RSPMPLAN TO A36467D;                                     
SET CURRENT RULES = 'DB2';

Another option would be to SET CURRENT SQLID = xxxxx (where xxxxx is another ID).

Feedback

thumb_up Yes

thumb_down No