contact contact

B.08.10 / Release Notes / Changes / Database Server

Database Server

  This document provides a list of enhancements and user visible changes in Eloquence B.08.10, relative to the original B.08.00 release.



  • The database server was enhanced to support item masking.

  • The database server was enhanced to support item encryption.

  • The server was enhanced to implicitly grant a DBA user administrative capabilities on a database (DADMIN and DBPRIV privileges).

    As a consequence, the following behavior is changed:
    Any user with DBA privileges may

    • purge or erase any database
    • dbstore or dbrestore any database
    • perform a dbdumpcat on any database
    • change the database structure
    • change the database access rights

    With previous server versions only the user that created a database (or was granted administrative capabilities subsequently) was able to perform these tasks. Other users, even with DBA privileges would fail.

  • The "operator" user property was added. This may be used to indicate user accounts permitted to perform operational tasks, like starting and stopping online backup mode, switching forward logs, performing dbstore and dbrestore, for example. This allows to be more restrictive with administrative accounts.

  • Added support for user password modification timestamp.

    The timestamp is updated when the user account is created or the password is updated. With dbdumpcat it is returned in the tspw column of the server sysuser table.
    When starting the B.08.10 database server for the first time, the server catalog is upgraded to support this column.
    When the volume set is used with a previous Eloquence version this additional column is ignored.

Other changes

  • The DBINFO mode 114 was added to allow obtaining field status.

    DBINFO mode 114 is similar to DBINFO mode 104 but returns item status information rather than item numbers. DBINFO mode 114 is available in both the image3k and the native client library. However, it is currently not available in eloqcore. The returned status information is bit encoded (per item) as indicated below:

    Bit 0 (0x1) - encrypted field
    Bit 0 is set if the field is stored on disk in encrypted format.

    Bit 1 (0x2) - encrypted content not available
    Bit 1 is set if an encryption key for the database is not available. If this affects actual record, the field is blanked (if a string item) or zeroed when read.

    Bit 2 (0x4) - item mask is defined
    Bit 2 is set if an item mask exists for this item, even if it does not apply for the current user.

    Bit 3 (0x8) - item content is masked
    Bit 3 is set if an item mask affects information in this field (eg. information is truncated or blanked).

    Bit 0 and and bit 2 may be used by an application to understand a field has sensitive information, so it should be handled with extra care (eg. not included in application logs).

    Bit 1 and bit 3 may be used to indicate the field content is not available or only partially returned.

  • The DBUPDATE mode 2 (or DBUPDATE using the CIUPDATE flag for image3k) on a master set was changed to return status 43:0 instead of -804:0 when a duplicate key item value is specified.

  • A DBOPEN of an encrypted database returns status -812:0 if one or more master keys are unavailable.

  • The "dbctl encryption status" command may be used to display status information about the server. It returns an error if the server does not support encryption.

  • The HTTP status web pages include supplemental audit information in the session status. This is useful, for example, if a connection via ODBC provides additional information about the ODBC client side.

  • The HTTP status was enhanced to display additional information on the installed license in the config web page.

  • The dbctl list command was enhanced. A filter expression may be specified and the /count option may be used to only obtain the number of matching entries.

    For example:

    $ dbctl list session "pname=*query3k*"
    $ dbctl list lock /count "status=blocked"
    Please refer to the dbctl documentation for details.

  • The dbctl forwardlog status command no longer requires dba privileges.

  • When a dbutil ADD ITEM data set clause is used to add an item of type P (packed) to a data set, the subsequent restructuring process now initializes this new P item to unsigned zero.

    Previously, a new P item was initialized to binary zero.

  • The HTTP status display has been enhanced and optional filter expressions similar to the "dbctl list" command have been added (with update B.08.10.01).

    Please refer to the HTTP status display documentation for details.

  • The dbctl dbkeyupdate function was enhanced (with update B.08.10.01) to allow deleting data encryption keys from a database not using encryption.

  Privacy | Webmaster | Terms of use | Impressum Revision:  2010-09-22  
  Copyright © 2010 Marxmeier Software AG