Hi, I need to create a database that can only be updated by the database owner, but allow all other users read privilege on the data. Setup: * linux OS * the database is created using sudo to a service account called svc_merc_cdr_prod * database file and containing directory path set up with chmod 644, eg -rw-r--r-- 1 svc_merc_cdr_prod svc_merc_cdr_prod 427008 Jul 9 11:08 /opt/bigcdr/nlp/db/prd/control/cdr_control.db I can access this database as the service account and perform updates, eg from a linux terminal: sudo -u svc_merc_cdr_prod sqlite3 /opt/bigcdr/nlp/db/prd/control/cdr_control.db My issue is that no other user can access this. eg if i run without sudo i'm able to open the sqlite tool but cannot view tables or open the database file?? ~$ sqlite3 /opt/bigcdr/nlp/db/prd/control/cdr_control.db -- Loading resources from /users/******/.sqliterc SQLite version 3.7.17 2013-05-20 00:56:22 Enter ".help" for instructions Enter SQL statements terminated with a ";" sqlite> .ta sqlite> .schema Error: unable to open database file sqlite> select * from phase1_control; Error: unable to open database file sqlite> I have another use case where a different service account user is attempting to query a table via jdbc connection and that results in "Exception in thread "main" org.sqlite.SQLiteException: [UNKNOWN_ERROR] unknown error (attempt to write a readonly database)" Its unclear why a select query should require a write operation? What is the recommended method to restrict read only perms to public users while allowing read write by the database owner? I've searched the docs but couldn't find anything specific about this. https://www.raspberrypi.org/forums/viewtopic.php?t=285406 this post suggests adding a read only pragma to the reading session, is that required? Any help greatly appreciated, thanks