Privilegierte Benutzer-Accounts hinzufügen

deploy/mariadb/init/001-schema.sql

@@ -1768,4 +1768,36 @@ VALUES
 
 UPDATE detection_rules
 SET enabled = 0
-WHERE name LIKE 'v1_%';
+WHERE name LIKE 'v1_%';
+
+CREATE TABLE user_host_baseline (
+    username VARCHAR(128),
+    hostname VARCHAR(128),
+    first_seen TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+    PRIMARY KEY (username, hostname)
+);
+
+CREATE TABLE IF NOT EXISTS user_privilege_baseline (
+    username VARCHAR(255) NOT NULL PRIMARY KEY,
+    first_seen DATETIME(6) NOT NULL DEFAULT UTC_TIMESTAMP(6),
+    last_seen DATETIME(6) NOT NULL DEFAULT UTC_TIMESTAMP(6),
+    seen_count BIGINT NOT NULL DEFAULT 1
+);
+
+CREATE TABLE IF NOT EXISTS privileged_users (
+    username VARCHAR(255) PRIMARY KEY,
+    reason TEXT NULL,
+    enabled TINYINT(1) NOT NULL DEFAULT 1,
+    created_at TIMESTAMP(6) NOT NULL DEFAULT CURRENT_TIMESTAMP(6),
+    updated_at TIMESTAMP(6) NOT NULL DEFAULT CURRENT_TIMESTAMP(6) ON UPDATE CURRENT_TIMESTAMP(6)
+);
+
+CREATE INDEX idx_privileged_users_enabled
+ON privileged_users (enabled);
+
+INSERT INTO privileged_users (username, reason, enabled)
+VALUES
+('administrator', 'Built-in Administrator', 1),
+('admin', 'Generic admin account', 1)
+ON DUPLICATE KEY UPDATE
+reason = VALUES(reason);