diff --git a/README_SETUP.md b/README_SETUP.md
index 11588e7db750b2f535144c52a03dda4167dbfc22..1b88d56636ccbbbfa3ed616ff323d8e9fdf4835c 100644
--- a/README_SETUP.md
+++ b/README_SETUP.md
@@ -24,6 +24,11 @@
 * Run `make install`. If a there is a database with the name you have choosen
   during the configuration, you need to reconfigure or delete the database
   first.
+  * *Required database privileges:*
+    * If the user does not exist yet, you need the [appropriate global privileges](https://mariadb.com/kb/en/grant/#global-privileges), for example
+      `CREATE USER` and the privileges to grant that user all global privileges.  The required
+      privileges may be reduced in the future.
+    * For normal usage, [database privileges](https://mariadb.com/kb/en/grant/#database-privileges) are required.
 
 ## Upgrade the SQL database
 
diff --git a/utils/make_db b/utils/make_db
index c9fffc4589621e64a1877d0d2db1d744186b222e..8e4ce925e1cdc7de14a3d352271006fc11d3d7d4 100755
--- a/utils/make_db
+++ b/utils/make_db
@@ -174,6 +174,9 @@ function grant() {
 
     for host in ${DATABASE_USER_HOST_LIST//,/ } ; do
         echo "Granting admin privileges to '$DATABASE_USER'@'$host'"
+        # FIXME Are all these permissions necessary? See
+        # https://gitlab.indiscale.com/caosdb/src/caosdb-mysqlbackend/-/issues/28 "Default
+        # installation target does not work for existing databases"
         $MYSQL_CMD $(get_mysql_args_nodb) <<EOF
 CREATE USER IF NOT EXISTS
     '$DATABASE_USER'@'$host' identified by '$DATABASE_USER_PW';