diff --git a/schema b/schema
index 2b242d4..a4667b9 160000
--- a/schema
+++ b/schema
@@ -1 +1 @@
-Subproject commit 2b242d4f5c9ee9a608e57b4d4694eeabe9c6ee47
+Subproject commit a4667b94f331f9f624416bbbb951fe78d5304d26
diff --git a/src/db/access.rs b/src/db/access.rs
index dff3f22..c670fff 100644
--- a/src/db/access.rs
+++ b/src/db/access.rs
@@ -21,10 +21,9 @@ use lmdb::{Environment, Transaction, RwTransaction, Cursor};
 use crate::config::Settings;
 use crate::error::Result;
 
-mod internal;
+pub mod internal;
 
 use crate::db::user::User;
-use internal::PermissionsDB;
 pub use internal::init;
 
 pub trait RoleDB {
diff --git a/src/db/access/internal.rs b/src/db/access/internal.rs
index fcf960a..806a12b 100644
--- a/src/db/access/internal.rs
+++ b/src/db/access/internal.rs
@@ -20,16 +20,16 @@ use crate::db::access::{PermIdentifier, Role, RoleIdentifier, RoleDB};
 use crate::db::user::{UserIdentifier, User};
 
 #[derive(Clone, Debug)]
-pub struct PermissionsDB {
+pub struct Internal {
     log: Logger,
     env: Arc<Environment>,
     roledb: lmdb::Database,
     userdb: lmdb::Database,
 }
 
-impl PermissionsDB {
+impl Internal {
     pub fn new(log: Logger, env: Arc<Environment>, roledb: lmdb::Database, userdb: lmdb::Database) -> Self {
-        PermissionsDB { log, env, roledb, userdb }
+        Self { log, env, roledb, userdb }
     }
 
     /// Check if a given user has the given permission
@@ -200,7 +200,7 @@ impl PermissionsDB {
    }
 }
 
-impl RoleDB for PermissionsDB {
+impl RoleDB for Internal {
     fn check(&self, user: &User, permID: &PermIdentifier) -> Result<bool> {
         let txn = self.env.begin_ro_txn()?;
         self._check(&txn, user, permID)
@@ -221,7 +221,7 @@ impl RoleDB for PermissionsDB {
 
 /// Initialize the access db by loading all the lmdb databases
 pub fn init(log: Logger, config: &Settings, env: Arc<lmdb::Environment>) 
-    -> std::result::Result<PermissionsDB, crate::error::Error> 
+    -> std::result::Result<Internal, crate::error::Error> 
 {
     let mut flags = lmdb::DatabaseFlags::empty();
     flags.set(lmdb::DatabaseFlags::INTEGER_KEY, true);
@@ -233,5 +233,5 @@ pub fn init(log: Logger, config: &Settings, env: Arc<lmdb::Environment>)
     debug!(&log, "Opened access database '{}' successfully.", "user");
     info!(&log, "Opened all access databases");
 
-    Ok(PermissionsDB::new(log, env, roledb, userdb))
+    Ok(Internal::new(log, env, roledb, userdb))
 }
diff --git a/src/db/machine.rs b/src/db/machine.rs
index 4025c06..6e95eaa 100644
--- a/src/db/machine.rs
+++ b/src/db/machine.rs
@@ -14,7 +14,7 @@ use smol::lock::RwLock;
 
 use crate::error::Result;
 use crate::config::Settings;
-use crate::access;
+use crate::db::access;
 
 use crate::db::user::UserIdentifier;
 
@@ -32,7 +32,7 @@ use futures_signals::signal::*;
 use crate::registries::StatusSignal;
 use crate::db::user::User;
 
-mod internal;
+pub mod internal;
 use internal::Internal;
 
 pub type MachineIdentifier = Uuid;
@@ -71,17 +71,7 @@ fn api_from_uuid(uuid: Uuid, mut wr: crate::api::api_capnp::u_u_i_d::Builder) {
 #[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
 /// The status of the machine
 pub struct MachineState {
-    state: Status,
-}
-
-// TODO split up for non-writable Definition Databases
-pub trait MachineDB {
-    fn get_status(&self, machID: &MachineIdentifier) 
-        -> impl Future<Output=Result<Option<MachineState>>>;
-    fn put_status(&self, machID: &MachineIdentifier, machine: MachineState) 
-        -> impl Future<Output=Result<()>>;
-
-    fn iter_status(&self) -> impl Stream<Output=Result<MachineState>>;
+    pub state: Status,
 }
 
 pub fn init(log: Logger, config: &Settings, env: Arc<lmdb::Environment>) -> Result<Internal> {
diff --git a/src/db/machine/internal.rs b/src/db/machine/internal.rs
index 11a625e..98629c2 100644
--- a/src/db/machine/internal.rs
+++ b/src/db/machine/internal.rs
@@ -14,7 +14,7 @@ use futures::stream;
 use futures::future::Ready;
 use futures::stream::Iter;
 
-use super::{MachineIdentifier, MachineState, MachineDB};
+use super::{MachineIdentifier, MachineState};
 use crate::error::Result;
 
 #[derive(Clone, Debug)]
@@ -34,9 +34,7 @@ impl Internal {
     {
         match txn.get(self.db, uuid.as_bytes()) {
             Ok(bytes) => {
-                let mut machine: Machine = flexbuffers::from_slice(bytes)?;
-                machine.id = *uuid;
-
+                let mut machine: MachineState = flexbuffers::from_slice(bytes)?;
                 Ok(Some(machine))
             },
             Err(lmdb::Error::NotFound) => { Ok(None) },
@@ -44,7 +42,7 @@ impl Internal {
         }
     }
 
-    pub fn put(&self, txn: &mut RwTransaction, uuid: &Uuid, status: MachineStatus) 
+    pub fn put(&self, txn: &mut RwTransaction, uuid: &Uuid, status: MachineState) 
         -> Result<()>
     {
         let bytes = flexbuffers::to_vec(status)?;
@@ -115,7 +113,7 @@ impl Internal {
        Ok(())
     }
 
-    pub fn iter<T: Transaction>(&self, txn: &T) -> _ {
+    pub fn iter<T: Transaction>(&self, txn: &T) -> Result<impl Iterator<Item=MachineState>> {
        let mut cursor = txn.open_ro_cursor(self.db)?;
        Ok(cursor.iter_start().map(|buf| {
            let (kbuf, vbuf) = buf.unwrap();
@@ -124,23 +122,3 @@ impl Internal {
        }))
     }
 }
-
-impl MachineDB for Internal {
-    fn get_status(&self, machID: &MachineIdentifier) -> Ready<Result<Option<MachineState>>> {
-        let txn = self.env.begin_ro_txn().unwrap();
-        futures::future::ready(self.get(&txn, machID))
-    }
-
-    fn put_status(&self, machID: &MachineIdentifier, machine: MachineState) -> Ready<Result<()>> {
-        let mut txn = self.env.begin_rw_txn().unwrap();
-        self.put(&mut txn, machID, machine).unwrap();
-        txn.commit().unwrap();
-
-        futures::future::ready(Ok(()))
-    }
-
-    fn iter_status(&self) -> _ {
-        let txn = self.env.begin_ro_txn().unwrap();
-        stream::iter(self.iter(&txn))
-    }
-}
diff --git a/src/db/mod.rs b/src/db/mod.rs
index 8fd035e..5125623 100644
--- a/src/db/mod.rs
+++ b/src/db/mod.rs
@@ -13,7 +13,6 @@ pub mod user;
 pub mod machine;
 
 pub struct Databases {
-    pub roles: Box<dyn access::RoleDB>,
-    pub user: Box<dyn user::UserDB>,
-    pub machine: Box<dyn machine::MachineDB>,
+    pub access: access::internal::Internal,
+    pub machine: machine::internal::Internal,
 }
diff --git a/src/machine.rs b/src/machine.rs
index 287aa45..cdfb64d 100644
--- a/src/machine.rs
+++ b/src/machine.rs
@@ -2,6 +2,8 @@ use futures_signals::signal::Signal;
 use futures_signals::signal::SignalExt;
 use futures_signals::signal::Mutable;
 
+use uuid::Uuid;
+
 use crate::error::Result;
 
 use crate::db::user::User;
diff --git a/src/main.rs b/src/main.rs
index b2e5b46..cec1ea6 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -143,8 +143,8 @@ fn main() -> Result<(), Error> {
     // All of those get a custom logger so the source of a log message can be better traced and
     // filtered
     let env = Arc::new(env);
-    let mdb = machine::init(log.new(o!("system" => "machines")), &config, env.clone());
-    let pdb = access::init(log.new(o!("system" => "permissions")), &config, env.clone());
+    let mdb = db::machine::init(log.new(o!("system" => "machines")), &config, env.clone());
+    let pdb = db::access::init(log.new(o!("system" => "permissions")), &config, env.clone());
     let authentication_f = auth::init(log.new(o!("system" => "authentication")), config.clone());
 
     // If --load or --dump is given we can stop at this point and load/dump the database and then