Replication stops if GRANT issued by NON-DBA user who has RDB$ADMIN role and appropriate object (table, etc) belongs to another user

Replication can be unexpectedly terminated (infinitely issuing message "ERROR: unsuccessful metadata update") if the following conditions are true:
* two users exist (names: JUNIOR and MANAGER); one of them (MANAGER) has grant to CREATE TABLE and creates some table;
* one more user exists (name: SENIOR) and role RDB$ADMIN was granted to him; he is NOT the owner of database;
* user SENIOR issues GRANT to JUNIOR for run DML against the table that was created by MANAGER;see below line marked as ```[ 1 ]```;

After short time replication stops with infinitely issuing message in repl.log:
```
	ERROR: unsuccessful metadata update
	GRANT failed
	no INSERT privilege with grant option on table/view "PUBLIC"."TABLE_OF_MANAGER"
	At segment 3, offset 48
```

Script (will not raise any errror):
```
set bail on;
set list on;
set wng off;
set echo on;

connect 'localhost:db_repl_alias' user sysdba password 'masterkey';
create or alter user junior password '123';
create or alter user manager password '456';
create or alter user senior password '789';
commit;

connect 'localhost:db_main_alias' user sysdba password 'masterkey';
create or alter user junior password '123';
create or alter user manager password '456';
create or alter user senior password '789';
revoke all on all from junior;
revoke all on all from manager;
revoke all on all from senior;

grant rdb$admin to senior;
grant create table to user manager;

commit;
show grants;

connect 'localhost:db_main_alias' user manager password '456';
recreate table table_of_manager(id int primary key, info varchar(50) default current_user);
insert into table_of_manager(id) values(1);
commit;

connect 'localhost:db_main_alias' user senior password '789' role rdb$admin;

grant insert on table_of_manager to junior;     --  [ 1 ] ::: NB :::: THIS IS DONE BY **SENIOR**, NOT SYSDBA!
commit;

show grants;
commit;

-- Just to check actual grants that user 'junior' has:
connect 'localhost:db_main_alias' user junior password '123';

show grants;

-- must pass:
insert into table_of_manager(id) values(-1);
commit;

connect 'localhost:db_main_alias' user manager password '456';

-- two rows must be shown:
select * from table_of_manager;
```

Example of replication log after this:
```
PZ (replica) Tue Jan 13 14:18:27 2026
	Database: C:\FB\60SS\EXAMPLES\EMPBUILD\QA_REPLICATION\DB_REPL.FDB
	VERBOSE: Added 4 segment(s) to the queue

PZ (replica) Tue Jan 13 14:18:27 2026
	Database: C:\FB\60SS\EXAMPLES\EMPBUILD\QA_REPLICATION\DB_REPL.FDB
	VERBOSE: Segment 1 (595 bytes) is replicated in 0.060s, deleting

PZ (replica) Tue Jan 13 14:18:27 2026
	Database: C:\FB\60SS\EXAMPLES\EMPBUILD\QA_REPLICATION\DB_REPL.FDB
	VERBOSE: Segment 2 (356 bytes) is replicated in 0.020s, deleting

PZ (replica) Tue Jan 13 14:18:27 2026
	Database: C:\FB\60SS\EXAMPLES\EMPBUILD\QA_REPLICATION\DB_REPL.FDB
	ERROR: unsuccessful metadata update
	GRANT failed
	no INSERT privilege with grant option on table/view "PUBLIC"."TABLE_OF_MANAGER"
	At segment 3, offset 48

PZ (replica) Tue Jan 13 14:18:27 2026
	Database: C:\FB\60SS\EXAMPLES\EMPBUILD\QA_REPLICATION\DB_REPL.FDB
	VERBOSE: Disconnecting and suspending

PZ (replica) Tue Jan 13 14:18:30 2026
	Database: C:\FB\60SS\EXAMPLES\EMPBUILD\QA_REPLICATION\DB_REPL_8766.FDB
	VERBOSE: No new segments found, suspending

PZ (replica) Tue Jan 13 14:18:33 2026
	Database: C:\FB\60SS\EXAMPLES\EMPBUILD\QA_REPLICATION\DB_REPL_8766.FDB
	VERBOSE: No new segments found, suspending

PZ (replica) Tue Jan 13 14:18:34 2026
	Database: C:\FB\60SS\EXAMPLES\EMPBUILD\QA_REPLICATION\DB_REPL.FDB
	VERBOSE: Added 2 segment(s) to the queue

PZ (replica) Tue Jan 13 14:18:34 2026
	Database: C:\FB\60SS\EXAMPLES\EMPBUILD\QA_REPLICATION\DB_REPL.FDB
	ERROR: unsuccessful metadata update
	GRANT failed
	no INSERT privilege with grant option on table/view "PUBLIC"."TABLE_OF_MANAGER"
	At segment 3, offset 48

PZ (replica) Tue Jan 13 14:18:34 2026
	Database: C:\FB\60SS\EXAMPLES\EMPBUILD\QA_REPLICATION\DB_REPL.FDB
	VERBOSE: Disconnecting and suspending
```

replication.conf:
```
database
{
  verbose_logging = true
}

database = $(dir_sampleDb)/qa_replication/db_main.fdb
{

    journal_directory = "$(dir_sampleDb)/qa_replication/db_main.journal"
    journal_archive_directory = "$(dir_sampleDb)/qa_replication/db_main.archive"
    journal_archive_timeout = 10
}

database = $(dir_sampleDb)/qa_replication/db_repl.fdb
{
    journal_source_directory = "$(dir_sampleDb)/qa_replication/db_main.archive"
    apply_idle_timeout = 3
    apply_error_timeout = 7
}
```

Reproduced on:
6.0.0.1389;  5.0.4.1746;  4.0.73243.


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Replication stops if GRANT issued by NON-DBA user who has RDB$ADMIN role and appropriate object (table, etc) belongs to another user #8857

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

Replication stops if GRANT issued by NON-DBA user who has RDB$ADMIN role and appropriate object (table, etc) belongs to another user #8857

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions