Subject Re: [firebird-support] GRANT Privileges
Author Mark Rotteveel
On 31-7-2018 16:18, Lee Nash LeeNash@... [firebird-support] wrote:
> I’m struggling to grant any privileges on a .fdb file database.
> I have created a separate user as the SYSDBA reported “Your login SYSDBA is same as one of the SQL role name. Ask your database administrator to set up a valid Firebird Login”.
> When I use ISQL to run a select statement on the database in question I get the response:
> “Statement failed, SQLSTATE = 28000
> No permission for read/select access to TABLE ZIEKTE”
> Then I try to GRANT SELECT on TABLE ZIEKTE to USER DW_EXTRACT” however I get the response:
> “Statement failed, SQLSTATE = 28000
> Unsuccessful metadata update
> -no S privilege with grant option on table/view ZIEKTE”
> I’ve tried numerous tables but I get the same response.
> I have tested the user on the Example database “EMPLOYEE” and have no problems accessing any table on that.
> Can you possibly help me or point me in the right direction?

The original author of this database created a role SYSDBA to prevent
the user SYSDBA from working.

You can't simply grant yourself rights. If that were possible, security
would be a joke (especially if - as the name ZIEKTE (which is Dutch for
disease, illness or sick leave) suggests - this potentially concerns
confidential personal data).

Now assuming you actually have the moral and legal right to access this
data (eg under the GDPR), you should find out which user does have the
appropriate rights and login with that user. You may need to create the
user first (user accounts in Firebird are - usually - centrally
administered, while rights are (linked to user names) per database).

Alternatively, you could try to drop the sysdba role or - assuming this
is Firebird 2.5 or earlier - you could try to delete the role SYSDBA
directly from the RDB$ROLES table. You may need to create a user account
with the same name that originally created that role.

Mark Rotteveel