[JRASERVER-72246] Postgres upgrade on AWS RDS Jira can't find tables

Type: Bug
Resolution: Cannot Reproduce
Priority: Medium (View bug fix roadmap)
Fix Version/s: None
Affects Version/s: 8.5.0, 8.13.0
Component/s: Environment - Database
Labels:
- platform
- testival

Introduced in Version:
8.05
Support reference count:
1
Symptom Severity:
Severity 2 - Major
UIS:
7
Bug Fix Policy:
View Atlassian Server bug fix policy

Issue Summary

This ticket is used to track a bug on RDS - after Postgres 10 upgrade, Jira may fail to start.

https://dba.stackexchange.com/questions/237359/aws-rds-postgresql-master-user-lost-all-privileges-after-upgrading-from-v9-6

When ugprading to Postgres 10 on AWS RDS, Jira can't start.
It's because after upgrade, public schema lost access privileges.

Steps to Reproduce

Connect to postgres sever (psql)
connect to jira database by \c <jiradb>
list out schemas \dn+

Expected Results

rdsadmin user has access privileges

                          List of schemas
  Name  |  Owner   |  Access privileges   |      Description
--------+----------+----------------------+------------------------
 public | rdsadmin | rdsadmin=UC/rdsadmin+| standard public schema
        |          | =UC/rdsadmin         |
(1 row)

Actual Results

access privileges are lost.

    List of schemas
  Name  |  Owner   | Access privileges |      Description
--------+----------+-------------------+------------------------
 public | rdsadmin |                   | standard public schema
(1 row)

Workaround

Grant schema access to confluence user.

confluence=> ALTER SCHEMA public OWNER to <jira_db_user>;
ALTER SCHEMA
confluence=> GRANT ALL ON SCHEMA public TO <jira_db_user>;
GRANT

is cloned from

CONFSERVER-59243 Upgrade to Postgres 10 on AWS RDS Confluence can't find tables

Long Term Backlog

Form Name

Vishwas N M added a comment - 10/May/2022 12:05 PM - edited

This issue still exists in PostgreSQL 12.2 , AWS RDS. With public schema has lost privileges and workaround fixed the issue.

Vishwas N M added a comment - 10/May/2022 12:05 PM - edited This issue still exists in PostgreSQL 12.2 , AWS RDS. With public schema has lost privileges and workaround fixed the issue.

Artur Gniadzik added a comment - 30/Jul/2021 11:14 AM

I tried to reproduce this issue:

run RDS on 9.6.20, use psql console to check the permissions on schema:

psql (13.3 (Debian 13.3-1.pgdg100+1), server 9.6.20)
SSL connection (protocol: TLSv1.2, cipher: ECDHE-RSA-AES256-GCM-SHA384, bits: 256, compression: off)
Type "help" for help.

atldb=> \dn+
                          List of schemas
  Name  |  Owner   |  Access privileges   |      Description       
--------+----------+----------------------+------------------------
 public | rdsadmin | rdsadmin=UC/rdsadmin+| standard public schema
        |          | =UC/rdsadmin         | 
(1 row)

upgrade RDS to 10.17, use the console to check the permissions:

psql (13.3 (Debian 13.3-1.pgdg100+1), server 10.17)
SSL connection (protocol: TLSv1.2, cipher: ECDHE-RSA-AES256-GCM-SHA384, bits: 256, compression: off)
Type "help" for help.

atldb=> \dn+
                          List of schemas
  Name  |  Owner   |  Access privileges   |      Description       
--------+----------+----------------------+------------------------
 public | rdsadmin | rdsadmin=UC/rdsadmin+| standard public schema
        |          | =UC/rdsadmin         | 
(1 row)

Which is an expected result and proves that the issue on AWS side was fixed. I'm closing the ticket.

Artur Gniadzik added a comment - 30/Jul/2021 11:14 AM I tried to reproduce this issue: run RDS on 9.6.20, use psql console to check the permissions on schema: psql (13.3 (Debian 13.3-1.pgdg100+1), server 9.6.20) SSL connection (protocol: TLSv1.2, cipher: ECDHE-RSA-AES256-GCM-SHA384, bits: 256, compression: off) Type "help" for help. atldb=> \dn+ List of schemas Name | Owner | Access privileges | Description --------+----------+----------------------+------------------------ public | rdsadmin | rdsadmin=UC/rdsadmin+| standard public schema | | =UC/rdsadmin | (1 row) upgrade RDS to 10.17, use the console to check the permissions: psql (13.3 (Debian 13.3-1.pgdg100+1), server 10.17) SSL connection (protocol: TLSv1.2, cipher: ECDHE-RSA-AES256-GCM-SHA384, bits: 256, compression: off) Type "help" for help. atldb=> \dn+ List of schemas Name | Owner | Access privileges | Description --------+----------+----------------------+------------------------ public | rdsadmin | rdsadmin=UC/rdsadmin+| standard public schema | | =UC/rdsadmin | (1 row) Which is an expected result and proves that the issue on AWS side was fixed. I'm closing the ticket.

Details

Description

Issue Summary

Steps to Reproduce

Expected Results

Actual Results

Workaround

Attachments

Issue Links

Forms

Activity

Collapse comment: Vishwas N M added a comment - 10/May/2022 12:05 PM, Edited by Vishwas N M - 10/May/2022 12:06 PM

Expand comment: Vishwas N M added a comment - 10/May/2022 12:05 PM, Edited by Vishwas N M - 10/May/2022 12:06 PM

Collapse comment: Artur Gniadzik added a comment - 30/Jul/2021 11:14 AM

Expand comment: Artur Gniadzik added a comment - 30/Jul/2021 11:14 AM

People

Dates