-
Type: Task
-
Resolution: Fixed
-
Priority: Major - P3
-
Affects Version/s: None
-
Component/s: manual
-
Labels:None
Description
This introduces a new setting `processUmask`, the value provided must be in octal format. The bottom six bits will be honored (group/other), while the top three bits will be inherited from the system umask.
This new setting is incompatible with `honorSystemUmask=true` for hopefully obvious reasons.
Description of Linked Ticket
Current audit configuration:
auditLog:
destination: file
format: JSON
path: /data/mongodb/audit/mongo_audit.log
Files are rotated using SIGUSR1 to the mongod's PID.
When using the audit feature, we want the audit file to have r/w permissions for the mongod group and not only the mongod user itself.
Nowadays we are using the flag honorSystemUmask:true , but we want to eliminate it for not all the users on the machine will have access to it
Scope of changes
Impact to Other Docs
MVP (Work and Date)
Resources (Scope or Design Docs, Invision, etc.)
- documents
-
SERVER-41633 Ability to assign audit file permissions based on mongod's user group (not user)
- Closed