Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-12539

Make sure mongorestoring user/role data doesn't interfere with ongoing user or role modifications

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Fixed
    • Affects Version/s: 2.5.5
    • Fix Version/s: 2.6.0-rc1
    • Component/s: Security, Sharding, Tools
    • Labels:
      None
    • Backwards Compatibility:
      Fully Compatible
    • Operating System:
      ALL

      Description

      If you use mongorestore to restore user or role data, those updates could conflict with other user or role management operations going on in the cluster.
      Mongos uses a distributed lock to prevent user modifications performed on one mongos from conflicting with modifications from another mongos, while mongod uses a mutex. We should acquire the same lock that the user management commands do whenever mongorestore is restoring user/role data to prevent conflicting writes.

      Proposed way to do this is to introduce two new commands: lockAuthzUpdateLock and unlockAuthzUpdateLock, and use them in mongorestore.

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: