Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-12798

Make shard maintenance independent of local admin users

    XMLWordPrintableJSON

Details

    • Server Security
    • Minor Change

    Description

      At the moment in a sharded, auth-enabled system local users on the replicas are required to perform maintenance operations on primaries and secondaries.

      This is a confusing inconsistency since the main users of the system are maintained on the config servers and we generally disencourage creating local users. Examples of operations requiring this type of access is running compact.

      Some possible strategies to solve this are:
      1. As soon as sharding is enabled, let the replicas contact the config servers for auth, just like mongos does. This requires the replicas (including secondaries to have access to the config servers) and will require some mongos/config server fu be copied to mongod.

      2. Synchronize the config server users down to the replicas via the primaries.
      It is rather inconvenient and cludgy to introduce another information pushing channel in addition to mongos-primary and primary-secondary.

      Attachments

        Activity

          People

            backlog-server-security Backlog - Security Team
            andreas.nilsson Andreas Nilsson
            Votes:
            1 Vote for this issue
            Watchers:
            10 Start watching this issue

            Dates

              Created:
              Updated: