Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-13080

Cannot run "copydb" within sharded cluster with auth enabled

XMLWordPrintableJSON

    • Type: Icon: Bug Bug
    • Resolution: Done
    • Priority: Icon: Minor - P4 Minor - P4
    • None
    • Affects Version/s: 2.4.9, 2.6.0-rc1
    • Component/s: Security
    • Labels:
      None
    • ALL
    • Hide 
      var st = new ShardingTest({shards : 1, mongos : 1, config : 1, auth : "", keyFile : "jstests/libs/key1" });

var mongos = st.s;

var test1 = mongos.getDB('test1');
var test2 = mongos.getDB('test2');

mongos.getDB("admin").createUser({user: "super", pwd: "super", roles: ["root"]});
assert.throws(function() { mongos.getDB("test1")["test1"].findOne(); });
mongos.getDB("admin").auth("super", "super");

test1.getCollection('test').insert({foo: 'bar'});
jsTestLog('Test document on source db:');
printjson(test1.getCollection('test').findOne());
jsTestLog('copydb');

//var result = mongos.getDB('admin').copyDatabase('test1', 'test2');
var result = mongos.getDB('admin').copyDatabase('test1', 'test2', undefined, 'super', 'super');
printjson(result);
assert.eq(result.ok, 1.0);
jsTestLog('Test document on destination db:');
printjson(test2.getCollection('test').findOne());
st.stop();

      (note that both versions of "copyDatabase" shown above cause this to fail)

      Show
      var st = new ShardingTest({shards : 1, mongos : 1, config : 1, auth : "", keyFile : " jstests/libs/key1" }); var mongos = st.s; var test1 = mongos.getDB( 'test1' ); var test2 = mongos.getDB( 'test2' ); mongos.getDB( "admin" ).createUser({user: " super " , pwd: " super " , roles: [ "root" ]}); assert . throws (function() { mongos.getDB( "test1" )[ "test1" ].findOne(); }); mongos.getDB( "admin" ).auth( " super " , " super " ); test1.getCollection( 'test' ).insert({foo: 'bar' }); jsTestLog( 'Test document on source db:' ); printjson(test1.getCollection( 'test' ).findOne()); jsTestLog( 'copydb' ); // var result = mongos.getDB( 'admin' ).copyDatabase( 'test1' , 'test2' ); var result = mongos.getDB( 'admin' ).copyDatabase( 'test1' , 'test2' , undefined, ' super ' , ' super ' ); printjson(result); assert .eq(result.ok, 1.0); jsTestLog( 'Test document on destination db:' ); printjson(test2.getCollection( 'test' ).findOne()); st.stop(); (note that both versions of "copyDatabase" shown above cause this to fail)

      The "copydb" command can be used to copy one database to another within a cluster. For a single node and a replica set, this is just the same node, but for a sharded cluster the target shard actually needs to run queries on the source shard to pull all the data for the database. The problem here is that the target shard fails to authenticate with the source shard.

      To fix this, I believe the "copydb" command needs to know whether it's copying from a node within a cluster or from another cluster, since the way it should authenticate is different in each case.

            Assignee:
            backlog-server-platform DO NOT USE - Backlog - Platform Team
            Reporter:
            sverch Shaun Verch
            Votes:
            1 Vote for this issue
            Watchers:
            11 Start watching this issue

              Created:
              Updated:
              Resolved: