Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-17671

Refuse to complete initial sync from nodes with 2.4-style auth data

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 3.0.2, 3.1.1
    • Component/s: Security
    • Labels:
      None
    • Backwards Compatibility:
      Fully Compatible
    • Backport Completed:

      Description

      Currently we have a few authentication startup checks in 3.0:

      • check for indexes on system.users
      • check for schema version

      These checks prevent mongod from starting even when auth is off, but without this improvement you can sync a 3.0 node from 2.6 node with the 2.4 auth schema, and it will work just fine until you try to restart the node.

      We should validate during initial sync that the sync source has a new enough auth schema version.

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                8 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: