Loading...

XML

Word

Printable

JSON

Type: Improvement
Resolution: Done
Priority: Major - P3
Fix Version/s: 3.0.2, 3.1.1
Affects Version/s: None
Component/s: Security
Labels:
None

Backwards Compatibility:
Fully Compatible
Backport Completed:

3.0.2
Confidence Status:
None
Work Order:
0

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name:
None
Goal Link:
None

Currently we have a few authentication startup checks in 3.0:

check for indexes on system.users
check for schema version

These checks prevent mongod from starting even when auth is off, but without this improvement you can sync a 3.0 node from 2.6 node with the 2.4 auth schema, and it will work just fine until you try to restart the node.

We should validate during initial sync that the sync source has a new enough auth schema version.

is related to

SERVER-25943 Initial sync should handle invalid authSchema document

Closed

related to

SERVER-17808 Ensure availability in initial_sync_unsupported_auth_schema.js test

Closed

SERVER-17998 Ignore socket exceptions in initial_sync_unsupported_auth_schema.js test

Closed

SERVER-17826 Ignore ismaster exceptions in initial_sync_unsupported_auth_schema.js test

Closed

links to

Pull request 940

Assignee:: Andy Schwerin

Reporter:: Alexander Komyagin (Inactive)

Participants:: Alexander Komyagin, Andy Schwerin, Githook User

Votes:: 0 Vote for this issue

Watchers:: 8 Start watching this issue

Created:: Mar 19 2015 10:36:56 PM UTC

Updated:: Jun 09 2017 08:38:44 PM UTC

Resolved:: Mar 25 2015 07:08:43 PM UTC

Details

Description

Attachments

Issue Links

Activity

People

Dates