Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-17908

Allow getCmdLineOpts to be executed locally against an arbiter in an authenticated replica set

XMLWordPrintableJSON

    • Type: Icon: Bug Bug
    • Resolution: Done
    • Priority: Icon: Major - P3 Major - P3
    • 3.0.3, 3.1.2
    • Affects Version/s: 3.0.1
    • Component/s: Security
    • Labels:
      None
    • Fully Compatible
    • Security 2 04/24/15

      Issue Status as of Apr 29, 2015

      ISSUE SUMMARY
      Because arbiters do not replicate data, they do not have a copy of a replica set's credentials, and therefore refuse all authentication attempts when auth is required. As a result certain operations required for basic maintenance and for integration with MMS, that were previousily available via the localhost exception, are no longer possible.

      This change makes following operations available to clients that have access to an arbiter via the localhost exception:

      • getCmdLineOpts
      • serverStatus
      • getParameter
      • shutdown

      WORKAROUNDS
      None.

      AFFECTED VERSIONS

      3.0.0, 3.0.1, and 3.0.2

      FIX VERSION
      The fix is included in the 3.0.3 production release.

      Original description

      In 2.6.x it was possible to execute getCmdLineOpts against an arbiter in an authenticated replica set. In 3.0.1 it is not.

      Please restore the ability to execute getCmdLineOpts against an arbiter in an authenticated replica set, at least from localhost.

            Assignee:
            amalia.hawkins@10gen.com Amalia Hawkins
            Reporter:
            cailin.nelson@mongodb.com Cailin Nelson
            Votes:
            0 Vote for this issue
            Watchers:
            7 Start watching this issue

              Created:
              Updated:
              Resolved: