Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-28449

"Root" role does not have permissions to recreate oplog

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Works as Designed
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: Security
    • Labels:
      None
    • Operating System:
      ALL

      Description

      I am running into an issue with the 3.2.12 server

      I have a user with 'root' role that is not able to recreate the oplog ( in order to scale up the size of the oplog)

      > db.runCommand({ create: "oplog.rs", capped: true, size: 1503238553.0 })
      {
      	"ok" : 0,
      	"errmsg" : "not authorized on local to execute command { create: \"oplog.rs\", capped: true, size: 1503238553.0 }",
      	"code" : 13
      }
      

      If the user is granted readWrite on the local DB then it starts to work

       db.grantRolesToUser("admin", [{role: "readWrite", db: "local"}])
      

      Is this expected? I would expect the 'root' role to be a superset of all the permissions.

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                6 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: