Core Server
  1. Core Server
  2. SERVER-3048

shutdown command should require admin username/password when auth is on

    Details

    • Type: Bug Bug
    • Status: Closed Closed
    • Priority: Minor - P4 Minor - P4
    • Resolution: Duplicate
    • Affects Version/s: 1.8.1
    • Fix Version/s: None
    • Component/s: Admin
    • Labels:
    • Backport:
      No
    • Operating System:
      ALL
    • Bug Type:
      Logical
    • # Replies:
      1
    • Last comment by Customer:
      false

      Description

      To reproduce run mongod with --auth and open a fresh copy of the mongo shell and then:

      > use admin
      switched to db admin
      > db.admin.find()
      error:

      { "$err" : "unauthorized db:admin lock type:-1 client:127.0.0.1", "code" : 10057 }

      > db.admin.runCommand("shutdown")
      Thu May 05 11:57:01 DBClientCursor::init call() failed
      Thu May 05 11:57:01 query failed : admin.$cmd

      { shutdown: "admin" }

      to: 127.0.0.1
      Thu May 05 11:57:01 Error: error doing query: failed shell/collection.js:150
      Thu May 05 11:57:01 trying reconnect to 127.0.0.1
      Thu May 05 11:57:02 reconnect 127.0.0.1 failed couldn't connect to server 127.0.0.1
      >

      The shutdown command should have failed with the same error as the find.

        Activity

        • Comments
        Hide
        Eliot Horowitz
        added a comment -

        This is a dupe of SERVER-3773
        We should just make sure there is a test.

        Show
        Eliot Horowitz
        added a comment - This is a dupe of SERVER-3773 We should just make sure there is a test.

          People

          • Votes:
            5 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:
              Days since reply:
              2 years, 20 weeks, 2 days ago
              Date of 1st Reply: