Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-41633

Ability to assign audit file permissions based on mongod's user group (not user)

XMLWordPrintableJSON

    • Type: Icon: New Feature New Feature
    • Resolution: Fixed
    • Priority: Icon: Major - P3 Major - P3
    • 4.3.1
    • Affects Version/s: None
    • Component/s: Logging
    • Labels:
      None
    • Fully Compatible
    • Security 2019-07-01, Security 2019-07-15, Security 2019-07-29, Security 2019-08-26

      Current audit configuration: 

      auditLog: 
          destination: file 
          format: JSON 
          path: /data/mongodb/audit/mongo_audit.log 

      Files are rotated using SIGUSR1 to the mongod's PID. 

      When using the audit feature, we want the audit file to have r/w permissions for the mongod group and not only the mongod user itself.

      Nowadays we are using the flag  honorSystemUmask:true , but we want to eliminate it for not all the users on the machine will have access to it

        1. Capture.PNG
          Capture.PNG
          7 kB

            Assignee:
            sara.golemon@mongodb.com Sara Golemon
            Reporter:
            barak.gilboa@imperva.com barak gilboa
            Votes:
            0 Vote for this issue
            Watchers:
            8 Start watching this issue

              Created:
              Updated:
              Resolved: