Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-52537

Mongostat,mongotop and other similar mongo commands are showing password in plain text on linux ps commands

    • Type: Icon: Bug Bug
    • Resolution: Duplicate
    • Priority: Icon: Major - P3 Major - P3
    • None
    • Affects Version/s: None
    • Component/s: None
    • None

      Hi Team,

          We are running a few mongo commands using script and during those commands execution the passwords provided in -p option is coming with plain text when checked using ps commands on linux, where ps command is used to list the background processes running on linux systems. If I am not wrong, when mongo commands are checked on ps the -p parameter should sensor the passwords as xxxx. But however in our case it is not working for mongostat,mongotop and few other mongo commands and they are as follows

       

      $ ps -ef | grep mongostat

      ----------------------------
      myuser 19499 16437 10 06:10 ? 00:00:00 /usr/bin/mongostat --quiet -u readonly -p mypassword@123 --authenticationDatabase admin -o host,insert,query,update,delete,set,repl -h ......... n 1

       

      $ ps -ef | grep mongotop

      ------------------------------

      myuser 7232 7108 1 06:13 ? 00:00:00 /usr/bin/mongotop --quiet -u readonly -p mypassword@123 --authenticationDatabase admin -h host:27720 -n 1

      $ while true; do ps -ef | grep mongo | grep authenticationDatabase | grep -v mongostat | grep -v mongotop;done
      ---------------------------------------
      root 19213 19202 0 06:15 ? 00:00:00 /usr/bin/mongo --ipv6 --quiet -u readonly -p mypassword@123 --authenticationDatabase admin --port 27717 --eval rs.status()

      Mongo version used on our environment

      [root@vm01 ~]# mongo --version
      MongoDB shell version v3.6.17
      git version: 3d6953c361213c5bfab23e51ab274ce592edafe6
      OpenSSL version: OpenSSL 1.1.1c FIPS 28 May 2019
      allocator: tcmalloc
      modules: none
      build environment:
      distmod: rhel80
      distarch: x86_64
      target_arch: x86_64

       

      [root@vm01~]# rpm -qa | grep mongo
      mongodb-org-mongos-3.6.17-1.el8.x86_64
      mongodb-org-tools-3.6.17-1.el8.x86_64
      mongodb-org-3.6.17-1.el8.x86_64
      mongodb-org-shell-3.6.17-1.el8.x86_64
      mongodb-org-server-3.6.17-1.el8.x86_64

      kindly help us in hiding the information on ps commands given the fact mongo already has an option to hide these values

       

      Thanks and Regards,

      Azhar

      Kindly help us on how to avoid hiding the passowrds in ps given the fact it is already available in mongo

            Assignee:
            eric.sedor@mongodb.com Eric Sedor
            Reporter:
            rizwiazhar@gmail.com Azhar Yousuf
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: