Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-80154

Audit synchronize job can temporarily overwrite new audit config value during FCV upgrade

    XMLWordPrintableJSON

Details

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Major - P3 Major - P3
    • 7.1.0-rc0
    • None
    • None
    • None
    • Fully Compatible
    • ALL
    • Security 2023-08-21, Security 2023-09-04
    • 45

    Description

      When upgrading FCV from 7.0 to 7.1, there is a phase in which we migrate audit config from the config.settings collection to the cluster parameters collection. When this happens, the in-memory audit config is updated to match the new one. However, since we are still in transitional 7.0-to-7.1 FCV while this happens, the audit synchronize job on mongod can run after this migration and overwrite the in-memory audit config, resulting in an unexpectedly empty timestamp. The fix is to block the audit synchronize job on mongod while we are in this transitional state.

      Attachments

        Activity

          People

            gabriel.marks@mongodb.com Gabriel Marks
            gabriel.marks@mongodb.com Gabriel Marks
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: