-
Type:
Bug
-
Resolution: Unresolved
-
Priority:
Major - P3
-
None
-
Affects Version/s: 5.0.21
-
Component/s: None
-
Server Security
-
ALL
-
Security 2024-04-15
-
None
-
3
-
None
-
None
-
None
-
None
-
None
-
None
It appears a server configured with the following log option:
$ jq 'select(.msg=="Options set by command line")|.attr.options.systemLog' mongod.log { "destination": "file", "logRotate": "rename", "path": "/var/log/mongodb/mongod.log" }
Still calls syslog to log via CyrusSASL (_sasl_log call per backtrace):
{"t":{"$date":"2024-03-20T16:33:29.735-05:00"},"s":"I", "c":"COMMAND", "id":31425, "ctx":"SignalHandler","msg":"Stacktrace Record","attr":{"record":{"name":"conn678","tid":105416,"backtrace":[{"b":"000","o":"4111949","s":"_ZN5mongo12rawBacktraceEPPvm","s+":"9"},{"b":"000","o":"411D413","s":"stateSingletonAction","s+":"123"},{"b":"001","o":"F630"},{"b":"002","o":"10C7FA"},{"b":"002","o":"F8DA4"},{"b":"002","o":"F8802","s":"__vsyslog_chk","s+":"222"},{"b":"002","o":"F8C52","s":"__syslog_chk","s+":"82"},{"b":"003","o":"AA23"},{"b":"003","o":"C57E","s":"_sasl_log","s+":"1BE"},{"b":"004","o":"3DE1"},{"b":"003","o":"12BDB","s":"sasl_server_step","s+":"9B"},{"b":"003","o":"13149","s":"sasl_server_start","s+":"2E9"},{"b":"000","o":"1894D4E","s":"_ZN5mongo17CyrusSaslMechShimINS_12GSSAPIPolicyEE8stepImplB5cxx11EPNS_16OperationContextENS_10StringDataE","s+":"9E"}
When the server is configured to log to file, we would not expect syslog output at all.
This results in user pain as syslogd can for various reasons become overwhelmed or blocked, especially if the user expects to be logging only to file, resulting in potentially long latencies in authentication.