Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-8998

SNMP: silent server crash when permission denied for AgentXSocket

XMLWordPrintableJSON

    • Type: Icon: Bug Bug
    • Resolution: Done
    • Priority: Icon: Major - P3 Major - P3
    • 2.5.5
    • Affects Version/s: 2.2.3
    • Component/s: Diagnostics, Stability
    • Environment:
      Subscriber / Enterprise edition, EC2 amzn Linux
    • ALL
    • Hide

      E.g. /etc/snmp/mongod.conf:

      ...
#only bind to localhost port 1161
agentaddress 127.0.0.1:1161

master agentx #Added
AgentXSocket tcp:localhost:705 #Added, privileged port
...

      Now attempt to start mongod as any non-root user. Example command used:

      $ ./bin/mongod -vvvvvvvvvvvv --snmp-master --port 3002 --fork --dbpath data --logpath logs/mongod.master.log --nojournal --smallfiles --nohttpinterface

      Corresponding mongod log (complete):

      Fri Mar 15 22:26:56 versionCmpTest passed
Fri Mar 15 22:26:56 versionArrayTest passed
Fri Mar 15 22:26:56 shardKeyTest passed
Fri Mar 15 22:26:56 isInRangeTest passed
Fri Mar 15 22:26:56 shardObjTest passed
Fri Mar 15 22:26:56 Matcher::matches() { abcd: 3.1, abcdef: "123456789" }
Fri Mar 15 22:26:56 Matcher::matches() { abcd: 3.1, abcdef: "123456789" }
Fri Mar 15 22:26:56 Matcher::matches() { abcd: 3.1, abcdef: "123456789" }
Fri Mar 15 22:26:56 Matcher::matches() { abcdef: "z23456789" }
Fri Mar 15 22:26:56 Matcher::matches() { abcd: 3.1, abcdef: "123456789" }
Fri Mar 15 22:26:56 Matcher::matches() { abcdef: "z23456789" }
Fri Mar 15 22:26:56 BackgroundJob starting: DataFileSync
Fri Mar 15 22:26:56 [initandlisten] MongoDB starting : pid=19032 port=3002 dbpath=/home/ec2-user/mongo-subscriber/mongodb-linux-x86_64-subscription-amzn64-2.2.3/data 64-bit host=ip-10-151-20-245
Fri Mar 15 22:26:56 [initandlisten] db version v2.2.3, pdfile version 4.5
Fri Mar 15 22:26:56 [initandlisten] git version: f570771a5d8a3846eb7586eaffcf4c2f4a96bf08 modules: subscription
Fri Mar 15 22:26:56 [initandlisten] build info: Linux bs-e-amzn64 3.2.12-3.2.4.amzn1.x86_64 #1 SMP Thu Mar 22 08:00:08 UTC 2012 x86_64 BOOST_LIB_VERSION=1_49
Fri Mar 15 22:26:56 [initandlisten] options: { dbpath: "data", fork: true, logpath: "logs/mongod.master.log", nohttpinterface: true, nojournal: true, port: 3002, smallfiles: true, snmp-master: true, vvvvvvvvvvvv: true }
Fri Mar 15 22:26:56 [initandlisten] Unable to check for journal files due to: boost::filesystem::basic_directory_iterator constructor: No such file or directory: "/home/ec2-user/mongo-subscriber/mongodb-linux-x86_64-subscription-amzn64-2.2.3/data/journal"
Fri Mar 15 22:26:56 [initandlisten] flushing directory /home/ec2-user/mongo-subscriber/mongodb-linux-x86_64-subscription-amzn64-2.2.3/data
Fri Mar 15 22:26:56 [initandlisten] opening db:  local
Fri Mar 15 22:26:56 [initandlisten] enter repairDatabases (to check pdfile version #)
Fri Mar 15 22:26:56 [initandlisten] done repairDatabases
Fri Mar 15 22:26:56 [initandlisten] fd limit hard:4096 soft:1024 max conn: 819
Fri Mar 15 22:26:56 [initandlisten] waiting for connections on port 3002
Fri Mar 15 22:26:56 BackgroundJob starting: TTLMonitor
Fri Mar 15 22:26:56 BackgroundJob starting: PeriodicTask::Runner
Fri Mar 15 22:26:56 BackgroundJob starting: ClientCursorMonitor
Fri Mar 15 22:26:56 BackgroundJob starting: snapshot
Fri Mar 15 22:26:56 BackgroundJob starting: SNMPAgent
Fri Mar 15 22:26:56 [SNMPAgent] SNMPAgent num things: 10
      Show
      E.g. /etc/snmp/mongod.conf : ... #only bind to localhost port 1161 agentaddress 127.0.0.1:1161 master agentx #Added AgentXSocket tcp:localhost:705 #Added, privileged port ... Now attempt to start mongod as any non-root user. Example command used: $ ./bin/mongod -vvvvvvvvvvvv --snmp-master --port 3002 --fork --dbpath data --logpath logs/mongod.master.log --nojournal --smallfiles --nohttpinterface Corresponding mongod log (complete): Fri Mar 15 22:26:56 versionCmpTest passed Fri Mar 15 22:26:56 versionArrayTest passed Fri Mar 15 22:26:56 shardKeyTest passed Fri Mar 15 22:26:56 isInRangeTest passed Fri Mar 15 22:26:56 shardObjTest passed Fri Mar 15 22:26:56 Matcher::matches() { abcd: 3.1, abcdef: "123456789" } Fri Mar 15 22:26:56 Matcher::matches() { abcd: 3.1, abcdef: "123456789" } Fri Mar 15 22:26:56 Matcher::matches() { abcd: 3.1, abcdef: "123456789" } Fri Mar 15 22:26:56 Matcher::matches() { abcdef: "z23456789" } Fri Mar 15 22:26:56 Matcher::matches() { abcd: 3.1, abcdef: "123456789" } Fri Mar 15 22:26:56 Matcher::matches() { abcdef: "z23456789" } Fri Mar 15 22:26:56 BackgroundJob starting: DataFileSync Fri Mar 15 22:26:56 [initandlisten] MongoDB starting : pid=19032 port=3002 dbpath=/home/ec2-user/mongo-subscriber/mongodb-linux-x86_64-subscription-amzn64-2.2.3/data 64-bit host=ip-10-151-20-245 Fri Mar 15 22:26:56 [initandlisten] db version v2.2.3, pdfile version 4.5 Fri Mar 15 22:26:56 [initandlisten] git version: f570771a5d8a3846eb7586eaffcf4c2f4a96bf08 modules: subscription Fri Mar 15 22:26:56 [initandlisten] build info: Linux bs-e-amzn64 3.2.12-3.2.4.amzn1.x86_64 #1 SMP Thu Mar 22 08:00:08 UTC 2012 x86_64 BOOST_LIB_VERSION=1_49 Fri Mar 15 22:26:56 [initandlisten] options: { dbpath: "data" , fork: true , logpath: "logs/mongod.master.log" , nohttpinterface: true , nojournal: true , port: 3002, smallfiles: true , snmp-master: true , vvvvvvvvvvvv: true } Fri Mar 15 22:26:56 [initandlisten] Unable to check for journal files due to: boost::filesystem::basic_directory_iterator constructor: No such file or directory: "/home/ec2-user/mongo-subscriber/mongodb-linux-x86_64-subscription-amzn64-2.2.3/data/journal" Fri Mar 15 22:26:56 [initandlisten] flushing directory /home/ec2-user/mongo-subscriber/mongodb-linux-x86_64-subscription-amzn64-2.2.3/data Fri Mar 15 22:26:56 [initandlisten] opening db: local Fri Mar 15 22:26:56 [initandlisten] enter repairDatabases (to check pdfile version #) Fri Mar 15 22:26:56 [initandlisten] done repairDatabases Fri Mar 15 22:26:56 [initandlisten] fd limit hard:4096 soft:1024 max conn: 819 Fri Mar 15 22:26:56 [initandlisten] waiting for connections on port 3002 Fri Mar 15 22:26:56 BackgroundJob starting: TTLMonitor Fri Mar 15 22:26:56 BackgroundJob starting: PeriodicTask::Runner Fri Mar 15 22:26:56 BackgroundJob starting: ClientCursorMonitor Fri Mar 15 22:26:56 BackgroundJob starting: snapshot Fri Mar 15 22:26:56 BackgroundJob starting: SNMPAgent Fri Mar 15 22:26:56 [SNMPAgent] SNMPAgent num things: 10

      If AgentX (sub-agent) is configured in /etc/snmp/mongod.conf, but the user the server's running as doesn't have access to the AgentXSocket definition, the server crashes (w/o stack trace or log message) and is left in "needs repair" state.

      Note: this can be the case because either:
      a.) no FS permissions to unix socket file, or
      b.) non-root user trying to listen on privileged (< 1024) port.

            Assignee:
            schwerin@mongodb.com Andy Schwerin
            Reporter:
            john.morales@mongodb.com John Morales (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            7 Start watching this issue

              Created:
              Updated:
              Resolved: