[DOCS-12960] Investigate changes in SERVER-41633: Ability to assign audit file permissions based on mongod's user group (not user) Created: 16/Aug/19  Updated: 13/Nov/23  Resolved: 26/Jun/20

Status: Closed
Project: Documentation
Component/s: manual
Affects Version/s: None
Fix Version/s: 4.3.1, Server_Docs_20231030, Server_Docs_20231106, Server_Docs_20231105, Server_Docs_20231113

Type: Task Priority: Major - P3
Reporter: Backlog - Core Eng Program Management Team Assignee: Kanchana Sekhar
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Documented
documents SERVER-41633 Ability to assign audit file permissi... Closed
Participants:
Days since reply: 3 years, 32 weeks, 5 days ago
Epic Link: DOCS: 4.4 Server Release Work
Story Points: 5

 Description   

Description

Downstream Change Summary

This introduces a new setting `processUmask`, the value provided must be in octal format. The bottom six bits will be honored (group/other), while the top three bits will be inherited from the system umask.

This new setting is incompatible with `honorSystemUmask=true` for hopefully obvious reasons.

Description of Linked Ticket

Current audit configuration: 

auditLog: 
    destination: file 
    format: JSON 
    path: /data/mongodb/audit/mongo_audit.log 

Files are rotated using SIGUSR1 to the mongod's PID. 

When using the audit feature, we want the audit file to have r/w permissions for the mongod group and not only the mongod user itself.

Nowadays we are using the flag  honorSystemUmask:true , but we want to eliminate it for not all the users on the machine will have access to it

Scope of changes

Impact to Other Docs

MVP (Work and Date)

Resources (Scope or Design Docs, Invision, etc.)



 Comments   
Comment by Githook User [ 26/Jun/20 ]

Author:

{'name': 'Kanchana Sekhar', 'email': 'kanchana.sekhar@mongodb.com', 'username': 'kanchana-mongodb'}

Message: DOCS-12960 doc for processUmask startup option
Branch: master
https://github.com/mongodb/docs/commit/4dea2131a0c5085468732e9352b49a5ea60bf5f6

Comment by Kanchana Sekhar [ 23/Jun/20 ]
Generated at Thu Feb 08 08:06:35 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.