[DOCS-9770] Comment on: "manual/tutorial/enforce-keyfile-access-control-in-existing-replica-set.txt" Created: 13/Jan/17  Updated: 03/Nov/17  Resolved: 13/Jan/17

Status: Closed
Project: Documentation
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Bug Priority: Major - P3
Reporter: Antonio Kang Assignee: Ravind Kumar (Inactive)
Resolution: Cannot Reproduce Votes: 0
Labels: collector-298ba4e7
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Amazon Linux AMI release 2015.09
Kernel \r on an \m
Mongo 3.2

Location: https://docs.mongodb.com/v3.2/tutorial/enforce-keyfile-access-control-in-existing-replica-set/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:50.0) Gecko/20100101 Firefox/50.0
Referrer: https://www.google.com/
Screen Resolution: 1920 x 1080


Participants:
Days since reply: 7 years, 4 weeks, 5 days ago

 Description   

"chmod 400 <path-to-keyfile>" is incorrect. When using 400 permission for the keyfile, the nodes are unable to join as a cluster.

I had to use chmod 600 in order for the nodes to join as a cluster.



 Comments   
Comment by Ravind Kumar (Inactive) [ 13/Jan/17 ]

Hi Antonio,

Setting chmod 400 is correct. Adding write permissions for the owner should not make a difference as far as replication success.

I'm cannot reproduce your issue, and this project isn't the best forum for extended debug support. I also confirmed with our security engineers that chmod 400 is the correct file permissions, and chmod 600 is unlikely to have resolved a replication issue.

I am pleased that your cluster is working, but I would encourage you to post to the MongoDB Google group to see if our community support engineers can shed some light on what happened. Depending on the outcome of that case, we might have more specific changes to make to the documentation.

I appreciate you creating a ticket and letting us know what happened.

Generated at Thu Feb 08 07:59:07 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.