[SERVER-11466] SNMP: snmpd restart always reowns unix socket to inaccessible ownership Created: 29/Oct/13 Updated: 27/Oct/15 Resolved: 30/Oct/13 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | None |
| Affects Version/s: | 2.5.3 |
| Fix Version/s: | 2.5.4 |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | John Morales | Assignee: | James Wahlin |
| Resolution: | Done | Votes: | 0 |
| Labels: | 26qa | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Environment: |
|
||
| Issue Links: |
|
||||||||||||||||
| Operating System: | ALL | ||||||||||||||||
| Steps To Reproduce: |
Example startup command: ./bin/mongod --replSet rs --snmp-subagent --port 27017 --fork --dbpath data/noauth-rs-0/ --logpath logs/noauth-rs-0/mongod.log --smallfiles --nohttpinterface |
||||||||||||||||
| Participants: | |||||||||||||||||
| Description |
|
The new mongod.conf.subagent uses a UNIX socket definition of:
On Ubuntu Server 12.04, This causes a directory structure permission/ownership as follows:
Note that the /tmp/agentx is only user visible, and everything is owned by root. The more unexpected behavior, however, is that the permissions and ownership of the socket file are always reset back to root ownership and only user-writeable.
This implies that the mongod running as a subagent will not be able to communicate through the UNIX socket. The SNMP doc describes additional parameters (agentXPerms) to control the permission/ownership, so perhaps a documentation-only change. But also might be worth mentioning as a comment in the mongod.conf.subagent file itself. |
| Comments |
| Comment by James Wahlin [ 30/Oct/13 ] |
|
No subagent config change required. It is the agent that defines permissions on the domain socket used to talk to the subagent. The documentation change made under |
| Comment by Eric Milkie [ 30/Oct/13 ] |
|
Answering my own question: it doesn't matter if the master is mongod or snmpd, we need this line in the subagent config. |
| Comment by Eric Milkie [ 30/Oct/13 ] |
|
Is this true even if you are running the three mongod's on separate machines, as in a real deployment? |