[SERVER-11881] addUser crashing 2.4 mongod in mixed version replica set Created: 27/Nov/13  Updated: 10/Dec/14  Resolved: 14/Feb/14

Status: Closed
Project: Core Server
Component/s: Security, Stability
Affects Version/s: None
Fix Version/s: None

Type: Bug Priority: Major - P3
Reporter: Adinoyi Omuya Assignee: Andy Schwerin
Resolution: Won't Fix Votes: 0
Labels: 26qa
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related
related to SERVER-11928 Cannot downgrade from 2.5.x to 2.4.8 ... Closed
is related to SERVER-12158 Replica set blows up inelegantly when... Closed
Operating System: ALL
Participants:

 Description   

Not sure if this is expected behavior but to reproduce, start a mixed version replica set with a 2.5.x primary and 2.4 secondar[y/ies]. After initiating the replica set, run the following on the primary.

db.addUser({user:"root",pwd:"root",roles:[{role:"root",db:"admin"}]})

or

db.createUser({user:"root",pwd:"root",roles:[{role:"root",db:"admin"}]})

in enterprise builds.
The 2.4 mongod(s) crash.



 Comments   
Comment by Andy Schwerin [ 14/Feb/14 ]

After SERVER-12156, this can only happen in two cases:

  1. The user added is the first one ever added to the replica set, and was added while the cluster was running mixed 2.4 and 2.6 with a 2.6 primary.
  2. The 2.4 mongod was down when authSchemaUpgrade was run.

Workaround is to restart the node with a 2.6 binary, which we presume to be the user's intention anyhow.

Comment by Andy Schwerin [ 03/Dec/13 ]

Similar problem where a 2.4 server can't accept oplog entries that manipulate system.users collections in a 2.6-y way. Because 2.4 does enforcement of system.users schema at a very low level, it's quite difficult to bypass.

Comment by Andy Schwerin [ 03/Dec/13 ]

It's not an allowed action. I'm not sure how much work it would be to prevent crashing on the 2.4 instances in this case.

Generated at Thu Feb 08 03:26:59 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.