[SERVER-12152] Possible to specify both --auth and --noauth for mongod Created: 17/Dec/13  Updated: 11/Jul/16  Resolved: 21/May/14

Status: Closed
Project: Core Server
Component/s: Security
Affects Version/s: 2.5.4
Fix Version/s: 2.6.0

Type: Bug Priority: Major - P3
Reporter: Andreas Nilsson Assignee: Shaun Verch
Resolution: Done Votes: 0
Labels: 26qa
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related
is related to SERVER-7942 Mongo servers should fail at startup ... Closed
Backwards Compatibility: Minor Change
Operating System: ALL
Steps To Reproduce:

./mongod --auth --noauth

expected behavior is to report and error and abort.

Participants:

 Description   

The command line options --noauth and --auth are inconsistent and should be disallowed together like for instance --journal and --nojournal.

Since auth is off by default I am not sure why the --noauth flag is even present. The only thing it does is to set auth disabled globally which it is by default, so it has no effect. However if we choose to make auth default it will come in handy so we should probably keep it around.



 Comments   
Comment by Shaun Verch [ 21/May/14 ]

Fixed as of 2.6.0:

$ ./mongod --version
db version v2.6.0
2014-05-21T13:29:49.645-0400 git version: 1c1c76aeca21c5983dc178920f5052c298db616c
2014-05-21T13:29:49.645-0400 OpenSSL version: OpenSSL 1.0.1e 11 Feb 2013
$ ./mongod --auth --noauth
2014-05-21T13:29:54.371-0400 SEVERE: Failed global initialization: BadValue noauth is not allowed when auth is specified

Generated at Thu Feb 08 03:27:45 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.