[SERVER-12155] 2.4 mongos can continue creating old schema user docs even after auth schema has been upgraded Created: 18/Dec/13  Updated: 10/Dec/14  Resolved: 14/Feb/14

Status: Closed
Project: Core Server
Component/s: Security
Affects Version/s: 2.5.4
Fix Version/s: None

Type: Bug Priority: Major - P3
Reporter: Michael O'Brien Assignee: Andy Schwerin
Resolution: Won't Fix Votes: 0
Labels: 26qa
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related
Operating System: ALL
Participants:

 Description   

1. Create a sharded cluster on 2.4, with auth enabled and 2 or more mongos processes, create a user with privileges for userAdminAnyDatabase
2. On one of the 2.4 mongos, log in as the user with userAdminAnyDatabase
3. On the other 2.4 mongos:

  • shut it down, upgrade its binary to 2.5 and restart with --upgrade
  • log in and run the authSchemaUpgrade commands

4. On the first 2.4 mongos (which is still connected and logged in as the user with userAdminAnyDatabase) run the db.addUser command.
It will create a user doc with the old schema. So listing system users shows:

> st1.s0.getDB("admin").system.users.find().pretty()
{
	"_id" : "admin.mike",
	"user" : "mike",
	"db" : "admin",
	"credentials" : {
		"MONGODB-CR" : "0b201b8e2a0193849c8acdcfd92ee73c"
	},
	"roles" : [
		{
			"role" : "userAdminAnyDatabase",
			"db" : "admin"
		},
		{
			"role" : "clusterAdmin",
			"db" : "admin"
		},
		{
			"role" : "readWriteAnyDatabase",
			"db" : "admin"
		}
	]
}
{
	"_id" : ObjectId("52b1f1a06a1f4ec0f8a6f7da"),
	"user" : "mike2",
	"pwd" : "e6861c06f0f85ed57ddede151b59d49e",
	"roles" : [
		"read"
	]
}
{
	"_id" : "admin.mike3",
	"user" : "mike3",
	"db" : "admin",
	"credentials" : {
		"MONGODB-CR" : "1946dc61e1429e2195d1706f057084fe"
	},
	"roles" : [
		{
			"role" : "read",
			"db" : "admin"
		}
	]
}

Script to reproduce this:

var st1 = new ShardingTest({shards:2, mongos:2, keyFile: "testkeyfile",
                            other:{mongosOptions:{binVersion:MongoRunner.versionIterator(["2.4", "2.4"])},
                            shardOptions:{binVersion:MongoRunner.versionIterator(["2.5"])},
                            configOptions:{binVersion:"2.5"}, separateConfig:true}})
 
st1.s1.getDB("admin").addUser({user:"mike", pwd:"blah", roles:["userAdminAnyDatabase", "clusterAdmin", "readWriteAnyDatabase"]})
st1.s1.getDB("admin").auth("mike", "blah")
//Stop balancer so that --upgrade can proceed
st1.s1.getDB("config").settings.update({ _id: "balancer" }, { $set : { stopped: true } }, true );
MongoRunner.stopMongos(st1.s0)
st1.s0 = MongoRunner.runMongos({restart:st1.s0, binVersion:"2.5", upgrade:""})
st1.s0.getDB("admin").auth("mike","blah")
 
do {
	res = st1.s0.getDB("admin").runCommand({authSchemaUpgradeStep: 1});
	print(tojson(res));
} while (res.ok && !res.done);
 
 
st1.s1.getDB("admin").addUser({user:"mike2", pwd:"blah", roles:["read"]})
printjson(st1.s1.getDB("admin").system.users.find().toArray())



 Comments   
Comment by Andy Schwerin [ 14/Feb/14 ]

Those old-style users won't be observed by new mongos or mongod processes doing authentication or user management, so I believe they are harmless.

Generated at Thu Feb 08 03:27:46 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.