[SERVER-14427] Under localhost exception, can add replica set members via rs.initiate() but not rs.add() Created: 02/Jul/14  Updated: 10/Dec/14  Resolved: 02/Jul/14

Status: Closed
Project: Core Server
Component/s: Replication, Security, Shell
Affects Version/s: 2.7.2
Fix Version/s: None

Type: Bug Priority: Major - P3
Reporter: Samantha Ritter (Inactive) Assignee: Unassigned
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Operating System: ALL
Participants:

 Description   

We want to spin up a replica set with three members with auth enabled, and add our first user under the localhost exception. We want the following configuration:

{ '_id':'repl3',
  members:[{'_id':0, 'host':'Shirley:27017'},
                   {'_id':1, 'host':'Matt:27018'},
                   {'_id':2, 'host':'Ben:27019'}]
}

This workflow is fine:

1. start all members with --keyFile and --replSet
2. connect to a member via the shell
3. run rs.initiate(config from above)
4. use admin, create a root user, authenticate
5. done!

However, this workflow is not allowed:

1. start all members with --keyFile and --replSet
2. connect to a member via the shell
3. run rs.initiate()
4. use rs.add() to add other two members.
5. use admin, create a root user, authenticate
6. done!

Instead, we must authenticate before rs.add() is allowed:

1. start all members with --keyFile and --replSet
2. connect to a member via the shell
3. run rs.initiate()
4. use admin, create a root user, authenticate
5. use rs.add() to add other two members.
6. done!

This seems inconsistent?



 Comments   
Comment by Andy Schwerin [ 02/Jul/14 ]

rs.initiate() is only permitted under the localhost exception because it is prerequisite to creating users in a replicaset. rs.add() is not prerequisite, and so is not permitted.

Generated at Thu Feb 08 03:34:50 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.