[SERVER-41029] mongocryptd should not delete existing domain socket if it fails to start TCP socket Created: 06/May/19 Updated: 04/Mar/20 Resolved: 27/Jun/19 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Security |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Kevin Albertson | Assignee: | Mira Carey |
| Resolution: | Won't Fix | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||
| Operating System: | ALL | ||||||||||||
| Steps To Reproduce: |
|
||||||||||||
| Sprint: | Security 2019-05-20, Service Arch 2019-06-17, Service Arch 2019-07-01 | ||||||||||||
| Participants: | |||||||||||||
| Description |
|
CC mark.benvenuto + jeff.yemin |
| Comments |
| Comment by Githook User [ 12/Aug/19 ] |
|
Author: {'name': 'Dan Aprahamian', 'username': 'daprahamian', 'email': 'dan.aprahamian@gmail.com'}Message: NODE: remove connecting on linux socket Remove connecting to mongocryptd on /tmp/mongocryptd.sock until |
| Comment by Mira Carey [ 27/Jun/19 ] |
|
I'm going to close this out as wontfix, in preference for SERVER-41826 |
| Comment by Mira Carey [ 19/Jun/19 ] |
|
I've filed SERVER-41826 with a strategy I believe we can use to avoid stealing the domain socket. Couple of other thoughts:
|
| Comment by Kevin Albertson [ 19/Jun/19 ] |
|
I want to avoid stealing the UNIX domain socket to avoid the user experience described in the repro.
Hmm, I think so. I guess it's just a matter that the first mongod to terminates deletes the UNIX domain socket. Perhaps there's no reasonable way to enforce that the socket file is only deleted if no mongod is bound to it. If that is the case, then perhaps we should close this as "Won't Fix", and that would be more reason for us to choose a sensible user-wide pidfile path. By creating it in the current working directory like we currently do, it's easy to hit issue by running your application in two different directories. |
| Comment by Mira Carey [ 18/Jun/19 ] |
|
kevin.albertson, do you actually want what's in this ticket? Or do you want to avoid stealing the unix domain socket from a running process? A few thoughts:
I'm trying to figure out if the narrow problem this ticket describes is actually worth solving. Or if you want something more complicated in the "don't overwrite other's unix domain sockets" kind of vein |
| Comment by Mark Benvenuto [ 31/May/19 ] |
|
The unix domain socket is simply being bound before the TCP/IP sockets. This is not a problem specific to mongocryptd. Assigning to service arch. The code in question is here: https://github.com/mongodb/mongo/blob/933c6ad19c3f19a964c74a5174cbcf11cde0a66e/src/mongo/transport/transport_layer_asio.cpp#L678-L686 |