[SERVER-5261] Include authentication information in currentOp results Created: 09/Mar/12 Updated: 08/Jan/24 Resolved: 14/Sep/18 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Admin, Security |
| Affects Version/s: | 2.0.3 |
| Fix Version/s: | 4.1.4 |
| Type: | Improvement | Priority: | Major - P3 |
| Reporter: | Jared D. Cottrell | Assignee: | Jonathan Reams |
| Resolution: | Done | Votes: | 11 |
| Labels: | platforms_security, pm-620 | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Sprint: | Security 2018-09-10, Security 2018-09-24 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Participants: | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Case: | (copied to CRM) | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Description |
|
It would be useful to have authentication information for each operation in the results of currentOp. In particular, the database and user. |
| Comments |
| Comment by Kyle Mertz [ 17/Nov/20 ] |
|
Please backport this fix to 4.0.x since it's still under support. We have no way of identifying the number of connections by username with 4.0.x. |
| Comment by Githook User [ 14/Sep/18 ] |
|
Author: {'name': 'Jonathan Reams', 'email': 'jbreams@mongodb.com', 'username': 'jbreams'}Message: |
| Comment by Githook User [ 14/Sep/18 ] |
|
Author: {'name': 'Jonathan Reams', 'email': 'jbreams@mongodb.com', 'username': 'jbreams'}Message: |
| Comment by Francisco Andrade [ 23/Apr/15 ] |
|
I thinks this is a usefull feature when we need to identify if it is an app is running a slow query or an user connecting to the database from the app server. I've seen the $comment tip somewhere else to help on this kind of need, but since currentOp can show the client IP, it would be better to show all other helpfull informations. Since currentOp is only available for admin users, it would be better for this role to have access to every usefull information regarding the database administration. If Im missing some function that may help on this specific scenario, please let me know. |
| Comment by Andreas Nilsson [ 23/Apr/15 ] |
|
andrade no version of MongoDB currently supports this feature. The main reason is that it is somewhat inconsistent with our current security model since it potentially implies retrieving information about other users activities in the system. |
| Comment by Francisco Andrade [ 23/Apr/15 ] |
|
The latest versions are returning the database and collection in the ns (namespace) field of currentOp. Im using MongoDB 2.6.4. Does anyone know if newer versions returns the user running the operation? |