[SERVER-5279] Bypass auth check when logging "ClientCursor::yield can't unlock" message Created: 10/Mar/12 Updated: 03/Jan/18 Resolved: 21/Dec/12 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Logging, Security |
| Affects Version/s: | 2.0.2 |
| Fix Version/s: | 2.3.2 |
| Type: | Improvement | Priority: | Minor - P4 |
| Reporter: | Richard Kreuter (Inactive) | Assignee: | Spencer Brody (Inactive) |
| Resolution: | Done | Votes: | 1 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Participants: | |||||||||
| Case: | (copied to CRM) | ||||||||
| Description |
|
When auth is enabled, certain log operations aren't as informative as they might be. For example, the warning about not yielding because the recursive lock is held tries to get the current op's info, which is only available to threads authenticated to the admin db, so the warning message reports 'top: { err : "unauthorized" }'. So maybe log messages should make a practice of bypassing auth checks of this sort, so long as we're only sending log output to files and other things that only ops folks can get at. |
| Comments |
| Comment by auto [ 12/Dec/12 ] |
|
Author: {u'date': u'2012-12-11T22:59:40Z', u'email': u'spencer@10gen.com', u'name': u'Spencer T Brody'}Message: |
| Comment by Spencer Brody (Inactive) [ 09/Nov/12 ] |
|
While fixing any single instance of this problem is pretty easy (can just put a GodScope block around any code gathering information to be passed to the LOG() function), I can't think of a good way to fix it in general for all log messages. This is because generally the information being used as part of the log message is gathered outside of any logging code and then passed into the LOG() function via the stream operator <<. |