[SERVER-7879] (empty) database is created when non-authorized user is trying to connect Created: 07/Dec/12  Updated: 15/Feb/13  Resolved: 10/Dec/12

Status: Closed
Project: Core Server
Component/s: Security
Affects Version/s: 2.2.2
Fix Version/s: None

Type: Question Priority: Major - P3
Reporter: Edouard Perov Assignee: Unassigned
Resolution: Duplicate Votes: 0
Labels: triage
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Oracle Linux 64-bit


Issue Links:
Duplicate
duplicates SERVER-2329 Dropped database doesn't disappear du... Closed
Participants:

 Description   

HI,
When a non-authorized user is trying to connect to the MongoDB
List of databases:
wfm:PRIMARY> show dbs
admin 0.203125GB
local 1.015625GB

UNIX> mongo -u edik -p edik usatl-s-ssvm41/edik
MongoDB shell version: 2.2.2
connecting to: usatl-s-ssvm41/edik
Error:

{ errmsg: "auth fails", ok: 0.0 }

Fri Dec 7 16:57:33 uncaught exception: login failed
exception: login failed

The empty database “edik” is created
wfm:PRIMARY> show dbs
admin 0.203125GB
edik (empty)
local 1.015625GB
Is there any way to prevent this?

Thanks,
Edouard



 Comments   
Comment by Scott Hernandez (Inactive) [ 10/Dec/12 ]

Dup of SERVER-2329.

Currently there is no way to clear these fantom dbs which don't have storage. There are many ways to get to this state.

Comment by Stennie Steneker (Inactive) [ 10/Dec/12 ]

I can confirm this behaviour with 2.2.2 .. in order to authenticate a user against a database, that database is "opened" and a non-existent database name given will persist in the list of databases until mongod is restarted.

No data files are created, but it seems incorrect to show a non-existent database in show dbs.

Command in the log with -vvvvv logging:

Mon Dec 10 16:58:16 [conn2] runQuery called admin.$cmd { whatsmyuri: 1 }
Mon Dec 10 16:58:16 [conn2] run command admin.$cmd { whatsmyuri: 1 }
Mon Dec 10 16:58:16 [conn2] command admin.$cmd command: { whatsmyuri: 1 } ntoreturn:1 keyUpdates:0  reslen:63 0ms
Mon Dec 10 16:58:16 [conn2] runQuery called edik.$cmd { getnonce: 1 }
Mon Dec 10 16:58:16 [conn2] run command edik.$cmd { getnonce: 1 }
Mon Dec 10 16:58:16 [conn2] command edik.$cmd command: { getnonce: 1 } ntoreturn:1 keyUpdates:0  reslen:65 0ms
Mon Dec 10 16:58:16 [conn2] runQuery called edik.$cmd { authenticate: 1, nonce: "a62e8bf44804cf2d", user: "edik", key: "cff4cbe85ff9d4ca01bb4e186a786cb3" }
Mon Dec 10 16:58:16 [conn2] run command edik.$cmd { authenticate: 1, nonce: "a62e8bf44804cf2d", user: "edik", key: "cff4cbe85ff9d4ca01bb4e186a786cb3" }
Mon Dec 10 16:58:16 [conn2]  authenticate db: edik { authenticate: 1, nonce: "a62e8bf44804cf2d", user: "edik", key: "cff4cbe85ff9d4ca01bb4e186a786cb3" }
Mon Dec 10 16:58:16 [conn2] opening db:  edik
Mon Dec 10 16:58:16 [conn2] auth: couldn't find user edik, edik.system.users

Generated at Thu Feb 08 03:15:50 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.