<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 03:25:09 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[SERVER-11192] Audit system cannot ascribe DDL operations in a sharded cluster to an end user.</title>
                <link>https://jira.mongodb.org/browse/SERVER-11192</link>
                <project id="10000" key="SERVER">Core Server</project>
                    <description>&lt;p&gt;Because the sharding system does not track the lifetime of databases, collections and indexes, mongos does not know when a database, collection or index is about to be created.  As a result, it cannot place an entry into its local audit log about those events.  However, it does know the identity of end users requesting operations. The mongod nodes involved &lt;em&gt;do&lt;/em&gt; know about lifetime of these objects, but in a sharded system they do not know on behalf of which end user the event was triggered.  We need some solution that ties these two pieces of information together.&lt;/p&gt;

&lt;p&gt;The original auditing proposal was to attach operation ids to all operations, and have mongos report to mongod the id of each source operation that it delegated to mongod.  Something like this is one possible solution.  Another is to introduce a notion of end-user session, and have mongos inform mongod of the end-user session it is implementing by delegation to mongod.  There may be other reasonable solutions, as well.&lt;/p&gt;</description>
                <environment></environment>
        <key id="94270">SERVER-11192</key>
            <summary>Audit system cannot ascribe DDL operations in a sharded cluster to an end user.</summary>
                <type id="1" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14703&amp;avatarType=issuetype">Bug</type>
                                            <priority id="2" iconUrl="https://jira.mongodb.org/images/icons/priorities/critical.svg">Critical - P2</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="9">Done</resolution>
                                        <assignee username="milkie@mongodb.com">Eric Milkie</assignee>
                                    <reporter username="schwerin@mongodb.com">Andy Schwerin</reporter>
                        <labels>
                            <label>26qa</label>
                    </labels>
                <created>Tue, 15 Oct 2013 16:45:26 +0000</created>
                <updated>Thu, 20 Aug 2020 22:16:05 +0000</updated>
                            <resolved>Fri, 10 Jan 2014 15:04:00 +0000</resolved>
                                    <version>2.5.3</version>
                                    <fixVersion>2.5.5</fixVersion>
                                    <component>Security</component>
                                        <votes>0</votes>
                                    <watches>4</watches>
                                                                                                                <comments>
                            <comment id="480015" author="xgen-internal-githook" created="Fri, 10 Jan 2014 02:29:25 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{u&apos;username&apos;: u&apos;milkie&apos;, u&apos;name&apos;: u&apos;Eric Milkie&apos;, u&apos;email&apos;: u&apos;milkie@10gen.com&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-11192&quot; title=&quot;Audit system cannot ascribe DDL operations in a sharded cluster to an end user.&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-11192&quot;&gt;&lt;del&gt;SERVER-11192&lt;/del&gt;&lt;/a&gt; make sure to set all instances of the runCommandHook, for special DBClients&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo/commit/7a06ec8610e2bae128fbac03bdedcf0f89199e90&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo/commit/7a06ec8610e2bae128fbac03bdedcf0f89199e90&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="474784" author="xgen-internal-githook" created="Tue, 24 Dec 2013 19:21:57 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{u&apos;username&apos;: u&apos;milkie&apos;, u&apos;name&apos;: u&apos;Eric Milkie&apos;, u&apos;email&apos;: u&apos;milkie@10gen.com&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-11192&quot; title=&quot;Audit system cannot ascribe DDL operations in a sharded cluster to an end user.&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-11192&quot;&gt;&lt;del&gt;SERVER-11192&lt;/del&gt;&lt;/a&gt; hook c++ driver to transmit mongos authenticated users to mongod, for auditing&lt;/p&gt;

&lt;p&gt;Also, add UserNameIterator as a parallel to RoleIterator.&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo/commit/f148caa11e97727949b5e8594b7439856faff499&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo/commit/f148caa11e97727949b5e8594b7439856faff499&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="474783" author="xgen-internal-githook" created="Tue, 24 Dec 2013 19:21:53 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{u&apos;username&apos;: u&apos;milkie&apos;, u&apos;name&apos;: u&apos;Eric Milkie&apos;, u&apos;email&apos;: u&apos;milkie@10gen.com&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-11192&quot; title=&quot;Audit system cannot ascribe DDL operations in a sharded cluster to an end user.&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-11192&quot;&gt;&lt;del&gt;SERVER-11192&lt;/del&gt;&lt;/a&gt; impersonated user auditing&lt;/p&gt;

&lt;p&gt;Two functions to help support impersonated user auditing for mongos.&lt;br/&gt;
One function is intended for mongos to use to append impersonated users&lt;br/&gt;
to its commands to shards.&lt;br/&gt;
The other function is used to process and remove that information on the&lt;br/&gt;
mongod side of parsing a command.&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/10gen/mongo-enterprise-modules/commit/c1289f9849256b63a0c3e65c79bc69e07b394bed&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/10gen/mongo-enterprise-modules/commit/c1289f9849256b63a0c3e65c79bc69e07b394bed&lt;/a&gt;&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10012">
                    <name>Related</name>
                                            <outwardlinks description="related to">
                                        <issuelink>
            <issuekey id="1446901">SERVER-50394</issuekey>
        </issuelink>
                            </outwardlinks>
                                                                <inwardlinks description="is related to">
                                        <issuelink>
            <issuekey id="13257">SERVER-1891</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                <customfield id="customfield_10050" key="com.atlassian.jira.toolkit:comments">
                        <customfieldname># Replies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>3.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10055" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>Date of 1st Reply</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Thu, 31 Oct 2013 19:06:52 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10052" key="com.atlassian.jira.toolkit:dayslastcommented">
                        <customfieldname>Days since reply</customfieldname>
                        <customfieldvalues>
                                        10 years, 5 weeks, 6 days ago
    
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18254" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Dependencies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[]]></customfieldvalue>


                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_10057" key="com.atlassian.jira.toolkit:lastusercommented">
                        <customfieldname>Last comment by Customer</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>true</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_10056" key="com.atlassian.jira.toolkit:lastupdaterorcommenter">
                        <customfieldname>Last commenter</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>spencer.jackson@mongodb.com</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_11151" key="com.atlassian.jira.toolkit:LastCommentDate">
                        <customfieldname>Last public comment date</customfieldname>
                        <customfieldvalues>
                            10 years, 5 weeks, 6 days ago
                        </customfieldvalues>
                    </customfield>
                                                                                                                        <customfield id="customfield_10000" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Old_Backport</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10000"><![CDATA[No]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10032" key="com.atlassian.jira.plugin.system.customfieldtypes:select">
                        <customfieldname>Operating System</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10026"><![CDATA[ALL]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_10051" key="com.atlassian.jira.toolkit:participants">
                        <customfieldname>Participants</customfieldname>
                        <customfieldvalues>
                                        <customfieldvalue>schwerin@mongodb.com</customfieldvalue>
            <customfieldvalue>milkie@mongodb.com</customfieldvalue>
            <customfieldvalue>xgen-internal-githook</customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_14254" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Product Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hrmblz:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hrtjkv:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>86299</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_23361" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Requested By</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10166" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Tests Written</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10340"><![CDATA[Pending Test Framework Changes]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10053" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>Time In Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_22870" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Triagers</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_14350" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>serverRank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hsbyx3:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                    </customfields>
    </item>
</channel>
</rss>