<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 05:22:32 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[SERVER-50394] mongod audit log attributes DDL operations to the __system user in a sharded environment</title>
                <link>https://jira.mongodb.org/browse/SERVER-50394</link>
                <project id="10000" key="SERVER">Core Server</project>
                    <description>&lt;p&gt;Seemingly related to &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-11192&quot; title=&quot;Audit system cannot ascribe DDL operations in a sharded cluster to an end user.&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-11192&quot;&gt;&lt;del&gt;SERVER-11192&lt;/del&gt;&lt;/a&gt;, the __system user is audited as the initiator of DDL operations like createDatabase, dropDatabase, createCollection, dropCollection, createIndex, and dropIndex when those commands are run from a mongos in a sharded environment.&lt;/p&gt;

&lt;p&gt;CRUD operations are correctly attributed.&lt;/p&gt;

&lt;p&gt;A partial workaround is to use auditAuthorizationSuccess and an auditFilter focusing on DDL operations, on mongos nodes, to obtain authCheck audits from the mongos. But this is not applicable in all cases (ex: implicit collection creation)&lt;/p&gt;</description>
                <environment></environment>
        <key id="1446901">SERVER-50394</key>
            <summary>mongod audit log attributes DDL operations to the __system user in a sharded environment</summary>
                <type id="1" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14703&amp;avatarType=issuetype">Bug</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="13201">Fixed</resolution>
                                        <assignee username="sara.golemon@mongodb.com">Sara Golemon</assignee>
                                    <reporter username="eric.sedor@mongodb.com">Eric Sedor</reporter>
                        <labels>
                    </labels>
                <created>Wed, 19 Aug 2020 21:41:23 +0000</created>
                <updated>Sun, 29 Oct 2023 22:04:17 +0000</updated>
                            <resolved>Fri, 18 Sep 2020 15:54:43 +0000</resolved>
                                    <version>4.0.20</version>
                    <version>3.6.19</version>
                                    <fixVersion>4.8.0</fixVersion>
                    <fixVersion>4.2.10</fixVersion>
                    <fixVersion>4.4.2</fixVersion>
                                                        <votes>0</votes>
                                    <watches>17</watches>
                                                                                                                <comments>
                            <comment id="3401904" author="xgen-internal-githook" created="Fri, 18 Sep 2020 22:25:23 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;name&apos;: &apos;Sara Golemon&apos;, &apos;email&apos;: &apos;sara.golemon@mongodb.com&apos;, &apos;username&apos;: &apos;sgolemon&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-50394&quot; title=&quot;mongod audit log attributes DDL operations to the __system user in a sharded environment&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-50394&quot;&gt;&lt;del&gt;SERVER-50394&lt;/del&gt;&lt;/a&gt; Forward impersonatedUser/Role information when available&lt;/p&gt;

&lt;p&gt;(cherry picked from commit cf4fa7e9e0b5a1b0c358da1c981083b5ec179c30)&lt;br/&gt;
Branch: v4.2&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo/commit/50277ed5764080365671339eaee72ff325f46558&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo/commit/50277ed5764080365671339eaee72ff325f46558&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="3401903" author="xgen-internal-githook" created="Fri, 18 Sep 2020 22:25:22 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;name&apos;: &apos;Sara Golemon&apos;, &apos;email&apos;: &apos;sara.golemon@mongodb.com&apos;, &apos;username&apos;: &apos;sgolemon&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-50394&quot; title=&quot;mongod audit log attributes DDL operations to the __system user in a sharded environment&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-50394&quot;&gt;&lt;del&gt;SERVER-50394&lt;/del&gt;&lt;/a&gt; Ensure the correct user is attributed for DDL ops from mongos&lt;/p&gt;

&lt;p&gt;(cherry picked from commit 6fc0bd5c1e426b135c7dadb90b9b27fe2d25e76c)&lt;br/&gt;
Branch: v4.2&lt;br/&gt;
&lt;a href=&quot;https://github.com/10gen/mongo-enterprise-modules/commit/828f659e86389fe445664cbf49fbe6af39cd55b7&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/10gen/mongo-enterprise-modules/commit/828f659e86389fe445664cbf49fbe6af39cd55b7&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="3401883" author="xgen-internal-githook" created="Fri, 18 Sep 2020 21:52:14 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;name&apos;: &apos;Sara Golemon&apos;, &apos;email&apos;: &apos;sara.golemon@mongodb.com&apos;, &apos;username&apos;: &apos;sgolemon&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-50394&quot; title=&quot;mongod audit log attributes DDL operations to the __system user in a sharded environment&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-50394&quot;&gt;&lt;del&gt;SERVER-50394&lt;/del&gt;&lt;/a&gt; Properly escape regex&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/10gen/mongo-enterprise-modules/commit/29c754856f4f89624144456d09a10af597386799&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/10gen/mongo-enterprise-modules/commit/29c754856f4f89624144456d09a10af597386799&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="3401880" author="xgen-internal-githook" created="Fri, 18 Sep 2020 21:49:09 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;name&apos;: &apos;Sara Golemon&apos;, &apos;email&apos;: &apos;sara.golemon@mongodb.com&apos;, &apos;username&apos;: &apos;sgolemon&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-50394&quot; title=&quot;mongod audit log attributes DDL operations to the __system user in a sharded environment&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-50394&quot;&gt;&lt;del&gt;SERVER-50394&lt;/del&gt;&lt;/a&gt; Forward impersonatedUser/Role information when available&lt;/p&gt;

&lt;p&gt;(cherry picked from commit cf4fa7e9e0b5a1b0c358da1c981083b5ec179c30)&lt;br/&gt;
Branch: v4.4&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo/commit/3af9bff5317b63d6276b86b7bd646c0fee0e96b1&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo/commit/3af9bff5317b63d6276b86b7bd646c0fee0e96b1&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="3401879" author="xgen-internal-githook" created="Fri, 18 Sep 2020 21:47:50 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;name&apos;: &apos;Sara Golemon&apos;, &apos;email&apos;: &apos;sara.golemon@mongodb.com&apos;, &apos;username&apos;: &apos;sgolemon&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-50394&quot; title=&quot;mongod audit log attributes DDL operations to the __system user in a sharded environment&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-50394&quot;&gt;&lt;del&gt;SERVER-50394&lt;/del&gt;&lt;/a&gt; Ensure the correct user is attributed for DDL ops from mongos&lt;/p&gt;

&lt;p&gt;(cherry picked from commit 6fc0bd5c1e426b135c7dadb90b9b27fe2d25e76c)&lt;br/&gt;
Branch: v4.4&lt;br/&gt;
&lt;a href=&quot;https://github.com/10gen/mongo-enterprise-modules/commit/cc0fb3b1e8b1a64e12599b9963aacd982b371bfd&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/10gen/mongo-enterprise-modules/commit/cc0fb3b1e8b1a64e12599b9963aacd982b371bfd&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="3401063" author="xgen-internal-githook" created="Fri, 18 Sep 2020 15:42:37 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;name&apos;: &apos;Sara Golemon&apos;, &apos;email&apos;: &apos;sara.golemon@mongodb.com&apos;, &apos;username&apos;: &apos;sgolemon&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-50394&quot; title=&quot;mongod audit log attributes DDL operations to the __system user in a sharded environment&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-50394&quot;&gt;&lt;del&gt;SERVER-50394&lt;/del&gt;&lt;/a&gt; Forward impersonatedUser/Role information when available&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo/commit/cf4fa7e9e0b5a1b0c358da1c981083b5ec179c30&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo/commit/cf4fa7e9e0b5a1b0c358da1c981083b5ec179c30&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="3401062" author="xgen-internal-githook" created="Fri, 18 Sep 2020 15:42:31 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;name&apos;: &apos;Sara Golemon&apos;, &apos;email&apos;: &apos;sara.golemon@mongodb.com&apos;, &apos;username&apos;: &apos;sgolemon&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-50394&quot; title=&quot;mongod audit log attributes DDL operations to the __system user in a sharded environment&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-50394&quot;&gt;&lt;del&gt;SERVER-50394&lt;/del&gt;&lt;/a&gt; Ensure the correct user is attributed for DDL ops from mongos&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/10gen/mongo-enterprise-modules/commit/6fc0bd5c1e426b135c7dadb90b9b27fe2d25e76c&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/10gen/mongo-enterprise-modules/commit/6fc0bd5c1e426b135c7dadb90b9b27fe2d25e76c&lt;/a&gt;&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10420">
                    <name>Backports</name>
                                            <outwardlinks description="backported by">
                                                        </outwardlinks>
                                                        </issuelinktype>
                            <issuelinktype id="10520">
                    <name>Problem/Incident</name>
                                            <outwardlinks description="causes">
                                                        </outwardlinks>
                                                        </issuelinktype>
                            <issuelinktype id="10012">
                    <name>Related</name>
                                            <outwardlinks description="related to">
                                        <issuelink>
            <issuekey id="1477882">SERVER-50990</issuekey>
        </issuelink>
            <issuelink>
            <issuekey id="1477883">SERVER-50991</issuekey>
        </issuelink>
            <issuelink>
            <issuekey id="1477885">SERVER-50992</issuekey>
        </issuelink>
            <issuelink>
            <issuekey id="1477888">SERVER-50993</issuekey>
        </issuelink>
            <issuelink>
            <issuekey id="1477909">SERVER-50994</issuekey>
        </issuelink>
                            </outwardlinks>
                                                                <inwardlinks description="is related to">
                                        <issuelink>
            <issuekey id="94270">SERVER-11192</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                <customfield id="customfield_10050" key="com.atlassian.jira.toolkit:comments">
                        <customfieldname># Replies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>7.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18555" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname># of Sprints</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1.0</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_12450" key="com.atlassian.jira.plugin.system.customfieldtypes:multicheckboxes">
                        <customfieldname>Backport Requested</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="18953"><![CDATA[v4.4]]></customfieldvalue>
    <customfieldvalue key="16775"><![CDATA[v4.2]]></customfieldvalue>
    <customfieldvalue key="15640"><![CDATA[v4.0]]></customfieldvalue>
    <customfieldvalue key="15141"><![CDATA[v3.6]]></customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10011" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Backwards Compatibility</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10011"><![CDATA[Minor Change]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                    <customfield id="customfield_13552" key="com.go2group.jira.plugin.crm:crm_generic_field">
                        <customfieldname>Case</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[[5002K00000oeUybQAE, 5002K00000v106AQAQ]]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10055" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>Date of 1st Reply</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Tue, 15 Sep 2020 00:52:32 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10052" key="com.atlassian.jira.toolkit:dayslastcommented">
                        <customfieldname>Days since reply</customfieldname>
                        <customfieldvalues>
                                        3 years, 20 weeks, 5 days ago
    
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18254" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Dependencies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[]]></customfieldvalue>


                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                        <customfield id="customfield_17050" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Downstream Team Attention</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="16941"><![CDATA[Not Needed]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10057" key="com.atlassian.jira.toolkit:lastusercommented">
                        <customfieldname>Last comment by Customer</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>true</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_10056" key="com.atlassian.jira.toolkit:lastupdaterorcommenter">
                        <customfieldname>Last commenter</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>luke.bonanomi@mongodb.com</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_11151" key="com.atlassian.jira.toolkit:LastCommentDate">
                        <customfieldname>Last public comment date</customfieldname>
                        <customfieldvalues>
                            3 years, 20 weeks, 5 days ago
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_16465" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Linked BF Score</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>50.0</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                        <customfield id="customfield_10032" key="com.atlassian.jira.plugin.system.customfieldtypes:select">
                        <customfieldname>Operating System</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10026"><![CDATA[ALL]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_10051" key="com.atlassian.jira.toolkit:participants">
                        <customfieldname>Participants</customfieldname>
                        <customfieldvalues>
                                        <customfieldvalue>eric.sedor@mongodb.com</customfieldvalue>
            <customfieldvalue>xgen-internal-githook</customfieldvalue>
            <customfieldvalue>sara.golemon@mongodb.com</customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_14254" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Product Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hy17lb:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|htyaqf:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_23361" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Requested By</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_10557" key="com.pyxis.greenhopper.jira:gh-sprint">
                        <customfieldname>Sprint</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue id="4225">Security 2020-09-21</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10053" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>Time In Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_22870" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Triagers</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_14350" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>serverRank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hy0tun:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                    </customfields>
    </item>
</channel>
</rss>