<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 05:28:19 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[SERVER-52537] Mongostat,mongotop and other similar mongo commands are showing password in plain text on linux ps commands</title>
                <link>https://jira.mongodb.org/browse/SERVER-52537</link>
                <project id="10000" key="SERVER">Core Server</project>
                    <description>&lt;p&gt;Hi Team,&lt;/p&gt;

&lt;p&gt;&#160; &#160; We are running a few mongo commands using script and during those commands execution the passwords provided in -p option is coming with plain text when checked using ps commands on linux, where ps command is used to list the background processes running on linux systems. If I am not wrong, when mongo commands are checked on ps the -p parameter should sensor the passwords as xxxx. But however in our case it is not working for mongostat,mongotop and few other mongo commands and they are as follows&lt;/p&gt;

&lt;p&gt;&#160;&lt;/p&gt;

&lt;p&gt;$ ps -ef | grep mongostat&lt;/p&gt;

&lt;p&gt;----------------------------&lt;br/&gt;
myuser 19499 16437 10 06:10 ? 00:00:00 /usr/bin/mongostat --quiet -u readonly -p mypassword@123 --authenticationDatabase admin -o host,insert,query,update,delete,set,repl -h ......... n 1&lt;/p&gt;

&lt;p&gt;&#160;&lt;/p&gt;

&lt;p&gt;$ ps -ef | grep mongotop&lt;/p&gt;

&lt;p&gt;------------------------------&lt;/p&gt;

&lt;p&gt;myuser 7232 7108 1 06:13 ? 00:00:00 /usr/bin/mongotop --quiet -u readonly -p mypassword@123 --authenticationDatabase admin -h host:27720 -n 1&lt;/p&gt;


&lt;p&gt;$ while true; do ps -ef | grep mongo | grep authenticationDatabase | grep -v mongostat | grep -v mongotop;done&lt;br/&gt;
---------------------------------------&lt;br/&gt;
root 19213 19202 0 06:15 ? 00:00:00 /usr/bin/mongo --ipv6 --quiet -u readonly -p mypassword@123 --authenticationDatabase admin --port 27717 --eval rs.status()&lt;/p&gt;


&lt;p&gt;Mongo version used on our environment&lt;/p&gt;

&lt;p&gt;&lt;span class=&quot;error&quot;&gt;&amp;#91;root@vm01 ~&amp;#93;&lt;/span&gt;# mongo --version&lt;br/&gt;
MongoDB shell version v3.6.17&lt;br/&gt;
git version: 3d6953c361213c5bfab23e51ab274ce592edafe6&lt;br/&gt;
OpenSSL version: OpenSSL 1.1.1c FIPS 28 May 2019&lt;br/&gt;
allocator: tcmalloc&lt;br/&gt;
modules: none&lt;br/&gt;
build environment:&lt;br/&gt;
 distmod: rhel80&lt;br/&gt;
 distarch: x86_64&lt;br/&gt;
 target_arch: x86_64&lt;/p&gt;

&lt;p&gt;&#160;&lt;/p&gt;

&lt;p&gt;&lt;span class=&quot;error&quot;&gt;&amp;#91;root@vm01~&amp;#93;&lt;/span&gt;# rpm -qa | grep mongo&lt;br/&gt;
mongodb-org-mongos-3.6.17-1.el8.x86_64&lt;br/&gt;
mongodb-org-tools-3.6.17-1.el8.x86_64&lt;br/&gt;
mongodb-org-3.6.17-1.el8.x86_64&lt;br/&gt;
mongodb-org-shell-3.6.17-1.el8.x86_64&lt;br/&gt;
mongodb-org-server-3.6.17-1.el8.x86_64&lt;/p&gt;

&lt;p&gt;kindly help us in hiding the information on ps commands given the fact mongo already has an option to hide these values&lt;/p&gt;

&lt;p&gt;&#160;&lt;/p&gt;

&lt;p&gt;Thanks and Regards,&lt;/p&gt;

&lt;p&gt;Azhar&lt;/p&gt;


&lt;p&gt;Kindly help us on how to avoid hiding the passowrds in ps given the fact it is already available in mongo&lt;/p&gt;</description>
                <environment></environment>
        <key id="1520391">SERVER-52537</key>
            <summary>Mongostat,mongotop and other similar mongo commands are showing password in plain text on linux ps commands</summary>
                <type id="1" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14703&amp;avatarType=issuetype">Bug</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="3">Duplicate</resolution>
                                        <assignee username="eric.sedor@mongodb.com">Eric Sedor</assignee>
                                    <reporter username="rizwiazhar@gmail.com">Azhar Yousuf</reporter>
                        <labels>
                    </labels>
                <created>Wed, 21 Oct 2020 06:32:42 +0000</created>
                <updated>Fri, 6 Nov 2020 09:05:42 +0000</updated>
                            <resolved>Thu, 5 Nov 2020 16:16:32 +0000</resolved>
                                                                                        <votes>0</votes>
                                    <watches>4</watches>
                                                                                                                <comments>
                            <comment id="3478972" author="JIRAUSER1257350" created="Fri, 6 Nov 2020 09:04:21 +0000"  >&lt;p&gt;Hi Eric,thanks for your response. Yes, I will follow the ticket and hopefully its getting fixed in the next release &lt;img class=&quot;emoticon&quot; src=&quot;https://jira.mongodb.org/images/icons/emoticons/smile.png&quot; height=&quot;16&quot; width=&quot;16&quot; align=&quot;absmiddle&quot; alt=&quot;&quot; border=&quot;0&quot;/&gt;&lt;br/&gt;
 Currently I am using the following format for hiding the password and it is working fine&lt;/p&gt;

&lt;p&gt;password=&quot;mypassword&quot;&lt;br/&gt;
 mongostat=&quot;eval echo $password | /usr/bin/mongo --ipv6 --quiet -u readonly --authenticationDatabase admin&quot;&lt;br/&gt;
 $mongostat&lt;/p&gt;

&lt;p&gt;I can use this $mongostat variable anywhere and it is working and in the ps output I dont see -P option or password being echoed. So for now will stick with this&lt;/p&gt;

&lt;p&gt;myuser 9670 1866 4 05:07 ? 00:00:00 /usr/bin/mongostat --quiet&#160;-u readonly --authenticationDatabase admin -o host,insert,query,update,delete,set,repl -h vm01:27717 -n 1&lt;/p&gt;</comment>
                            <comment id="3477718" author="eric.sedor" created="Thu, 5 Nov 2020 16:16:03 +0000"  >&lt;p&gt;Hi &lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=rizwiazhar%40gmail.com&quot; class=&quot;user-hover&quot; rel=&quot;rizwiazhar@gmail.com&quot;&gt;rizwiazhar@gmail.com&lt;/a&gt;, this is work we want to do and it is being tracked in &lt;a href=&quot;https://jira.mongodb.org/browse/TOOLS-2447&quot; title=&quot;Improve processlist output&quot; class=&quot;issue-link&quot; data-issue-key=&quot;TOOLS-2447&quot;&gt;&lt;del&gt;TOOLS-2447&lt;/del&gt;&lt;/a&gt;. Can you please watch that ticket for updates? There is also a workaround suggestion there for passing the password from a file.&lt;/p&gt;</comment>
                            <comment id="3471186" author="massimiliano.marcon" created="Mon, 2 Nov 2020 08:15:08 +0000"  >&lt;p&gt;Moved this to the SERVER project (was initially opened in the MONGOSH project).&lt;/p&gt;

&lt;p&gt;$&lt;tt&gt;mongosh&lt;/tt&gt; already hides the command line arguments to prevent this issue.&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10010">
                    <name>Duplicate</name>
                                            <outwardlinks description="duplicates">
                                        <issuelink>
            <issuekey id="1083877">TOOLS-2447</issuekey>
        </issuelink>
                            </outwardlinks>
                                                        </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                <customfield id="customfield_10050" key="com.atlassian.jira.toolkit:comments">
                        <customfieldname># Replies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>3.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10055" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>Date of 1st Reply</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Mon, 2 Nov 2020 08:15:08 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10052" key="com.atlassian.jira.toolkit:dayslastcommented">
                        <customfieldname>Days since reply</customfieldname>
                        <customfieldvalues>
                                        3 years, 13 weeks, 5 days ago
    
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18254" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Dependencies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[]]></customfieldvalue>


                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_10057" key="com.atlassian.jira.toolkit:lastusercommented">
                        <customfieldname>Last comment by Customer</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>true</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_10056" key="com.atlassian.jira.toolkit:lastupdaterorcommenter">
                        <customfieldname>Last commenter</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>rizwiazhar@gmail.com</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_11151" key="com.atlassian.jira.toolkit:LastCommentDate">
                        <customfieldname>Last public comment date</customfieldname>
                        <customfieldvalues>
                            3 years, 13 weeks, 5 days ago
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                <customfield id="customfield_10051" key="com.atlassian.jira.toolkit:participants">
                        <customfieldname>Participants</customfieldname>
                        <customfieldvalues>
                                        <customfieldvalue>rizwiazhar@gmail.com</customfieldvalue>
            <customfieldvalue>eric.sedor@mongodb.com</customfieldvalue>
            <customfieldvalue>massimiliano.marcon@mongodb.com</customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_14254" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Product Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hydp8v:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hxzx2v:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_23361" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Requested By</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10053" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>Time In Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_22870" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Triagers</customfieldname>
                        <customfieldvalues>
                                    <customfieldvalue><![CDATA[eric.sedor@mongodb.com]]></customfieldvalue>
    

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_14350" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>serverRank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hydbi7:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                    </customfields>
    </item>
</channel>
</rss>