<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 03:19:15 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[SERVER-9060] Introduce a built-in role for taking backups of nodes</title>
                <link>https://jira.mongodb.org/browse/SERVER-9060</link>
                <project id="10000" key="SERVER">Core Server</project>
                    <description>&lt;p&gt;Due to &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-4692&quot; title=&quot;Read-only users should be denied access to system.users collection&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-4692&quot;&gt;&lt;del&gt;SERVER-4692&lt;/del&gt;&lt;/a&gt;, it is no longer possible to do a full mongodump using a read-only user.  &lt;a href=&quot;https://jira.mongodb.org/browse/TOOLS-134&quot; title=&quot;Mongodump and mongoexport should skip collections they don&amp;#39;t have read access to&quot; class=&quot;issue-link&quot; data-issue-key=&quot;TOOLS-134&quot;&gt;&lt;del&gt;SERVER-9012&lt;/del&gt;&lt;/a&gt; has been proposed as a solution to this.  However, but that means it is still impossible to dump all data using a read-only account.&lt;/p&gt;

&lt;p&gt;I believe it &lt;b&gt;should&lt;/b&gt; be possible to do such a mongodump, including dumping all users, so that they can be restored correctly.  Here are a couple of ways it might be possible:  &lt;/p&gt;
&lt;ul class=&quot;alternate&quot; type=&quot;square&quot;&gt;
	&lt;li&gt;Allow read-only admin users access to system.users collections.&lt;/li&gt;
	&lt;li&gt;Add a another user permissions beyond read-only, that would allow access to system.users collections.&lt;/li&gt;
	&lt;li&gt;Do some sort of encryption of system.users when read by read-only users that can only be decrypted by a user with full access.  That allows the encrypted version to be backed up, and then when restored, a user with write access has to do the restore, so they could do the decrypting before restore.  This is obviously much more involved than the previous 2, but I&apos;m just trying to throw out possible alternatives.&lt;/li&gt;
&lt;/ul&gt;
</description>
                <environment></environment>
        <key id="69278">SERVER-9060</key>
            <summary>Introduce a built-in role for taking backups of nodes</summary>
                <type id="4" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14710&amp;avatarType=issuetype">Improvement</type>
                                            <priority id="4" iconUrl="https://jira.mongodb.org/images/icons/priorities/minor.svg">Minor - P4</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="9">Done</resolution>
                                        <assignee username="spencer@mongodb.com">Spencer Brody</assignee>
                                    <reporter username="davideanderson">David Anderson</reporter>
                        <labels>
                    </labels>
                <created>Thu, 21 Mar 2013 17:23:59 +0000</created>
                <updated>Mon, 11 Jul 2016 17:58:33 +0000</updated>
                            <resolved>Wed, 30 Oct 2013 21:09:27 +0000</resolved>
                                    <version>2.2.2</version>
                    <version>2.3.0</version>
                    <version>2.4.0</version>
                                    <fixVersion>2.5.4</fixVersion>
                                    <component>Security</component>
                                        <votes>0</votes>
                                    <watches>5</watches>
                                                                                                                <comments>
                            <comment id="449083" author="spencer" created="Wed, 30 Oct 2013 21:09:06 +0000"  >&lt;p&gt;Addressed in &lt;a href=&quot;https://github.com/mongodb/mongo/commit/c63749eda51417e26bee88654845c689701bd919&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo/commit/c63749eda51417e26bee88654845c689701bd919&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="296076" author="davideanderson" created="Fri, 22 Mar 2013 18:45:57 +0000"  >&lt;p&gt;I think waiting for &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-8580&quot; title=&quot;User defined roles&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-8580&quot;&gt;&lt;del&gt;SERVER-8580&lt;/del&gt;&lt;/a&gt; is sufficient, and is the right way to proceed.&lt;/p&gt;</comment>
                            <comment id="295298" author="schwerin" created="Thu, 21 Mar 2013 21:25:39 +0000"  >&lt;p&gt;If this isn&apos;t trivial after &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-8580&quot; title=&quot;User defined roles&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-8580&quot;&gt;&lt;del&gt;SERVER-8580&lt;/del&gt;&lt;/a&gt;, we won&apos;t have resolved that ticket correctly.&lt;/p&gt;</comment>
                            <comment id="295297" author="schwerin" created="Thu, 21 Mar 2013 21:24:47 +0000"  >&lt;p&gt;A &quot;usersReadAnyDatabase&quot; system role could be introduced by patch to 2.4, which could be added to the roles of a backup user, but in future versions that should be obviated by &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-8580&quot; title=&quot;User defined roles&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-8580&quot;&gt;&lt;del&gt;SERVER-8580&lt;/del&gt;&lt;/a&gt;, user-defined roles.&lt;/p&gt;</comment>
                            <comment id="295059" author="davideanderson" created="Thu, 21 Mar 2013 17:26:54 +0000"  >&lt;p&gt;actually, the encryption idea probably won&apos;t work because the key would have to be included somewhere in the full dump, or else the dump wouldn&apos;t be a full dump, which is the whole issue.&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10011">
                    <name>Depends</name>
                                            <outwardlinks description="depends on">
                                        <issuelink>
            <issuekey id="65353">SERVER-8580</issuekey>
        </issuelink>
                            </outwardlinks>
                                                        </issuelinktype>
                            <issuelinktype id="10010">
                    <name>Duplicate</name>
                                                                <inwardlinks description="is duplicated by">
                                        <issuelink>
            <issuekey id="97290">SERVER-11590</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                            <issuelinktype id="10012">
                    <name>Related</name>
                                                                <inwardlinks description="is related to">
                                        <issuelink>
            <issuekey id="73618">SERVER-9514</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                <customfield id="customfield_10050" key="com.atlassian.jira.toolkit:comments">
                        <customfieldname># Replies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>5.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10055" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>Date of 1st Reply</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Thu, 21 Mar 2013 21:24:47 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10052" key="com.atlassian.jira.toolkit:dayslastcommented">
                        <customfieldname>Days since reply</customfieldname>
                        <customfieldvalues>
                                        10 years, 16 weeks ago
    
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18254" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Dependencies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[<s><a href='https://jira.mongodb.org/browse/SERVER-8580'>SERVER-8580</a></s>]]></customfieldvalue>


                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10057" key="com.atlassian.jira.toolkit:lastusercommented">
                        <customfieldname>Last comment by Customer</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>true</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_10056" key="com.atlassian.jira.toolkit:lastupdaterorcommenter">
                        <customfieldname>Last commenter</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>ramon.fernandez@mongodb.com</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_11151" key="com.atlassian.jira.toolkit:LastCommentDate">
                        <customfieldname>Last public comment date</customfieldname>
                        <customfieldvalues>
                            10 years, 16 weeks ago
                        </customfieldvalues>
                    </customfield>
                                                                                                                        <customfield id="customfield_10000" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Old_Backport</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10000"><![CDATA[No]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_10051" key="com.atlassian.jira.toolkit:participants">
                        <customfieldname>Participants</customfieldname>
                        <customfieldvalues>
                                        <customfieldvalue>schwerin@mongodb.com</customfieldvalue>
            <customfieldvalue>davideanderson</customfieldvalue>
            <customfieldvalue>spencer@mongodb.com</customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_14254" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Product Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hrn0l3:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hrmupj:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>47064</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_23361" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Requested By</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10053" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>Time In Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_22870" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Triagers</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_14350" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>serverRank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|ht001z:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                    </customfields>
    </item>
</channel>
</rss>