SERVER-21378 add setParameter startupAuthSchemaValidation used to byp…

…ass auth metadata startup validation checks
mongodb · Aug 4, 2016 · 931a227 · 931a227
1 parent 1f291f5
commit 931a227
Show file tree

Hide file tree

Showing 4 changed files with 70 additions and 25 deletions.
diff --git a/src/mongo/db/auth/authorization_manager.cpp b/src/mongo/db/auth/authorization_manager.cpp
@@ -266,6 +266,14 @@ std::unique_ptr<AuthorizationSession> AuthorizationManager::makeAuthorizationSes
         _externalState->makeAuthzSessionExternalState(this));
 }
 
+void AuthorizationManager::setShouldValidateAuthSchemaOnStartup(bool validate) {
+    _startupAuthSchemaValidation = validate;
+}
+
+bool AuthorizationManager::shouldValidateAuthSchemaOnStartup() {
+    return _startupAuthSchemaValidation;
+}
+
 Status AuthorizationManager::getAuthorizationVersion(OperationContext* txn, int* version) {
     CacheGuard guard(this, CacheGuard::fetchSynchronizationManual);
     int newVersion = _version;

diff --git a/src/mongo/db/auth/authorization_manager.h b/src/mongo/db/auth/authorization_manager.h
@@ -164,6 +164,16 @@ class AuthorizationManager {
      */
     std::unique_ptr<AuthorizationSession> makeAuthorizationSession();
 
+    /**
+     * Sets whether or not startup AuthSchema validation checks should be applied in this manager.
+     */
+    void setShouldValidateAuthSchemaOnStartup(bool validate);
+
+    /**
+     * Returns true if startup AuthSchema validation checks should be applied in this manager.
+     */
+    bool shouldValidateAuthSchemaOnStartup();
+
     /**
      * Sets whether or not access control enforcement is enabled for this manager.
      */
@@ -350,6 +360,14 @@ class AuthorizationManager {
                         const UserName& userName,
                         std::unique_ptr<User>* acquiredUser);
 
+    /**
+     * True if AuthSchema startup checks should be applied in this AuthorizationManager.
+     *
+     * Defaults to true.  Changes to its value are not synchronized, so it should only be set
+     * at initalization-time.
+     */
+    bool _startupAuthSchemaValidation;
+
     /**
      * True if access control enforcement is enabled in this AuthorizationManager.
      *

diff --git a/src/mongo/db/auth/authorization_manager_global.cpp b/src/mongo/db/auth/authorization_manager_global.cpp
@@ -88,6 +88,8 @@ AuthorizationManager* getGlobalAuthorizationManager() {
     return globalAuthManager;
 }
 
+MONGO_EXPORT_STARTUP_SERVER_PARAMETER(startupAuthSchemaValidation, bool, true);
+
 MONGO_INITIALIZER_WITH_PREREQUISITES(CreateAuthorizationManager,
                                      ("SetupInternalSecurityUser",
                                       "OIDGeneration",
@@ -99,6 +101,7 @@ MONGO_INITIALIZER_WITH_PREREQUISITES(CreateAuthorizationManager,
         stdx::make_unique<AuthorizationManager>(AuthzManagerExternalState::create());
     authzManager->setAuthEnabled(serverGlobalParams.authState ==
                                  ServerGlobalParams::AuthState::kEnabled);
+    authzManager->setShouldValidateAuthSchemaOnStartup(startupAuthSchemaValidation);
     AuthorizationManager::set(getGlobalServiceContext(), std::move(authzManager));
     return Status::OK();
 }

diff --git a/src/mongo/db/db.cpp b/src/mongo/db/db.cpp
@@ -649,32 +649,48 @@ static ExitCode _initAndListen(int listenPort) {
 #ifndef _WIN32
         mongo::signalForkSuccess();
 #endif
+        AuthorizationManager* globalAuthzManager = getGlobalAuthorizationManager();
+        if (globalAuthzManager->shouldValidateAuthSchemaOnStartup()) {
+            Status status = authindex::verifySystemIndexes(startupOpCtx.get());
+            if (!status.isOK()) {
+                log() << status.reason();
+                exitCleanly(EXIT_NEED_UPGRADE);
+            }
 
-        Status status = authindex::verifySystemIndexes(startupOpCtx.get());
-        if (!status.isOK()) {
-            log() << status.reason();
-            exitCleanly(EXIT_NEED_UPGRADE);
-        }
-
-        // SERVER-14090: Verify that auth schema version is schemaVersion26Final.
-        int foundSchemaVersion;
-        status = getGlobalAuthorizationManager()->getAuthorizationVersion(startupOpCtx.get(),
-                                                                          &foundSchemaVersion);
-        if (!status.isOK()) {
-            log() << "Auth schema version is incompatible: "
-                  << "User and role management commands require auth data to have "
-                  << "at least schema version " << AuthorizationManager::schemaVersion26Final
-                  << " but startup could not verify schema version: " << status.toString() << endl;
-            exitCleanly(EXIT_NEED_UPGRADE);
-        }
-        if (foundSchemaVersion < AuthorizationManager::schemaVersion26Final) {
-            log() << "Auth schema version is incompatible: "
-                  << "User and role management commands require auth data to have "
-                  << "at least schema version " << AuthorizationManager::schemaVersion26Final
-                  << " but found " << foundSchemaVersion << ". In order to upgrade "
-                  << "the auth schema, first downgrade MongoDB binaries to version "
-                  << "2.6 and then run the authSchemaUpgrade command." << endl;
-            exitCleanly(EXIT_NEED_UPGRADE);
+            // SERVER-14090: Verify that auth schema version is schemaVersion26Final.
+            int foundSchemaVersion;
+            status = globalAuthzManager->getAuthorizationVersion(startupOpCtx.get(),
+                                                                 &foundSchemaVersion);
+            if (!status.isOK()) {
+                log() << "Auth schema version is incompatible: "
+                      << "User and role management commands require auth data to have "
+                      << "at least schema version " << AuthorizationManager::schemaVersion26Final
+                      << " but startup could not verify schema version: " << status.toString()
+                      << endl;
+                exitCleanly(EXIT_NEED_UPGRADE);
+            }
+            if (foundSchemaVersion < AuthorizationManager::schemaVersion26Final) {
+                log() << "Auth schema version is incompatible: "
+                      << "User and role management commands require auth data to have "
+                      << "at least schema version " << AuthorizationManager::schemaVersion26Final
+                      << " but found " << foundSchemaVersion << ". In order to upgrade "
+                      << "the auth schema, first downgrade MongoDB binaries to version "
+                      << "2.6 and then run the authSchemaUpgrade command." << endl;
+                exitCleanly(EXIT_NEED_UPGRADE);
+            }
+        } else if (globalAuthzManager->isAuthEnabled()) {
+            error() << "Auth must be disabled when starting without auth schema validation";
+            exitCleanly(EXIT_BADOPTIONS);
+        } else {
+            // If authSchemaValidation is disabled and server is running without auth,
+            // warn the user and continue startup without authSchema metadata checks.
+            log() << startupWarningsLog;
+            log() << "** WARNING: Startup auth schema validation checks are disabled for the "
+                     "database."
+                  << startupWarningsLog;
+            log() << "**          This mode should only be used to manually repair corrupted auth "
+                     "data."
+                  << startupWarningsLog;
         }
 
         if (!storageGlobalParams.readOnly) {