diff options
author | Kristina <kristina@10gen.com> | 2011-08-23 15:46:28 -0400 |
---|---|---|
committer | Kristina <kristina@10gen.com> | 2011-08-23 15:46:28 -0400 |
commit | bc8b2ef3cc55a18274920ededbba6e18e99626e4 (patch) | |
tree | 03dd8bfa8d3a87c29df01b3e550a5b4f135dacac | |
parent | 55087b1c66d0a8c037af69e4f539c4b819608cbf (diff) | |
download | mongo-bc8b2ef3cc55a18274920ededbba6e18e99626e4.tar.gz |
only allow internal user with --keyFile option SERVER-3666
-rw-r--r-- | db/cmdline.cpp | 4 | ||||
-rw-r--r-- | db/cmdline.h | 2 | ||||
-rw-r--r-- | db/security_commands.cpp | 1 |
3 files changed, 7 insertions, 0 deletions
diff --git a/db/cmdline.cpp b/db/cmdline.cpp index 2a10fb50fdc..26d12ea5f64 100644 --- a/db/cmdline.cpp +++ b/db/cmdline.cpp @@ -272,8 +272,12 @@ namespace mongo { dbexit(EXIT_BADOPTIONS); } + cmdLine.keyFile = true; noauth = false; } + else { + cmdLine.keyFile = false; + } { diff --git a/db/cmdline.h b/db/cmdline.h index 4c8c7c4512b..fff0499758e 100644 --- a/db/cmdline.h +++ b/db/cmdline.h @@ -100,6 +100,8 @@ namespace mongo { string socket; // UNIX domain socket directory + bool keyFile; + static void addGlobalOptions( boost::program_options::options_description& general , boost::program_options::options_description& hidden ); diff --git a/db/security_commands.cpp b/db/security_commands.cpp index 67605aab77d..caaedbdf1ff 100644 --- a/db/security_commands.cpp +++ b/db/security_commands.cpp @@ -139,6 +139,7 @@ namespace mongo { string pwd; if (user == internalSecurity.user) { + uassert(15889, "key file must be used to log in with internal user", cmdLine.keyFile); pwd = internalSecurity.pwd; } else { |