summaryrefslogtreecommitdiff
path: root/src/mongo/db/startup_warnings_common.cpp
diff options
context:
space:
mode:
authorAndreas Nilsson <andreas.nilsson@mongodb.com>2016-03-21 09:09:03 -0400
committerAndreas Nilsson <andreas.nilsson@mongodb.com>2016-03-25 12:03:17 -0400
commitef2130288e7d2c89dcd1a503dfd701263d5563fe (patch)
treecc8f912ab33bec2c4cadad84d264f8ecc03eaf81 /src/mongo/db/startup_warnings_common.cpp
parenta1d9d2251734bc4077255ae33e17f5a210697839 (diff)
downloadmongo-ef2130288e7d2c89dcd1a503dfd701263d5563fe.tar.gz
SERVER-22708 Insecure configuration startup warnings
Diffstat (limited to 'src/mongo/db/startup_warnings_common.cpp')
-rw-r--r--src/mongo/db/startup_warnings_common.cpp28
1 files changed, 26 insertions, 2 deletions
diff --git a/src/mongo/db/startup_warnings_common.cpp b/src/mongo/db/startup_warnings_common.cpp
index 54af64faff5..e3010bcb0a9 100644
--- a/src/mongo/db/startup_warnings_common.cpp
+++ b/src/mongo/db/startup_warnings_common.cpp
@@ -61,8 +61,7 @@ void logCommonStartupWarnings(const ServerGlobalParams& serverParams) {
}
}
- if ((serverParams.isAuthEnabled ||
- serverParams.clusterAuthMode.load() != ServerGlobalParams::ClusterAuthMode_undefined) &&
+ if (serverParams.authState == ServerGlobalParams::AuthState::kEnabled &&
(serverParams.rest || serverParams.isHttpInterfaceEnabled || serverParams.jsonp)) {
log() << startupWarningsLog;
log()
@@ -75,6 +74,31 @@ void logCommonStartupWarnings(const ServerGlobalParams& serverParams) {
warned = true;
}
+ if (serverParams.authState == ServerGlobalParams::AuthState::kUndefined) {
+ log() << startupWarningsLog;
+ if (serverParams.bind_ip.empty()) {
+ log() << "** WARNING: Insecure configuration, access control is not "
+ "enabled and no --bind_ip has been specified." << startupWarningsLog;
+ log() << "** Read and write access to data and configuration is "
+ "unrestricted, " << startupWarningsLog;
+ log() << "** and the server listens on all available network interfaces."
+ << startupWarningsLog;
+ } else {
+ log() << "** WARNING: Access control is not enabled for the database."
+ << startupWarningsLog;
+ log() << "** Read and write access to data and configuration is "
+ "unrestricted." << startupWarningsLog;
+ }
+ warned = true;
+ } else if (serverParams.bind_ip.empty()) {
+ log() << startupWarningsLog;
+ log() << "** WARNING: The server was started without specifying a "
+ "--bind_ip " << startupWarningsLog;
+ log() << "** and listens for connections on all available "
+ "network interfaces." << startupWarningsLog;
+ warned = true;
+ }
+
const bool is32bit = sizeof(int*) == 4;
if (is32bit) {
log() << startupWarningsLog;
View Lorry Controller Status