Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-32169

A cursor created with a session cannot be killed outside that session

XMLWordPrintableJSON

    • Type: Icon: Bug Bug
    • Resolution: Fixed
    • Priority: Icon: Major - P3 Major - P3
    • 3.6.3, 3.7.1
    • Affects Version/s: 3.6.0
    • Component/s: None
    • None
    • Fully Compatible
    • ALL
    • v3.6
    • Platforms 2017-12-18

      After SERVER-28260, a cursor created with an 'lsid' cannot be killed without passing the same lsid:

      $ cat killCursorsBug.js
db.test.insertOne({});
var res = db.runCommand({find: "test", batchSize: 0, lsid: {id: BinData(4, "QlLfPHTySm6tqfuV+EOsVA==")}});
res = db.runCommand({killCursors: "test", cursors: [res.cursor.id]});
printjson(res);
$ mongo 'mongodb://user:password@localhost:27017' killCursorsBug.js
MongoDB shell version v3.4.10
connecting to: mongodb://user:password@localhost:27017
MongoDB server version: 3.7.0-180-g09d3d18
WARNING: shell and server versions do not match
{
	"operationTime" : Timestamp(1512435604, 1),
	"ok" : 0,
	"errmsg" : "not authorized on test to execute command { killCursors: \"test\", cursors: [ 78117941810 ], $db: \"test\" }",
	"code" : 13,
	"codeName" : "Unauthorized"
}

      killCursors should succeed when run with a different session or even no session at all.

            Assignee:
            sara.golemon@mongodb.com Sara Golemon
            Reporter:
            shane.harvey@mongodb.com Shane Harvey
            Votes:
            0 Vote for this issue
            Watchers:
            10 Start watching this issue

              Created:
              Updated:
              Resolved: