Details
-
Bug
-
Resolution: Fixed
-
Critical
-
Cheshire-Cat
-
7.0.0-4388 and up
-
1
Description
Since build 4388, we are seeing failures in query sanity test:
http://server.jenkins.couchbase.com/job/build_sanity_matrix/8663/DISTRO=centos7,TYPE=1node/
For example the tests run a few queries for Advisor. Flow is as follow:
- grant admin to user
- run query as user
- run query as user
- run query as admin
From query log:
2021-02-05T05:20:11.465-08:00 [ERROR] Transmit of NOOP failed write tcp 127.0.0.1:42010->127.0.0.1:11210: write: broken pipe 2021-02-05T05:20:11.465-08:00 [ERROR] Connection Error: write tcp 127.0.0.1:42010->127.0.0.1:11210: write: broken pipe. Refreshing bucket travel-sample (vbid:199,keys:<ud>[airline_10226]</ud>) 2021-02-05T05:20:11.465-08:00 [ERROR] Transmit of NOOP failed write tcp 127.0.0.1:42012->127.0.0.1:11210: write: broken pipe |
from memcached.log:
2021-02-05T05:20:11.462632-08:00 INFO 110 RBAC [ {"ip":"127.0.0.1","port":42014} - {"ip":"127.0.0.1","port":11210} (<ud>@cbq-engine</ud>) ] missing privilege Read for GET in bucket:[travel-sample] with context: [none] UUID:[a25d0488-d7cd-49c5-9352-dc5bedf1ba7d] |
2021-02-05T05:20:11.462659-08:00 WARNING 110 [ {"ip":"127.0.0.1","port":42014} - {"ip":"127.0.0.1","port":11210} (<ud>@cbq-engine</ud>) ]: no access to command GET |
2021-02-05T05:20:11.462783-08:00 WARNING 110 - Client [ {"ip":"127.0.0.1","port":42014} - {"ip":"127.0.0.1","port":11210} (<ud>@cbq-engine</ud>) ] not aware of extended error code (no access). Disconnecting |
Query can also be DML, in sanity there are insert case and you would see similar in memcached.log:
2021-02-05T05:15:11.961970-08:00 INFO 85 RBAC [ {"ip":"127.0.0.1","port":41318} - {"ip":"127.0.0.1","port":11210} (<ud>@cbq-engine</ud>) ] missing privilege Insert for ADD in bucket:[default] with context: [none] UUID:[1655f2ab-bbc6-4c90-0a20-c43b43f5cbee] |
2021-02-05T05:15:11.962016-08:00 INFO 85 RBAC [ {"ip":"127.0.0.1","port":41318} - {"ip":"127.0.0.1","port":11210} (<ud>@cbq-engine</ud>) ] missing privilege Upsert for ADD in bucket:[default] with context: [none] UUID:[1655f2ab-bbc6-4c90-0a20-c43b43f5cbee] |
Logs can be found here: http://server.jenkins.couchbase.com/job/build_sanity_matrix/8663/DISTRO=centos7,TYPE=1node/artifact/logs/testrunner-21-Feb-05_05-03-38/test_18/172.23.107.190-20210205-0541-diag.zip
This could have been introduced via following commit: 5843355717fe20ee04f4ef36c38e4f85bfaf2acc
Note: i am not able to repro locally
Attachments
| For Gerrit Dashboard: MB-44145 | ||||||
|---|---|---|---|---|---|---|
| # | Subject | Branch | Project | Status | CR | V |
| 145335,2 | MB-44145 disable impersonate auditing | master | query | Status: MERGED | +2 | +1 |
| 145348,2 | temporarily not enable auditing in longevity test to workaround MB-44145 | master | sequoia | Status: MERGED | +2 | +1 |
| 145441,3 | MB-44145 audit builtin users correctly | master | query | Status: MERGED | +2 | +1 |