From 1b5a77c8461a560f6ba505d3d146384ab60965d6 Mon Sep 17 00:00:00 2001 From: kay Date: Wed, 22 May 2013 14:10:19 -0400 Subject: [PATCH] 2.6 (2.5.x Dev series) release notes --- source/release-notes.txt | 8 ++ source/release-notes/2.6-changes.txt | 9 ++ source/release-notes/2.6.txt | 140 +++++++++++++++++++++++++++ 3 files changed, 157 insertions(+) create mode 100644 source/release-notes/2.6-changes.txt create mode 100644 source/release-notes/2.6.txt diff --git a/source/release-notes.txt b/source/release-notes.txt index 183dc98bf2d..48685eded04 100644 --- a/source/release-notes.txt +++ b/source/release-notes.txt @@ -35,6 +35,14 @@ Previous Stable Releases /release-notes/1.4 /release-notes/1.2 +Current Development Series +~~~~~~~~~~~~~~~~~~~~~~~~~~ + +.. toctree:: + :maxdepth: 1 + + /release-notes/2.6 + Other MongoDB Release Notes ~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/source/release-notes/2.6-changes.txt b/source/release-notes/2.6-changes.txt new file mode 100644 index 00000000000..05bc03e4ad3 --- /dev/null +++ b/source/release-notes/2.6-changes.txt @@ -0,0 +1,9 @@ +:orphan: + +================================================= +Changes in MongoDB 2.6 (Development Series 2.5.x) +================================================= + +.. toctree:: + + 2.6 diff --git a/source/release-notes/2.6.txt b/source/release-notes/2.6.txt new file mode 100644 index 00000000000..a11ab287e05 --- /dev/null +++ b/source/release-notes/2.6.txt @@ -0,0 +1,140 @@ +:orphan: + +======================================================== +Release Notes for MongoDB 2.6 (Development Series 2.5.x) +======================================================== + +.. default-domain:: mongodb + +MongoDB 2.6 is currently in development, as part of the 2.5 +development release series. While 2.5-series releases are currently +available, these versions of MongoDB, including the 2.6 release +candidate builds, are for **testing only and +not for production use**. + +This document will eventually contain the full release notes for +MongoDB 2.6; before its release this document covers the 2.5 +development series as a work-in-progress. + +.. contents:: See the :doc:`full index of this page <2.6-changes>` for + a complete list of changes included in 2.6 (Development + Series 2.5.x). + :backlinks: none + :local: + :depth: 2 + +Downloading +----------- + +You can download the 2.6 release candidate on the `downloads page`_ in the +:guilabel:`Development Release (Unstable)` section. There are no +distribution packages for development releases, but you can use the +binaries provided for testing purposes. See +:doc:`/tutorial/install-mongodb-on-linux`, +:doc:`/tutorial/install-mongodb-on-windows`, or +:doc:`/tutorial/install-mongodb-on-os-x` for the basic installation +process. + +.. _`downloads page`: http://www.mongodb.org/downloads + +Changes +------- + +Major Features +++++++++++++++ + +SASL Library Change +~~~~~~~~~~~~~~~~~~~ + +MongoDB Enterprise uses Cyrus SASL instead of GNU SASL (``libgsasl``). +This change has the following SASL2 and Cyrus SASL library and GSSAPI +plugin dependencies: + +For Debian or Ubuntu, install the following: + +.. code-block:: sh + + sudo apt-get install cyrus-sasl2-dbg cyrus-sasl2-mit-dbg libsasl2-2 libsasl2-dev libsasl2-modules libsasl2-modules-gssapi-mit + + +For CentOS, Red Hat Enterprise Linux, and Amazon AMI, install the +following: + +.. code-block:: sh + + sudo yum install cyrus-sasl cyrus-sasl-lib cyrus-sasl-devel cyrus-sasl-gssapi + +For SUSE, install the following: + +.. code-block:: sh + + sudo zypper install cyrus-sasl cyrus-sasl-devel cyrus-sasl-gssapi + +LDAP Support for Authentication +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +MongoDB Enterprise provides support for proxy authentication of users. This +change allows administrators to configure a MongoDB cluster to authenticate +users via Linux PAM or by proxying authentication requests to a specified LDAP +service. + +.. warning:: + + Because this change uses ``SASL PLAIN`` mechanism to transmit the + user password to the MongoDB server, you should, in general, use + only on a trusted channel (VPN, SSL, trusted wired network). + +Configuration +````````````` + +LDAP support for user authentication requires proper configuration of +the ``saslauthd`` daemon process as well as introduces a new server +parameter, ``saslauthdPath``. ``saslauthdPath`` is the path to the Unix +Domain Socket of the ``saslauthd`` instance to use for proxy +authentication. + +``saslauthd`` Configuration +^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +To use with ActiveDirectory, start ``saslauthd`` with the following +config file contents: + +.. code-block:: none + + ldap_servers: + ldap_use_sasl: yes + ldap_mech: DIGEST-MD5 + ldap_auth_method: fastbind + +MongoDB Server Configuration +^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +Configure the MongoDB server with the ``saslauthdPath`` parameter: + +- If ``saslauthd`` has a socket path of ``///saslauthd``, + set the ``saslauthdPath`` parameter to + ``///saslauthd/mux``. + +- Otherwise, set the ``saslauthdPath`` to the empty string to use the + library's default value. + +Authenticate in the ``mongo`` Shell +``````````````````````````````````` + +To use this authentication mechanism in the :program:`mongo` shell, you +**must** pass ``digestPassword: false`` to :method:`db.auth()` when +authenticating on the ``$external`` database, since the server must +receive an undigested password to forward on to ``saslauthd``, as in +the following example: + +.. code-block:: javascript + + use $external + db.auth( + { + mechanism: "PLAIN", + user: "application/reporting@EXAMPLE.NET", + password: "some1nterestingPwd", + digestPassword: false + } + )