Merge branch 'PSMDB-329-RELAXPERMCHECKS-3.6' into PSMDB-329-RELAXPERM…

…CHECKS-4.0
patrickbirch · Feb 28, 2019 · 96128c7 · 96128c7
2 parents 4ad9cac + f710fcf
commit 96128c7
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 1 deletion.
diff --git a/source/data_at_rest_encryption.rst b/source/data_at_rest_encryption.rst
@@ -94,12 +94,21 @@ key and save it to a file by using the |openssl| command:
    $ openssl rand -base64 32 > mongodb-keyfile
 
 Then, as the owner of the ``mongod`` process, update the file permissions: only
-the owner should be able to read and modify this file:
+the owner should be able to read and modify this file. The effective permissions
+specified with the ``chmod`` command can either be **600** (only the owner may
+read and modify the file) or **400** (only the owner may read the file.)
 
 .. code-block:: bash
 
    $ chmod 600 mongodb-keyfile
 
+If ``mongod`` is started with the ``--relaxPermChecks`` option and the key file
+is owned by ``root`` then ``mongod`` can read the file based on the
+group bit set accordingly. The effective key file permissions in this
+case are either **440** (both the owner and the group can only read the file) or
+**640** (only the owner can read and the change the file, the group can only
+read the file).
+
 .. seealso::
 
    |mongodb| Documentation: Configure Encryption
@@ -113,11 +122,14 @@ All these options can be specified in the configuration file:
       enableEncryption: <boolean>
       encryptionCipherMode: <string>
       encryptionKeyFile: <string>
+      relaxPermChecks: <boolean>
 
 .. seealso::
 
    |mongodb| Documentation: How to set options in a configuration file
       https://docs.mongodb.com/manual/reference/configuration-options/index.html#configuration-file
+
+
 
 .. |openssl| replace:: :program:`openssl`
 .. |mongodb-enterprise| replace:: MongoDB Enterprise

diff --git a/source/install/index.rst b/source/install/index.rst
@@ -18,6 +18,7 @@ Percona provides packages for the following systems:
        * Ubuntu 14.04 LTS (Trusty Tahr)
        * Ubuntu 16.04 (Xenial Xerus)
        * Ubuntu 18.04 LTS (Bionic Beaver)
+       * Ubuntu 18.10 (Cosmic Cuttlefish)
      - :ref:`Install on Debian or Ubuntu <apt>`
    * - * Red Hat Enterprise Linux / CentOS 6
        * Red Hat Enterprise Linux / CentOS 7