SERVER-42846 Update manpages

2019-10-29 19:45:47 +00:00 · 2019-10-29 19:45:47 +00:00 · 46d533cb48
parent d6098dae6d
commit 46d533cb48
14 changed files with 4693 additions and 865 deletions
--- a/debian/bsondump.1
+++ b/debian/bsondump.1
@ -1,6 +1,6 @@
 .\" Man page generated from reStructuredText.
 .
-.TH "BSONDUMP" "1" "Jul 25, 2019" "4.2" "mongodb-manual"
+.TH "BSONDUMP" "1" "Aug 16, 2019" "4.2" "mongodb-manual"
 .SH NAME
 bsondump \- MongoDB BSON Utility
 .
@ -62,6 +62,10 @@ Run \fI\%bsondump\fP from the system command line, not the \fBmongo\fP shell.
 BSON files, not a tool for data ingestion or other application use.
 .UNINDENT
 .UNINDENT
 .sp
 Starting in version 4.2, \fI\%bsondump\fP uses Extended
 JSON v2.0 (Canonical mode)
 to format its data.
 .SH OPTIONS
 .sp
 Changed in version 3.0.0: \fI\%bsondump\fP removed the \fB\-\-filter\fP, \fB\-\-dbpath\fP and the
--- a/debian/mongo.1
+++ b/debian/mongo.1
@ -1,6 +1,6 @@
 .\" Man page generated from reStructuredText.
 .
-.TH "MONGO" "1" "Jul 25, 2019" "4.2" "mongodb-manual"
+.TH "MONGO" "1" "Aug 16, 2019" "4.2" "mongodb-manual"
 .SH NAME
 mongo \- MongoDB Shell
 .
@ -59,11 +59,20 @@ The \fI\%mongo\fP shell is part of the \fI\%MongoDB distributions\fP\&.
 \fBNOTE:\fP
 .INDENT 0.0
 .INDENT 3.5
 .INDENT 0.0
 .IP \(bu 2
 Starting in MongoDB 4.2, the \fI\%mongo\fP shell displays a
 warning message when connected to non\-genuine MongoDB instances as
 these instances may behave differently from the official MongoDB
 instances; e.g. missing or incomplete features, different feature
 behaviors, etc.
 .IP \(bu 2
 Starting in version 4.0, \fI\%mongo\fP disables support for TLS 1.0
 encryption on systems where TLS 1.1+ is available. For
 more details, see 4.0\-disable\-tls\&.
 .UNINDENT
 .UNINDENT
 .UNINDENT
 .SH SYNTAX
 .INDENT 0.0
 .IP \(bu 2
@ -587,6 +596,15 @@ default name of \fBmongodb\fP\&.
 This option is available only in MongoDB Enterprise.
 .UNINDENT
 .SS TLS Options
 .sp
 \fBNOTE:\fP
 .INDENT 0.0
 .INDENT 3.5
 Starting in version 4.0, \fI\%mongo\fP disables support for TLS 1.0
 encryption on systems where TLS 1.1+ is available. For
 more details, see 4.0\-disable\-tls\&.
 .UNINDENT
 .UNINDENT
 .INDENT 0.0
 .INDENT 3.5
 .SS See
@ -883,6 +901,15 @@ counterparts instead. The SSL protocol is deprecated and MongoDB
 supports TLS 1.0 and later.
 .UNINDENT
 .UNINDENT
 .sp
 \fBNOTE:\fP
 .INDENT 0.0
 .INDENT 3.5
 Starting in version 4.0, \fI\%mongo\fP disables support for TLS 1.0
 encryption on systems where TLS 1.1+ is available. For
 more details, see 4.0\-disable\-tls\&.
 .UNINDENT
 .UNINDENT
 .INDENT 0.0
 .TP
 .B \-\-ssl
@ -1650,6 +1677,13 @@ mongo script\-file.js \-u <user> \-p
 .fi
 .UNINDENT
 .UNINDENT
 .sp
 \fBSEE ALSO:\fP
 .INDENT 0.0
 .INDENT 3.5
 \fBisInteractive()\fP
 .UNINDENT
 .UNINDENT
 .SS Use \fI\%\-\-eval\fP to Print Query Results as JSON
 .sp
 To print return a query as JSON, from the system prompt using
@ -1678,6 +1712,8 @@ the additional JavaScript required to generate this output.
 /reference/method
 .IP \(bu 2
 /mongo
 .IP \(bu 2
 \fBisInteractive()\fP
 .UNINDENT
 .UNINDENT
 .UNINDENT
--- a/debian/mongod.1
+++ b/debian/mongod.1
@ -1,6 +1,6 @@
 .\" Man page generated from reStructuredText.
 .
-.TH "MONGOD" "1" "Jul 25, 2019" "4.2" "mongodb-manual"
+.TH "MONGOD" "1" "Aug 16, 2019" "4.2" "mongodb-manual"
 .SH NAME
 mongod \- MongoDB Server
 .
@ -387,6 +387,45 @@ is, you can specify one or the other, but not both.
 .UNINDENT
 .INDENT 0.0
 .TP
 .B \-\-clusterIpSourceWhitelist <string>
 New in version 3.6.
 .sp
 A list of IP addresses/CIDR (\fI\%Classless Inter\-Domain Routing\fP) ranges against which the
 \fI\%mongod\fP validates authentication requests from other members of
 the replica set and, if part of a sharded cluster, the \fBmongos\fP
 instances. The \fI\%mongod\fP verifies that the originating IP is
 either explicitly in the list or belongs to a CIDR range in the list. If the
 IP address is not present, the server does not authenticate the
 \fI\%mongod\fP or \fBmongos\fP\&.
 .sp
 \fI\%\-\-clusterIpSourceWhitelist\fP has no effect on a \fI\%mongod\fP started without
 authentication\&.
 .sp
 \fI\%\-\-clusterIpSourceWhitelist\fP accepts multiple comma\-separated IPv4/6 addresses or Classless
 Inter\-Domain Routing (\fI\%CIDR\fP) ranges:
 .INDENT 7.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
 mongod \-\-clusterIpSourceWhitelist 192.0.2.0/24,127.0.0.1,::1
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
 .sp
 \fBIMPORTANT:\fP
 .INDENT 7.0
 .INDENT 3.5
 Ensure \fI\%\-\-clusterIpSourceWhitelist\fP includes the IP address \fIor\fP CIDR ranges that include the
 IP address of each replica set member or \fBmongos\fP in the
 deployment to ensure healthy communication between cluster components.
 .UNINDENT
 .UNINDENT
 .UNINDENT
 .INDENT 0.0
 .TP
 .B \-\-ipv6
 Enables IPv6 support. \fBmongod\fP disables IPv6 support by default.
 .sp
@ -978,12 +1017,26 @@ _
 New in version 4.2.
 .sp
-Outputs the resolved YAML configuration document for the \fBmongod\fP
+Outputs the \fBmongod\fP instance\(aqs configuration options, formatted
-to \fBstdout\fP and halts the \fBmongod\fP instance. For configuration
+in YAML, to \fBstdout\fP and exits the \fBmongod\fP instance. For
-options using externally\-sourced\-values, \fI\%\-\-outputConfig\fP returns the
+configuration options that uses externally\-sourced\-values,
-resolved value for those options. This may include any configured
+\fI\%\-\-outputConfig\fP returns the resolved value for those options.
-passwords or secrets previously obfuscated through the external
+.sp
-source.
+\fBWARNING:\fP
 .INDENT 7.0
 .INDENT 3.5
 This may include any configured passwords or secrets previously
 obfuscated through the external source.
 .UNINDENT
 .UNINDENT
 .sp
 For usage examples, see:
 .INDENT 7.0
 .IP \(bu 2
 expansion\-directive\-output
 .IP \(bu 2
 /tutorial/convert\-command\-line\-options\-to\-yaml
 .UNINDENT
 .UNINDENT
 .SS Free Monitoring
 .sp
@ -1504,8 +1557,35 @@ A relative LDAP query URL formatted conforming to \fI\%RFC4515\fP and \fI\%RFC45
 the LDAP groups to which the authenticated user belongs to. The query is
 relative to the host or hosts specified in \fI\%\-\-ldapServers\fP\&.
 .sp
-Use the \fB{USER}\fP placeholder in the URL to substitute the authenticated
+In the URL, you can use the following substituion tokens:
-username, or the transformed username if a \fI\%username mapping\fP is specified.
+.TS
 center;
 |l|l|.
 _
 T{
 Substitution Token
 T}	T{
 Description
 T}
 _
 T{
 \fB{USER}\fP
 T}	T{
 Substitutes the authenticated username, or the
 \fBtransformed\fP
 username if a \fI\%username mapping\fP is specified.
 T}
 _
 T{
 \fB{PROVIDED_USER}\fP
 T}	T{
 Substitutes the supplied username, i.e. before either
 authentication or \fBLDAP transformation\fP\&.
 .sp
 New in version 4.2.
 T}
 _
 .TE
 .sp
 When constructing the query URL, ensure that the order of LDAP parameters
 respects RFC4516:
@ -1688,47 +1768,6 @@ in\-memory storage engine\&.
 .UNINDENT
 .INDENT 0.0
 .TP
 .B \-\-nssize <value>
 \fIDefault\fP: 16
 .sp
 Specifies the default size for namespace files, which are files that end
 in \fB\&.ns\fP\&. Each collection and index counts as a namespace.
 .sp
 Use this setting to control size for newly created namespace files. This
 option has no impact on existing files. The maximum size for a namespace
 file is 2047 megabytes. The default value of 16 megabytes provides for
 approximately 24,000 namespaces.
 .UNINDENT
 .INDENT 0.0
 .TP
 .B \-\-quota
 Enables a maximum limit for the number data files each database can
 have. When running with the \fI\%\-\-quota\fP option, MongoDB has a maximum of 8
 data files per database. Adjust the quota with
 \fI\%\-\-quotaFiles\fP\&.
 .UNINDENT
 .INDENT 0.0
 .TP
 .B \-\-quotaFiles <number>
 \fIDefault\fP: 8
 .sp
 Modifies the limit on the number of data files per database. \fI\%\-\-quotaFiles\fP
 option requires that you set \fI\%\-\-quota\fP\&.
 .UNINDENT
 .INDENT 0.0
 .TP
 .B \-\-smallfiles
 Sets MongoDB to use a smaller default file size. The \fI\%\-\-smallfiles\fP option
 reduces the initial size for data files and limits the maximum size to
 512 megabytes. \fI\%\-\-smallfiles\fP also reduces the size of each journal
 file from 1 gigabyte to 128 megabytes. Use \fI\%\-\-smallfiles\fP if you have a large
 number of databases that each holds a small quantity of data.
 .sp
 The \fI\%\-\-smallfiles\fP option can lead the \fBmongod\fP instance to create a large
 number of files, which can affect performance for larger databases.
 .UNINDENT
 .INDENT 0.0
 .TP
 .B \-\-syncdelay <value>
 \fIDefault\fP: 60
 .sp
@ -1864,15 +1903,6 @@ WiredTiger storage engine.
 .UNINDENT
 .INDENT 0.0
 .TP
 .B \-\-journalOptions <arguments>
 Provides functionality for testing. Not for general use, and will affect data
 file integrity in the case of abnormal system shutdown.
 .sp
 Not available for \fI\%mongod\fP instances that use the
 in\-memory storage engine\&.
 .UNINDENT
 .INDENT 0.0
 .TP
 .B \-\-journalCommitInterval <value>
 \fIDefault\fP: 100 or 30
 .sp
@ -1898,10 +1928,8 @@ in\-memory storage engine\&.
 Defines the maximum size of the internal cache that WiredTiger will
 use for all data. The memory consumed by an index build (see
 \fBmaxIndexBuildMemoryUsageMegabytes\fP) is separate from the
-WiredTiger cache memory.
+WiredTiger cache memory. Starting in MongoDB 3.4, the values can range
-.sp
+from 0.25 GB  to 10000 GB and can be a float.
 Starting in MongoDB 3.4, \fI\%\-\-wiredTigerCacheSizeGB\fP values can range from 0.25 GB  to
 10000 GB and can be a float.
 .sp
 Starting in MongoDB 3.4, the default WiredTiger internal cache size is
 the larger of either:
@ -1918,6 +1946,18 @@ Conversely, a system with a total of 1.25 GB of RAM will allocate 256
 MB to the WiredTiger cache because that is more than half of the
 total RAM minus one gigabyte (\fB0.5 * (1.25 GB \- 1 GB) = 128 MB < 256 MB\fP).
 .sp
 \fBNOTE:\fP
 .INDENT 7.0
 .INDENT 3.5
 In some instances, such as when running in a container, the database
 can have memory constraints that are lower than the total system
 memory. In such instances, this memory limit, rather than the total
 system memory, is used as the maximum RAM available.
 .sp
 To see the memory limit, see \fBhostInfo.system.memLimitMB\fP\&.
 .UNINDENT
 .UNINDENT
 .sp
 Avoid increasing the WiredTiger internal cache size above its
 default value.
 .sp
@ -1950,9 +1990,10 @@ instances.
 .sp
 If you run \fI\%mongod\fP in a container (e.g. \fBlxc\fP,
 \fBcgroups\fP, Docker, etc.) that does \fInot\fP have access to all of the
-RAM available in a system, you must set \fI\%\-\-wiredTigerCacheSizeGB\fP to a value less
+RAM available in a system, you must set \fI\%\-\-wiredTigerCacheSizeGB\fP to a value
-than the amount of RAM available in the container. The exact amount
+less than the amount of RAM available in the container. The exact
-depends on the other processes running in the container.
+amount depends on the other processes running in the container. See
 \fBmemLimitMB\fP\&.
 .UNINDENT
 .INDENT 0.0
 .TP
@ -3949,6 +3990,25 @@ need to, but can, also specify the \fI\%\-\-kmipServerCAFile\fP\&.
 .UNINDENT
 .UNINDENT
 .UNINDENT
 .INDENT 0.0
 .TP
 .B \-\-eseDatabaseKeyRollover
 New in version 4.2.
 .sp
 Roll over the encrypted storage engine database keys configured with
 \fBAES256\-GCM\fP cipher.
 .sp
 When \fI\%mongod\fP instance is started with this option, the
 instance rotates the keys and exits.
 .INDENT 7.0
 .INDENT 3.5
 .IP "Enterprise Feature"
 .sp
 Available in MongoDB Enterprise only.
 .UNINDENT
 .UNINDENT
 .UNINDENT
 .SH AUTHOR
 MongoDB Documentation Project
 .SH COPYRIGHT
--- a/debian/mongodb-parameters.5
+++ b/debian/mongodb-parameters.5
--- a/debian/mongodump.1
+++ b/debian/mongodump.1
@ -1,6 +1,6 @@
 .\" Man page generated from reStructuredText.
 .
-.TH "MONGODUMP" "1" "Jul 25, 2019" "4.2" "mongodb-manual"
+.TH "MONGODUMP" "1" "Aug 16, 2019" "4.2" "mongodb-manual"
 .SH NAME
 mongodump \- MongoDB Data Dump Utility
 .
@ -35,6 +35,8 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
 .IP \(bu 2
 \fI\%Synopsis\fP
 .IP \(bu 2
 \fI\%Usage in Backup Strategy\fP
 .IP \(bu 2
 \fI\%Syntax\fP
 .IP \(bu 2
 \fI\%Behavior\fP
@ -58,13 +60,14 @@ of  mongodump\&.
 \fI\%mongodump\fP is a utility for creating a binary export of the
 contents of a database. \fI\%mongodump\fP can export data from
 either \fBmongod\fP or \fBmongos\fP instances.
 .SH USAGE IN BACKUP STRATEGY
 .SS Standalones/Replica Sets
 .sp
-\fI\%mongodump\fP can be a part of a backup strategy with \fBmongorestore\fP for partial
+For standalone or a replica set, \fI\%mongodump\fP can be a part
-backups based on a query, syncing from production to staging or
+of a backup strategy with
-development environments, or changing the storage engine of a
+\fBmongorestore\fP for partial backups based on a query,
-standalone. However, the use of \fI\%mongodump\fP and
+syncing from production to staging or development environments, or
-\fBmongorestore\fP as a backup strategy can be problematic for
+changing the storage engine of a standalone.
 sharded clusters and replica sets.
 .sp
 For an overview of \fI\%mongodump\fP in conjunction with
 \fBmongorestore\fP part of a backup and recovery strategy, see:
@ -72,10 +75,25 @@ For an overview of \fI\%mongodump\fP in conjunction with
 .IP \(bu 2
 /tutorial/backup\-and\-restore\-tools
 .IP \(bu 2
 /tutorial/backup\-sharded\-cluster\-with\-database\-dumps
 .IP \(bu 2
 /core/backups
 .UNINDENT
 .SS Sharded Cluster
 .sp
 Starting in MongoDB 4.2, \fI\%mongodump\fP and
 \fBmongorestore\fP \fBcannot\fP be part of a backup
 strategy for sharded clusters. These manual tools do not maintain
 the atomicity guarantees of transactions across shards.
 .sp
 To maintain the atomicity guarantees of transactions across shards,
 use the coordinated backup and restore services provided by:
 .INDENT 0.0
 .IP \(bu 2
 \fI\%MongoDB Atlas\fP,
 .IP \(bu 2
 \fI\%MongoDB Cloud Manager\fP, or
 .IP \(bu 2
 \fI\%MongoDB Ops Manager\fP\&.
 .UNINDENT
 .SH SYNTAX
 .sp
 Run \fI\%mongodump\fP from the system command line, not the \fBmongo\fP shell.
@ -370,6 +388,23 @@ read\-only views\&. By default,
 create a binary export of the documents included in the view. To
 capture the documents in a view use \fI\%\-\-viewsAsCollections\fP\&.
 .SS Metadata Format
 .sp
 Starting in version 4.2, \fI\%mongodump\fP uses Extended
 JSON v2.0 (Canonical) format
 for the metadata files. To parse these files for restore, use
 \fBmongorestore\fP version 4.2+ that supports Extended
 JSON v2.0 (Canonical or Relaxed mode) format.
 .INDENT 0.0
 .INDENT 3.5
 .SS Tip
 .sp
 If general, use corresponding versions of \fI\%mongodump\fP
 and \fBmongorestore\fP\&. That is, to restore data files
 created with a specific version of \fI\%mongodump\fP, use the
 corresponding version of \fBmongorestore\fP\&.
 .UNINDENT
 .UNINDENT
 .SS Overwrite Files
 .sp
 \fI\%mongodump\fP overwrites output files if they exist in the
@ -932,11 +967,28 @@ to the dump files.
 .INDENT 0.0
 .TP
 .B \-\-query <json>, \-q <json>
-Provides a JSON document as a query that optionally limits the
+Provides a JSON document as a query that optionally limits
-documents included in the output of \fI\%mongodump\fP\&.
+the documents included in the output of \fI\%mongodump\fP\&. To
 use the \fB\-\-query\fP option, you must also specify the
 \fI\%\-\-collection\fP option.
 .sp
 You must enclose the query document in single quotes (\fB\(aq{ ... }\(aq\fP) to ensure that it does
 not interact with your shell environment.
 .sp
 Starting in MongoDB 4.2, the query \fBmust\fP be in
 Extended JSON v2 format (either relaxed or canonical/strict
 mode), including enclosing the
 field names and operators in quotes.  For example:
 .INDENT 7.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
 mongodump \-d test \-c records \-q \(aq{ "a": { "$gte": 3 }, "date": { "$lt": { "$date": "2016\-01\-01T00:00:00.000Z" } } }\(aq
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
 .UNINDENT
 .INDENT 0.0
 .TP
--- a/debian/mongoexport.1
+++ b/debian/mongoexport.1
@ -1,6 +1,6 @@
 .\" Man page generated from reStructuredText.
 .
-.TH "MONGOEXPORT" "1" "Jul 25, 2019" "4.2" "mongodb-manual"
+.TH "MONGOEXPORT" "1" "Aug 16, 2019" "4.2" "mongodb-manual"
 .SH NAME
 mongoexport \- MongoDB Export Utility
 .
@ -387,13 +387,20 @@ kind of functionality.
 .UNINDENT
 .UNINDENT
 .sp
-To preserve type information, \fI\%mongoexport\fP and \fBmongoimport\fP
+Starting in version 4.2, \fI\%mongoexport\fP:
-uses the strict mode representation
+.INDENT 0.0
-for certain types.
+.IP \(bu 2
 Outputs data in Extended JSON v2.0 (Relaxed mode) by default.
 .IP \(bu 2
 Outputs Extended JSON v2.0 (Canonical mode) if used with
 \fI\%\-\-jsonFormat\fP\&.
 .UNINDENT
 .sp
 Earlier versions used Extended JSON v1.0 (Canonical mode)\&.
 .sp
 For example, the following insert operation in the \fBmongo\fP
-shell uses the shell mode representation for the BSON types
+shell uses the various shell helpers for the
-\fBdata_date\fP and \fBdata_numberlong\fP:
+BSON types Date and 64\-bit integer:
 .INDENT 0.0
 .INDENT 3.5
 .sp
@ -406,7 +413,7 @@ db.traffic.insert( { _id: 1, volume: NumberLong(\(aq2980000\(aq), date: new Date
 .UNINDENT
 .UNINDENT
 .sp
-The argument to \fBdata_numberlong\fP must be quoted to avoid potential
+The argument to 64\-bit integer must be quoted to avoid potential
 loss of accuracy.
 .sp
 Use \fI\%mongoexport\fP to export the data:
@ -421,20 +428,57 @@ mongoexport \-\-db test \-\-collection traffic \-\-out traffic.json
 .UNINDENT
 .UNINDENT
 .sp
-The exported data is in strict mode representation to preserve type information:
+In version 4.2+, the exported data is in Extended JSON v2.0
 (Relaxed mode)\&.
 .INDENT 0.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-{ "_id" : 1, "volume" : { "$numberLong" : "2980000" }, "date" : { "$date" : "2014\-03\-13T13:47:42.483\-0400" } }
+{"_id":1.0,"volume":2980000,"date":{"$date":"2019\-08\-05T16:18:29.559Z"}}
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
 .sp
-See /reference/mongodb\-extended\-json for a complete list of
+To output in Extended JSON v2.0 (Canonical
-these types and the representations used.
+mode), include the
 \fI\%\-\-jsonFormat=canonical\fP:
 .INDENT 0.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
 mongoexport \-\-db test \-\-collection traffic \-\-jsonFormat=canonical \-\-out traffic.json
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
 .sp
 The exported data is in Extended JSON v2.0 (Canonical
 mode):
 .INDENT 0.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
 {"_id":{"$numberDouble":"1.0"},"volume":{"$numberLong":"2980000"},"date":{"$date":{"$numberLong":"1565363188675"}}}
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
 .sp
 In version 4.0 and earlier, the exported data is in Extended JSON v1.0 (Strict mode)
 .INDENT 0.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
 {"_id":1.0,"volume":{"$numberLong":"2980000"},"date":{"$date":"2019\-08\-05T16:18:29.559Z"}}
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
 .SS FIPS
 .sp
 Starting in version 4.2, MongoDB removes the \fB\-\-sslFIPSMode\fP
@ -1017,12 +1061,16 @@ See \fI\%Use a File to Specify the Fields to Export in CSV Format\fP for sample
 .TP
 .B \-\-query <JSON>, \-q <JSON>
 Provides a query as a JSON document (enclosed in quotes) to
-return matching documents in the export. Specify JSON in strict
+return matching documents in the export.
 format\&.
 .sp
 You must enclose the query document in single quotes (\fB\(aq{ ... }\(aq\fP) to ensure that it does
 not interact with your shell environment.
 .sp
 Starting in MongoDB 4.2, the query \fBmust\fP be in
 Extended JSON v2 format (either relaxed or canonical/strict
 mode), including enclosing the
 field names and operators in quotes:
 .sp
 For example, given a collection named \fBrecords\fP in the database
 \fBtest\fP with the following documents:
 .INDENT 7.0
@ -1041,17 +1089,18 @@ For example, given a collection named \fBrecords\fP in the database
 .UNINDENT
 .UNINDENT
 .sp
-The following \fI\%mongoexport\fP uses the \fI\%\-q\fP option to
+The following \fI\%mongoexport\fP uses the \fI\%\-q\fP option
-export only the documents with the field \fBa\fP greater than or equal to
+to export only the documents with the field \fBa\fP greater than or
-(\fB$gte\fP) to \fB3\fP and the field \fBdate\fP less than
+equal to (\fB$gte\fP) to \fB3\fP and the field \fBdate\fP less than
-\fBISODate("2016\-01\-01T00:00:00Z")\fP (using the strict format
+\fBISODate("2016\-01\-01T00:00:00Z")\fP (using the extended JSON v2
-for dates { "$date": "YYYY\-MM\-DDTHH:mm:ss.mmm<offset>"}):
+format (relaxed mode) for dates { "$date":
 "YYYY\-MM\-DDTHH:mm:ss.mmm<offset>"}):
 .INDENT 7.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-mongoexport \-d test \-c records \-q \(aq{ a: { $gte: 3 }, date: { $lt: { "$date": "2016\-01\-01T00:00:00.000Z" } } }\(aq \-\-out exportdir/myRecords.json
+mongoexport \-d test \-c records \-q \(aq{ "a": { "$gte": 3 }, "date": { "$lt": { "$date": "2016\-01\-01T00:00:00.000Z" } } }\(aq \-\-out exportdir/myRecords.json
 .ft P
 .fi
 .UNINDENT
@ -1097,6 +1146,17 @@ name, the \fI\%mongoexport\fP writes data to standard output
 .UNINDENT
 .INDENT 0.0
 .TP
 .B \-\-jsonFormat <canonical|relaxed>
 \fIDefault\fP: relaxed
 .sp
 Modifies the output to use either canonical or relaxed mode of the
 /reference/mongodb\-extended\-json format.
 .sp
 For differences between canonical and relaxed modes, see
 /reference/mongodb\-extended\-json\&.
 .UNINDENT
 .INDENT 0.0
 .TP
 .B \-\-jsonArray
 Modifies the output of \fI\%mongoexport\fP to write the
 entire contents of the export as a single JSON array. By
@ -1463,7 +1523,7 @@ database using the "\fI\%\-\-db\fP" option.
 For instance, this command returns all documents in the \fBsales\fP
 database\(aqs \fBcontacts\fP collection that contain a field named \fBdept\fP
 equal to \fB"ABC"\fP and the field \fBdate\fP greater than or equal to
-ISODate("2018\-01\-01") (using the strict format for dates
+ISODate("2018\-01\-01") (using the canonical format for dates
 { "$date": "YYYY\-MM\-DDTHH:mm:ss.mmm<offset>"} )
 .INDENT 0.0
 .INDENT 3.5
--- a/debian/mongofiles.1
+++ b/debian/mongofiles.1
@ -1,6 +1,6 @@
 .\" Man page generated from reStructuredText.
 .
-.TH "MONGOFILES" "1" "Jul 25, 2019" "4.2" "mongodb-manual"
+.TH "MONGOFILES" "1" "Aug 16, 2019" "4.2" "mongodb-manual"
 .SH NAME
 mongofiles \- MongoDB GridFS Utility
 .
@ -767,14 +767,25 @@ different location for the file on the local file system, use the
 .UNINDENT
 .INDENT 0.0
 .TP
-.B get_id "<ObjectId>"
+.B get_id "<_id>"
 New in version 3.2.0.
 .sp
-Copy the specified file from GridFS storage to the local file system.
+Copy the file, specified by its \fB<_id>\fP, from GridFS storage to the
 local file system.
 .sp
-Here \fB<ObjectId>\fP refers to the extended JSON \fB_id\fP of the
+Here \fB<_id>\fP refers to the extended JSON \fB_id\fP of the
-object in GridFS. \fI\%mongofiles\fP writes the file to the local
+object in GridFS:
 .INDENT 7.0
 .IP \(bu 2
 Starting in MongoDB 4.2, \fBget_id\fP can accept either ObjectId
 values or non\-ObjectId values for \fB<_id>\fP\&.
 .IP \(bu 2
 In MongoDB 4.0 and earlier, \fBget_id\fP only
 accepts \fB<ObjectId>\fP values.
 .UNINDENT
 .sp
 \fI\%mongofiles\fP writes the file to the local
 file system using the file\(aqs \fBfilename\fP in GridFS. To choose a
 different location for the file on the local file system, use the
 \fI\%\-\-local\fP option.
@ -786,12 +797,19 @@ Delete the specified file from GridFS storage.
 .UNINDENT
 .INDENT 0.0
 .TP
-.B delete_id "<ObjectId>"
+.B delete_id "<_id>"
 New in version 3.2.0.
 .sp
-Delete the specified file from GridFS storage. Specify the file using
+Delete the file, specified by its \fB<_id>\fP, from GridFS storage:
-its \fB_id\fP\&.
+.INDENT 7.0
 .IP \(bu 2
 Starting in MongoDB 4.2, \fBdelete_id\fP can accept
 either ObjectId values or non\-ObjectId values for \fB<_id>\fP\&.
 .IP \(bu 2
 In MongoDB 4.0 and earlier, \fBdelete_id\fP only
 accepts \fB<ObjectId>\fP values.
 .UNINDENT
 .UNINDENT
 .SH EXAMPLES
 .sp
--- a/debian/mongoimport.1
+++ b/debian/mongoimport.1
--- a/debian/mongoldap.1
+++ b/debian/mongoldap.1
@ -0,0 +1,748 @@
 .\" Man page generated from reStructuredText.
 .
 .TH "MONGOLDAP" "1" "Aug 16, 2019" "4.2" "mongodb-manual"
 .SH NAME
 mongoldap \- MongoDB LDAP Configuration Testing Utility
 .
 .nr rst2man-indent-level 0
 .
 .de1 rstReportMargin
 \\$1 \\n[an-margin]
 level \\n[rst2man-indent-level]
 level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
 -
 \\n[rst2man-indent0]
 \\n[rst2man-indent1]
 \\n[rst2man-indent2]
 ..
 .de1 INDENT
 .\" .rstReportMargin pre:
 . RS \\$1
 . nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin]
 . nr rst2man-indent-level +1
 .\" .rstReportMargin post:
 ..
 .de UNINDENT
 . RE
 .\" indent \\n[an-margin]
 .\" old: \\n[rst2man-indent\\n[rst2man-indent-level]]
 .nr rst2man-indent-level -1
 .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
 .in \\n[rst2man-indent\\n[rst2man-indent-level]]u
 ..
 .SS On this page
 .INDENT 0.0
 .IP \(bu 2
 \fI\%Synopsis\fP
 .IP \(bu 2
 \fI\%Usage\fP
 .IP \(bu 2
 \fI\%Options\fP
 .UNINDENT
 .sp
 New in version 3.4: MongoDB Enterprise
 .SH SYNOPSIS
 .sp
 Starting in version 3.4, MongoDB Enterprise provides
 \fI\%mongoldap\fP for testing MongoDB\(aqs LDAP configuration
 options against a running LDAP server or set
 of servers.
 .sp
 To validate the LDAP options in the configuration file, set the
 \fI\%mongoldap\fP \fI\%\-\-config\fP option to the configuration file\(aqs
 path.
 .sp
 To test the LDAP configuration options, you must specify a \fI\%\-\-user\fP
 and \fB\-\-password\fP\&. \fI\%mongoldap\fP simulates authentication to a
 MongoDB server running with the provided configuration options and credentials.
 .sp
 \fI\%mongoldap\fP returns a report that includes the success or failure of
 any step in the LDAP authentication or authorization procedure. Error messages
 include information on specific errors encountered and potential advice for
 resolving the error.
 .sp
 When configuring options related to LDAP authorization, \fI\%mongoldap\fP executes an LDAP query
 constructed using the provided configuration options and username, and returns
 a list of roles on the \fBadmin\fP database which the user is authorized for.
 .sp
 You can use this information when configuring LDAP authorization roles for user access control. For example, use
 \fI\%mongoldap\fP to ensure your configuration allows privileged users to
 gain the necessary roles to perform their expected tasks. Similarly, use
 \fI\%mongoldap\fP to ensure your configuration disallows non\-privileged
 users from gaining roles for accessing the MongoDB server, or performing
 unauthorized actions.
 .sp
 When configuring options related to LDAP authentication, use \fI\%mongoldap\fP to ensure that the authentication
 operation works as expected.
 .sp
 Run \fI\%mongoldap\fP from the system command line, not the \fBmongo\fP shell.
 .sp
 This document provides a complete overview of all command line options for
 \fI\%mongoldap\fP\&.
 .SH USAGE
 .sp
 \fBNOTE:\fP
 .INDENT 0.0
 .INDENT 3.5
 A full description of LDAP or Active Directory is beyond the scope of
 this documentation.
 .UNINDENT
 .UNINDENT
 .sp
 Consider the following sample configuration file, designed to support
 LDAP authentication and authorization via Active Directory:
 .INDENT 0.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
 security:
   authorization: "enabled"
   ldap:
      servers: "activedirectory.example.net"
      bind:
         queryUser: "mongodbadmin@dba.example.com"
         queryPassword: "secret123"
      userToDNMapping:
         \(aq[
            {
               match : "(.+)",
               ldapQuery: "DC=example,DC=com??sub?(userPrincipalName={0})"
            }
         ]\(aq
      authz:
         queryTemplate: "DC=example,DC=com??sub?(&(objectClass=group)(member:1.2.840.113556.1.4.1941:={USER}))"
 setParameter:
   authenticationMechanisms: "PLAIN"
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
 .sp
 You can use \fI\%mongoldap\fP to validate the configuration file, which
 returns a report of the procedure. You must specify a username and password
 for \fI\%mongoldap\fP\&.
 .INDENT 0.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
 mongoldap \-\-config <path\-to\-config> \-\-user "bob@dba.example.com" \-\-password "secret123"
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
 .sp
 If the provided credentials are valid, and the LDAP options in the
 configuration files are valid, the output might be as follows:
 .INDENT 0.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
 Checking that an LDAP server has been specified...
 [OK] LDAP server found
 Connecting to LDAP server...
 [OK] Connected to LDAP server
 Parsing MongoDB to LDAP DN mappings..
 [OK] MongoDB to LDAP DN mappings appear to be valid
 Attempting to authenticate against the LDAP server...
 [OK] Successful authentication performed
 Checking if LDAP authorization has been enabled by configuration...
 [OK] LDAP authorization enabled
 Parsing LDAP query template..
 [OK] LDAP query configuration template appears valid
 Executing query against LDAP server...
 [OK] Successfully acquired the following roles:
 \&...
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
 .SH OPTIONS
 .INDENT 0.0
 .TP
 .B \-\-config <filename>, \-f <filename>
 Specifies a configuration file for runtime configuration options.
 The options are equivalent to the command\-line
 configuration options. See /reference/configuration\-options for
 more information.
 .sp
 \fBmongoldap\fP uses any configuration options related to security\-ldap
 or security\-ldap\-external for testing LDAP authentication or
 authorization.
 .sp
 Requires specifying \fI\%\-\-user\fP\&. May accept \fI\%\-\-password\fP for
 testing LDAP authentication.
 .sp
 Ensure the configuration file uses ASCII encoding. The \fBmongoldap\fP
 instance does not support configuration files with non\-ASCII encoding,
 including UTF\-8.
 .UNINDENT
 .INDENT 0.0
 .TP
 .B \-\-user <string>
 Username for \fBmongoldap\fP to use when attempting LDAP authentication or
 authorization.
 .UNINDENT
 .INDENT 0.0
 .TP
 .B \-\-password <string>
 Password of the \fB\-\-user\fP for \fBmongoldap\fP to use when attempting LDAP
 authentication. Not required for LDAP authorization.
 .UNINDENT
 .INDENT 0.0
 .TP
 .B \-\-ldapServers <host1>:<port>,<host2>:<port>,...,<hostN>:<port>
 New in version 3.4: Available in MongoDB Enterprise only.
 .sp
 The LDAP server against which the \fBmongoldap\fP executes LDAP operations
 against to authenticate users or determine what actions a user is authorized
 to perform on a given database. If the LDAP server specified has any
 replicated instances, you may specify the host and port of each replicated
 server in a comma\-delimited list.
 .sp
 If your LDAP infrastrucure partitions the LDAP directory over multiple LDAP
 servers, specify \fIone\fP LDAP server any of its replicated instances to
 \fI\%\-\-ldapServers\fP\&. MongoDB supports following LDAP referrals as defined in \fI\%RFC 4511
 4.1.10\fP\&. Do not use \fI\%\-\-ldapServers\fP
 for listing every LDAP server in your infrastructure.
 .sp
 This setting can be configured on a running \fBmongoldap\fP using
 \fBsetParameter\fP\&.
 .sp
 If unset, \fBmongoldap\fP cannot use LDAP authentication or authorization\&.
 .UNINDENT
 .INDENT 0.0
 .TP
 .B \-\-ldapQueryUser <string>
 New in version 3.4: Available in MongoDB Enterprise only.
 .sp
 The identity with which \fBmongoldap\fP binds as, when connecting to or
 performing queries on an LDAP server.
 .sp
 Only required if any of the following are true:
 .INDENT 7.0
 .IP \(bu 2
 Using LDAP authorization\&.
 .IP \(bu 2
 Using an LDAP query for \fI\%username transformation\fP\&.
 .IP \(bu 2
 The LDAP server disallows anonymous binds
 .UNINDENT
 .sp
 You must use \fI\%\-\-ldapQueryUser\fP with \fI\%\-\-ldapQueryPassword\fP\&.
 .sp
 If unset, \fBmongoldap\fP will not attempt to bind to the LDAP server.
 .sp
 This setting can be configured on a running \fBmongoldap\fP using
 \fBsetParameter\fP\&.
 .sp
 \fBNOTE:\fP
 .INDENT 7.0
 .INDENT 3.5
 Windows MongoDB deployments can use \fI\%\-\-ldapBindWithOSDefaults\fP
 instead of \fI\%\-\-ldapQueryUser\fP and \fI\%\-\-ldapQueryPassword\fP\&. You cannot specify
 both \fI\%\-\-ldapQueryUser\fP and \fI\%\-\-ldapBindWithOSDefaults\fP at the same time.
 .UNINDENT
 .UNINDENT
 .UNINDENT
 .INDENT 0.0
 .TP
 .B \-\-ldapQueryPassword <string>
 New in version 3.4: Available in MongoDB Enterprise only.
 .sp
 The password used to bind to an LDAP server when using
 \fI\%\-\-ldapQueryUser\fP\&. You must use \fI\%\-\-ldapQueryPassword\fP with
 \fI\%\-\-ldapQueryUser\fP\&.
 .sp
 If unset, \fBmongoldap\fP will not attempt to bind to the LDAP server.
 .sp
 This setting can be configured on a running \fBmongoldap\fP using
 \fBsetParameter\fP\&.
 .sp
 \fBNOTE:\fP
 .INDENT 7.0
 .INDENT 3.5
 Windows MongoDB deployments can use \fI\%\-\-ldapBindWithOSDefaults\fP
 instead of \fI\%\-\-ldapQueryPassword\fP and \fI\%\-\-ldapQueryPassword\fP\&. You cannot specify
 both \fI\%\-\-ldapQueryPassword\fP and \fI\%\-\-ldapBindWithOSDefaults\fP at the same time.
 .UNINDENT
 .UNINDENT
 .UNINDENT
 .INDENT 0.0
 .TP
 .B \-\-ldapBindWithOSDefaults <bool>
 \fIDefault\fP: False
 .sp
 New in version 3.4: Available in MongoDB Enterprise for the Windows platform only.
 .sp
 Allows \fBmongoldap\fP to authenticate, or bind, using your Windows login
 credentials when connecting to the LDAP server.
 .sp
 Only required if:
 .INDENT 7.0
 .IP \(bu 2
 Using LDAP authorization\&.
 .IP \(bu 2
 Using an LDAP query for \fI\%username transformation\fP\&.
 .IP \(bu 2
 The LDAP server disallows anonymous binds
 .UNINDENT
 .sp
 Use \fI\%\-\-ldapBindWithOSDefaults\fP to replace \fI\%\-\-ldapQueryUser\fP and
 \fI\%\-\-ldapQueryPassword\fP\&.
 .UNINDENT
 .INDENT 0.0
 .TP
 .B \-\-ldapBindMethod <string>
 \fIDefault\fP: simple
 .sp
 New in version 3.4: Available in MongoDB Enterprise only.
 .sp
 The method \fBmongoldap\fP uses to authenticate to an LDAP server.
 Use with \fI\%\-\-ldapQueryUser\fP and \fI\%\-\-ldapQueryPassword\fP to
 connect to the LDAP server.
 .sp
 \fI\%\-\-ldapBindMethod\fP supports the following values:
 .INDENT 7.0
 .IP \(bu 2
 \fBsimple\fP \- \fBmongoldap\fP uses simple authentication.
 .IP \(bu 2
 \fBsasl\fP \- \fBmongoldap\fP uses SASL protocol for authentication
 .UNINDENT
 .sp
 If you specify \fBsasl\fP, you can configure the available SASL mechanisms
 using \fI\%\-\-ldapBindSASLMechanisms\fP\&. \fBmongoldap\fP defaults to
 using \fBDIGEST\-MD5\fP mechanism.
 .UNINDENT
 .INDENT 0.0
 .TP
 .B \-\-ldapBindSASLMechanisms <string>
 \fIDefault\fP: DIGEST\-MD5
 .sp
 New in version 3.4: Available in MongoDB Enterprise only.
 .sp
 A comma\-separated list of SASL mechanisms \fBmongoldap\fP can
 use when authenticating to the LDAP server. The \fBmongoldap\fP and the
 LDAP server must agree on at least one mechanism. The \fBmongoldap\fP
 dynamically loads any SASL mechanism libraries installed on the host
 machine at runtime.
 .sp
 Install and configure the appropriate libraries for the selected
 SASL mechanism(s) on both the \fBmongoldap\fP host and the remote
 LDAP server host. Your operating system may include certain SASL
 libraries by default. Defer to the documentation associated with each
 SASL mechanism for guidance on installation and configuration.
 .sp
 If using the \fBGSSAPI\fP SASL mechanism for use with
 security\-kerberos, verify the following for the
 \fBmongoldap\fP host machine:
 .INDENT 7.0
 .TP
 .B \fBLinux\fP
 .INDENT 7.0
 .IP \(bu 2
 The \fBKRB5_CLIENT_KTNAME\fP environment
 variable resolves to the name of the client keytab\-files
 for the host machine. For more on Kerberos environment
 variables, please defer to the
 \fI\%Kerberos documentation\fP\&.
 .IP \(bu 2
 The client keytab includes a
 kerberos\-user\-principal for the \fBmongoldap\fP to use when
 connecting to the LDAP server and execute LDAP queries.
 .UNINDENT
 .TP
 .B \fBWindows\fP
 If connecting to an Active Directory server, the Windows
 Kerberos configuration automatically generates a
 \fI\%Ticket\-Granting\-Ticket\fP
 when the user logs onto the system. Set \fI\%\-\-ldapBindWithOSDefaults\fP to
 \fBtrue\fP to allow \fBmongoldap\fP to use the generated credentials when
 connecting to the Active Directory server and execute queries.
 .UNINDENT
 .sp
 Set \fI\%\-\-ldapBindMethod\fP to \fBsasl\fP to use this option.
 .sp
 \fBNOTE:\fP
 .INDENT 7.0
 .INDENT 3.5
 For a complete list of SASL mechanisms see the
 \fI\%IANA listing\fP\&.
 Defer to the documentation for your LDAP or Active Directory
 service for identifying the SASL mechanisms compatible with the
 service.
 .sp
 MongoDB is not a source of SASL mechanism libraries, nor
 is the MongoDB documentation a definitive source for
 installing or configuring any given SASL mechanism. For
 documentation and support, defer to the SASL mechanism
 library vendor or owner.
 .sp
 For more information on SASL, defer to the following resources:
 .INDENT 0.0
 .IP \(bu 2
 For Linux, please see the \fI\%Cyrus SASL documentation\fP\&.
 .IP \(bu 2
 For Windows, please see the \fI\%Windows SASL documentation\fP\&.
 .UNINDENT
 .UNINDENT
 .UNINDENT
 .UNINDENT
 .INDENT 0.0
 .TP
 .B \-\-ldapTransportSecurity <string>
 \fIDefault\fP: tls
 .sp
 New in version 3.4: Available in MongoDB Enterprise only.
 .sp
 By default, \fBmongoldap\fP creates a TLS/SSL secured connection to the LDAP
 server.
 .sp
 For Linux deployments, you must configure the appropriate TLS Options in
 \fB/etc/openldap/ldap.conf\fP file. Your operating system\(aqs package manager
 creates this file as part of the MongoDB Enterprise installation, via the
 \fBlibldap\fP dependency. See the documentation for \fBTLS Options\fP in the
 \fI\%ldap.conf OpenLDAP documentation\fP
 for more complete instructions.
 .sp
 For Windows deployment, you must add the LDAP server CA certificates to the
 Windows certificate management tool. The exact name and functionality of the
 tool may vary depending on operating system version. Please see the
 documentation for your version of Windows for more information on
 certificate management.
 .sp
 Set \fI\%\-\-ldapTransportSecurity\fP to \fBnone\fP to disable TLS/SSL between \fBmongoldap\fP and the LDAP
 server.
 .sp
 \fBWARNING:\fP
 .INDENT 7.0
 .INDENT 3.5
 Setting \fI\%\-\-ldapTransportSecurity\fP to \fBnone\fP transmits plaintext information and possibly
 credentials between \fBmongoldap\fP and the LDAP server.
 .UNINDENT
 .UNINDENT
 .UNINDENT
 .INDENT 0.0
 .TP
 .B \-\-ldapTimeoutMS <long>
 \fIDefault\fP: 10000
 .sp
 New in version 3.4: Available in MongoDB Enterprise only.
 .sp
 The amount of time in milliseconds \fBmongoldap\fP should wait for an LDAP server
 to respond to a request.
 .sp
 Increasing the value of \fI\%\-\-ldapTimeoutMS\fP may prevent connection failure between the
 MongoDB server and the LDAP server, if the source of the failure is a
 connection timeout. Decreasing the value of \fI\%\-\-ldapTimeoutMS\fP reduces the time
 MongoDB waits for a response from the LDAP server.
 .sp
 This setting can be configured on a running \fBmongoldap\fP using
 \fBsetParameter\fP\&.
 .UNINDENT
 .INDENT 0.0
 .TP
 .B \-\-ldapUserToDNMapping <string>
 New in version 3.4: Available in MongoDB Enterprise only.
 .sp
 Maps the username provided to \fBmongoldap\fP for authentication to a LDAP
 Distinguished Name (DN). You may need to use \fI\%\-\-ldapUserToDNMapping\fP to transform a
 username into an LDAP DN in the following scenarios:
 .INDENT 7.0
 .IP \(bu 2
 Performing LDAP authentication with simple LDAP binding, where users
 authenticate to MongoDB with usernames that are not full LDAP DNs.
 .IP \(bu 2
 Using an \fBLDAP authorization query template\fP that requires a DN.
 .IP \(bu 2
 Transforming the usernames of clients authenticating to Mongo DB using
 different authentication mechanisms (e.g. x.509, kerberos) to a full LDAP
 DN for authorization.
 .UNINDENT
 .sp
 \fI\%\-\-ldapUserToDNMapping\fP expects a quote\-enclosed JSON\-string representing an ordered array
 of documents. Each document contains a regular expression \fBmatch\fP and
 either a \fBsubstitution\fP or \fBldapQuery\fP template used for transforming the
 incoming username.
 .sp
 Each document in the array has the following form:
 .INDENT 7.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
 {
  match: "<regex>"
  substitution: "<LDAP DN>" | ldapQuery: "<LDAP Query>"
 }
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
 .TS
 center;
 |l|l|l|.
 _
 T{
 Field
 T}	T{
 Description
 T}	T{
 Example
 T}
 _
 T{
 \fBmatch\fP
 T}	T{
 An ECMAScript\-formatted regular expression (regex) to match against a
 provided username. Each parenthesis\-enclosed section represents a
 regex capture group used by \fBsubstitution\fP or \fBldapQuery\fP\&.
 T}	T{
 \fB"(.+)ENGINEERING"\fP
 \fB"(.+)DBA"\fP
 T}
 _
 T{
 \fBsubstitution\fP
 T}	T{
 An LDAP distinguished name (DN) formatting template that converts the
 authentication name matched by the \fBmatch\fP regex into a LDAP DN.
 Each curly bracket\-enclosed numeric value is replaced by the
 corresponding \fI\%regex capture group\fP extracted
 from the authentication username via the \fBmatch\fP regex.
 .sp
 The result of the substitution must be an \fI\%RFC4514\fP escaped string.
 T}	T{
 \fB"cn={0},ou=engineering,
 dc=example,dc=com"\fP
 T}
 _
 T{
 \fBldapQuery\fP
 T}	T{
 A LDAP query formatting template that inserts the authentication
 name matched by the \fBmatch\fP regex into an LDAP query URI encoded
 respecting RFC4515 and RFC4516. Each curly bracket\-enclosed numeric
 value is replaced by the corresponding \fI\%regex capture group\fP extracted
 from the authentication username via the \fBmatch\fP expression.
 \fBmongoldap\fP executes the query against the LDAP server to retrieve
 the LDAP DN for the authenticated user. \fBmongoldap\fP requires
 exactly one returned result for the transformation to be
 successful, or \fBmongoldap\fP skips this transformation.
 T}	T{
 \fB"ou=engineering,dc=example,
 dc=com??one?(user={0})"\fP
 T}
 _
 .TE
 .sp
 \fBNOTE:\fP
 .INDENT 7.0
 .INDENT 3.5
 An explanation of  \fI\%RFC4514\fP,
 \fI\%RFC4515\fP,
 \fI\%RFC4516\fP, or LDAP queries is out
 of scope for the MongoDB Documentation. Please review the RFC directly or
 use your preferred LDAP resource.
 .UNINDENT
 .UNINDENT
 .sp
 For each document in the array, you must use either \fBsubstitution\fP or
 \fBldapQuery\fP\&. You \fIcannot\fP specify both in the same document.
 .sp
 When performing authentication or authorization, \fBmongoldap\fP steps through
 each document in the array in the given order, checking the authentication
 username against the \fBmatch\fP filter.  If a match is found,
 \fBmongoldap\fP applies the transformation and uses the output for
 authenticating the user. \fBmongoldap\fP does not check the remaining documents
 in the array.
 .sp
 If the given document does not match the provided authentication name, or
 the transformation described by the document fails, \fBmongoldap\fP continues
 through the list of documents to find additional matches. If no matches are
 found in any document, \fBmongoldap\fP returns an error.
 .INDENT 7.0
 .INDENT 3.5
 .SH EXAMPLE
 .sp
 The following shows two transformation documents. The first
 document matches against any string ending in \fB@ENGINEERING\fP, placing
 anything preceeding the suffix into a regex capture group. The
 second document matches against any string ending in \fB@DBA\fP, placing
 anything preceeding the suffix into a regex capture group.
 .sp
 \fBIMPORTANT:\fP
 .INDENT 0.0
 .INDENT 3.5
 You must pass the array to \fI\%\-\-ldapUserToDNMapping\fP as a string.
 .UNINDENT
 .UNINDENT
 .INDENT 0.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
 "[
   {
      match: "(.+)@ENGINEERING.EXAMPLE.COM",
      substitution: "cn={0},ou=engineering,dc=example,dc=com"
   },
   {
      match: "(.+)@DBA.EXAMPLE.COM",
      ldapQuery: "ou=dba,dc=example,dc=com??one?(user={0})"
   }
 ]"
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
 .sp
 A user with username \fBalice@ENGINEERING.EXAMPLE.COM\fP matches the first
 document. The regex capture group \fB{0}\fP corresponds to the string
 \fBalice\fP\&. The resulting output is the DN
 \fB"cn=alice,ou=engineering,dc=example,dc=com"\fP\&.
 .sp
 A user with username \fBbob@DBA.EXAMPLE.COM\fP matches the second document.
 The regex capture group \fB{0}\fP corresponds to the string \fBbob\fP\&.  The
 resulting output is the LDAP query
 \fB"ou=dba,dc=example,dc=com??one?(user=bob)"\fP\&. \fBmongoldap\fP executes this
 query against the LDAP server, returning the result
 \fB"cn=bob,ou=dba,dc=example,dc=com"\fP\&.
 .UNINDENT
 .UNINDENT
 .sp
 If \fI\%\-\-ldapUserToDNMapping\fP is unset, \fBmongoldap\fP applies no transformations to the username
 when attempting to authenticate or authorize a user against the LDAP server.
 .sp
 This setting can be configured on a running \fBmongoldap\fP using the
 \fBsetParameter\fP database command.
 .UNINDENT
 .INDENT 0.0
 .TP
 .B \-\-ldapAuthzQueryTemplate <string>
 New in version 3.4: Available in MongoDB Enterprise only.
 .sp
 A relative LDAP query URL formatted conforming to \fI\%RFC4515\fP and \fI\%RFC4516\fP that \fBmongoldap\fP executes to obtain
 the LDAP groups to which the authenticated user belongs to. The query is
 relative to the host or hosts specified in \fI\%\-\-ldapServers\fP\&.
 .sp
 In the URL, you can use the following substituion tokens:
 .TS
 center;
 |l|l|.
 _
 T{
 Substitution Token
 T}	T{
 Description
 T}
 _
 T{
 \fB{USER}\fP
 T}	T{
 Substitutes the authenticated username, or the
 \fBtransformed\fP
 username if a \fI\%username mapping\fP is specified.
 T}
 _
 T{
 \fB{PROVIDED_USER}\fP
 T}	T{
 Substitutes the supplied username, i.e. before either
 authentication or \fBLDAP transformation\fP\&.
 .sp
 New in version 4.2.
 T}
 _
 .TE
 .sp
 When constructing the query URL, ensure that the order of LDAP parameters
 respects RFC4516:
 .INDENT 7.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
 [ dn  [ ? [attributes] [ ? [scope] [ ? [filter] [ ? [Extensions] ] ] ] ] ]
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
 .sp
 If your query includes an attribute, \fBmongoldap\fP assumes that the query
 retrieves a the DNs which this entity is member of.
 .sp
 If your query does not include an attribute, \fBmongoldap\fP assumes
 the query retrieves all entities which the user is member of.
 .sp
 For each LDAP DN returned by the query, \fBmongoldap\fP assigns the authorized
 user a corresponding role on the \fBadmin\fP database. If a role on the on the
 \fBadmin\fP database exactly matches the DN, \fBmongoldap\fP grants the user the
 roles and privileges assigned to that role. See the
 \fBdb.createRole()\fP method for more information on creating roles.
 .INDENT 7.0
 .INDENT 3.5
 .SH EXAMPLE
 .sp
 This LDAP query returns any groups listed in the LDAP user object\(aqs
 \fBmemberOf\fP attribute.
 .INDENT 0.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
 "{USER}?memberOf?base"
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
 .sp
 Your LDAP configuration may not include the \fBmemberOf\fP attribute as part
 of the user schema, may possess a different attribute for reporting group
 membership, or may not track group membership through attributes.
 Configure your query with respect to your own unique LDAP configuration.
 .UNINDENT
 .UNINDENT
 .sp
 If unset, \fBmongoldap\fP cannot authorize users using LDAP.
 .sp
 This setting can be configured on a running \fBmongoldap\fP using the
 \fBsetParameter\fP database command.
 .sp
 \fBNOTE:\fP
 .INDENT 7.0
 .INDENT 3.5
 An explanation of \fI\%RFC4515\fP,
 \fI\%RFC4516\fP or LDAP queries is out
 of scope for the MongoDB Documentation. Please review the RFC directly or
 use your preferred LDAP resource.
 .UNINDENT
 .UNINDENT
 .UNINDENT
 .SH AUTHOR
 MongoDB Documentation Project
 .SH COPYRIGHT
 2008-2019
 .\" Generated by docutils manpage writer.
 .
--- a/debian/mongoreplay.1
+++ b/debian/mongoreplay.1
--- a/debian/mongorestore.1
+++ b/debian/mongorestore.1
@ -1,6 +1,6 @@
 .\" Man page generated from reStructuredText.
 .
-.TH "MONGORESTORE" "1" "Jul 25, 2019" "4.2" "mongodb-manual"
+.TH "MONGORESTORE" "1" "Aug 16, 2019" "4.2" "mongodb-manual"
 .SH NAME
 mongorestore \- MongoDB Data Restoration Tool
 .
@ -35,6 +35,8 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
 .IP \(bu 2
 \fI\%Synopsis\fP
 .IP \(bu 2
 \fI\%Usage in Backup Strategy\fP
 .IP \(bu 2
 \fI\%Syntax\fP
 .IP \(bu 2
 \fI\%Behavior\fP
@ -59,9 +61,29 @@ The \fI\%mongorestore\fP program loads data from either a binary
 database dump created by \fBmongodump\fP or the standard input
 (starting in version 3.0.0) into a \fBmongod\fP or
 \fBmongos\fP instance.
 .SH USAGE IN BACKUP STRATEGY
 .SS Standalones/Replica Sets
 .sp
-For an overview of \fI\%mongorestore\fP usage, see
+For an overview of \fI\%mongorestore\fP usage as part of a
 backup and recovery strategy, see
 /tutorial/backup\-and\-restore\-tools\&.
 .SS Sharded Clusters
 .sp
 Starting in MongoDB 4.2, \fBmongodump\fP and
 \fI\%mongorestore\fP \fBcannot\fP be part of a backup
 strategy for sharded clusters. These manual tools do not maintain
 the atomicity guarantees of transactions across shards.
 .sp
 To maintain the atomicity guarantees of transactions across shards,
 use the coordinated backup and restore services provided by:
 .INDENT 0.0
 .IP \(bu 2
 \fI\%MongoDB Atlas\fP,
 .IP \(bu 2
 \fI\%MongoDB Cloud Manager\fP, or
 .IP \(bu 2
 \fI\%MongoDB Ops Manager\fP\&.
 .UNINDENT
 .SH SYNTAX
 .sp
 Run \fI\%mongorestore\fP from the system command line, not the \fBmongo\fP shell.
@ -810,6 +832,15 @@ patterns.
 If source directory or file (i.e. the directory/file from which you
 are restoring the data) does not contain data files that match the
 namespace pattern, no data will be restored.
 .sp
 For collection names that contain non\-ascii characters,
 \fBmongodump\fP outputs the corresponding filenames with
 percent\-encoded names. However, to restore these collections, do not
 use the encoded names. Instead, use the namespace with the non\-ascii
 characters.
 .sp
 For example, if the dump directory contains
 \fBdump/test/caf%C3%A9s.bson\fP, specify \fB\-\-nsInclude "test.cafés"\fP\&.
 .UNINDENT
 .INDENT 0.0
 .TP
--- a/debian/mongos.1
+++ b/debian/mongos.1
@ -1,6 +1,6 @@
 .\" Man page generated from reStructuredText.
 .
-.TH "MONGOS" "1" "Jul 25, 2019" "4.2" "mongodb-manual"
+.TH "MONGOS" "1" "Aug 16, 2019" "4.2" "mongodb-manual"
 .SH NAME
 mongos \- MongoDB Sharded Cluster Query Router
 .
@ -791,12 +791,26 @@ mongos \-\-timeZoneInfo timezonedb\-2017b/
 New in version 4.2.
 .sp
-Outputs the resolved YAML configuration document for the \fBmongos\fP
+Outputs the \fBmongos\fP instance\(aqs configuration options, formatted
-to \fBstdout\fP and halts the \fBmongos\fP instance. For configuration
+in YAML, to \fBstdout\fP and exits the \fBmongos\fP instance. For
-options using externally\-sourced\-values, \fI\%\-\-outputConfig\fP returns the
+configuration options that uses externally\-sourced\-values,
-resolved value for those options. This may include any configured
+\fI\%\-\-outputConfig\fP returns the resolved value for those options.
-passwords or secrets previously obfuscated through the external
+.sp
-source.
+\fBWARNING:\fP
 .INDENT 7.0
 .INDENT 3.5
 This may include any configured passwords or secrets previously
 obfuscated through the external source.
 .UNINDENT
 .UNINDENT
 .sp
 For usage examples, see:
 .INDENT 7.0
 .IP \(bu 2
 expansion\-directive\-output
 .IP \(bu 2
 /tutorial/convert\-command\-line\-options\-to\-yaml
 .UNINDENT
 .UNINDENT
 .SS Sharded Cluster Options
 .INDENT 0.0
--- a/debian/mongostat.1
+++ b/debian/mongostat.1
@ -1,6 +1,6 @@
 .\" Man page generated from reStructuredText.
 .
-.TH "MONGOSTAT" "1" "Jul 25, 2019" "4.2" "mongodb-manual"
+.TH "MONGOSTAT" "1" "Aug 16, 2019" "4.2" "mongodb-manual"
 .SH NAME
 mongostat \- MongoDB Use Statistics
 .
--- a/debian/mongotop.1
+++ b/debian/mongotop.1
@ -1,6 +1,6 @@
 .\" Man page generated from reStructuredText.
 .
-.TH "MONGOTOP" "1" "Jul 25, 2019" "4.2" "mongodb-manual"
+.TH "MONGOTOP" "1" "Aug 16, 2019" "4.2" "mongodb-manual"
 .SH NAME
 mongotop \- MongoDB Activity Monitor
 .