Shulou(Shulou.com)06/01 Report--

1. Download the installation package

Wget https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-3.4.0.tgz

2. Decompress installation configuration

Cd / opt

Tar zxvf mongodb-linux-x86_64-3.4.0.tgz

/ rename /

Mv mongodb-linux-x86_64-3.4.0.tgz mongodb

/ enter the mongodb directory /

Cd mongodb

/ create db and log directories /

Mkdir / opt/mongodb/data

Mkdir / opt/mongodb/data/db

Mkdir / opt/mongodb/data/logs

Create a mongodb.log file under / logs directory /

Touch mongodb.log

/ create mongodb.conf / in the mongodb/ data directory

Cd data

Vi mongodb.conf

/ join the relevant configuration /

# Port number

Port = 27017

Pidfilepath = / opt/monodb/mongo.pid

# data directory

Dbpath = / opt/mongodb/data/db

# Log directory

Logpath = / opt/mongodb/data/logs/mongodb.log

Nohttpinterface = true

Bind_ip = 0.0.0.0

# set background running

Fork = true

# Log output method

Logappend = true

# enable authentication

# auth = true

/ esc: wq save exit /

3. Run

Cd mongodb

. / bin/mongod-- config / opt/mongodb/data/mongodb.conf

4. Close

. / bin/mongod-- config / opt/mongodb/data/mongodb.conf-- shutdown

1. Mongodb does not have a default administrator account, so add an administrator account first and enable permission authentication.

2. Switch to the admin database, and the added account is the administrator account.

3. Users can only log in in the database where they are located, including the administrator account.

4. The administrator can manage all databases, but not other databases directly, only after the authentication of admin database. That's a little weird.

Built-In Roles (built-in roles):

Database user roles: read, readWrite; database management roles: dbAdmin, dbOwner, userAdmin; cluster management roles: clusterAdmin, clusterManager, clusterMonitor, hostManager; backup and recovery roles: backup, restore; all database roles: readAnyDatabase, readWriteAnyDatabase, userAdminAnyDatabase, dbAdminAnyDatabase superuser roles: root

/ / there are also several roles that indirectly or directly provide access to the system superuser (dbOwner, userAdmin, userAdminAnyDatabase) internal role: _ _ system

Specific roles:

Read: allows the user to read the specified database

ReadWrite: allows users to read and write to a specified database

DbAdmin: allows users to perform administrative functions in a specified database, such as index creation, deletion, viewing statistics, or accessing system.profile

UserAdmin: allows users to write to the system.users collection. You can create, delete and manage users in a specified database.

ClusterAdmin: available only in the admin database, giving users administrative rights to all shard and replication set related functions.

ReadAnyDatabase: available only in admin databases, giving users read access to all databases

ReadWriteAnyDatabase: available only in admin databases, giving users read and write permissions to all databases

UserAdminAnyDatabase: available only in admin databases, giving users userAdmin permissions for all databases

DbAdminAnyDatabase: available only in admin databases, giving users dbAdmin permissions for all databases.

Root: available only in the admin database. Super account, super privilege

Create a user administrator

Use admin

Db.createUser ({user: "root", pwd: "root123456", roles: ["userAdminAnyDatabase"]})

Db.auth ('root','root123456')

Log in as the user administrator and switch the database to create a database user:

Switch to test database

Use test creates usernames, passwords, and roles

Db.createUser ({user: "username", pwd: "@ user123456*", roles: [{role: "readWrite", db: "securitydata"}]}) br/ > create username, password, role

Db.createUser ({user: "username", pwd: "@ user123456*", roles: [{role: "readWrite", db: "securitydata"}]})

Security:

Authorization: enabled validates mongodb database permissions.

Db.auth ('user','@user123456*') br/ > validate mongodb database permissions.

Db.auth ('user','@user123456*')

To make it easy for show dbs to show all the existing databases, you can use root users to connect to the robo 3T client to create the corresponding database with the root role, and then manipulate the command in the shell script.

Use admin

Db.auth ('root','atzhe2017')

Use message_center

Db.createUser ({user: "test", pwd: "atzuche2017", roles: [{role: "readWrite", db: "message_center"}]})

Db.auth ('test','atzuche2017')

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.