Shulou(Shulou.com)06/01 Report--

1. Create a super account

> use admin

> db. CreateUser ({user: "admin", pwd: "123456", roles: [{role: "root", db: "admin"}]})

Successfully added user: {

"user": "admin"

"roles": [

{

"role": "root"

"db": "admin"

}

]

}

User: user name

Pwd: password

Roles: specify the role of the user, and you can set an empty role for the new user with an empty array; in the roles field, you can specify built-in roles and user-defined roles. The characters in role can be selected:

Built-In Roles (built-in role):

1. Database user roles: read, readWrite

2. Database management roles: dbAdmin, dbOwner, userAdmin

3. Cluster management roles: clusterAdmin, clusterManager, clusterMonitor, hostManager

4. Backup and restore roles: backup, restore

5. All database roles: readAnyDatabase, readWriteAnyDatabase, userAdminAnyDatabase, dbAdminAnyDatabase

6. Superuser role: root

/ / there are also several roles that provide access to the system superuser indirectly or directly (dbOwner, userAdmin, userAdminAnyDatabase)

7. Internal role: _ _ system

Specific roles:

Read: allows the user to read the specified database

ReadWrite: allows users to read and write to a specified database

DbAdmin: allows users to perform administrative functions in a specified database, such as index creation, deletion, viewing statistics, or accessing system. Profile

UserAdmin: allows users to system. Users collection write, you can find the specified database to create, delete and manage users

ClusterAdmin: available only in the admin database, giving users administrative rights to all shard and replication set related functions.

ReadAnyDatabase: available only in admin databases, giving users read access to all databases

ReadWriteAnyDatabase: available only in admin databases, giving users read and write permissions to all databases

UserAdminAnyDatabase: available only in admin databases, giving users userAdmin permissions for all databases

DbAdminAnyDatabase: available only in admin databases, giving users dbAdmin permissions for all databases.

Root: available only in the admin database. Super account, super privilege

two。 Turn on permission authentication

Profile add

[dbaadmin@ ip-17231-36-77] $more / usr/ local / mongodb/conf/mongod. Confauth = true

3. Authenticate the super account after restart

[root@iZ2ze66bhrbxkc31nljgjnZ mongodb] # / usr/ local / mongodb/bin/mongo

MongoDB shell version: 3. . six

Connecting to: test

> show dbs;-- No permission to view

2018-05-07T14: 29: 25. E QUERY Error + 0800: listDatabases failed: {

"ok": 0

"errmsg": "not authorized on admin to execute command {listDatabases: 1.0}"

"code": 13

}

At Error ()

At Mongo. GetDBs (src/mongo/shell/mongo. Js: 47: 15)

At shellHelper. Show (src/mongo/shell/utils. Js: 630: 33)

At shellHelper (src/mongo/shell/utils. Js: 524: 36)

At (shellhelp2): 1: 1 at src/mongo/shell/mongo. Js: 47

> use admin

Switched to db admin

> db. Auth ('admin',' 123456');-authenticate the super account under admin. The database account follows the database and authenticates where it is created.

one

> show dbs

Admin 0. 078GB

Local 0. 078GB

Rundb 0. 078GB

Rundb2 0. 078GB

4. Add a normal account

> use rundb2

Switched to db rundb2 > db. CreateUser ({user: 'runuser2', pwd:' 123456', roles: [{role: "dbOwner", db: "rundb2"}]})

Successfully added user: {

"user": "runuser2"

"roles": [

{

"role": "dbOwner"

"db": "rundb2"

}

]

}

> show users

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.