加入收藏 | 设为首页 | 会员中心 | 我要投稿 聊城站长网 (https://www.0635zz.com/)- 智能语音交互、行业智能、AI应用、云计算、5G!
当前位置: 首页 > 服务器 > 系统 > 正文

简述mongodb权限管理02

发布时间:2023-10-25 15:03:31 所属栏目:系统 来源:
导读:mongodb权限管理02

接下来,mongodb 的配置文件中如何实现密码的登录呢?

我们之前是直接用的这个命令

[root@prd3-mysql-0-36 ~]# mongod -f /ivargo/app/mongodb/conf/mongo.conf --auth

我们原来的
mongodb权限管理02
 
接下来,mongodb 的配置文件中如何实现密码的登录呢?
 
我们之前是直接用的这个命令
 
[root@prd3-mysql-0-36 ~]# mongod -f /ivargo/app/mongodb/conf/mongo.conf --auth
 
我们原来的配置文件
 
[root@prd3-mysql-0-36 ~]# cat /ivargo/app/mongodb/conf/mongo.conf
 
security:
 
authorization: disabled //只需要把 disabled 改成enabled 就可以了
 
这样改可以了,下面是我们的测试结果
 
authorization: disabled 上面的配置文件改成 authorization: enabled
 
然后重启mongodb就可以了
 
[root@prd3-mysql-0-36 ~]# mongo
 
MongoDB shell version v4.0.2
 
connecting to: mongodb://127.0.0.1:27017
 
MongoDB server version: 4.0.2
 
> show dbs;
 
2019-05-21T14:28:35.425+0800 E QUERY    [js] Error: listDatabases failed:{
 
        "ok" : 0,
 
        "errmsg" : "command listDatabases requires authentication",
 
        "code" : 13,
 
        "codeName" : "Unauthorized"
 
} :
 
_getErrorWithCode@src/mongo/shell/utils.js:25:13
 
Mongo.prototype.getDBs@src/mongo/shell/mongo.js:67:1
 
shellHelper.show@src/mongo/shell/utils.js:876:19
 
shellHelper@src/mongo/shell/utils.js:766:15
 
@(shellhelp2):1:1
 
> use admin
 
switched to db admin
 
> db.uWarning: unable to run listCollections, attempting to approximate collection names by parsing connectionStatus
 
  db.u
 
admin.u
 
>
 
>
 
>
 
> use admin
 
switched to db admin
 
> db.auWarning: unable to run listCollections, attempting to approximate collection names by parsing connectionStatus
 
  db.auth('vargo','vargo123')
 
1
 
> show dbs;
 
admin   0.000GB
 
config  0.000GB
 
dbabd   0.000GB
 
local   0.000GB
 
> exit
 
bye
 
[root@prd3-mysql-0-36 ~]# mongo
 
MongoDB shell version v4.0.2
 
connecting to: mongodb://127.0.0.1:27017
 
MongoDB server version: 4.0.2
 
> use admin
 
switched to db admin
 
> db.auWarning: unable to run listCollections, attempting to approximate collection names by parsing connectionStatus
 
  db.auth('majihui','majihui123')
 
1
 
> show dbs
 
dbabd  0.000GB
 
> exit
 
bye
 
复制代码
 
综合性实验小结:
 
第二步:在无密码的状态下创建最高权限的用户 user_admin 密码为 xxx
 
我们创建一个超级用户
 
use admin
 
db.createUser(
 
{
 
user: "user_admin",
 
pwd: "xxx",
 
roles: [{ role: "root", db: "admin" }]
 
}
 
)
 
先在无密码的状态下具体操作如下:
 
[root@localhost data]# mongo -p 27017
 
MongoDB shell version v3.4.10
 
connecting to: mongodb://127.0.0.1:27017
 
MongoDB server version: 3.4.10
 
Server has startup warnings:
 
2019-05-28T21:03:52.718+0800 I CONTROL  [main] ** WARNING: --rest is specified without --httpinterface,
 
2019-05-28T21:03:52.719+0800 I CONTROL  [main] **          enabling http interface
 
2019-05-28T21:03:53.380+0800 I STORAGE  [initandlisten]
 
2019-05-28T21:03:53.380+0800 I STORAGE  [initandlisten] ** WARNING: Using the XFS filesystem is strongly recommended with the WiredTiger storage engine
 
2019-05-28T21:03:53.380+0800 I STORAGE  [initandlisten] **          See http://dochub.mongodb.org/core/prodnotes-filesystem
 
2019-05-28T21:08:17.070+0800 I CONTROL  [initandlisten]
 
2019-05-28T21:08:17.071+0800 I CONTROL  [initandlisten] ** WARNING: Access control is not enabled for the database.
 
2019-05-28T21:08:17.071+0800 I CONTROL  [initandlisten] **          Read and write access to data and configuration is unrestricted.
 
2019-05-28T21:08:17.072+0800 I CONTROL  [initandlisten] ** WARNING: You are running this process as the root user, which is not recommended.
 
2019-05-28T21:08:17.072+0800 I CONTROL  [initandlisten]
 
> use admin
 
switched to db admin
 
> db.createUser(
 
...     {
 
...         user: "user_admin",
 
...         pwd: "xxx",
 
...         roles: [{ role: "root", db: "admin" }]
 
...     }
 
... )
 
Successfully added user: {
 
        "user" : "user_admin",
 
        "roles" : [
 
                {
 
                        "role" : "root",
 
                        "db" : "admin"
 
                }
 
        ]
 
}
 
> show users;
 
{
 
        "_id" : "admin.user_admin",
 
        "user" : "user_admin",
 
        "db" : "admin",
 
        "roles" : [
 
                {
 
                        "role" : "root",
 
                        "db" : "admin"
 
                }
 
        ]
 
}
 
复制代码
 
//我们登录进去 进行测试   能登录 成功的
 
> use admin
 
switched to db admin
 
> db.auth('user_admin','xxx')
 
1
 
> show dbs
 
BlockchainTransaction  0.000GB
 
admin                  0.000GB
 
analysis               0.005GB
 
apk-upgrade            0.000GB
 
autotest               0.000GB
 
blockchain             0.000GB
 
dubbo-monitor          0.000GB
 
local                  0.000GB
 
logdb                  0.000GB
 
test                   0.000GB
 
vconference            0.001GB
 
vconsole               0.002GB
 
vemm-admin             0.003GB
 
vmessage               0.011GB
 
vphone                 0.187GB
 
vstore_db              1.994GB
 
vtime                  0.029GB
 
yapi                   0.003GB
 
复制代码
 
我们接下来用加密了的mongo 27017 做一次备份
 
具体操作如下:
 
mongodump -h localhost:27017 -o /ivargo/data/mgdbback/
 
实际操作如下语句
 
mongodump -h localhost:27017 -u user_admin -p xxx -o /ivargo/data/mgdbbackauth
 
//可以成功备份的
 
这里有一个问题就是,最高权限的用户 user_admin xxx 无法去单独的访问mongodb中的每个表
 
我们需要登录到每个表中更具每个不同的表创建权限
 
他下面有十几个库 就都这样执行 先user 单独的表 在设置
 
use BlockchainTransaction
 
db.createUser(
 
{
 
user: "useradmin",
 
pwd: "xxxxx",
 
roles:[{role:"dbOwner",db:"BlockchainTransaction"}]
 
}
 
)
 
use analysis
 
db.createUser(
 
{
 
user: "useradmin",
 
pwd: "xxxxx",
 
roles:[{role:"dbOwner",db:"analysis"}]
 
}
 
)
 
 
 

(编辑:聊城站长网)

【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容!
    相关内容
      推荐文章
        站长推荐
        热点阅读

        【免责声明】本站内容转载自互联网,其发布内容言论不代表本站观点,如果其链接、内容的侵犯您的权益,烦请提交相关链接至邮箱bqsm@foxmail.com我们将及时予以处理。

        建议您使用1920×1080分辨率、谷歌浏览器Google Chrome、Microsoft Edge以获得本站的优质浏览效果

        Copygight © 2016-2023 https://www.0635zz.com/ All Rights Reserved. 聊城站长网