MongoDB未经授权:replSetGetConfig

时间:2016-12-20 04:39:44

标签: mongodb ubuntu-14.04

我正在尝试使用mongodb 3.4设置副本集并面临以下错误。尝试了一下,但我找不到解决方案。 

root@mongo-db-1:~# mongo MongoDB shell version v3.4.0 connecting to: mongodb://127.0.0.1:27017 MongoDB server version: 3.4.0
> use admin 
switched to db admin
> db.auth('admin','****'); 
1
> db.system.users.find();
{ "_id" : "admin.admin", "user" : "admin", "db" : "admin", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "DKkxOnMHCSSPwJCJyLA9Eg==", "storedKey" : "9aD//lm3eyeBN2LqZeTdqvvKXlU=", "serverKey" : "OX07H3FVQ447OqGMD7mCmX0WU0M=" } }, "roles" : [ { "role" : "userAdminAnyDatabase", "db" : "admin" } ] }
> rs.conf()
2016-12-20T09:58:45.579+0530 E QUERY    [main] Error: Could not retrieve replica set config: {
    "ok" : 0,
    "errmsg" : "not authorized on admin to execute command { replSetGetConfig: 1.0 }",
    "code" : 13,
    "codeName" : "Unauthorized"
} :
rs.conf@src/mongo/shell/utils.js:1262:11
@(shell):1:1

MongoDB日志 

2016-12-20T09:58:01.278+0530 I NETWORK  [thread1] connection accepted from 127.0.0.1:60804 #2 (1 connection now open)
2016-12-20T09:58:01.279+0530 I NETWORK  [conn2] received client metadata from 127.0.0.1:60804 conn2: { application: { name: "MongoDB Shell" }, driver: { name: "MongoDB Internal Client", version: "3.4.0" }, os: { type: "Linux", name: "Ubuntu", architecture: "x86_64", version: "14.04" } }
2016-12-20T09:58:01.282+0530 I ACCESS   [conn2] Unauthorized: not authorized on admin to execute command { getLog: "startupWarnings" }
2016-12-20T09:58:01.285+0530 I ACCESS   [conn2] Unauthorized: not authorized on admin to execute command { replSetGetStatus: 1.0, forShell: 1.0 }
2016-12-20T09:58:19.044+0530 I ACCESS   [conn2] Successfully authenticated as principal admin on admin
2016-12-20T09:58:19.046+0530 I ACCESS   [conn2] Unauthorized: not authorized on admin to execute command { replSetGetStatus: 1.0, forShell: 1.0 }
2016-12-20T09:58:45.578+0530 I ACCESS   [conn2] Unauthorized: not authorized on admin to execute command { replSetGetConfig: 1.0 }

我在这里缺少什么?

Mongo配置 

root@mongo-db-1:~# cat /etc/mongod.conf
storage:   
    dbPath: /var/lib/mongodb
    journal:
        enabled: true
# where to write logging data.
systemLog:   
    destination: file   
    logAppend: true   
    path: /var/log/mongodb/mongod.log
# network interfaces 
net:   
    port: 27017   
    bindIp: 127.0.0.1
security:   
    authorization: enabled   
    keyFile: /thefile
processManagement:   
    fork: true
replication:   
    replSetName: rs0

2 个答案:

答案 0 :(得分:4)

你的"管理员"数据库用户只有userAdminAnyDatabase角色。

但是,执行replSetGetConfig命令需要clusterManager角色: https://docs.mongodb.com/manual/reference/privilege-actions/#authr.replSetGetConfig

您需要将此角色授予您的用户才能执行此命令。这可以使用db.grantRolesToUser()完成。

答案 1 :(得分:3)

您必须向您的" admin"提供clusterMagnager权限。用户。要将clusterManager角色添加到管理员用户,您必须在进行身份验证后执行以下功能。

db.grantRolesToUser(
   "admin",
   [ "clusterManager" ]
)
相关问题
最新问题