我安装了mongodb,我在mongod.conf中有以下条目:
processManagement:
fork: true # fork and run in background
pidFilePath: /var/run/mongodb/mongod.pid # location of pidfile
# network interfaces
net:
port: 27017
bindIp: [0.0.0.0]
security:
authorization: enabled
现在,在之前的数据库中,我使用以下查询创建了2个用户:
use admin
db.createUser({user: "user1", pwd:"myPass1", roles: [{ role: "root", db: "admin"}]})
db.createUser({user: "user2", pwd:"myPass2", roles: [{ role: "readWrite", db: "myCollection"}, { role: "read", db: "myCollection"}]})
当我做的时候
sudo service mongod stop
sudo mongod --fork --logpath /var/log/mongodb.log --config /etc/mongod.conf
我键入:
sudo mongo admin -u user1 -p myPass1
我收到错误:
MongoDB shell version v3.4.3
connecting to: mongodb://127.0.0.1:27017/admin
MongoDB server version: 3.4.3
2017-04-03T13:56:30.687+0000 E QUERY [thread1] Error: Authentication failed. :
DB.prototype._authOrThrow@src/mongo/shell/db.js:1459:20
@(auth):6:1
@(auth):1:2
exception: login failed
但是,当我注释掉这些台词时:
security:
authorization: enabled
来自mongo.conf然后我可以使用命令sudo mongo登录我的mongo(不提供任何凭据)。
如何在保持安全的同时登录mongo并禁止在没有用户和密码的情况下登录?