veypi/mynote
1
0
Fork 0
Code Issues 1 Pull Requests Actions Releases Wiki Activity
mynote/mongodb/auth.md
light 6858440e48 update
2018-01-24 01:10:43 +08:00

59 lines
1.5 KiB
Markdown
Executable File
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# config the root role of mongodb
refer to http://www.server110.com/mongodb/201705/89462.html
``` bash
$ mongo
> show dbs
> use admin
> db.createUser({
user: "root",
pwd: "123456",
roles: [ { role: "userAdminAnyDatabase", db: "admin" }]
}
)
db.auth('root', '123456')
db.createUser({
user: "light",
pwd: "123456",
roles: [ { role: "root", db: "admin" }]
}
)
# mongodb://light:123456@127.0.0.1:27017/
# mongodb://tester:xyz123@127.0.0.1:27017/test
use test
db.createUser(
{
user: "tester",
pwd: "xyz123",
roles: [ { role: "readWrite", db: "test" },
{ role: "read", db: "reporting" } ]
}
)
roles:
readWrite
read
readAnyDatabase 任何数据库的只读权限
readWriteAnyDatabase 任何数据库的读写权限
userAdminAnyDatabase 任何数据库用户的管理权限
dbAdminAnyDatabase 任何数据库的管理权限
```
# role
1. 数据库用户角色read、readWrite;
2. 数据库管理角色dbAdmin、dbOwner、userAdmin
3. 集群管理角色clusterAdmin、clusterManager、clusterMonitor、hostManager
4. 备份恢复角色backup、restore
5. 所有数据库角色readAnyDatabase、readWriteAnyDatabase、userAdminAnyDatabase、dbAdminAnyDatabase
6. 超级用户角色root
// 这里还有几个角色间接或直接提供了系统超级用户的访问dbOwner 、userAdmin、userAdminAnyDatabase
7. 内部角色__system
add this config into /etc/mongod.config
``` bash
security:
authorization: enabled
```
Reference in New Issue View Git Blame Copy Permalink