mongoDB admin 권한 설정방법 How to enable access control for mongo DB

-


** WARNING: Access control is not enabled for the database.
** Read and write access to data and configuration is unrestricted.
해결방법 Solution
요약 : mongoDB를 설치하면 기본적으로 admin이라는 db가 생성됩니다.
이 admin db에 앞으로 생성할 db와 user를 관리할 수 있는 administrator 계정을 생성합니다.
그리고 나서 administrator 계정을 통해 작업할 db와 그 db에 접근 가능한 user 계정을 만듭니다.
이후 user 계정으로 접속해 db 작업을 진행합니다.
// How to enable access control for  mongo DB
$ mongo
connecting to: mongodb://127.0.0.1:27017
MongoDB server version: 3.4.10
Server has startup warnings:
2018-01-12T09:03:22.199+0900 I CONTROL  [initandlisten]
2018-01-12T09:03:22.199+0900 I CONTROL  [initandlisten] ** WARNING: Access control is not enabled for the database.
2018-01-12T09:03:22.199+0900 I CONTROL  [initandlisten] **          Read and write access to data and configuration is unrestricted.
2018-01-12T09:03:22.199+0900 I CONTROL  [initandlisten]

 // db list
> show dbs
admin 0.000GB
local 0.000GB

 // Create the User Administrator
> use admin
switched to db admin
> db.createUser (
{
    user: "adminer",
    pwd: "admin1234",
    roles: [{role: "userAdminAnyDatabase", db:"admin"}]
})
Successfully added user: {
    "user" : "adminer",
    "roles" : [
        {
            "role" : "userAdminAnyDatabase",
            "db" : "admin"
        }
    ]
}
> exit
bye

 // Create a database and the user of the database
$ mongo
connecting to: mongodb://127.0.0.1:27017
MongoDB server version: 3.4.10
Server has startup warnings:
2018-01-12T09:03:22.199+0900 I CONTROL  [initandlisten]
2018-01-12T09:03:22.199+0900 I CONTROL  [initandlisten] ** WARNING: Access control is not enabled for the database.
2018-01-12T09:03:22.199+0900 I CONTROL  [initandlisten] **          Read and write access to data and configuration is unrestricted.
2018-01-12T09:03:22.199+0900 I CONTROL  [initandlisten]
> use admin
switched to db admin
> db.auth("adminer", "admin1234")
1

 // Create "test" database
> use test
switched to db test

 // Create the user "tester"
> db.createUser( { user: "tester", pwd: "1234", roles: [ { role: "readWrite", db: "test" } ] } )
Successfully added user: {
    "user" : "tester",
    "roles" : [
        {
            "role" : "readWrite",
            "db" : "test"
        }
    ]
}
> exit
bye

 // Connect and authenticate as tester
$ mongo
> use test
switched to db test
> db.auth("tester", "1234")
1

 // Create collections and document
>db.foo.insert( { x: 1, y: 1 } )
WriteResult({ "nInserted" : 1 })
> db.foo.find()
{ "_id" : ObjectId("5a5c8f1ce1821d42fd83ba58"), "x" : 1, "y" : 1 }
>

댓글

댓글 쓰기

이 블로그의 인기 게시물

Install pm2 via yarn globally

-
$ sudo yarn global add pm2 $ pm2 --version PM2 is a Production Process Manager for Node.js applications                      with a built-in Load Balancer.                 Start and Daemonize any application:                 $ pm2 start app.js                 Load Balance 4 instances of api.js:                 $ pm2 start api.js -i 4                 Monitor in production:                 $ pm2 monitor                 Make pm2 auto-boot at server restart:                 $ pm2 startup                 To go further checkout:   ...
자세한 내용 보기

Install Nginx on Linux

-
http://nginx.org/en/linux_packages.html#mainline For Debian/Ubuntu, in order to authenticate the nginx repository signature and to eliminate warnings about missing PGP key during installation of the nginx package, it is necessary to add the key used to sign the nginx packages and repository to the  apt  program keyring. Please download  this key  from our web site, and add it to the  apt  program keyring with the following command: sudo apt-key add nginx_signing.key For Ubuntu replace  codename  with Ubuntu distribution  codename , and append the following to the end of the  /etc/apt/sources.list  file: codename Ubuntu: Version Codename Supported Platforms 14.04 trusty x86_64, i386, aarch64/arm64 16.04 xenial x86_64, i386, ppc64el, aarch64/arm64 17.10 artful x86_64, i386 18.04 bionic x86_64 deb http://nginx.org/packages/ubuntu/ codename nginx deb-src http://nginx.org/packages/ubuntu/ codename nginx For De...
자세한 내용 보기