6

I just implemented auth for mongodb, There is a user ‘admin’ in db ‘admin’ and ‘appadmin’ in db ‘mydb’ all working fine. below are my db auth settings:

use admin
db.auth(‘’, ‘’)
db.getUsers()
[
    {
        "_id" : "admin.admin",
        "user" : "admin",
        "db" : "admin",
        "roles" : [
            {
                "role" : "userAdminAnyDatabase",
                "db" : "admin"
            },
            {
                "role" : "clusterMonitor",
                "db" : "admin"
            }
        ]
    }
]


use mydb
db.auth()
db.getUsers()

    {
        "_id" : "mydb.appadmin",
        "user" : "mydb",
        "db" : "mydb",
        "roles" : [
            {
                "role" : "readWrite",
                "db" : "mydb"
            },
            {
                "role" : "userAdmin",
                "db" : "mydb"
            }
        ]
    }
].

If I run the following, 

mongostat --username=admin --password=mypassword  --authenticationDatabase=admin
insert query update delete getmore command flushes mapped  vsize   res faults qr|qw ar|aw netIn netOut conn     time
    *0    *0     *0     *0       0     1|0       0 240.0M 678.0M 91.0M      0   0|0   0|0   79b    10k    1 11:49:18
    *0    *0     *0     *0       0     1|0       0 240.0M 678.0M 91.0M      0   0|0   0|0   79b    10k    1 11:49:19
    *0    *0     *0     *0       0     1|0       0 240.0M 678.0M 91.0M      0   0|0   0|0   79b    10k    1 11:49:20

But when I run 

* mongostat --username=appadmin --password=mypassword  --authenticationDatabase=mydb

        Failed: not authorized on admin to execute command { serverStatus: 1, recordStats: 0 },

So I tried to add role ‘clusterMonitor’ in mydb.

db.updateUser(“appadmin”, {roles: [{role: "readWrite", db: “mydb”}, {role: "userAdmin", db: “mydb”}, {role: "clusterMonitor", db: “mydb”}]})
E QUERY    Error: Updating user failed: No role named clusterMonitor@mydb.

What is the best way to do mongostat in a auth enabled mongoldb? Please help me to fix the issue or suggest best auth settings. Note: my mongodb version 3.0.6

I159
  • 29,741
  • 31
  • 97
  • 132
Jisson
  • 3,566
  • 8
  • 38
  • 71

1 Answers1

8

finally I got the solution, I add more roles to admin db,

use admin
db.getUsers()

    {
        "_id" : "admin.admin",
        "user" : "admin",
        "db" : "admin",
        "roles" : [
            {
                "role" : "userAdminAnyDatabase",
                "db" : "admin"
            },
            {
                "role" : "readWriteAnyDatabase",
                "db" : "admin"
            },
            {
                "role" : "dbAdminAnyDatabase",
                "db" : "admin"
            },
            {
                "role" : "clusterAdmin",
                "db" : "admin"
            },
            {
                "role" : "clusterMonitor",
                "db" : "admin"
            }
        ]
    }
]

and run mongostat --username=admin --password=mypassword --authenticationDatabase=admin, fix the issues

Jisson
  • 3,566
  • 8
  • 38
  • 71
  • 1
    It seems `clusterMonitor` is key to running mongostat. – Yongwei Wu Jun 19 '17 at 10:12
  • 3
    I don't understand. You mentioned `mongostat` was failing for `appadmin`, but gave a solution for `admin` user? Can you paste the output for `mongostat --username=appadmin --password=mypassword --authenticationDatabase=mydb` – deppfx Jan 16 '18 at 20:17