Six security setup commands for the mongodb database
- 2020-05-09 19:33:43
- OfStack
1. Start in security authentication mode
bin/mongod? � auth?-dbpath /Users/mc2/mongo/db -logpath /Users/mc2/mongo/log.log &
You can enable authentication mode by starting the mongod process with the hang auth option.
Alternatively, you can modify /etc/ mongodb.conf, set auth=true, and restart the mongod process.
2. Add users
db.addUser( " admin " , " 123456 " )
3. Safety certification
db.auth( " admin " , " 123456 " )
If the certification is successful
db.system.users.find()
{ " _id " : ObjectId( " 5032e8386a7fc39e31978c50 " ), " user " : " admin " , " readOnly " : false, " pwd " : " 95ec4261124ba5951720b199908d892b " }
Otherwise return null
Write to the database (synchronize to disk) and lock it
db.runCommand({fsync:1,lock:1})
Description:
This operation has been locked to the database and is not allowed to perform write data operations. 1 is generally useful when performing database backups. Execute the command, and the results are as follows:
db.runCommand({fsync:1,lock:1})
{ " errmsg " : " access denied; use admin db " , " ok " : 0 }
use admin
> db.runCommand({fsync:1,lock:1})
{
" info " : " now locked against writes, use db.fsyncUnlock() to unlock " ,
" seeAlso " : " http://www.mongodb.org/display/DOCS/fsync+Command " ,
" ok " : 1
}
5. Check the current lock status
db.currentOp()
> db.currentOp()
{
" inprog " : [ ],
" fsyncLock " : 1,
" info " : " use db.fsyncUnlock() to terminate the fsync write/snapshot lock "
}
Where fsyncLock is 1, the fsync process (responsible for synchronizing write changes to disk) that represents MongoDB does not allow other processes to perform write data operations
6, unlock
use admin
>db.fsyncUnlock()
{ " ok " : 1, " info " : " unlock completed " }
db.$cmd.sys.unlock.findOne() Effect of equivalent
> db.currentOp()
{ " inprog " : [ ] }
Indicates that there is no lock at present and that you can perform write data operations.