MongoDB 3.2.5安装过程详细记录(3)

db.createUser({user:'useradmin',pwd:'mongodb_020248_Pass',roles:[ { "role" : "clusterAdmin", "db" : "admin" }, { "role" : "userAdminAnyDatabase", "db" : "admin" }, { "role" : "dbAdminAnyDatabase", "db" : "admin" } ] })

db.auth("useradmin","mongodb_020248_Pass")

db.system.users.find();

生成密码后,使用新用户和密码登陆mongo,确认状态：

/usr/local/mongodb/bin/mongo --port=27117 -u useradmin -p mongodb_020248_Pass --authenticationDatabase admin

该步骤操作过程如下；

[root@linuxidc local]#
[root@linuxidc local]# ps -ef|grep mongo
root    32295 30115  0 12:12 pts/0    00:00:00 grep mongo
[root@linuxidc local]#
[root@linuxidc local]# /usr/local/mongodb/bin/mongod --config /etc/mongodb/mongo_27117.conf
about to fork child process, waiting until server is ready for connections.
forked process: 32321
child process started successfully, parent exiting
[root@linuxidc local]#
[root@linuxidc local]# ps -ef|grep mongo
root    32321    1  1 12:12 ?        00:00:00 /usr/local/mongodb/bin/mongod --config /etc/mongodb/mongo_27117.conf
root    32359 30115  0 12:13 pts/0    00:00:00 grep mongo
[root@linuxidc local]#
[root@linuxidc local]#
[root@linuxidc local]# /usr/local/mongodb/bin/mongo --port=27117
MongoDB shell version: 3.2.5-20-g07e21d8
connecting to: 127.0.0.1:27117/test
Welcome to the MongoDB shell.

For interactive help, type "help".
For more comprehensive documentation, see
       
Questions? Try the support group
       
>
> use admin;
switched to db admin
> db.system.users.find();
Error: error: {
        "ok" : 0,
        "errmsg" : "not authorized on admin to execute command { find: \"system.users\", filter: {} }",
        "code" : 13
}
>
> db.createUser({user:'useradmin',pwd:'mongodb_020248_@JJMatch',roles:[ { "role" : "clusterAdmin", "db" : "admin" }, { "role" : "userAdminAnyDatabase", "db" : "admin" }, { "role" : "dbAdminAnyDatabase", "db" : "admin" } ] })
Successfully added user: {
        "user" : "useradmin",
        "roles" : [
                {
                        "role" : "clusterAdmin",
                        "db" : "admin"
                },
                {
                        "role" : "userAdminAnyDatabase",
                        "db" : "admin"
                },
                {
                        "role" : "dbAdminAnyDatabase",
                        "db" : "admin"
                }
        ]
}
>
> db.system.users.find();
Error: error: {
        "ok" : 0,
        "errmsg" : "not authorized on admin to execute command { find: \"system.users\", filter: {} }",
        "code" : 13
}
>
> db.auth("useradmin","mongodb_020248_@JJMatch")
1
>
> db.system.users.find();
{ "_id" : "admin.useradmin", "user" : "useradmin", "db" : "admin", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "6hLx/d97hS+yfoN47QTmXQ==", "storedKey" : "B0PqwVs3GFKIHQyyQ6mBp1MA370=", "serverKey" : "xK53AKKAvFCdn5rsEtij5QB9RtU=" } }, "roles" : [ { "role" : "clusterAdmin", "db" : "admin" }, { "role" : "userAdminAnyDatabase", "db" : "admin" }, { "role" : "dbAdminAnyDatabase", "db" : "admin" } ] }
>
[root@linuxidc local]#
[root@linuxidc local]# /usr/local/mongodb/bin/mongo --port=27117 -u useradmin -p mongodb_020248_@JJMatch --authenticationDatabase admin
MongoDB shell version: 3.2.5-20-g07e21d8
connecting to: 127.0.0.1:27117/test
Server has startup warnings:
2016-10-19T12:12:59.096+0800 I CONTROL  [initandlisten]
2016-10-19T12:12:59.096+0800 I CONTROL  [initandlisten] ** WARNING: The server was started without specifying a --bind_ip
2016-10-19T12:12:59.096+0800 I CONTROL  [initandlisten] **          and listens for connections on all available network interfaces.
2016-10-19T12:12:59.097+0800 I CONTROL  [initandlisten] ** WARNING: You are running this process as the root user, which is not recommended.
2016-10-19T12:12:59.097+0800 I CONTROL  [initandlisten]
2016-10-19T12:12:59.097+0800 I CONTROL  [initandlisten]
2016-10-19T12:12:59.097+0800 I CONTROL  [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/enabled is 'always'.
2016-10-19T12:12:59.097+0800 I CONTROL  [initandlisten] **        We suggest setting it to 'never'
2016-10-19T12:12:59.097+0800 I CONTROL  [initandlisten]
2016-10-19T12:12:59.097+0800 I CONTROL  [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/defrag is 'always'.
2016-10-19T12:12:59.097+0800 I CONTROL  [initandlisten] **        We suggest setting it to 'never'
2016-10-19T12:12:59.097+0800 I CONTROL  [initandlisten]
2016-10-19T12:12:59.097+0800 I CONTROL  [initandlisten] ** WARNING: soft rlimits too low. rlimits set to 2048 processes, 8192 files. Number of processes should be at least 4096 : 0.5 times number of files.
2016-10-19T12:12:59.097+0800 I CONTROL  [initandlisten]
>
> use admin;
switched to db admin
>
> db.system.users.find();
{ "_id" : "admin.useradmin", "user" : "useradmin", "db" : "admin", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "6hLx/d97hS+yfoN47QTmXQ==", "storedKey" : "B0PqwVs3GFKIHQyyQ6mBp1MA370=", "serverKey" : "xK53AKKAvFCdn5rsEtij5QB9RtU=" } }, "roles" : [ { "role" : "clusterAdmin", "db" : "admin" }, { "role" : "userAdminAnyDatabase", "db" : "admin" }, { "role" : "dbAdminAnyDatabase", "db" : "admin" } ] }
>
>

6.  创建应用所需的业务账号

创建一个 admin / admin 用户，具有可以自行创建用户和数据库的权限，密码业务自己再修改：

db.createUser({user:'admin',pwd:'admin',roles:[{role:'userAdminAnyDatabase',db:'admin'},{role:'dbAdminAnyDatabase',db:'admin'}]})

验证业务账号登陆：

/usr/local/mongodb/bin/mongo --port=27117 -u admin -p admin --authenticationDatabase admin

该步骤，实际操作过程如下：