MongoDB User Rights Operations common commands

As the company also has several MongoDB database, need to open a certain portion of the permission for external personnel to use, so here to record, only for the needs of friends to use.

1. MongoDB Common Commands

[[Email protected] ~]# ps -ef|grep mongod[[email protected] ~]# mongo  --host=127.0.0.1 --port=27017MongoDB shell version: 3.2.7connecting to:  127.0.0.1:27017/test> show dbs   #显示数据库列表  > show collections    #显示当前数据库中的集合 (tables in similar relational databases) > show users   #显示用户 > use <db name >   #切换当前数据库, create the database if the database does not exist.  > db.help ()    #显示数据库操作命令, there are a lot of commands  > db.foo.help ()    #显示集合操作命令, There are also a lot of commands, Foo refers to the current database, a collection called Foo, not a real command  > db.foo.find ()   # Data lookup for the Foo collection in the current database (all data is listed due to no conditions)  > db.foo.find ( { a : 1 } )    #对于当前数据库中的foo集合进行查找, condition is that there is an attribute in the data called a, and the value of A is 1> db.dropdatabase ()    #删除当前使用数据库 >  db.clonedatabase ("127.0.0.1")     #将指定机器上的数据库的数据克隆到当前数据库 > db.copydatabase ("MyDB",   "Temp",  "127.0.0.1 ")    #将本机的mydb的数据复制到temp数据库中 > db.repairdatabase ()    #修复当前数据库 >  Db.getname ()    #查看当前使用的数据库 can also be used directly with Db> db.stats ()    #显示当前db状态 > db.version ()    #当前db版本 > db.getmongo ()   # View the link machine address of the current DB > db.serverstatus ()   # To view the status of a database server

2. MongoDB Database Role

Built-in Role database user role: Read, readWrite; Database management roles: DbAdmin, Dbowner, useradmin; cluster management roles: Clusteradmin, Clustermanager, Clustermonitor, Hostmanager; Backup recovery role: backups, restore; All database roles: Readanydatabase, Readwriteanydatabase, Useradminanydatabase, dbadminanydatabase Super User role: root// There are also several roles that indirectly or directly provide access to the system Superuser (Dbowner, Useradmin, useradminanydatabase) internal roles: __system role Description: read: Allow the user to read the specified database ReadWrite: Allows the user to read and write to the specified database dbAdmin: Allows the user to perform administrative functions in the specified database, such as index creation, deletion, view statistics, or access System.profile Useradmin: Allows the user to write to the System.users collection, can be found in the specified database to create, delete and manage user clusteradmin: Only available in the Admin database, give the user all the Shard and replica set related functions of administrative rights. Readanydatabase: Only available in the Admin database, giving the user read access to all databases Readwriteanydatabase: Only available in the Admin database, giving users read and write access to all databases Useradminanydatabase: Only available in the Admin database, giving the user useradmin permissions to all databases Dbadminanydatabase: Only available in the Admin database, giving the user dbadmin permissions on all databases. Root: Available only in the admin database. Super account, Super privilege

3. Authorization steps

>mongo--host 127.0.0.1--port 27018>use dbname;>db.createuser ({User: "root", pwd: "root123", roles:["  Useradminanydatabase "]}) successfully added User: {" user ":" Root "," roles ": [" Useradminanydatabase "]} This example creates a named root The user administrator. After this user is created, we should immediately log in as that user:> Db.auth ("root", "root123") The 1db.auth () method returns 1 to indicate successful login. Next we create access to the required accounts for the specified database.

Note: The use of password policies requires that Auth=true be added to the configuration file first. And MONGO in the slave mode is not allowed to operate the password policy, the main should be in read-only mode, only responsible for synchronizing the data above the master

MongoDB User Rights Operations common commands