This question already has answers here:
MongoDB: Server has startup warnings ''Access control is not enabled for the database''
(4 answers)
Closed 2 years ago.
I firstly installed MongoDB 3.2.5 today. But when I start it and use MongoDB shell, it gave me these warnings below:
C:\Windows\system32>mongo
MongoDB shell version: 3.2.5
connecting to: test
Server has startup warnings:
2016-04-16T11:06:17.943+0800 I CONTROL [initandlisten]
2016-04-16T11:06:17.943+0800 I CONTROL [initandlisten] ** WARNING: Insecure configuration, access control is not enabled and no --bind_ip has been specified.
2016-04-16T11:06:17.943+0800 I CONTROL [initandlisten] ** Read and write access to data and configuration is unrestricted,
2016-04-16T11:06:17.943+0800 I CONTROL [initandlisten] ** and the server listens on all available network interfaces.
2016-04-16T11:06:17.943+0800 I CONTROL [initandlisten]
>
my OS is Microsoft Windows [version 10.0.10586].
You haven't configure the security features in Mongodb like authorization and authentication. Use this link for more details. You can ignore this if you are going to learn Mongodb. But when the product is going to production level. you should concern them.
You can enable access control by using mongod --auth.
For example you can run mongod --auth --port 27017 --dbpath /data/db1. After that you can secure your database with username and password.
you can add user in database using following command.
use admin
db.auth("myUserAdmin", "abc123" )
After that you can use mongo --port 27017 -u "myUserAdmin" -p "abc123" --authenticationDatabase "admin" to connect to the database.
You can add bind_ip in mongod.conf as follows,
`bind_ip = 127.0.0.1,192.168.161.100`
You can define many if you need. This bind_ip option tells MongoDB to accept connections from which local network interfaces, not which “remote IP address”.
And run mongod --config <file path to your mongod.conf>
Altogether you can run mongod --auth --port 27017 --dbpath /data/db1 --config <file path to your mongod.conf>
Run mongod --auth to enable access control. Detailed information can be found here.
Select the target DB (Exp : use admin)
Create user in the selected DB
Select the required DB (exp use admin)
db.createUser(
{
user: "root",
pwd: "root",
roles: [ "readWrite", "dbAdmin" ]
}
)
The above command will create the root user with roles readWrite and dbAdmin in the admin DB. more info about roles
Now, run the server in authentication mode using mongod --auth
Run client and provide username and password to login using db.auth("root","root")
Related
Hi~~ I'm doing the official tutorial from the follwoing link.
My system is windows 10, I'm using VirtualBox 6.0 and downloaded the latest sandbox.
The following are what I did step by setp:
(1) Boot up: I cannot upload image but the information on boot up are as follow:
Hostname: gpdb-sandbox.localdomain
IP: 192.168.5.138
GPDB Admin: gpadmin
GPDB Password: pivotal
Tutorial User: gpuser
Tutorial User Password: pivotal
(2) Navigate to pg_hba.conf and add "host all all 0.0.0.0/0 md5" to the last of it
(3) Navigate to postgresql.conf and add "listen_addresses = '*'" to it
(4) Then I loged in the OS and run the following commmand
./start_all.sh
(5) Then I opened a cmd.exe from my windows and run
psql -U gpadmin -h 192.168.5.138 -p 5432 postgres
(6) The program replies with request for password, then I typed in "pivotal"
And then the program replies with an authentication failure. Can anyone help me with that so that I can start the first step of the tutorial??
Thanks a lot!
No need to type all the parameters if you are connecting to database from the sand box terminal.
just do psql and press enter you will be connected to gpadmin database.
if you changeor add any entries in pg_hba.conf please relode the configurations by running below command.
gpstop -u
remark: I am using win10.
My goal is when windows boot mongodb as a service with authentication start( you can not enter the database without authenticate) but I can not manage to do it on a windows machine ( in linux it worked)
I write here the steps I tried:
dowlnload MongoDB
change conf from default to the following
# mongod.conf
http://docs.mongodb.org/manual/reference/configuration-options/
# Where and how to store data.
storage:
dbPath: C:\MongoDB\Server\4.0\data
journal:
enabled: true
# where to write logging data.
systemLog:
destination: file
logAppend: true
path: C:\MongoDB\Server\4.0\log\mongod.log
# network interfaces
net:
port: 27017
bindIp: 127.0.0.1
security:
authorization: enabled
setParameter:
enableLocalhostAuthBypass: false
create a Admin user in the Admin collection.
db.createUser(
{
user: "....",
pwd: "...",
roles:
[
{ role: "root", db: "admin" }
]
}
)
Made it a service:
sc.exe create MongoDB
binPath=“\”C:\MongoDB\Server\4.0\bin\mongod.exe\”
–service
config=\”C:\MongoDB\Server\4.0\bin\mongod.cfg\”” DisplayName= “MongoDB” start= “auto”
getting feedback Successful.
but when i restart the computer, mongod is not starting and if i dont specify mongod --auth i can still enter without a authentication
How can I run Mongod as service with authentication? what am i doing wrong?
When i am trying to activate the service manually I get the following error
Error photo
The issue with the security tag. I have the same issue when I wanted to start the service in Windows 10. I copy the command from Windows service properties and then run on the command prompt.
The prompt shows me the error:
Unrecognized category : security
I found the solution and it is to write the security tag with options properly.
YAML need some specific input I guess. Here it is the solution.
security:
authorization: enabled
I had the same issue.
In your mongodb.cfg, use 2 spaces (instead of TAB) to indent authorization: enabled
I have a Windows PostgreSQL installation.
According to some posts, there is no default password set for the 'postgres' user yet I can't connect using an empty password string.
I'm receiving this exception when I try to connect:
Caused by: org.postgresql.util.PSQLException: FATAL: password authentication failed for user "postgres"
The most relevant tip was this:
https://stackoverflow.com/a/25943227/1005607
Open pg_hba.conf
Change md5 -> TRUST
then restart PgAdmin.
I tried that and restarted PGAdmin but it still asks me for the password when I try to connect:
The task manager in Windows shows some PostgreSQL processes are running. I can't switch them off.
I have tried this and it failed:
pg_ctl restart
ERROR:
pg_ctl: no database directory specified and environment variable PGDATA unset
psql.exe postgres
Password: (none)
ERROR:
psql: fe_sendauth: no password supplied
How can I reset the default password for user 'postgres'?
Based on AK47's answer and some additional info I fixed it by doing the following,
1) Stop Postgres if currently running, command line below. Need to give it the 'data' dir. In my case C:\PostgreSQL\data
pg_ctl -D C:\PostgreSQL\data stop
2) Edit the file pg_hba.conf (it's also in the \data dir) as follows:
As AK40 wrote, change all MD5 references to trust , e.g.
# TYPE DATABASE USER ADDRESS METHOD
# IPv4 local connections:
host all all 127.0.0.1/32 trust
# IPv6 local connections:
host all all ::1/128 trust
# Allow replication connections from localhost, by a user with the
# replication privilege.
host replication all 127.0.0.1/32 trust
host replication all ::1/128 trust
3) Now run
psql -U postgres
4) In the PG Command Prompt that appears type,
ALTER USER Postgres WITH PASSWORD '<newpassword>';
5) Save this by typing wq enter to exit the PG Prompt
6) Now start Postgres
pg_ctl -D C:\PostgreSQL\data start
7) Might want to revert the MD5 -> Trust change later in the pg_hba.conf.
Update your pg_hba.conf file to allow for trusted local connections
[root#server] vim pg_hba.conf
>> local all all trust
then restart your PostgreSQL server
[user#machine] pg_ctl -D C:\PostgreSQL\data restart (Windows)
[root#server] service postgresql restart (Linux)
at this point you can connect to your server as postgres user using a local connection without the need to enter a password (omitting the -h parameter when calling the psql command will use a local connection - if you pass -h then this will match the line host all all 0.0.0.0/0 <method> in your pg_hba.conf file)
[root#server] psql -U postgres
You can then alter the postgres user role and set the password to whatever you like using the following command in the psql terminal
[psql] alter role postgres password <new_password>;
Once this is done you can restart your PostgreSQL server again
[user#machine] pg_ctl -D C:\PostgreSQL\data restart (Windows)
[root#server] service postgresql restart (Linux)
and at this point your password should be changed to the new password
I was having the same issue and I couldn't use Postgres in the CLI on my windows machine but I managed to trace down where the passwords were stored via
%APPDATA%\PostgreSQL\pgpass.conf
NB: You must have selected store password option when creating a server or database in the pgAdmin.
I hope this helps. Thanks.
How do I connect to a database with the mongo interactive shell? I don't want to connect to the default path (/data/db).
Turns out mongo connects to the database that is on the default port and host (source):
By default, mongo looks for a database server listening on port 27017
on the localhost interface.
So you should first run the mongod daemon (service) with your desired db location:
mongod --dbpath ~/some/path/to/desired/db/directory
Now that the daemon is running, run mongo to connect to it:
$ mongo
MongoDB shell version: 2.6.4
connecting to: test
Server has startup warnings:
2014-09-01T20:24:44.335-0700 ** WARNING: --rest is specified without --httpinterface,
2014-09-01T20:24:44.335-0700 ** enabling http interface
2014-09-01T20:24:44.348-0700 [initandlisten]
2014-09-01T20:24:44.348-0700 [initandlisten] ** WARNING: soft rlimits too low. Number of files is 256, should be at least 1000
>
Type show dbs to view all databases available in your datastore:
> show dbs
admin (empty)
feeds 0.078GB
local 0.078GB
test (empty)
>
And use <db name> to switch to using one:
> use local
switched to db local
>
I use Vagrant and Codception, but when i want to test application localy, I must do it on LAMP (or something like that) server. How can I use database on Vagrant?
All you need is just to setup access to your mysql server that runs on the guest machine (vagrant box) from the host and then to set appropriate database DNS in your codeception.yml config.
Here is some general instructions:
1) Allow your vagrant's mysql server listen all interfaces ssh to your box by setting 'bind-address' option in mysql's my.cnf config and change it's value to 0.0.0.0
2) Grant appropriate privileges to mysql user that will be used to connect to database from the host.
You can do this running following SQL commands using mysql client
USE mysql;
GRANT ALL ON *.* to root#'192.168.0.1' IDENTIFIED BY 'mypass';
FLUSH PRIVILEGES;
where root and mypass - your database user which will be used from codeception to connect to database and its password and 192.168.0.1 - the ip of the host (read how get host's ip for your gest here)
3) Restart vagrant's mysql server
4) To test connection to vagrant's mysql from the host run
mysql -h 192.168.33.10 -P 3306 -u root -p
(Here 192.168.33.10 - ip of my running vagrant box)
5) Set up DNS in codeception.yml file, e.g.
modules:
config:
Db:
dsn: 'mysql:host=192.168.33.10;dbname=MyDB'
user: 'root'
password: 'mypass'