Description
The doc for downgrading the auth info from 2.6 to 2.4 either don't work, or else ought to be much more explicit:
http://docs.mongodb.org/manual/release-notes/2.6-downgrade/#downgrade-2-6-user-authorization-model
Below is a transcript of a session connecting to a v2.6.1 server where a user with userAdminAnyDatabase and readWrite on admin wasn't able to perform write operations analogous to step 3 in the downgrade instructions.
I can't tell from the rest of the documentation whether readWrite implies the privileges stipulated in step 1 of the instructions. (readWrite privileges were sufficient to create a collection called "test" in the same database.) In any case, step 1 of the instructions ought to inform the user how to give themselves the appropriate privileges to run the rest of the steps, if that's actually possible. I observe that the text of step 1 fails even to link to any other place that would explain what the 4 lines of privileges mean and/or how they're to be set up.
Additionally, step 2 of the instructions fails silently.
Probably engineering ought to furnish scripts for critical operations such as these, rather than burdening docs this way. I'm sorry they've made this your problem.
> use admin
|
switched to db admin
|
> db.auth("admin","admin");
|
1
|
> db.system.users.find()
|
{ "_id" : "admin.admin", "user" : "admin", "db" : "admin", "credentials" : { "MONGODB-CR" : "7c67ef13bbd4cae106d959320af3f704" }, "roles" : [ { "role" : "readWrite", "db" : "admin" }, { "role" : "userAdminAnyDatabase", "db" : "admin" } ] }
|
> show collections
|
system.indexes
|
system.users
|
system.version
|
test
|
> db.system.new_users.insert({ "_id" : "admin.admin", "user" : "admin", "db" : "admin", "credentials" : { "MONGODB-CR" : "7c67ef13bbd4cae106d959320af3f704" }, "roles" : [ { "role" : "readWrite", "db" : "admin" }, { "role" : "userAdminAnyDatabase", "db" : "admin" } ] });
|
WriteResult({
|
"writeError" : {
|
"code" : 13,
|
"errmsg" : "not authorized on admin to execute command { insert: \"system.new_users\", documents: [ { _id: \"admin.admin\", user: \"admin\", db: \"admin\", credentials: { MONGODB-CR: \"7c67ef13bbd4cae106d959320af3f704\" }, roles: [ { role: \"readWrite\", db: \"admin\" }, { role: \"userAdminAnyDatabase\", db: \"admin\" } ] } ], ordered: true }"
|
}
|
})
|