Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-18415

Dropping admin user doesn't reenable localhost exception

XMLWordPrintableJSON

    • Type: Icon: Bug Bug
    • Resolution: Done
    • Priority: Icon: Major - P3 Major - P3
    • None
    • Affects Version/s: None
    • Component/s: Security
    • Labels:
      None
    • ALL
    • Hide

      On Mac OS 10.9:

      $ mongo admin
MongoDB shell version: 3.1.3-pre-
connecting to: admin
> db.serverBuildInfo().gitVersion
9f0ceef0b37df2525cdebb172e6b05e2db8a2b20
> db.createUser({user: 'admin', pwd: 'pass', roles: [{role: 'root', db: 'admin'}]})
Successfully added user: {
	"user" : "admin",
	"roles" : [
		{
			"role" : "root",
			"db" : "admin"
		}
	]
}
> db.auth('admin', 'pass')
1
> db.dropUser('admin')
true
> db.createUser({user: 'admin', pwd: 'pass', roles: [{role: 'root', db: 'admin'}]})
2015-05-11T13:25:46.023-0400 E QUERY    Error: couldn't add user: not authorized on admin to execute command { createUser: "admin", pwd: "xxx", roles: [ { role: "root", db: "admin" } ], digestPassword: false, writeConcern: { w: "majority", wtimeout: 30000.0 } }
    at Error (<anonymous>)
    at DB.createUser (src/mongo/shell/db.js:1178:11)
    at (shell):1:4 at src/mongo/shell/db.js:1178

      Reconnecting does no good:

      $ mongo admin
MongoDB shell version: 3.1.3-pre-
connecting to: admin
> db.createUser({user: 'admin', pwd: 'pass', roles: [{role: 'root', db: 'admin'}]})
2015-05-11T13:25:51.376-0400 E QUERY    Error: couldn't add user: not authorized on admin to execute command { createUser: "admin", pwd: "xxx", roles: [ { role: "root", db: "admin" } ], digestPassword: false, writeConcern: { w: "majority", wtimeout: 30000.0 } }
    at Error (<anonymous>)
    at DB.createUser (src/mongo/shell/db.js:1178:11)
    at (shell):1:4 at src/mongo/shell/db.js:1178
      Show
      On Mac OS 10.9: $ mongo admin MongoDB shell version: 3.1.3-pre- connecting to: admin > db.serverBuildInfo().gitVersion 9f0ceef0b37df2525cdebb172e6b05e2db8a2b20 > db.createUser({user: 'admin' , pwd: 'pass' , roles: [{role: 'root' , db: 'admin' }]}) Successfully added user: { "user" : "admin" , "roles" : [ { "role" : "root" , "db" : "admin" } ] } > db.auth( 'admin' , 'pass' ) 1 > db.dropUser( 'admin' ) true > db.createUser({user: 'admin' , pwd: 'pass' , roles: [{role: 'root' , db: 'admin' }]}) 2015-05-11T13:25:46.023-0400 E QUERY Error: couldn't add user: not authorized on admin to execute command { createUser: "admin" , pwd: "xxx" , roles: [ { role: "root" , db: "admin" } ], digestPassword: false , writeConcern: { w: "majority" , wtimeout: 30000.0 } } at Error (<anonymous>) at DB.createUser (src/mongo/shell/db.js:1178:11) at (shell):1:4 at src/mongo/shell/db.js:1178 Reconnecting does no good: $ mongo admin MongoDB shell version: 3.1.3-pre- connecting to: admin > db.createUser({user: 'admin' , pwd: 'pass' , roles: [{role: 'root' , db: 'admin' }]}) 2015-05-11T13:25:51.376-0400 E QUERY Error: couldn't add user: not authorized on admin to execute command { createUser: "admin" , pwd: "xxx" , roles: [ { role: "root" , db: "admin" } ], digestPassword: false , writeConcern: { w: "majority" , wtimeout: 30000.0 } } at Error (<anonymous>) at DB.createUser (src/mongo/shell/db.js:1178:11) at (shell):1:4 at src/mongo/shell/db.js:1178

      It used to be that dropping all users restored the server to its original state, where commands like createUser could be executed over the localhost connection without auth. No longer.

            Assignee:
            Unassigned Unassigned
            Reporter:
            jesse@mongodb.com A. Jesse Jiryu Davis
            Votes:
            0 Vote for this issue
            Watchers:
            8 Start watching this issue

              Created:
              Updated:
              Resolved: