Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-18415

Dropping admin user doesn't reenable localhost exception

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Works as Designed
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: Security
    • Labels:
      None
    • Operating System:
      ALL
    • Steps To Reproduce:
      Hide

      On Mac OS 10.9:

      $ mongo admin
      MongoDB shell version: 3.1.3-pre-
      connecting to: admin
      > db.serverBuildInfo().gitVersion
      9f0ceef0b37df2525cdebb172e6b05e2db8a2b20
      > db.createUser({user: 'admin', pwd: 'pass', roles: [{role: 'root', db: 'admin'}]})
      Successfully added user: {
      	"user" : "admin",
      	"roles" : [
      		{
      			"role" : "root",
      			"db" : "admin"
      		}
      	]
      }
      > db.auth('admin', 'pass')
      1
      > db.dropUser('admin')
      true
      > db.createUser({user: 'admin', pwd: 'pass', roles: [{role: 'root', db: 'admin'}]})
      2015-05-11T13:25:46.023-0400 E QUERY    Error: couldn't add user: not authorized on admin to execute command { createUser: "admin", pwd: "xxx", roles: [ { role: "root", db: "admin" } ], digestPassword: false, writeConcern: { w: "majority", wtimeout: 30000.0 } }
          at Error (<anonymous>)
          at DB.createUser (src/mongo/shell/db.js:1178:11)
          at (shell):1:4 at src/mongo/shell/db.js:1178
      

      Reconnecting does no good:

      $ mongo admin
      MongoDB shell version: 3.1.3-pre-
      connecting to: admin
      > db.createUser({user: 'admin', pwd: 'pass', roles: [{role: 'root', db: 'admin'}]})
      2015-05-11T13:25:51.376-0400 E QUERY    Error: couldn't add user: not authorized on admin to execute command { createUser: "admin", pwd: "xxx", roles: [ { role: "root", db: "admin" } ], digestPassword: false, writeConcern: { w: "majority", wtimeout: 30000.0 } }
          at Error (<anonymous>)
          at DB.createUser (src/mongo/shell/db.js:1178:11)
          at (shell):1:4 at src/mongo/shell/db.js:1178
      

      Show
      On Mac OS 10.9: $ mongo admin MongoDB shell version: 3.1.3-pre- connecting to: admin > db.serverBuildInfo().gitVersion 9f0ceef0b37df2525cdebb172e6b05e2db8a2b20 > db.createUser({user: 'admin', pwd: 'pass', roles: [{role: 'root', db: 'admin'}]}) Successfully added user: { "user" : "admin", "roles" : [ { "role" : "root", "db" : "admin" } ] } > db.auth('admin', 'pass') 1 > db.dropUser('admin') true > db.createUser({user: 'admin', pwd: 'pass', roles: [{role: 'root', db: 'admin'}]}) 2015-05-11T13:25:46.023-0400 E QUERY Error: couldn't add user: not authorized on admin to execute command { createUser: "admin", pwd: "xxx", roles: [ { role: "root", db: "admin" } ], digestPassword: false, writeConcern: { w: "majority", wtimeout: 30000.0 } } at Error (<anonymous>) at DB.createUser (src/mongo/shell/db.js:1178:11) at (shell):1:4 at src/mongo/shell/db.js:1178 Reconnecting does no good: $ mongo admin MongoDB shell version: 3.1.3-pre- connecting to: admin > db.createUser({user: 'admin', pwd: 'pass', roles: [{role: 'root', db: 'admin'}]}) 2015-05-11T13:25:51.376-0400 E QUERY Error: couldn't add user: not authorized on admin to execute command { createUser: "admin", pwd: "xxx", roles: [ { role: "root", db: "admin" } ], digestPassword: false, writeConcern: { w: "majority", wtimeout: 30000.0 } } at Error (<anonymous>) at DB.createUser (src/mongo/shell/db.js:1178:11) at (shell):1:4 at src/mongo/shell/db.js:1178

      Description

      It used to be that dropping all users restored the server to its original state, where commands like createUser could be executed over the localhost connection without auth. No longer.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              jesse A. Jesse Jiryu Davis
              Participants:
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: