Description
On MongoD
Steps to reproduce:
Create a read-only user in any database:
> db.addUser('mod', 'pass', true) |
Restart with mongod --auth.
> db.auth('mod','pass') |
> db.system.users.find()
|
error: {
|
"$err": "unauthorized db:test ns:test.system.users lock type:1 client:127.0.0.1", |
"code": 10057 |
}
|
On MongoS started --keyFile filename and members with --auth --keyFile filename
> db.auth('mod','pass') |
> db.system.users.find()
|
|
|
{ "_id": ObjectId("509cea7b45f86c6fcc64b71c"), "user": "mod", "readOnly": true, "pwd": "aa387b99960161d09f7a38d57fd7a15a" } |
Note that the mongoD is not part of the mongoS shard. And same occurs on localhost and connecting from a remote host in LAN.
Attachments
Issue Links
- related to
-
SERVER-4692 Read-only users should be denied access to system.users collection
-
- Closed
-
-
SERVER-3198 Ability to restrict operations by role
-
- Closed
-