mongodump fails when run by a read-only user

XMLWordPrintableJSON

    • Type: Bug
    • Resolution: Duplicate
    • Priority: Minor - P4
    • None
    • Affects Version/s: 2.2.2
    • Component/s: Admin
    • Environment:
      CentOS 6.3 x86_64
    • Linux
    • Hide

      Connect to Mongo:
      use admin
      db.addUser("backup","xxxxx",true)
      exit

      1. mongodump --host localhost:27018 -u backup -p xxxxx -o .
        connected to: localhost:27018
        Mon Mar 18 15:03:09 DATABASE: xxxxx to ./xxxxx
        Mon Mar 18 15:03:09 xxxxx.system.users to ./xxxxx/system.users.bson
        assertion: 11010 count fails: { assertion: "unauthorized db:xxxxxx ns:xxxxx.system.users lock type:1 client:127.0.0.1", assertionCode: 10057, errmsg: "db assertion failure", ok: 0.0 }

      Setting the user read-only flag back to "false", and the backup will run successfully.

      Show
      Connect to Mongo: use admin db.addUser("backup","xxxxx",true) exit mongodump --host localhost:27018 -u backup -p xxxxx -o . connected to: localhost:27018 Mon Mar 18 15:03:09 DATABASE: xxxxx to ./xxxxx Mon Mar 18 15:03:09 xxxxx.system.users to ./xxxxx/system.users.bson assertion: 11010 count fails: { assertion: "unauthorized db:xxxxxx ns:xxxxx.system.users lock type:1 client:127.0.0.1", assertionCode: 10057, errmsg: "db assertion failure", ok: 0.0 } Setting the user read-only flag back to "false", and the backup will run successfully.
    • None
    • 3
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      The mongodump command fails when it authenticates with a read-only user.

      This appeared to work in an earlier version, and it would seem to be more secure to not have to use a backup user with write access.

              Assignee:
              Unassigned
              Reporter:
              Matthew Parsons
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: