Loading...

XML

Word

Printable

JSON

Operating System:
Linux
Steps To Reproduce:
Hide

Connect to Mongo:
use admin
db.addUser("backup","xxxxx",true)
exit

mongodump --host localhost:27018 -u backup -p xxxxx -o .
connected to: localhost:27018
Mon Mar 18 15:03:09 DATABASE: xxxxx to ./xxxxx
Mon Mar 18 15:03:09 xxxxx.system.users to ./xxxxx/system.users.bson
assertion: 11010 count fails: { assertion: "unauthorized db:xxxxxx ns:xxxxx.system.users lock type:1 client:127.0.0.1", assertionCode: 10057, errmsg: "db assertion failure", ok: 0.0 }

Setting the user read-only flag back to "false", and the backup will run successfully.
Show
Connect to Mongo: use admin db.addUser("backup","xxxxx",true) exit mongodump --host localhost:27018 -u backup -p xxxxx -o . connected to: localhost:27018 Mon Mar 18 15:03:09 DATABASE: xxxxx to ./xxxxx Mon Mar 18 15:03:09 xxxxx.system.users to ./xxxxx/system.users.bson assertion: 11010 count fails: { assertion: "unauthorized db:xxxxxx ns:xxxxx.system.users lock type:1 client:127.0.0.1", assertionCode: 10057, errmsg: "db assertion failure", ok: 0.0 } Setting the user read-only flag back to "false", and the backup will run successfully.
Confidence Status:
None
Work Order:
3
CAR Domain/s:
None

The mongodump command fails when it authenticates with a read-only user.

This appeared to work in an earlier version, and it would seem to be more secure to not have to use a backup user with write access.

duplicates

TOOLS-134 Mongodump and mongoexport should skip collections they don't have read access to

related to

SERVER-4692 Read-only users should be denied access to system.users collection