[SERVER-14355] Allow dbAdmin role to manually create system.profile collections Created: 25/Jun/14 Updated: 21/Apr/21 Resolved: 15/Jul/14 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Admin |
| Affects Version/s: | 2.6.0 |
| Fix Version/s: | 2.6.4, 2.7.4 |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Dharshan Rangegowda | Assignee: | Spencer Brody (Inactive) |
| Resolution: | Done | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||
| Operating System: | ALL | ||||||||||||||||
| Backport Completed: | |||||||||||||||||
| Participants: | |||||||||||||||||
| Case: | (copied to CRM) | ||||||||||||||||
| Description |
|
Issue Status as of Jul 22, 2014 ISSUE SUMMARY USER IMPACT WORKAROUNDS AFFECTED VERSIONS FIX VERSION RESOLUTION DETAILS Original descriptionI am trying to increase the size of my profiling collection as per the instructions. Version is 2.6.0 . I am logged in as "root" user on the admin db. It fails with error
|
| Comments |
| Comment by Spencer Brody (Inactive) [ 06/Oct/15 ] | |||||||||||||||||||||||||||||||||||||
|
closeiostefan, yes, that was the bug that Jeff Tharp reported earlier in this ticket: | |||||||||||||||||||||||||||||||||||||
| Comment by Stefan Wojcik [ 06/Oct/15 ] | |||||||||||||||||||||||||||||||||||||
|
Shouldn't the role "dbAdminAnyDatabase" on the admin db also work? It doesn't right now, at least on the MongoDB version I tested (2.6.11). | |||||||||||||||||||||||||||||||||||||
| Comment by Ramon Fernandez Marina [ 20/Jan/15 ] | |||||||||||||||||||||||||||||||||||||
|
jtharpla, this ticket was about allowing dbAdmin to create system.profile collections, and that works on 2.6.6. The issue you mention, however, it's indeed a bug so we've opened | |||||||||||||||||||||||||||||||||||||
| Comment by Jeff Tharp [ 19/Jan/15 ] | |||||||||||||||||||||||||||||||||||||
|
This is not fixed in MongoDB 2.6.6 – using a user with root and restore privileges was not sufficient to create the system.profile collection:
http://docs.mongodb.org/manual/reference/built-in-roles/#root says that root includes dbAdminAnyDatabase which http://docs.mongodb.org/manual/reference/built-in-roles/#dbAdminAnyDatabase describes as "Provides the same access to database administration operations as dbAdmin, except it applies to all databases in the cluster." Yet I had to manually add dbAdmin for myDb in order to create the system.profiles collection. If we instead follow the later note in http://docs.mongodb.org/manual/reference/built-in-roles/#root that the restore role is needed to write or restore system.* collections, then again, this is not working as described, as restore was not sufficient either to create the system.profile collection. | |||||||||||||||||||||||||||||||||||||
| Comment by Githook User [ 21/Jul/14 ] | |||||||||||||||||||||||||||||||||||||
|
Author: {u'username': u'stbrody', u'name': u'Spencer T Brody', u'email': u'spencer@mongodb.com'}Message: | |||||||||||||||||||||||||||||||||||||
| Comment by Githook User [ 15/Jul/14 ] | |||||||||||||||||||||||||||||||||||||
|
Author: {u'username': u'stbrody', u'name': u'Spencer T Brody', u'email': u'spencer@mongodb.com'}Message: | |||||||||||||||||||||||||||||||||||||
| Comment by Ramon Fernandez Marina [ 03/Jul/14 ] | |||||||||||||||||||||||||||||||||||||
|
dharshanr@scalegrid.net, there's a workaround you can use until this issue is fixed: create a new role with at least createCollection and convertToCapped actions, and grant this role to the user. For example:
Hope this helps. | |||||||||||||||||||||||||||||||||||||
| Comment by Ramon Fernandez Marina [ 30/Jun/14 ] | |||||||||||||||||||||||||||||||||||||
|
Thanks for your report dharshanr@scalegrid.net, we're able to reproduce the behavior you describe and we're investigating. |