<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 03:25:16 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[SERVER-11234] mongo 2.4 USer privileges Roles to do a &apos;show dbs&apos;</title>
                <link>https://jira.mongodb.org/browse/SERVER-11234</link>
                <project id="10000" key="SERVER">Core Server</project>
                    <description>&lt;p&gt;Hi,&lt;/p&gt;

&lt;p&gt;as ther &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-9301&quot; title=&quot;Mongo 2.4 User Privilege Roles unclear&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-9301&quot;&gt;&lt;del&gt;SERVER-9301&lt;/del&gt;&lt;/a&gt;, i&apos;ve done the sames roles on my replicaset like this : &lt;/p&gt;

&lt;p&gt;CSP:PRIMARY&amp;gt; db.addUser( &lt;/p&gt;
{ user: &quot;csp_ro&quot;, pwd: &quot;csp_ro&quot;, roles: [ &quot;readWrite&quot;,&quot;clusterAdmin&quot; ] }
&lt;p&gt; )&lt;br/&gt;
{&lt;br/&gt;
	&quot;user&quot; : &quot;csp_ro&quot;,&lt;br/&gt;
	&quot;pwd&quot; : &quot;bdf8745d1e16d25bfc035bbb6e703a78&quot;,&lt;br/&gt;
	&quot;roles&quot; : [&lt;br/&gt;
		&quot;readWrite&quot;,&lt;br/&gt;
		&quot;clusterAdmin&quot;&lt;br/&gt;
	],&lt;br/&gt;
	&quot;_id&quot; : ObjectId(&quot;525faffaf8039187dd745e01&quot;)&lt;br/&gt;
}&lt;br/&gt;
CSP:PRIMARY&amp;gt; &lt;br/&gt;
bye&lt;br/&gt;
root@mongo21g:~# mongo -ucsp_ro -pcsp_ro CSP2&lt;br/&gt;
MongoDB shell version: 2.4.4&lt;br/&gt;
connecting to: CSP2&lt;br/&gt;
&amp;gt; show dbs&lt;br/&gt;
Thu Oct 17 11:38:15.315 JavaScript execution failed: listDatabases failed:&lt;/p&gt;
{ &quot;ok&quot; : 0, &quot;errmsg&quot; : &quot;unauthorized&quot; }
&lt;p&gt; at src/mongo/shell/mongo.js:L46&lt;/p&gt;


&lt;p&gt;But the user csp_ro doesn&apos;t have roles to do a show dbs. Is it Normal?&lt;/p&gt;</description>
                <environment>mongo  2.4 on ubuntu 12.04 LTS</environment>
        <key id="94578">SERVER-11234</key>
            <summary>mongo 2.4 USer privileges Roles to do a &apos;show dbs&apos;</summary>
                <type id="6" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14720&amp;avatarType=issuetype">Question</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="9">Done</resolution>
                                        <assignee username="rassi">J Rassi</assignee>
                                    <reporter username="moyjunior">MOISAN Beno&#238;t</reporter>
                        <labels>
                    </labels>
                <created>Thu, 17 Oct 2013 09:45:21 +0000</created>
                <updated>Wed, 10 Dec 2014 23:12:09 +0000</updated>
                            <resolved>Thu, 14 Nov 2013 01:17:57 +0000</resolved>
                                    <version>2.4.4</version>
                                                    <component>Security</component>
                                        <votes>0</votes>
                                    <watches>4</watches>
                                                                                                                <comments>
                            <comment id="446685" author="rassi@10gen.com" created="Fri, 25 Oct 2013 15:02:36 +0000"  >&lt;p&gt;Yes.  The shell and drivers all perform the same authentication process, so a user&apos;s privileges on the server after logging in will be the same.  Make sure you are authenticating against the correct database.&lt;/p&gt;</comment>
                            <comment id="442897" author="moyjunior" created="Fri, 18 Oct 2013 13:33:54 +0000"  >&lt;p&gt;your solution seems to be ok from the shell. &apos;show dbs works&apos;...&lt;/p&gt;

&lt;p&gt;But unfortunately, i&apos;ve still an error from my ruby client DrowsyDromedary/ respond  : &lt;/p&gt;

&lt;p&gt;Database command &apos;listDatabases&apos; failed&lt;/p&gt;


&lt;p&gt;last question... &lt;img class=&quot;emoticon&quot; src=&quot;https://jira.mongodb.org/images/icons/emoticons/smile.png&quot; height=&quot;16&quot; width=&quot;16&quot; align=&quot;absmiddle&quot; alt=&quot;&quot; border=&quot;0&quot;/&gt;&lt;/p&gt;

&lt;p&gt;Is it the same role if i want to do a listDatabases from a client like ruby or php?&lt;/p&gt;


</comment>
                            <comment id="442260" author="rassi@10gen.com" created="Thu, 17 Oct 2013 15:42:12 +0000"  >&lt;p&gt;Yes.  In MongoDB 2.4, either:&lt;/p&gt;

&lt;ul class=&quot;alternate&quot; type=&quot;square&quot;&gt;
	&lt;li&gt;create an additional privilege document in the admin database, with the &quot;clusterAdmin&quot; role and a &lt;a href=&quot;http://docs.mongodb.org/manual/reference/privilege-documents/#&amp;lt;database&amp;gt;.system.users.userSource&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;userSource&lt;/a&gt; value of &quot;CSP2&quot;, or&lt;/li&gt;
	&lt;li&gt;remove the user from the CSP2 database, and create the user on the admin database with an &lt;a href=&quot;http://docs.mongodb.org/manual/reference/privilege-documents/#admin.system.users.otherDBRoles&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;otherDBRoles&lt;/a&gt; value of {CSP2: [&quot;readWrite&quot;] }&lt;/li&gt;
&lt;/ul&gt;
</comment>
                            <comment id="442229" author="moyjunior" created="Thu, 17 Oct 2013 15:09:07 +0000"  >&lt;p&gt;So, what is the solution to have a specific user on a database (for me user cso_ro on database CSP2) who can do a &apos;show dbs&apos;?&lt;br/&gt;
Is it possible?&lt;/p&gt;</comment>
                            <comment id="442212" author="rassi@10gen.com" created="Thu, 17 Oct 2013 14:43:53 +0000"  >&lt;p&gt;You tried to create the user with the clusterAdmin role on the CSP database.  The clusterAdmin role &lt;a href=&quot;http://docs.mongodb.org/manual/reference/user-privileges/#clusterAdmin&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;can only be granted&lt;/a&gt; to users on the admin database.&lt;/p&gt;</comment>
                    </comments>
                    <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                <customfield id="customfield_10050" key="com.atlassian.jira.toolkit:comments">
                        <customfieldname># Replies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>5.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10055" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>Date of 1st Reply</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Thu, 17 Oct 2013 14:43:53 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10052" key="com.atlassian.jira.toolkit:dayslastcommented">
                        <customfieldname>Days since reply</customfieldname>
                        <customfieldvalues>
                                        10 years, 16 weeks, 5 days ago
    
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18254" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Dependencies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[]]></customfieldvalue>


                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10057" key="com.atlassian.jira.toolkit:lastusercommented">
                        <customfieldname>Last comment by Customer</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>true</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_10056" key="com.atlassian.jira.toolkit:lastupdaterorcommenter">
                        <customfieldname>Last commenter</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>ramon.fernandez@mongodb.com</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_11151" key="com.atlassian.jira.toolkit:LastCommentDate">
                        <customfieldname>Last public comment date</customfieldname>
                        <customfieldvalues>
                            10 years, 16 weeks, 5 days ago
                        </customfieldvalues>
                    </customfield>
                                                                                                                        <customfield id="customfield_10000" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Old_Backport</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10000"><![CDATA[No]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_10051" key="com.atlassian.jira.toolkit:participants">
                        <customfieldname>Participants</customfieldname>
                        <customfieldvalues>
                                        <customfieldvalue>rassi</customfieldvalue>
            <customfieldvalue>moyjunior</customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_14254" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Product Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hrmb33:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hrtl9j:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>86575</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_23361" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Requested By</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10053" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>Time In Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_22870" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Triagers</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_14350" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>serverRank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hrlk33:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                    </customfields>
    </item>
</channel>
</rss>