黄继鹏博客

Mac 安装mongodb 并设置账户权限

2022-04-25 MongoDB 阅读 707 次

安装

brew tap mongodb/brew
brew install mongodb-community@4.4

==> Caveats
==> mongodb-community@4.4
mongodb-community@4.4 is keg-only, which means it was not symlinked into /opt/homebrew,
because this is an alternate version of another formula.

If you need to have mongodb-community@4.4 first in your PATH, run:
  echo 'export PATH="/opt/homebrew/opt/mongodb-community@4.4/bin:$PATH"' >> ~/.zshrc


To start mongodb/brew/mongodb-community@4.4 now and restart at login:
  brew services start mongodb/brew/mongodb-community@4.4
Or, if you don't want/need a background service you can just run:
  mongod --config /opt/homebrew/etc/mongod.conf

brew 启动:

brew services start mongodb/brew/mongodb-community@4.4

brew 重启:

brew services restart mongodb/brew/mongodb-community@4.4

brew 停止:

brew services stop mongodb-community@4.4

mongod 命令后台进程方式:

mongod --config /opt/homebrew/etc/mongod.conf

初始 /opt/homebrew/etc/mongod.conf

systemLog:
  destination: file
  path: /opt/homebrew/var/log/mongodb/mongo.log
  logAppend: true
storage:
  dbPath: /opt/homebrew/var/mongodb
net:
  bindIp: 127.0.0.1

可能运行失败,需要修改修改mongodb文件读写权限

sudo chmod -R 777 /opt/homebrew/var/mongodb

mongodb安全控制

mongodb是没有默认的管理员账号的,所以要先添加管理员账号,然后再开启权限的认证 切换到admin数据库后,添加的管理员账号才算管理员账号,

用户只能再用户所在的数据库来登入包括管理员账号

管理员可以管理所有的数据库,但是不能直接管理其他数据库,首先要到admin认证后才可以

进入mongo命令行环境下

进入admin数据库

use admin

再admin数据库下对以上用户进行授权

db.createUser({ user: 'huang_admin', pwd: 'huang_admin', roles: [{ role: 'userAdminAnyDatabase', db: 'admin' }, { role: "dbAdminAnyDatabase", db: "admin" }, { role: "readWriteAnyDatabase", db: "admin" }]})

再admin数据库下对以上用户进行授权 db.auth('huang_admin','huang_admin') 返回1,代表授权成功 到了这一步,就可以对其他的数据库进行授权了

修改配置 让用户生效

vi /opt/homebrew/etc/mongod.conf

找到#security:开启

security:
  authorization: 'enabled'

brew 重启:

brew services restart mongodb/brew/mongodb-community@4.4

给数据库表 设置不同身份用户

use huangblog
db.createUser({user:'huangblogOne',pwd:'huangblogOne',roles:[{role:'readWrite',db:'huangblog'}]})
db.createUser({user:'huangblogTwo',pwd:'huangblogTwo',roles:[{role:'read',db:'huangblog'}]})
0条评论
...