我在docker-compose.yml内部配置了一个mongo实例(变量来自我的.env文件,使用管理员帐户没有问题,因此我认为它们不是问题的起因):
services:
mongo:
build: ./docker/mongo
container_name: pname_mongo
environment:
- MONGO_INITDB_DATABASE=${MONGO_DATABASE}
- MONGO_INITDB_ROOT_USERNAME=${MONGO_USERNAME}
- MONGO_INITDB_ROOT_PASSWORD=${MONGO_PASSWORD}
ports:
- 27017:27017
restart: unless-stopped
volumes:
- ./data/mongo:/data/db
docker/mongo内部是以下Dockerfile:FROM mongo
WORKDIR /docker-entrypoint-initdb.d/
COPY graylog-user.js ./
graylog-user.js的内容如下:db.createUser({
pwd: "redacted-password",
roles: [{
db: "graylog",
role: "readWrite"
}],
user: "graylog"
});
data/mongo的内容后,当我运行docker-compose up时,数据库似乎已正确初始化:mongo_1 | Successfully added user: {
mongo_1 | "user" : "pname",
mongo_1 | "roles" : [
mongo_1 | {
mongo_1 | "role" : "root",
mongo_1 | "db" : "admin"
mongo_1 | }
mongo_1 | ]
mongo_1 | }
mongo_1 | Error saving history file: FileOpenFailed Unable to open() file /home/mongodb/.dbshell: No such file or directory
mongo_1 | {"t":{"$date":"2020-10-02T21:43:01.568+00:00"},"s":"I", "c":"NETWORK", "id":22944, "ctx":"conn2","msg":"Connection ended","attr":{"remote":"127.0.0.1:55612","connectionId":2,"connectionCount":0}}
mongo_1 |
mongo_1 | /usr/local/bin/docker-entrypoint.sh: running /docker-entrypoint-initdb.d/graylog-user.js
mongo_1 | {"t":{"$date":"2020-10-02T21:43:01.627+00:00"},"s":"I", "c":"NETWORK", "id":22943, "ctx":"listener","msg":"Connection accepted","attr":{"remote":"127.0.0.1:55616","connectionId":3,"connectionCount":1}}
mongo_1 | {"t":{"$date":"2020-10-02T21:43:01.628+00:00"},"s":"I", "c":"NETWORK", "id":51800, "ctx":"conn3","msg":"client metadata","attr":{"remote":"127.0.0.1:55616","client":"conn3","doc":{"application":{"name":"MongoDB Shell"},"driver":{"name":"MongoDB Internal Client","version":"4.4.1"},"os":{"type":"Linux","name":"Ubuntu","architecture":"x86_64","version":"18.04"}}}}
mongo_1 | Successfully added user: {
mongo_1 | "roles" : [
mongo_1 | {
mongo_1 | "db" : "graylog",
mongo_1 | "role" : "readWrite"
mongo_1 | }
mongo_1 | ],
mongo_1 | "user" : "graylog"
mongo_1 | }
mongo_1 | {"t":{"$date":"2020-10-02T21:43:01.679+00:00"},"s":"I", "c":"NETWORK", "id":22944, "ctx":"conn3","msg":"Connection ended","attr":{"remote":"127.0.0.1:55616","connectionId":3,"connectionCount":0}}
> use graylog
switched to db graylog
> db.auth({
... user: "graylog",
... pwd: "redacted-password",
... digestPassword: false
... })
Error: Authentication failed.
0
> db.auth({
... user: "graylog",
... pwd: "redacted-password",
... digestPassword: true
... })
Error: Authentication failed.
0
> use admin
switched to db admin
> db.auth('pname', 'redacted-admin-password')
1
> show collections
system.users
system.version
> db.system.users.find()
{ "_id" : "admin.pname", "userId" : UUID("a8f150a6-83f6-4fef-8457-a6afae5e6b72"), "user" : "pname", "db" : "admin", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "redacted", "storedKey" : "redacted", "serverKey" : "redacted" }, "SCRAM-SHA-256" : { "iterationCount" : 15000, "salt" : "redacted", "storedKey" : "redacted", "serverKey" : " to production" } }, "roles" : [ { "role" : "root", "db" : "admin" } ] }
{ "_id" : "pname.graylog", "userId" : UUID("4d13d6d6-1f19-4f7c-97ba-6aef11f88587"), "user" : "graylog", "db" : "pname", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "redacted", "storedKey" : "redacted", "serverKey" : "redacted" }, "SCRAM-SHA-256" : { "iterationCount" : 15000, "salt" : "redacted", "storedKey" : "redacted", "serverKey" : "redacted" } }, "roles" : [ { "role" : "readWrite", "db" : "graylog" } ] }
最佳答案
用户graylog是在数据库pname中创建的,并且仅对db graylog授予了readWrite权限。
该用户在连接时需要将身份验证数据库设置为pname,但是我认为不允许在特定数据库中创建的用户被授予对其他数据库的许可。
您可以尝试更改graylog-user.js以在graylog数据库中创建用户:
db.getSiblingDB("graylog").createUser({
关于mongodb - 无法使用脚本中创建的用户对dockerized mongodb实例进行身份验证,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/64182140/