一、开启Mongodb 密码验证功能
默认安装完mongodb是不用密码验证的,直接输入mongo就可以登入数据库进行相关操作,设置参数auth=true启动mongodb密码验证功能,开启改功能步骤如下:
①、修改参数文件auth=false,并重启mongodb
②、登入数据库,创建管理员用户(默认是没有管理员账户的)
[root@mongodb ~] # mongo
> user admin
>
db.createUser(
{
user: "admin",
pwd: "admin",
roles: [ { role: "root", db: "admin" } ]
}
)
db.createUser(
{
user: "root",
pwd: "mongotest",
roles: [ { role: "root", db: "admin" } ]
}
)
③、修改参数文件auth=true,重启数据库,使用admin用户登入数据库
mongo 127.0.0.1:27017/admin(database) -u admin(username) -p admin(password)
或者
[root@mongodb ~] # mongo
> use admin
> db.auth("admin","admin");
二、用户权限管理
创建user文档,定义了用户的以下形式:
create
{ user: "<name>",
pwd: "<cleartext password>",
customData: { <any information> },
roles: [
{ role: "<role>", db: "<database>" } | "<role>",
...
]
}
user文档字段介绍:
user字段,为新用户的名字;
pwd字段,用户的密码;
cusomData字段,为任意内容,例如可以为用户全名介绍;
roles字段,指定用户的角色,可以用一个空数组给新用户设定空角色;
在roles字段,可以指定内置角色和用户定义的角色。
1. 数据库用户角色:read、readWrite;
2. 数据库管理角色:dbAdmin、dbOwner、userAdmin;
3. 集群管理角色:clusterAdmin、clusterManager、clusterMonitor、hostManager;
4. 备份恢复角色:backup、restore;
5. 所有数据库角色:readAnyDatabase、readWriteAnyDatabase、userAdminAnyDatabase、dbAdminAnyDatabase
6. 超级用户角色:root
// 这里还有几个角色间接或直接提供了系统超级用户的访问(dbOwner 、userAdmin、userAdminAnyDatabase)
7. 内部角色:__system
示例:
db.createUser(
{
user: "admin1",
pwd: "admin1",
roles: [
{ role: "read", db: "mydb" }
]
}
)
db.createUser(
{
user: "testuser",
pwd: "testuser",
roles: [
{ role: "dbAdmin", db: "admin" },
{ role: "backup", db: "admin" }
]
}
)
db.auth("testuser","testuser");
查找用户信息和删除用户
db.system.users.find();
db.system.users.remove({user:"pmsadapter"});
关闭mongo
mongod --shutdown --dbpath /database/mongodb/data/
> use admin;
switched to db admin
> db.shutdownServer();
|
三、导入导出小结
导出dbname下collectionname 表到 /home/area.dat
mongoexport -d dbname -c collectionname -o /home/area.dat
导入
mongoimport -d dbname -c collectionname /home/area.dat
导出iflashbuy_log数据库/home/my_mongodb_dump
mongodump -d iflashbuy_log -o /home/my_mongodb_dump
恢复数据库
mongorestore -d my_mongodb /home/my_mongodb_dump
db.createUser( { "user" : "test",
"pwd": "test",
"customData" : { test:test },
"roles" : [ { role: "clusterAdmin", db: "admin" },
{ role: "readAnyDatabase", db: "admin" },
"readWrite"
] }
db.createUser(
{
user: "admin",
pwd: "admin",
roles: [ { role: "userAdminAnyDatabase", db: "admin" },
{ role: "userAdminAnyDatabase", db: "admin" } ]
}
)
db.createUser(
{
user: "admin1",
pwd: "admin1",
roles: [ { role: "root", db: "mydb" } ]
}
)
db.createUser(
{
user: "admin11",
pwd: "admin11",
roles: [ { role: "root", db: "mydb" } ]
}
)
db.createUser(
{
user: "admin2",
pwd: "admin2",
roles: [ { role: "dbAdmin", db: "mydb" } ]
}
)
db.createUser(
{
user: "admin3",
pwd: "admin3",
roles: [ { role: "readWriteAnyDatabase", db: "mydb" } ]
}
)
db.createUser(
{
user: "admin3",
pwd: "admin3",
roles: [ { role: "dbAdminAnyDatabase", db: "mydb" } ]
}
)
db.createUser(
{
user: "admin3",
pwd: "admin3",
roles: [ { role: "dbAdminAnyDatabase", db: "mydb" } ]
}
)
db.createUser(
{
user: "user001",
pwd: "user001",
roles: [ { role: "readWrite", db: "mydb" } ]
}
)
>show dbs
local 0.078125GB
ttlsa_com 0.203125GB
>db
ttlsa_com
>db.ttlsa_com.getDB()
ttlsa_com
>show collections
system.indexes
>db.dropDatabase()
{"dropped":"ttlsa_com","ok":1}
>db
ttlsa_com
>show dbs
导出查询结果到excel
mongoexport -d pmsadapterlog-ly -c pms_log_resv -q "{'msgType':'crsnewresv'}" -f crsnum,createTime,usedTime,updateTime --csv -o pms_log_resv20160127.csv
在 从server 上查看主从复制的状态
> db.printReplicationInfo()
this is a slave, printing slave replication info.
source: 10.48.255.244:27017
syncedTo: Thu Aug 16 2012 18:33:27 GMT+0000 (UTC)
= 18 secs ago (0.01hrs)
>
> db.printSlaveReplicationInfo()
source: 10.48.255.244:27017
syncedTo: Thu Aug 16 2012 18:34:37 GMT+0000 (UTC)
= 20 secs ago (0.01hrs)