Reputation: 1879
mongodb no role named restore
I am trying to create a user with restore privilege so that I can restore locally a database I backed up on a remote server using mongodump (NB the database requires authentification, but my issue is just creating a user for any new database).
I am using mongo3.6.6 locally.
On local machine I have tried to create a user with restore role using the following. Note I am creating a new local database and a new user for the new database.
mongo -u Admin -p authenticationDatabase admin
#create a new database that will extract backup to
use backup_data_db
db.createUser[{
user: "local_user",T
pwd: "123",
roles: [
{role: "read", db: "backup_data_db"},
{role: "restore", db: "backup_data_db"}]
})
Whereupon I get the following error:
Error: couldn't add user: No role named restore@backup_data_db
I have tried creating a user with multiple role combinations - dbAdmin, readWrite, read, dbOwner, backup, restore. Out of these roles I consistently get 'No role named xxxx@backup_data_db' for only 'backup' and 'restore' roles. It seems there is something special about creating these roles that is different to other roles but I cannot find any documentation on how to create these other than the Mongo docs which I believe I am following.
Note I also tried starting with admin database ie:
use admin
And repeated the same db.createUser code as above. And got the same error.
What does work - creating a user with root privilege:
use admin
db.createUser( {
user: "rootuser",
pwd: "passwd",
roles: ["root", "userAdminAnyDatabase", "dbAdminAnyDatabase",
"readWriteAnyDatabase"] } )
The root role has backup and restore privilege and there were no complaints from mongodb when creating this role.
I then could run the following and restore the db OK
mongorestore -u rootuser -p passwd --authenticationDatabase admin -d backup_data_db path_to_backup_dir
Docs indicate restore is possible without root access, what am I doing incorrectly?
Upvotes: 2
Views: 3461
Answers (1)
Reputation: 1414
The error might be because the restore role is only available from the admin database.
"MongoDB provides the built-in database user and database administration roles on every database. MongoDB provides all other built-in roles only on the admin database."
The restore role is inBackup and Restoration Roles.
Docs for 3.6 are here.
For example (this is not tested):
db.createUser[{
user: "local_user",
pwd: "123",
roles: [
{role: "read", db: "backup_data_db"},
{role: "restore", db: "admin"}]
})
Upvotes: 1
Related Questions
- Restoring mongodb database with different name
- mongo and mongodump works with auth but restore does not
- mongodb backup role - mongodump
- unable to create role in mongodb
- How to create mongo user on existing db with correct role?
- mongodb: how to set correctly roles and privileges?
- MongoDB Restore Failed
- mongodb backup role error to query system.profile
- restoring a dump with mongodb fails
- Mongodb restore problems