以下是在Ubuntu上設置MongoDB權限的關鍵步驟:
mongoadmin數據庫中創建管理員用戶(需指定userAdminAnyDatabase等角色):use admin
db.createUser({
user: "adminUser",
pwd: "密碼",
roles: [{ role: "userAdminAnyDatabase", db: "admin" }]
})
/etc/mongod.conf,找到security部分,設置authorization: enabled。sudo systemctl restart mongod。myDB),為用戶分配readWrite等角色:use myDB
db.createUser({
user: "appUser",
pwd: "密碼",
roles: [{ role: "readWrite", db: "myDB" }]
})
/etc/mongod.conf中設置bindIp為特定IP(如127.0.0.1或內網IP),限制網絡訪問。ufw)限制端口(默認27017)訪問:sudo ufw allow from IP to any port 27017。mongo -u 用戶名 -p 密碼 --authenticationDatabase admin。
