Home / server / Questions / 640283
Accepted
akostadinov
Asked: 2014-10-29 07:30:39 +0800 CST

How to get MongoDB server local time?

  • 772

I'm running a mongodb with authentication. I would like a non-root client to get server time.

I thought easiest would be to use serverStatus. But default readWrite user does not have such privilege.

I'm really lost in mongo security model. I tried adding a serverStatus role like this:

db.createRole(   
  {     
    role: "serverStatus",     
    privileges:     [       
      { 
        resource: { db: "admin", collection: ""}, 
        actions: [ "serverStatus" ] 
      }     
    ],
    roles: [],   
    writeConcern: { w: "majority" , wtimeout: 5000 }   
  }
)

Then added to user:

db.grantRolesToUser( "myuser", [ { role: "serverStatus", db: "admin" } ] )

But trying to get serverStatus I'm getting:

> db.serverStatus()
{
    "ok" : 0,
    "errmsg" : "not authorized on admin to execute command { serverStatus: 1.0 }",
    "code" : 13
}

any advice please?

mongodb

1 Answers

  1. Best Answer

    I've got it running. I missed the point that serverStatus action should be granted to the cluster resource like (see cluster: true):

    use admin
db.createRole(   
  {     
    role: "serverStatus",     
    privileges:     [       
      { 
        resource: { cluster: true }, 
        actions: [ "serverStatus" ] 
      }     
    ],
    roles: [],   
    writeConcern: { w: "majority" , wtimeout: 5000 }   
  }
)

    Also before grantRolesToUser one should issue use mydb to avoid creating a user in another database.

    • 1