Web Projects Consulting

Setting Up MongoDB on Fedora with Basic Security Options

MongoDB is a popular NoSQL database solution with growing popularity over professional and non-professional users. Blah. Now to setting all up.

MongoDB in Fedora repo will not work with authentication and segfault, get it and install from MongoDB site.

sudo vim /etc/yum.repos.d/mongo.repo

Cut and paste the below:

[10gen]
name=10gen Repository
baseurl=http://downloads-distro.mongodb.org/repo/redhat/os/x86_64
gpgcheck=0

Install MongoDB:

sudo yum install mongo-10gen mongo-10gen-server

Edit the default config file.

sudo vim /etc/mongod.conf

Find and edit:

bind_ip = 127.0.0.1
port = 27017
dbpath=/var/lib/mongo

Create a very basic service:

sudo gedit /etc/init.d/mongod

Cut and paste:

#! /bin/sh

<h1>chkconfig: 345 20 80</h1>

<h1>description: mongod daemon</h1>

<h1>processname: mongod</h1>

N=/usr/bin/mongod

set -e

case &quot;$1&quot; in
  start)
$N -f /etc/mongod.conf --journal
;;
  stop|reload|restart|force-reload)
;;
  *)
echo &quot;Usage: $N {start|stop|restart|force-reload}&quot; &gt;&amp;2exit 1
;;
esac

exit 0

Run service:

sudo service mongod start
sudo chkconfig --levels 235 mongod on

Check if all ok:

[user@localhost ~]$ mongo 127.0.0.1:27017/test
MongoDB shell version: 2.0.2
connecting to: 127.0.0.1:27017/test
> db.help()
DB methods:
        db.addUser(username, password[, readOnly=false])
        db.auth(username, password)
# ... blah

Or visit in browser: http://localhost:28017 (we are going to close that later).

You can stop the above service from mongo console:

use admin
//when using auth, launch:
//db.auth(username, password)
//and
db.shutdownServer()
// or
db.adminCommand({shutdown : 1, force : true})
// or
db.shutdownServer({force : true})
// or
db.adminCommand({shutdown : 1, timeoutSecs : 5})

Add possibility for PHP to connect to it and restart web server:

sudo pecl install mongo
sudo service httpd restart

Test:

[user@localhost ~]$ php -m |grep -i mongo
mongo

Add more security:

[user@localhost ~]$ mongo 127.0.0.1:27017/test
MongoDB shell version: 2.0.2
connecting to: 127.0.0.1:27017/test
> use admin
switched to db admin
> addUser('SOME_GOOD_USER_NAME', 'SOME_GOOD_PASSWORD')

Edit the config again:

sudo vim /etc/mongod.conf

Find and edit:

noauth = false
auth = true
nohttpinterface = true

Stop and start the server again as described above.

Get and install some web admin tool into a folder on your web server, for instance http://code.google.com/p/rock-php/wiki/rock_mongo. To connect, edit the config.php file from this package with the following values:

# uncomment
$MONGO["servers"][$i]["mongo_db"]                 = "local";
$MONGO["servers"][$i]["mongo_user"]               = "USER_FROM_ABOVE";
$MONGO["servers"][$i]["mongo_pass"]               = "PASSWORD_FROM_ABOVE";
$MONGO["servers"][$i]["mongo_auth"]               = true;
# comment
#$MONGO["servers"][$i]["control_auth"]            = true;
#$MONGO["servers"][$i]["control_users"]["admin"]  = "admin";

DISCLAIMER: tested for Fedora 15 only and might require more security fixes.

RockMongo with auth in Fedora 15

Enjoy!

Tagged on: , , , , , , , , , ,
By Alec | 14/02/2012 | Hosting, PHP, Programming & Freelancing, Software, Webmaster | No Comments |

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.

Web Projects Consulting
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.