MongoDB won't start with access control turned onWhen upgrading config servers to use WireTiger, the running...

What to put in ESTA if staying in US for a few days before going on to Canada

How could indestructible materials be used in power generation?

Why is the 'in' operator throwing an error with a string literal instead of logging false?

I Accidentally Deleted a Stock Terminal Theme

Can I ask the recruiters in my resume to put the reason why I am rejected?

How to draw the figure with four pentagons?

Does casting Light, or a similar spell, have any effect when the caster is swallowed by a monster?

AES: Why is it a good practice to use only the first 16bytes of a hash for encryption?

What is the word for reserving something for yourself before others do?

Has there ever been an airliner design involving reducing generator load by installing solar panels?

Why is consensus so controversial in Britain?

How to show the equivalence between the regularized regression and their constraint formulas using KKT

What's the difference between 'rename' and 'mv'?

What does it mean to describe someone as a butt steak?

Is there a hemisphere-neutral way of specifying a season?

How much of data wrangling is a data scientist's job?

Why is it a bad idea to hire a hitman to eliminate most corrupt politicians?

Facing a paradox: Earnshaw's theorem in one dimension

Withdrawals from HSA

Why "Having chlorophyll without photosynthesis is actually very dangerous" and "like living with a bomb"?

Took a trip to a parallel universe, need help deciphering

Can I use a neutral wire from another outlet to repair a broken neutral?

Does a druid starting with a bow start with no arrows?

Arrow those variables!



MongoDB won't start with access control turned on


When upgrading config servers to use WireTiger, the running config server with wiredtiger does not authenticate the existing pass and user?Issues in starting MongoDB serviceStart MongoDB With Authentication EnabledHow i Implement Role Based Access Control in MongodbCannot Start MongoDBcreating replica set between three similar mongo databases on my localReplica Set Question - one primary instance with two secondary instancesUnable to start MongoDB with --replSetMongodb create user with only read and write accessShould Azure host write-caching be enabled when using MongoDB's WiredTiger storage engine






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}







2















Hello I would appreciate any suggestions, I have a 3 member MongoDB replica set setup on CentOS I'm trying to configure wit access control:

node1,
node2,
arbiter,



When I do not configure security with access control to test each instance it works successfully. I didn't get as far to test replication, although I have tested in the past with no access control however I need it implemented.



I get an error and mongodb wont start with access control on.
I've granted mongod account permissions "/srv/mongodb/mongodb-keyfile.key"

set chmod 600 as instructed by the docs.



The get the following messages in the logs but doesn't start:



2016-03-11T09:42:25.032-0800 I CONTROL  [main] ***** SERVER RESTARTED *****

2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten] MongoDB starting : pid=8729 port=27000 dbpath=/var/lib/mongo/arb 64-bit host=arb

2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten] db version v3.2.3

2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten] git version: b326ba837cf6f49d65c2f85e1b70f6f31ece7937

2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten] OpenSSL version: OpenSSL 1.0.1e-fips 11 Feb 2013

2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten] allocator: tcmalloc

2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten] modules: none

2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten] build environment:

2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten]     distmod: rhel62

2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten]     distarch: x86_64

2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten]     target_arch: x86_64

2016-03-11T09:42:25.095-0800 I CONTROL  [initandlisten] options: { config: "/etc/mongod.conf", net: { bindIp: "127.0.0.1,192.222.21.3", port: 27000 }, processManagement: { fork: true, pidFilePath: "/var/run/mongodb/mongod.pid" }, storage: { dbPath: "/var/lib/mongo/arb", journal: { enabled: false }, mmapv1: { smallFiles: true } }, systemLog: { destination: "file", logAppend: true, path: "/var/log/mongodb/mongod.log" } }

2016-03-11T09:42:25.166-0800 I -        [initandlisten] Detected data files in /var/lib/mongo/arb created by the 'wiredTiger' storage engine, so setting the active storage engine to 'wiredTiger'.

2016-03-11T09:42:25.186-0800 I STORAGE  [initandlisten] wiredtiger_open config: create,cache_size=1G,session_max=20000,eviction=(threads_max=4),config_base=false,statistics=(fast),log=(enabled=true,archive=true,path=journal,compressor=snappy),file_manager=(close_idle_time=100000),checkpoint=(wait=60,log_size=2GB),statistics_log=(wait=0),,log=(enabled=false),

2016-03-11T09:42:25.677-0800 W STORAGE  [initandlisten] Detected configuration for non-active storage engine mmapv1 when current storage engine is wiredTiger

2016-03-11T09:42:25.677-0800 I CONTROL  [initandlisten]

2016-03-11T09:42:25.677-0800 I CONTROL  [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/enabled is 'always'.

2016-03-11T09:42:25.677-0800 I CONTROL  [initandlisten] **        We suggest setting it to 'never'

2016-03-11T09:42:25.677-0800 I CONTROL  [initandlisten]

2016-03-11T09:42:25.677-0800 I CONTROL  [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/defrag is 'always'.

2016-03-11T09:42:25.677-0800 I CONTROL  [initandlisten] **        We suggest setting it to 'never'

2016-03-11T09:42:25.677-0800 I CONTROL  [initandlisten]

2016-03-11T09:42:25.677-0800 I CONTROL  [initandlisten] ** WARNING: soft rlimits too low. rlimits set to 1024 processes, 65535 files. Number of processes should be at least 32767.5 : 0.5 times number of files.

2016-03-11T09:42:25.677-0800 I CONTROL  [initandlisten]

2016-03-11T09:42:25.741-0800 I FTDC     [initandlisten] Initializing full-time diagnostic data capture with directory '/var/lib/mongo/arb/diagnostic.data'

2016-03-11T09:42:25.742-0800 I NETWORK  [HostnameCanonicalizationWorker] Starting hostname canonicalization worker

2016-03-11T09:42:25.776-0800 I NETWORK  [initandlisten] waiting for connections on port 27808

2016-03-11T09:42:29.954-0800 I CONTROL  [signalProcessingThread] got signal 15 (Terminated), will terminate after current cmd ends

2016-03-11T09:42:29.954-0800 I FTDC     [signalProcessingThread] Shutting down full-time diagnostic data capture

2016-03-11T09:42:29.955-0800 I CONTROL  [signalProcessingThread] now exiting

2016-03-11T09:42:29.955-0800 I NETWORK  [signalProcessingThread] shutdown: going to close listening sockets...

2016-03-11T09:42:29.955-0800 I NETWORK  [signalProcessingThread] closing listening socket: 6

2016-03-11T09:42:29.955-0800 I NETWORK  [signalProcessingThread] closing listening socket: 7

2016-03-11T09:42:29.955-0800 I NETWORK  [signalProcessingThread] closing listening socket: 8

2016-03-11T09:42:29.955-0800 I NETWORK  [signalProcessingThread] removing socket file: /tmp/mongodb-27000.sock

2016-03-11T09:42:29.955-0800 I NETWORK  [signalProcessingThread] shutdown: going to flush diaglog...

2016-03-11T09:42:29.955-0800 I NETWORK  [signalProcessingThread] shutdown: going to close sockets...

2016-03-11T09:42:29.955-0800 I STORAGE  [signalProcessingThread] WiredTigerKVEngine shutting down

2016-03-11T09:42:30.014-0800 I STORAGE  [signalProcessingThread] shutdown: removing fs lock...

2016-03-11T09:42:30.014-0800 I CONTROL  [signalProcessingThread] dbexit:  rc: 0


I have followed steps up to the point confirming that all 3 hosts can "start up" as separate MongoDB instances
https://docs.mongodb.org/manual/tutorial/enable-internal-authentication/#deploy-repl-set-with-auth



# mongod.conf

# Arbiter



# for documentation of all options, see:

#   http://docs.mongodb.org/manual/reference/configuration-options/



# where to write logging data.

systemLog:

  destination: file

  logAppend: true

  path: /var/log/mongodb/mongod.log



# Where and how to store data.

storage:

  dbPath: /var/lib/mongo/arb

  smallFiles: true

  journal:

    enabled: false

#  engine:

#  mmapv1:

#  wiredTiger:



# how the process runs

processManagement:

  fork: true  # fork and run in background

  pidFilePath: /var/run/mongodb/mongod.pid  # location of pidfile



# network interfaces

net:

  port: 27000

  bindIp: 127.0.0.1,192.222.21.3  # Listen to local interface only, comment to listen on all interfaces. I've changed the IP to mask it



# when the follow 3 lines below are commented out it works

security:

 keyFile:  "/srv/mongodb/mongodb-keyfile.key"

 authorization: true



#operationProfiling:



# commented out to test access control first

#replication:

#  oplogSizeMB: 1024

# replSetName: "rs1"



#sharding:



## Enterprise-Only Options



#auditLog:



#snmp:





mongodb mongodb-3.0







share|improve this question














bumped to the homepage by Community 5 mins ago


This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.






















    2















    Hello I would appreciate any suggestions, I have a 3 member MongoDB replica set setup on CentOS I'm trying to configure wit access control:

    node1,
    node2,
    arbiter,



    When I do not configure security with access control to test each instance it works successfully. I didn't get as far to test replication, although I have tested in the past with no access control however I need it implemented.



    I get an error and mongodb wont start with access control on.
    I've granted mongod account permissions "/srv/mongodb/mongodb-keyfile.key"

    set chmod 600 as instructed by the docs.



    The get the following messages in the logs but doesn't start:



    2016-03-11T09:42:25.032-0800 I CONTROL  [main] ***** SERVER RESTARTED *****
    
2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten] MongoDB starting : pid=8729 port=27000 dbpath=/var/lib/mongo/arb 64-bit host=arb
    
2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten] db version v3.2.3
    
2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten] git version: b326ba837cf6f49d65c2f85e1b70f6f31ece7937
    
2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten] OpenSSL version: OpenSSL 1.0.1e-fips 11 Feb 2013
    
2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten] allocator: tcmalloc
    
2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten] modules: none
    
2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten] build environment:
    
2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten]     distmod: rhel62
    
2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten]     distarch: x86_64
    
2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten]     target_arch: x86_64
    
2016-03-11T09:42:25.095-0800 I CONTROL  [initandlisten] options: { config: "/etc/mongod.conf", net: { bindIp: "127.0.0.1,192.222.21.3", port: 27000 }, processManagement: { fork: true, pidFilePath: "/var/run/mongodb/mongod.pid" }, storage: { dbPath: "/var/lib/mongo/arb", journal: { enabled: false }, mmapv1: { smallFiles: true } }, systemLog: { destination: "file", logAppend: true, path: "/var/log/mongodb/mongod.log" } }
    
2016-03-11T09:42:25.166-0800 I -        [initandlisten] Detected data files in /var/lib/mongo/arb created by the 'wiredTiger' storage engine, so setting the active storage engine to 'wiredTiger'.
    
2016-03-11T09:42:25.186-0800 I STORAGE  [initandlisten] wiredtiger_open config: create,cache_size=1G,session_max=20000,eviction=(threads_max=4),config_base=false,statistics=(fast),log=(enabled=true,archive=true,path=journal,compressor=snappy),file_manager=(close_idle_time=100000),checkpoint=(wait=60,log_size=2GB),statistics_log=(wait=0),,log=(enabled=false),
    
2016-03-11T09:42:25.677-0800 W STORAGE  [initandlisten] Detected configuration for non-active storage engine mmapv1 when current storage engine is wiredTiger
    
2016-03-11T09:42:25.677-0800 I CONTROL  [initandlisten]
    
2016-03-11T09:42:25.677-0800 I CONTROL  [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/enabled is 'always'.
    
2016-03-11T09:42:25.677-0800 I CONTROL  [initandlisten] **        We suggest setting it to 'never'
    
2016-03-11T09:42:25.677-0800 I CONTROL  [initandlisten]
    
2016-03-11T09:42:25.677-0800 I CONTROL  [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/defrag is 'always'.
    
2016-03-11T09:42:25.677-0800 I CONTROL  [initandlisten] **        We suggest setting it to 'never'
    
2016-03-11T09:42:25.677-0800 I CONTROL  [initandlisten]
    
2016-03-11T09:42:25.677-0800 I CONTROL  [initandlisten] ** WARNING: soft rlimits too low. rlimits set to 1024 processes, 65535 files. Number of processes should be at least 32767.5 : 0.5 times number of files.
    
2016-03-11T09:42:25.677-0800 I CONTROL  [initandlisten]
    
2016-03-11T09:42:25.741-0800 I FTDC     [initandlisten] Initializing full-time diagnostic data capture with directory '/var/lib/mongo/arb/diagnostic.data'
    
2016-03-11T09:42:25.742-0800 I NETWORK  [HostnameCanonicalizationWorker] Starting hostname canonicalization worker
    
2016-03-11T09:42:25.776-0800 I NETWORK  [initandlisten] waiting for connections on port 27808
    
2016-03-11T09:42:29.954-0800 I CONTROL  [signalProcessingThread] got signal 15 (Terminated), will terminate after current cmd ends
    
2016-03-11T09:42:29.954-0800 I FTDC     [signalProcessingThread] Shutting down full-time diagnostic data capture
    
2016-03-11T09:42:29.955-0800 I CONTROL  [signalProcessingThread] now exiting
    
2016-03-11T09:42:29.955-0800 I NETWORK  [signalProcessingThread] shutdown: going to close listening sockets...
    
2016-03-11T09:42:29.955-0800 I NETWORK  [signalProcessingThread] closing listening socket: 6
    
2016-03-11T09:42:29.955-0800 I NETWORK  [signalProcessingThread] closing listening socket: 7
    
2016-03-11T09:42:29.955-0800 I NETWORK  [signalProcessingThread] closing listening socket: 8
    
2016-03-11T09:42:29.955-0800 I NETWORK  [signalProcessingThread] removing socket file: /tmp/mongodb-27000.sock
    
2016-03-11T09:42:29.955-0800 I NETWORK  [signalProcessingThread] shutdown: going to flush diaglog...
    
2016-03-11T09:42:29.955-0800 I NETWORK  [signalProcessingThread] shutdown: going to close sockets...
    
2016-03-11T09:42:29.955-0800 I STORAGE  [signalProcessingThread] WiredTigerKVEngine shutting down
    
2016-03-11T09:42:30.014-0800 I STORAGE  [signalProcessingThread] shutdown: removing fs lock...
    
2016-03-11T09:42:30.014-0800 I CONTROL  [signalProcessingThread] dbexit:  rc: 0


    I have followed steps up to the point confirming that all 3 hosts can "start up" as separate MongoDB instances
    https://docs.mongodb.org/manual/tutorial/enable-internal-authentication/#deploy-repl-set-with-auth



    # mongod.conf
    
# Arbiter
    

    
# for documentation of all options, see:
    
#   http://docs.mongodb.org/manual/reference/configuration-options/
    

    
# where to write logging data.
    
systemLog:
    
  destination: file
    
  logAppend: true
    
  path: /var/log/mongodb/mongod.log
    

    
# Where and how to store data.
    
storage:
    
  dbPath: /var/lib/mongo/arb
    
  smallFiles: true
    
  journal:
    
    enabled: false
    
#  engine:
    
#  mmapv1:
    
#  wiredTiger:
    

    
# how the process runs
    
processManagement:
    
  fork: true  # fork and run in background
    
  pidFilePath: /var/run/mongodb/mongod.pid  # location of pidfile
    

    
# network interfaces
    
net:
    
  port: 27000
    
  bindIp: 127.0.0.1,192.222.21.3  # Listen to local interface only, comment to listen on all interfaces. I've changed the IP to mask it
    

    
# when the follow 3 lines below are commented out it works
    
security:
    
 keyFile:  "/srv/mongodb/mongodb-keyfile.key"
    
 authorization: true
    

    
#operationProfiling:
    

    
# commented out to test access control first
    
#replication:
    
#  oplogSizeMB: 1024
    
# replSetName: "rs1"
    

    
#sharding:
    

    
## Enterprise-Only Options
    

    
#auditLog:
    

    
#snmp:





    mongodb mongodb-3.0







    share|improve this question














    bumped to the homepage by Community 5 mins ago


    This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.


















      2












      2








      2


      1






      Hello I would appreciate any suggestions, I have a 3 member MongoDB replica set setup on CentOS I'm trying to configure wit access control:

      node1,
      node2,
      arbiter,



      When I do not configure security with access control to test each instance it works successfully. I didn't get as far to test replication, although I have tested in the past with no access control however I need it implemented.



      I get an error and mongodb wont start with access control on.
      I've granted mongod account permissions "/srv/mongodb/mongodb-keyfile.key"

      set chmod 600 as instructed by the docs.



      The get the following messages in the logs but doesn't start:



      2016-03-11T09:42:25.032-0800 I CONTROL  [main] ***** SERVER RESTARTED *****
      
2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten] MongoDB starting : pid=8729 port=27000 dbpath=/var/lib/mongo/arb 64-bit host=arb
      
2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten] db version v3.2.3
      
2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten] git version: b326ba837cf6f49d65c2f85e1b70f6f31ece7937
      
2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten] OpenSSL version: OpenSSL 1.0.1e-fips 11 Feb 2013
      
2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten] allocator: tcmalloc
      
2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten] modules: none
      
2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten] build environment:
      
2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten]     distmod: rhel62
      
2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten]     distarch: x86_64
      
2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten]     target_arch: x86_64
      
2016-03-11T09:42:25.095-0800 I CONTROL  [initandlisten] options: { config: "/etc/mongod.conf", net: { bindIp: "127.0.0.1,192.222.21.3", port: 27000 }, processManagement: { fork: true, pidFilePath: "/var/run/mongodb/mongod.pid" }, storage: { dbPath: "/var/lib/mongo/arb", journal: { enabled: false }, mmapv1: { smallFiles: true } }, systemLog: { destination: "file", logAppend: true, path: "/var/log/mongodb/mongod.log" } }
      
2016-03-11T09:42:25.166-0800 I -        [initandlisten] Detected data files in /var/lib/mongo/arb created by the 'wiredTiger' storage engine, so setting the active storage engine to 'wiredTiger'.
      
2016-03-11T09:42:25.186-0800 I STORAGE  [initandlisten] wiredtiger_open config: create,cache_size=1G,session_max=20000,eviction=(threads_max=4),config_base=false,statistics=(fast),log=(enabled=true,archive=true,path=journal,compressor=snappy),file_manager=(close_idle_time=100000),checkpoint=(wait=60,log_size=2GB),statistics_log=(wait=0),,log=(enabled=false),
      
2016-03-11T09:42:25.677-0800 W STORAGE  [initandlisten] Detected configuration for non-active storage engine mmapv1 when current storage engine is wiredTiger
      
2016-03-11T09:42:25.677-0800 I CONTROL  [initandlisten]
      
2016-03-11T09:42:25.677-0800 I CONTROL  [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/enabled is 'always'.
      
2016-03-11T09:42:25.677-0800 I CONTROL  [initandlisten] **        We suggest setting it to 'never'
      
2016-03-11T09:42:25.677-0800 I CONTROL  [initandlisten]
      
2016-03-11T09:42:25.677-0800 I CONTROL  [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/defrag is 'always'.
      
2016-03-11T09:42:25.677-0800 I CONTROL  [initandlisten] **        We suggest setting it to 'never'
      
2016-03-11T09:42:25.677-0800 I CONTROL  [initandlisten]
      
2016-03-11T09:42:25.677-0800 I CONTROL  [initandlisten] ** WARNING: soft rlimits too low. rlimits set to 1024 processes, 65535 files. Number of processes should be at least 32767.5 : 0.5 times number of files.
      
2016-03-11T09:42:25.677-0800 I CONTROL  [initandlisten]
      
2016-03-11T09:42:25.741-0800 I FTDC     [initandlisten] Initializing full-time diagnostic data capture with directory '/var/lib/mongo/arb/diagnostic.data'
      
2016-03-11T09:42:25.742-0800 I NETWORK  [HostnameCanonicalizationWorker] Starting hostname canonicalization worker
      
2016-03-11T09:42:25.776-0800 I NETWORK  [initandlisten] waiting for connections on port 27808
      
2016-03-11T09:42:29.954-0800 I CONTROL  [signalProcessingThread] got signal 15 (Terminated), will terminate after current cmd ends
      
2016-03-11T09:42:29.954-0800 I FTDC     [signalProcessingThread] Shutting down full-time diagnostic data capture
      
2016-03-11T09:42:29.955-0800 I CONTROL  [signalProcessingThread] now exiting
      
2016-03-11T09:42:29.955-0800 I NETWORK  [signalProcessingThread] shutdown: going to close listening sockets...
      
2016-03-11T09:42:29.955-0800 I NETWORK  [signalProcessingThread] closing listening socket: 6
      
2016-03-11T09:42:29.955-0800 I NETWORK  [signalProcessingThread] closing listening socket: 7
      
2016-03-11T09:42:29.955-0800 I NETWORK  [signalProcessingThread] closing listening socket: 8
      
2016-03-11T09:42:29.955-0800 I NETWORK  [signalProcessingThread] removing socket file: /tmp/mongodb-27000.sock
      
2016-03-11T09:42:29.955-0800 I NETWORK  [signalProcessingThread] shutdown: going to flush diaglog...
      
2016-03-11T09:42:29.955-0800 I NETWORK  [signalProcessingThread] shutdown: going to close sockets...
      
2016-03-11T09:42:29.955-0800 I STORAGE  [signalProcessingThread] WiredTigerKVEngine shutting down
      
2016-03-11T09:42:30.014-0800 I STORAGE  [signalProcessingThread] shutdown: removing fs lock...
      
2016-03-11T09:42:30.014-0800 I CONTROL  [signalProcessingThread] dbexit:  rc: 0


      I have followed steps up to the point confirming that all 3 hosts can "start up" as separate MongoDB instances
      https://docs.mongodb.org/manual/tutorial/enable-internal-authentication/#deploy-repl-set-with-auth



      # mongod.conf
      
# Arbiter
      

      
# for documentation of all options, see:
      
#   http://docs.mongodb.org/manual/reference/configuration-options/
      

      
# where to write logging data.
      
systemLog:
      
  destination: file
      
  logAppend: true
      
  path: /var/log/mongodb/mongod.log
      

      
# Where and how to store data.
      
storage:
      
  dbPath: /var/lib/mongo/arb
      
  smallFiles: true
      
  journal:
      
    enabled: false
      
#  engine:
      
#  mmapv1:
      
#  wiredTiger:
      

      
# how the process runs
      
processManagement:
      
  fork: true  # fork and run in background
      
  pidFilePath: /var/run/mongodb/mongod.pid  # location of pidfile
      

      
# network interfaces
      
net:
      
  port: 27000
      
  bindIp: 127.0.0.1,192.222.21.3  # Listen to local interface only, comment to listen on all interfaces. I've changed the IP to mask it
      

      
# when the follow 3 lines below are commented out it works
      
security:
      
 keyFile:  "/srv/mongodb/mongodb-keyfile.key"
      
 authorization: true
      

      
#operationProfiling:
      

      
# commented out to test access control first
      
#replication:
      
#  oplogSizeMB: 1024
      
# replSetName: "rs1"
      

      
#sharding:
      

      
## Enterprise-Only Options
      

      
#auditLog:
      

      
#snmp:





      mongodb mongodb-3.0







      share|improve this question














      Hello I would appreciate any suggestions, I have a 3 member MongoDB replica set setup on CentOS I'm trying to configure wit access control:

      node1,
      node2,
      arbiter,



      When I do not configure security with access control to test each instance it works successfully. I didn't get as far to test replication, although I have tested in the past with no access control however I need it implemented.



      I get an error and mongodb wont start with access control on.
      I've granted mongod account permissions "/srv/mongodb/mongodb-keyfile.key"

      set chmod 600 as instructed by the docs.



      The get the following messages in the logs but doesn't start:



      2016-03-11T09:42:25.032-0800 I CONTROL  [main] ***** SERVER RESTARTED *****
      
2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten] MongoDB starting : pid=8729 port=27000 dbpath=/var/lib/mongo/arb 64-bit host=arb
      
2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten] db version v3.2.3
      
2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten] git version: b326ba837cf6f49d65c2f85e1b70f6f31ece7937
      
2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten] OpenSSL version: OpenSSL 1.0.1e-fips 11 Feb 2013
      
2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten] allocator: tcmalloc
      
2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten] modules: none
      
2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten] build environment:
      
2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten]     distmod: rhel62
      
2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten]     distarch: x86_64
      
2016-03-11T09:42:25.094-0800 I CONTROL  [initandlisten]     target_arch: x86_64
      
2016-03-11T09:42:25.095-0800 I CONTROL  [initandlisten] options: { config: "/etc/mongod.conf", net: { bindIp: "127.0.0.1,192.222.21.3", port: 27000 }, processManagement: { fork: true, pidFilePath: "/var/run/mongodb/mongod.pid" }, storage: { dbPath: "/var/lib/mongo/arb", journal: { enabled: false }, mmapv1: { smallFiles: true } }, systemLog: { destination: "file", logAppend: true, path: "/var/log/mongodb/mongod.log" } }
      
2016-03-11T09:42:25.166-0800 I -        [initandlisten] Detected data files in /var/lib/mongo/arb created by the 'wiredTiger' storage engine, so setting the active storage engine to 'wiredTiger'.
      
2016-03-11T09:42:25.186-0800 I STORAGE  [initandlisten] wiredtiger_open config: create,cache_size=1G,session_max=20000,eviction=(threads_max=4),config_base=false,statistics=(fast),log=(enabled=true,archive=true,path=journal,compressor=snappy),file_manager=(close_idle_time=100000),checkpoint=(wait=60,log_size=2GB),statistics_log=(wait=0),,log=(enabled=false),
      
2016-03-11T09:42:25.677-0800 W STORAGE  [initandlisten] Detected configuration for non-active storage engine mmapv1 when current storage engine is wiredTiger
      
2016-03-11T09:42:25.677-0800 I CONTROL  [initandlisten]
      
2016-03-11T09:42:25.677-0800 I CONTROL  [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/enabled is 'always'.
      
2016-03-11T09:42:25.677-0800 I CONTROL  [initandlisten] **        We suggest setting it to 'never'
      
2016-03-11T09:42:25.677-0800 I CONTROL  [initandlisten]
      
2016-03-11T09:42:25.677-0800 I CONTROL  [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/defrag is 'always'.
      
2016-03-11T09:42:25.677-0800 I CONTROL  [initandlisten] **        We suggest setting it to 'never'
      
2016-03-11T09:42:25.677-0800 I CONTROL  [initandlisten]
      
2016-03-11T09:42:25.677-0800 I CONTROL  [initandlisten] ** WARNING: soft rlimits too low. rlimits set to 1024 processes, 65535 files. Number of processes should be at least 32767.5 : 0.5 times number of files.
      
2016-03-11T09:42:25.677-0800 I CONTROL  [initandlisten]
      
2016-03-11T09:42:25.741-0800 I FTDC     [initandlisten] Initializing full-time diagnostic data capture with directory '/var/lib/mongo/arb/diagnostic.data'
      
2016-03-11T09:42:25.742-0800 I NETWORK  [HostnameCanonicalizationWorker] Starting hostname canonicalization worker
      
2016-03-11T09:42:25.776-0800 I NETWORK  [initandlisten] waiting for connections on port 27808
      
2016-03-11T09:42:29.954-0800 I CONTROL  [signalProcessingThread] got signal 15 (Terminated), will terminate after current cmd ends
      
2016-03-11T09:42:29.954-0800 I FTDC     [signalProcessingThread] Shutting down full-time diagnostic data capture
      
2016-03-11T09:42:29.955-0800 I CONTROL  [signalProcessingThread] now exiting
      
2016-03-11T09:42:29.955-0800 I NETWORK  [signalProcessingThread] shutdown: going to close listening sockets...
      
2016-03-11T09:42:29.955-0800 I NETWORK  [signalProcessingThread] closing listening socket: 6
      
2016-03-11T09:42:29.955-0800 I NETWORK  [signalProcessingThread] closing listening socket: 7
      
2016-03-11T09:42:29.955-0800 I NETWORK  [signalProcessingThread] closing listening socket: 8
      
2016-03-11T09:42:29.955-0800 I NETWORK  [signalProcessingThread] removing socket file: /tmp/mongodb-27000.sock
      
2016-03-11T09:42:29.955-0800 I NETWORK  [signalProcessingThread] shutdown: going to flush diaglog...
      
2016-03-11T09:42:29.955-0800 I NETWORK  [signalProcessingThread] shutdown: going to close sockets...
      
2016-03-11T09:42:29.955-0800 I STORAGE  [signalProcessingThread] WiredTigerKVEngine shutting down
      
2016-03-11T09:42:30.014-0800 I STORAGE  [signalProcessingThread] shutdown: removing fs lock...
      
2016-03-11T09:42:30.014-0800 I CONTROL  [signalProcessingThread] dbexit:  rc: 0


      I have followed steps up to the point confirming that all 3 hosts can "start up" as separate MongoDB instances
      https://docs.mongodb.org/manual/tutorial/enable-internal-authentication/#deploy-repl-set-with-auth



      # mongod.conf
      
# Arbiter
      

      
# for documentation of all options, see:
      
#   http://docs.mongodb.org/manual/reference/configuration-options/
      

      
# where to write logging data.
      
systemLog:
      
  destination: file
      
  logAppend: true
      
  path: /var/log/mongodb/mongod.log
      

      
# Where and how to store data.
      
storage:
      
  dbPath: /var/lib/mongo/arb
      
  smallFiles: true
      
  journal:
      
    enabled: false
      
#  engine:
      
#  mmapv1:
      
#  wiredTiger:
      

      
# how the process runs
      
processManagement:
      
  fork: true  # fork and run in background
      
  pidFilePath: /var/run/mongodb/mongod.pid  # location of pidfile
      

      
# network interfaces
      
net:
      
  port: 27000
      
  bindIp: 127.0.0.1,192.222.21.3  # Listen to local interface only, comment to listen on all interfaces. I've changed the IP to mask it
      

      
# when the follow 3 lines below are commented out it works
      
security:
      
 keyFile:  "/srv/mongodb/mongodb-keyfile.key"
      
 authorization: true
      

      
#operationProfiling:
      

      
# commented out to test access control first
      
#replication:
      
#  oplogSizeMB: 1024
      
# replSetName: "rs1"
      

      
#sharding:
      

      
## Enterprise-Only Options
      

      
#auditLog:
      

      
#snmp:





      mongodb mongodb-3.0




      mongodb mongodb-3.0






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Mar 11 '16 at 18:08









      NormoeNormoe

      6616




      6616





      bumped to the homepage by Community 5 mins ago


      This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.







      bumped to the homepage by Community 5 mins ago


      This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
























          1 Answer
          1






          active

          oldest

          votes


















          0














          I solved my issue by deleting and moving the section below and removing quotes, it's strange solved it. There must have been some hidden characters. Lesson learned delete you config and start over maybe.



          # when the follow 3 lines below are commented out it works
          
security:
          
  keyFile:  /srv/mongodb/mongodb-keyfile.key
          
  authorization: true





          share|improve this answer


























          • Hi Normoe - good that you got it working! If you solved your problem yourself, you should Accept this answer to take the question off the Unanswered list.

            – Vince Bowdren
            Aug 18 '16 at 16:18













          • Have the same problem trying to figure out why its not starting, btw, autorization is either "enabled" or "disabled" not boolean. docs.mongodb.com/manual/reference/configuration-options/…

            – Pykler
            Jan 10 '17 at 15:42












          Your Answer








          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "182"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: false,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: null,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fdba.stackexchange.com%2fquestions%2f132005%2fmongodb-wont-start-with-access-control-turned-on%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          1 Answer
          1






          active

          oldest

          votes








          1 Answer
          1






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes









          0














          I solved my issue by deleting and moving the section below and removing quotes, it's strange solved it. There must have been some hidden characters. Lesson learned delete you config and start over maybe.



          # when the follow 3 lines below are commented out it works
          
security:
          
  keyFile:  /srv/mongodb/mongodb-keyfile.key
          
  authorization: true





          share|improve this answer


























          • Hi Normoe - good that you got it working! If you solved your problem yourself, you should Accept this answer to take the question off the Unanswered list.

            – Vince Bowdren
            Aug 18 '16 at 16:18













          • Have the same problem trying to figure out why its not starting, btw, autorization is either "enabled" or "disabled" not boolean. docs.mongodb.com/manual/reference/configuration-options/…

            – Pykler
            Jan 10 '17 at 15:42
















          0














          I solved my issue by deleting and moving the section below and removing quotes, it's strange solved it. There must have been some hidden characters. Lesson learned delete you config and start over maybe.



          # when the follow 3 lines below are commented out it works
          
security:
          
  keyFile:  /srv/mongodb/mongodb-keyfile.key
          
  authorization: true





          share|improve this answer


























          • Hi Normoe - good that you got it working! If you solved your problem yourself, you should Accept this answer to take the question off the Unanswered list.

            – Vince Bowdren
            Aug 18 '16 at 16:18













          • Have the same problem trying to figure out why its not starting, btw, autorization is either "enabled" or "disabled" not boolean. docs.mongodb.com/manual/reference/configuration-options/…

            – Pykler
            Jan 10 '17 at 15:42














          0












          0








          0







          I solved my issue by deleting and moving the section below and removing quotes, it's strange solved it. There must have been some hidden characters. Lesson learned delete you config and start over maybe.



          # when the follow 3 lines below are commented out it works
          
security:
          
  keyFile:  /srv/mongodb/mongodb-keyfile.key
          
  authorization: true





          share|improve this answer















          I solved my issue by deleting and moving the section below and removing quotes, it's strange solved it. There must have been some hidden characters. Lesson learned delete you config and start over maybe.



          # when the follow 3 lines below are commented out it works
          
security:
          
  keyFile:  /srv/mongodb/mongodb-keyfile.key
          
  authorization: true






          share|improve this answer














          share|improve this answer



          share|improve this answer








          edited Mar 11 '16 at 23:52

























          answered Mar 11 '16 at 19:49









          NormoeNormoe

          6616




          6616













          • Hi Normoe - good that you got it working! If you solved your problem yourself, you should Accept this answer to take the question off the Unanswered list.

            – Vince Bowdren
            Aug 18 '16 at 16:18













          • Have the same problem trying to figure out why its not starting, btw, autorization is either "enabled" or "disabled" not boolean. docs.mongodb.com/manual/reference/configuration-options/…

            – Pykler
            Jan 10 '17 at 15:42



















          • Hi Normoe - good that you got it working! If you solved your problem yourself, you should Accept this answer to take the question off the Unanswered list.

            – Vince Bowdren
            Aug 18 '16 at 16:18













          • Have the same problem trying to figure out why its not starting, btw, autorization is either "enabled" or "disabled" not boolean. docs.mongodb.com/manual/reference/configuration-options/…

            – Pykler
            Jan 10 '17 at 15:42

















          Hi Normoe - good that you got it working! If you solved your problem yourself, you should Accept this answer to take the question off the Unanswered list.

          – Vince Bowdren
          Aug 18 '16 at 16:18







          Hi Normoe - good that you got it working! If you solved your problem yourself, you should Accept this answer to take the question off the Unanswered list.

          – Vince Bowdren
          Aug 18 '16 at 16:18















          Have the same problem trying to figure out why its not starting, btw, autorization is either "enabled" or "disabled" not boolean. docs.mongodb.com/manual/reference/configuration-options/…

          – Pykler
          Jan 10 '17 at 15:42





          Have the same problem trying to figure out why its not starting, btw, autorization is either "enabled" or "disabled" not boolean. docs.mongodb.com/manual/reference/configuration-options/…

          – Pykler
          Jan 10 '17 at 15:42


















          draft saved

          draft discarded




















































          Thanks for contributing an answer to Database Administrators Stack Exchange!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fdba.stackexchange.com%2fquestions%2f132005%2fmongodb-wont-start-with-access-control-turned-on%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          -

          Popular posts from this blog

          Parapolítica Índice Antecedentes El escándalo Proceso judicial Consecuencias Véase...

          Image
          Escándalo de la parapolíticaAbusos a los derechos humanos Colombia2006políticosparamilitaresproceso de desmovilizaciónAutodefensas Unidas de Colombiaextrema derechaautodefensasnarcotráficoCongreso de la Repúblicamasacresasesinatosdesplazamiento forzadoFiscalía General de la NaciónCorte Suprema de JusticiaÁlvaro Uribe VélezCongreso de los Estados UnidosDerechos Humanosconspiraciónextrema derechanarcotráficoCongresoFuerzas Armadas2002Representante a la CámaraGustavo PetroFiscalía GeneralLuis Camilo Osorio2005elecciones parlamentarias de 2006paramilitarismomayo de 2005Sucrejunio del mismo añoClara López ObregónPolo Democrático AlternativoSalvatore MancusodiciembreCésar GaviriaPartido Liberalenero de 2006Departamento Administrativo de SeguridadJorge Noguera CotesRafael GarcíaRevista SemanaMilánconcierto para delinquir22 de febrerojulio de 2006Corte ConstitucionalLey de Justicia y PazSalvatore Mancusocomputador portátilRodrigo Tovar PupoCosta AtlánticamasacresEdgardo Maya Villazónproceso ...
          Read more

          How to remove border from elements in the last row?Targeting flex items on the last rowHow to vertically wrap...

          Image
          Does the Idaho Potato Commission associate potato skins with healthy eating? Finitely generated matrix groups whose eigenvalues are all algebraic How dangerous is XSS How could indestructible materials be used in power generation? Getting extremely large arrows with tikzcd How to aggregate categorical data in R? What is this scratchy sound on the acoustic guitar called? How obscure is the use of 令 in 令和? What exactly is ineptocracy? How to travel to Japan while expressing milk? Can someone clarify Hamming's notion of important problems in relation to modern academia? ...
          Read more

          Tecnologías entrañables Índice Antecedentes Desarrollo Tecnologías Entrañables en la...

          Tecnología en la sociedad desarrollo tecnológicoalienación tecnológicaMiguel Ángel QuintanillaMarxEllulOrtega y GassetMiguel Angel QuintanillaMartín ParselisDiego LawlerDarío SandroneJosé Antonio López Cerezo Las tecnologías entrañables son un conjunto de criterios para el desarrollo tecnológico orientados a evitar la alienación tecnológica. Estos criterios pueden ser aplicados en las instancias de diseño tecnológico, y también pueden ser utilizados en la evaluación de proyectos tecnológicos. Índice 1 Antecedentes 2 Desarrollo 3 Tecnologías Entrañables en la actualidad 4 Referencias Antecedentes La idea original de las Tecnologías Entrañables fue propuesta por Miguel Ángel Quintanilla, identificando el problema como sigue: Ya hemos aludido a la paradoja que supone el hecho de que, en general, cuanto más fácil de usar es una tecnología, más incomprensible resulta para el usuario: las tecnologías transparentes exigen ciudadanos ciegos. Hay que recon...
          Read more