-
-
Notifications
You must be signed in to change notification settings - Fork 451
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Mongo 4.0.x: unable to create user #525
Comments
Following fork fixed this for me: https://github.com/datty/puppet-mongodb Note that in this fork your admin user has to be named admin in order to use the create_adminuser function. I created a subfork to only do this for the database named admin. But I guess maybe a boolean would be better. |
@negast @datty Tried with the original and sub-fork to create admin user, but it failed with following message during puppet pull: Error: Could not prefetch mongodb_database provider 'mongodb': undefined local variable or method |
Any chance to get this merged? Already had to create users manually in order to get things set up. |
Yes it will work. For example:
Example list collections:
And apply agent:
And check it
Check second puppet apply:
|
Affected Puppet, Ruby, OS and module versions/distributions
How to reproduce (e.g Puppet code you use)
or
What are you seeing
Every puppet run completes successfully and states that the user(s) have been created. This causes the puppet runs to never get to a stable state.
The response json from the generated mongo command points out, that
SCRAM-SHA-256
(default mechanism in mongodb 4.0.x) requires that the digest is done on the server (= digestPassword: true)see https://docs.mongodb.com/manual/reference/command/createUser/ for reference.
What behaviour did you expect instead
Either:
The user is created.
Provide a parameter to customize the values of digestPasswort/mechanism.
The puppet run fails with an error (but that would require parsing the output).
Any additional information you'd like to impart
As a workaround I use a custom systemd dropin file for mongod which adds
--setParameter authenticationMechanisms=SCRAM-SHA-1,PLAIN
to the ExecStart to disableSCRAM-SHA-256
The text was updated successfully, but these errors were encountered: