How to find if Mongodb is running in auth mode in shell script?

Question

I am having a mongodb instance running which is running auth mode in my server machine. Currently I am using a shell scipt to get whether there is a mongodb instance running or not. How Can I check whether if the mongodb is running in a auth mode or non auth mode .

Answer 1

If you just want to test whether you can connect to a MongoDB server without authentication via bash, you can use a script similar to the following:

#!/bin/bash

# Connect to MongoDB address (host:port/dbname) specified as first parameter
# If no address specified, `mongo` default will be localhost:27017/test
isAuth=`mongo --eval "db.getUsers()" $1 | grep "not auth"`

if [ -z "$isAuth" ] ;
then
   echo "mongod auth is NOT enabled"
   exit 1
else
   echo "mongod auth is ENABLED"
   exit 0
fi

Example output:

$ ./isAuthEnabled.sh localhost:27017
mongod auth is ENABLED

$ ./isAuthEnabled.sh localhost:27777
mongod auth is NOT enabled

The only parameter for this script is an an optional MongoDB address to connect to (host:port/dbname); the mongo shell defaults to using localhost:27017/test.

The script does a simple check on whether users can be listed without permission.

If auth is properly enabled, the db.getUsers() command should return an error like:

  "Error: not authorized on test to execute command { usersInfo: 1.0 }"

Note: Localhost Exception

By default (as at MongoDB 3.0) there is a localhost exception that allows you to create a first user administrator for a deployment by connecting via localhost. Once at least one user has been added, the localhost exception is automatically disabled.

If you want to check the full security of your deployment, it's definitely worth reviewing the MongoDB Security checklist.