Tag Archives: mongo

Security: mongodb

If you don't have auth on mongo servers which are open for all your network hacker could:
— use system commands like: ls (), cat (), removeFile (), fuzzFile ().
— use command: load (), which loads javascript script
— also he could enable auth for your instances and you loose control
— detect if it's a windows or linux host by _isWindows ()

Mongo: select data

1
2
> db.communities.find({name: "CZ CHAT"}, {"name":1, "_id":0, "communityId":1}).sort({"communityId":1}).pretty().limit(5)
{ "communityId" : NumberLong("468374361246531951"), "name" : "CZ CHAT" }

in sql it looks like:

1
select name, "communityId" from communities where name like 'CZ CHAT' order by "communityId" limit 5;

pretty () — just a formatted output.

Mongo: export data

1
mongoexport -h localhost -d portal -c communities --csv --fields name -q '{"communityId": { "$gte": 216172782113783808 } }' --out /tmp/guild_member.csv

— h host
— d database
— c collection (aka table)
— csv — format of export
— fields — comma separated list of fields
— q — query (aka select)
— out — out file

After reboot of your master, slave and master switched their roles and you want to switch back them:
login to current master and make:

1
2
3
4
cfg = rs.conf()
cfg.members[0].priority = 1
cfg.members[1].priority = 0.5
rs.reconfig(cfg)

after «cfg = rs.conf ()» you'll see config, change priority for master (set bigger number) and for slave (set lower number).

mongodb: replica master-slave + creating of db and collection

Replica master-slave

master
add to mongod.conf:
master = true
client
add to mongod.conf:
slave = true
source = $masterHost:$masterPort #(for example 127.0.0.1:27017)

stop master
rsync folder with db from master to slave
start master
start slave

Creating of db and collection

# open mongo shell
mongo --host 127.0.0.1:27017
# use db name which you'd like to create
use newDbName
# data which you'd like to add to collection
j = { name : «mongo» }
# insert previous data to collection
db.testData.insert ( j )

# check that db/collection/data were created
show dbs
show collections
db.testData.find ()

check replica

# open mongo shell on slave
mongo --host 10.0.0.2:27017
# check that db/collection/data were created
show dbs
show collections
db.testData.find ()

mongodb: minimal howto

Connect:
mongo --host 10.0.0.1 dbname // host and dbname

Show all databases:
> show dbs

Connect to specific db:
> use dbname

Show all collections (this is tables in the mongo's naming):
> show collections

Show contents of collection:
> db.collection_name.find ().pretty () // db — isn't database name, this is a KEY word, collection_name — is a name of collection which you got with previous command.

Make a select query:
> db.comments.find ({'creatorId':Number (72116967665828320)}).pretty () // select all messages from collection «comments» where field «creatorId» = Number (72116967665828320), type Number very important.