Error executing compact command on a replica member?

hi,

i have a 4 member replica set , 2 data holding member, 1 arbiter, 1 hidden member with no index ,no votes, priority 0 ,

i am trying to run compact command on a direct connection to a secondary , with root user permission , as mentioned below, but i am getting an error see below , can any one help find a solution ?

command i am running

use local ;
db.runCommand({ "compact" : "oplog.rs" } );

Error

MongoServerError: not authorized on local to execute command { compact: "oplog.rs", lsid: { id: UUID("138f3b1d-c0b8-465f-b4d7-cd6c319af187") }, $clusterTime: { clusterTime: Timestamp(1669219680, 3), signature: { hash: BinData(0, 868D44FD9FD4E162D053F094FE7D5ACA778891D1), keyId: 7166368587978899460 } }, $db: "local" }

thanks
Dee

I don’t think root can run compact against system collection oplog.rs
You have to give explicit privileges on local db/oplog.rs collection to a custom role and ssign that to your user
The dbadmin buitin role given to root can run compact only on non system collections
Please check this link

1 Like

Hi,

thanks for your reply, i created a role with privileges , and granted it to my user , than it worked, i am new to Mongodb it seems i was confused between roles and privileges.

i did the following, in case some one need a reference

use admin;
db.createRole(
   {
      role: "myCustomCompactRole",
      privileges: [
         {
            resource: { "db" : "local" , "collection" : "oplog.rs" },
            actions: [ "compact" ]
         }
      ],
      roles: []
   }
)


db.grantRolesToUser("dee-cluster-admin", [ "myCustomCompactRole" ] )

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.