Having problem creating open ssl file

Prakhar_Gupta · November 11, 2021, 11:43am

Hi, I was continuously denied pemission to create openssl key file from the terminal.
Searched the problem in the forum and got the following commands to run
sudo rm -r /var/mongodb
sudo mkdir -p /var/mongodb/pki/
sudo chown vagrant:vagrant /var/mongodb/pki/
openssl rand -base64 741 > /var/mongodb/pki/m103-keyfile
chmod 400 /var/mongodb/pki/m103-keyfile
ls -l /var/mongodb/pki
ls -l /var/mongodb

and the problem still persist.
However, while following the given steps I ran into a new error saying
“chown: invalid user: ‘vagrant:vagrant’”

here is the screenshot of the terminal.

Ramachandra_Tummala · November 11, 2021, 1:09pm

Is this for a specific lab or something you are testing?
vagrant is a user specific to vagrant environment from older course
You have replace vagrant with mongod
mongod is the owner of mongodb so it should have proper privs on root owned file system /var

Prakhar_Gupta · November 15, 2021, 4:17am

Okay! So what I understand is in newer versions of MongoDB’s own mongod owner is mandatory.

I just have switched to Ubuntu from windows because OpenSSL package wasn’t working on windows.

It’s very strange for me to not be able to set permissions, create users, and connect it to MongoDB.
I have tried to google about it but couldn’t find something which could make sense to me.
Could you give me some references to get to know how to do it?

Prakhar_Gupta · November 15, 2021, 7:37am

Hi Ramachandra, I have tried the code again after replacing vagrant with mongodb. mongodb is a listed user on my system. I have changed the file ownership to mongodb using “openssl rand -base64 741 > /var/mongodb/pki/m103-keyfile”. I am attaching the outputs.

I am still not being able to create the keyfile.

Ramachandra_Tummala · November 15, 2021, 11:54am

Try with recursive permissions

sudo chown mongodb:mongodb -R /var/mongodb/pki/

Prakhar_Gupta · November 15, 2021, 12:38pm

Tried recursive permission and still not being able to create the keyfile.

Ramachandra_Tummala · November 15, 2021, 2:42pm

Check your lab instructions again

rm that pki dir then create again after giving recursive permissions on /var/mongodb only

sudo chown mongodb:mongodb -R /var/mongodb

Prakhar_Gupta · November 15, 2021, 5:41pm

Did that too, but I am having no luck on creating the openssl key file

Ramachandra_Tummala · November 16, 2021, 1:47am

From your snapshot pki dir is owned by root so mongod cannot write to it
Did you try mkdir without sudo?

or follow this sequence given in previous course

sudo mkdir -p /var/mongodb/pki
sudo chown mongodb:mongodb -R /var/mongodb
openssl rand -base64 741 > /var/mongodb/pki/m103-keyfile
chmod 600 /var/mongodb/pki/m103-keyfile

Also make sure the dir is empty when creating the keyfile

Prakhar_Gupta · November 16, 2021, 6:01am

Yes, I have followed the same procedure to create the pki directory and it did not work.
However, I tried to use sudo on openssl command which also did not woek. But changing the user using ‘sudo su’ and then running openssl command worked.

system · November 21, 2021, 6:02am

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.