I have created a database and accompanying user for the database but It appears I cant do backups with that user and neither can I add the backup role to the user. Having checked documentation I added a user but this time at the admin database level ( use admin
) and added backup role for the same.
However when I attempt to do a backup I am getting an error Failed: error dumping metadata: error creating directory for metadata file /var/backups/…: mkdir /var/backups/…: permission denied
Steps
1.
kubectl -n <namespace> exec -it <pod_name> -- sh
(mongo is running in kubernetes)
use admin
(switch to admin user)
db.createUser( {user: "backupuser", pwd: "abc123", roles: ["root", "userAdminAnyDatabase", "dbAdminAnyDatabase", "readWriteAnyDatabase","backup"], mechanisms:["SCRAM-SHA-256"]})
`db.getUsers({ filter: { mechanisms: "SCRAM-SHA-256" } })`
(Verify if user exists)
mongodump -u backupuser -p abc123 --authenticationDatabase admin -d TESTDB --out /var/backups/dump-25-05-22 --gzip
Is it possible to even amend permissions for this user in such a case or I should be looking somewhere else. In the container it seems I cant do any permission updates (for the group) but the user already has all permissions on /var/backups :
ls -la
total 8
drwxr-xr-x 2 root root 4096 Feb 18 2021 .
drwxr-xr-x 1 root root 4096 Feb 18 2021 ..
I am not convinced either that I should be going even this far. The backup should execute out of the box as per the user I added.
What exactly am I missing ?