Home Work 1.3 - Failed global initialization: FileNotOpen error

I am not sure whether I should include the “~” in the DBPath and LogPath and the Paths to the PEM files.
Should we need to include them as described in the homework description? Also how should we set the permission to these folders properly?

I think that tilde is interpreted by the shell (not the mongo shell) as ‘home’, but when you create a config file it is interpreted literally as ‘~’ ^^

Even though i think you can use standard relative paths ( ./ ) i usually write down the absolute path (/home/vagrant/shared/… )

I did get a little further with the homework after changing the “~” to “/home/vagrant”, and so far I am stuck at this new error, it seemed the database.m310.mongodb.university FQDN is mapped to 127.0.1.1 NOT 127.0.0.1, as seen here. The home work description could provide us more details, frankly most of us here are not Linux experts.

PathError002a

Latest error…User name “admin” doesn’t match the provided client certificate user

Good luck to who attempting this course, and I will give it another try when I have more time!

Ah just a clarification about that last error: looks like you’re trying to login using username/password mechanism mixed to the x509 auth^^

To be honest i think you were already authenticated since you opened the mongo shell providing all the necessary . not sure though ^^
Here is the relative doc: x.509 to authenticate clients - mongodb

Good luck on the next try! :+1:

Thanks, a couple more quick questions, the homework asked us to create a user on admin database, shouldn’t be the goal that we be able to authenticate using the user name and password of that user?
----and without logging in with a user, adding in new nodes into the replication set also won’t be possible, right?

or the homework description was wrong, and user actually should be created on the “$external” instead of “admin”

the homework asked us to create a user on admin database, shouldn’t be the goal that we be able to authenticate using the user name and password of that user?

Uhm, as far as i can tell you have not to use a ‘password’, the certificate is the actual password, and the ‘username’ is the certificate subject extracted with this command: openssl x509 -in client.pem -inform PEM -subject -nameopt RFC2253 -noout.
When you pass in the path to the client certificate mongo check it out and confirm / reject that you are who you claim to be.

and user actually should be created on the “$external” instead of “admin”

The $external db (which is not a real db i think) is where you can find the credentials of the user ( basically it tells mongo that the user credentials are not stored inside of mongo itself but somewhere outside, and here comes the paths of the certificates you pass in).
To be ‘root’ on ‘admin’ db means that the user you registered (that will be authenticate through X.509) can act as root on admin db, it does not indicate the physical location of the user credentials.
On db admin there is a user with the role root, called <subject stuff> . How can you login with that user? Providing the path to the X.509 certificate that will identify him!
At least this is how i got it, take it with a grain of salt though :stuck_out_tongue:

Thanks for the information, Layer, I will keep these in mind next time.

Also I registered two courses this month, for sure bit off more than I can chew;)

1 Like