search

linuxserver / docker-unifi-network-application

GNU General Public License v3.0
553 stars 41 forks source link

[BUG] not authorized on ~MONGO_DBNAME~_stat to execute command #24

Closed bobble6956 closed 8 months ago

bobble6956 commented 8 months ago

Is there an existing issue for this?

Current Behavior

unifi db is able to authen but unifi_stat db is unable although sharing same username and password.

I'm able to manual authen with mongodb:

MongoDB server version: 4.4.25                                                   
> use unifi                                                                      
switched to db unifi                                                             
> db.auth("unifi", "abc123")                                                     
1                                                                                
> use unifi_stat                                                                 
switched to db unifi_stat                                                        
> db.auth("unifi", "abc123")                                                     
1

Enviroments settings in docker-compose, image version: 7.5.187:

- MONGO_USER=unifi
- MONGO_PASS=abc123
- MONGO_HOST=unifi-db
- MONGO_PORT=27017
- MONGO_DBNAME=unifi

system.properties file:

statdb.mongo.uri=mongodb\://unifi\:abc123@unifi-db\:27017/unifi_stat?tls\=false&authSource\=unifi
reporter-uuid=409c7421-dada-4954-996e-2744b005cf39
unifi.db.name=unifi
debug.device=warn
debug.mgmt=warn
db.mongo.local=false
debug.setting_preference=auto
uuid=a57c6c0c-2e15-4828-a274-fcd8635921bc
debug.system=warn
db.mongo.uri=mongodb\://unifi\:abc123@unifi-db\:27017/unifi?tls\=false&authSource\=unifi
debug.sdn=warn

init-mongo.js file: 

print('Start #################################################################');

db = db.getSiblingDB('unifi');
db.createUser(
  {
    user: 'unifi',
    pwd: 'abc123',
    roles: [{ role: 'dbOwner', db: 'unifi' }],
  },
);
db.createCollection('users');

db = db.getSiblingDB('unifi_stat');
db.createUser(
  {
    user: 'unifi',
    pwd: 'abc123',
    roles: [{ role: 'dbOwner', db: 'unifi_stat' }],
  },
);
db.createCollection('users');

print('END #################################################################');

Expected Behavior

user unifi able to authen with unifi_stat database

Steps To Reproduce

use below docker-compose:

---
version: "2.1"
services:
  unifi-db:
    image: mongo:4.4
    container_name: unifi-db
    environment:
      - PUID=1026
      - PGID=100
      - MONGO_INITDB_DATABASE=root-db
      - MONGO_INITDB_ROOT_USERNAME=root
      - MONGO_INITDB_ROOT_PASSWORD=ksZ5M2iMWhYa

    volumes:
      - ./mongodb/data:/data/db
      - ./mongodb/dbcfg:/data/configdb
      - ./mongodb/init-mongo.js:/docker-entrypoint-initdb.d/init-mongo.js:ro
    restart: unless-stopped

  unifi-network-application:
    image: linuxserver/unifi-network-application:7.5.187
    container_name: unifi-network-application
    environment:
      - PUID=1026
      - PGID=100
      - TZ=Asia/Singapore
      - MONGO_USER=unifi
      - MONGO_PASS=abc123
      - MONGO_HOST=unifi-db
      - MONGO_PORT=27017
      - MONGO_DBNAME=unifi
      - MEM_LIMIT=1024 #optional
      - MEM_STARTUP=1024 #optional
      - MONGO_TLS= #optional
      - MONGO_AUTHSOURCE= #optional
    volumes:
      - ./unifi:/config
    ports:
      - 8443:8443
      - 3478:3478/udp
      - 10001:10001/udp
      - 8080:8080
      - 1900:1900/udp #optional
      - 8843:8843 #optional
      - 8880:8880 #optional
      - 6789:6789 #optional
      - 5514:5514/udp #optional
    restart: unless-stopped

Environment

- OS: Synology 7.2
- How docker service was installed: Synology Native

CPU architecture

x86-64

Docker creation

docker-compose up -d

Container logs

Caused by: com.mongodb.MongoCommandException: Command failed with error 13 (Unaut
horized): 'not authorized on unifi_stat to execute command { listCollections: 1, 
cursor: {}, nameOnly: true, $db: "unifi_stat", lsid: { id: UUID("d8b35135-30ee-42
cd-8e84-a03bbd35d443") } }' on server unifi-db:27017. The full response is {"ok":
 0.0, "errmsg": "not authorized on unifi_stat to execute command { listCollection
s: 1, cursor: {}, nameOnly: true, $db: \"unifi_stat\", lsid: { id: UUID(\"d8b3513
5-30ee-42cd-8e84-a03bbd35d443\") } }", "code": 13, "codeName": "Unauthorized"} 
2023/10/20 11:24:07,stdout,"{\"t\":{\"$date\":\"2023-10-20T03:24:07.852+00:00\"},\"s\":\"I\",  \"c\":\"ACCESS\",   \"id\":20436,   \"ctx\":\"conn7\",\"msg\":\"Checking authorization failed\",\"attr\":{\"error\":{\"code\":13,\"codeName\":\"Unauthorized\",\"errmsg\":\"not authorized on unifi_stat to execute command { listCollections: 1, cursor: {}, nameOnly: true, $db: \\"unifi_stat\\", lsid: { id: UUID(\\"d8b35135-30ee-42cd-8e84-a03bbd35d443\\") } }\"}}}
github-actions[bot] commented 8 months ago

Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.

NickBootOne commented 8 months ago

Having the same issue on unRAID. would be nice if there was a option to connect to MariaDB.

aptalca commented 8 months ago

Unifi only supports mongodb

Follow the readme exactly. It tells you not to include the MONGO_INITDB_XXXXX env vars as they interfere with the initjs file.

Closing as it's not a bug. For support, you can try our discord