After install, my mongod server was running well. I have created user and restart the server without issue.
But now when modified gonfi file by adding 0.0.0.0 to bindip, server wont restart.
Error message are
Jan 24 11:59:53 localhost.localdomain setroubleshoot[4656]: failed to retrieve rpm info for /proc/sys/net/ipv4/tcp_fastopen
Jan 24 11:59:54 localhost.localdomain setroubleshoot[4656]: SELinux is preventing mongod from open access on the file /proc/sys/net/ipv4/tcp_fastopen. For complete SELinux messag>
Jan 24 11:59:54 localhost.localdomain setroubleshoot[4656]: SELinux is preventing mongod from open access on the file /proc/sys/net/ipv4/tcp_fastopen.
***** Plugin catchall (100. confidence) suggests **************************
If you believe that mongod should be allowed open access on the tcp_fastopen file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'mongod' --raw | audit2allow -M my-mongod
# semodule -X 300 -i my-mongod.pp
ausearch -c 'mongod' --raw | audit2allow -M my-mongod
semodule -X 300 -i my-mongod.pp
does not solved the problem.
Mongodb doc say that version 4 activate by default use of tcp_fastopen
I can't find out how to apply semanage permissive to use tcp_fastopen.
Thanks in advance
If you're running on RHEL, CentOS, or Oracle Linux, follow the instructions for the official SELinux policy for the MongoDB server:
sudo yum install -y git make checkpolicy policycoreutils selinux-policy-devel
git clone https://github.com/mongodb/mongodb-selinux
cd mongodb-selinux
make
sudo make install
Verify your operating system is supported by MongoDB.
Install a vanilla version of your operating system, do not change any settings, use published MongoDB documentation to install MongoDB and get it working.
Identify differences between your current installation and the vanilla installation.
Update your question with findings.
I couldn't find an answer to this exact error. I was starting to pull my hair out. I ended up looking at the mongod.log file. It had a permission denied error in there. journalctl showed the tcp_fastopen, so I was troubleshooting SELinux while it was actually a permission denied error. Hopefully this will help someone else running into this error.
I had the same problem after upgrading mongod to 4.4.6.
I ended up applying what is suggested here, compiling the module manually.
Now it works!
I did many tries, so I am not 100% sure that what I did is more than necessary.
The audit2allow command does not include the rule
allow mongod_t sysctl_net_t:file { getattr read open };
# cat > mongodb_sysctl_net.te << EOF
module mongodb_sysctl_net 1.0;
require {
type mongod_t;
type sysctl_net_t;
class dir search;
class file { getattr read open };
}
#============= mongod_t ==============
allow mongod_t sysctl_net_t:dir search;
allow mongod_t sysctl_net_t:file { getattr read open };
EOF
# checkmodule -M -m -o mongodb_sysctl_net.mod mongodb_sysctl_net.te
# semodule_package -o mongodb_sysctl_net.pp -m mongodb_sysctl_net.mod
# semodule -i mongodb_sysctl_net.pp
# systemctl start mongod.service
NOTE: I already had policy modules installed from the previous installation written according to the mongodb documentation
I had the same issue (semodule error about accessing tcp_fastopen) with a mongo 4.4 replica-set configuration. It couldn't be an os (oracle linux 8) issue, since I had the error on just one of three identical replica-set nodes (same update status).
The system already had the selinux configuration as suggested in the official documentation, with
semodule -l | grep mongo
returning
mongodb
mongodb_cgroup_memory
mongodb_proc_net
Digging inside mongod.log I finally found:
"Failed to unlink socket file","attr":{"path":"/tmp/mongodb-27017.sock","error":"Operation not permitted"}}
I don't know which condition led to this status, but when I unlinked the socket (as root), the mongo daemon started again without errors so far.
Related
I am trying to run a docker instance and keep coming across this server.
Here is what I get after trying to setup the instance:
Starting instance ... done
Attaching to instance
instance | {"t":{"$date":"2020-12-08T14:06:42.033Z"},"s":"F", "c":"CONTROL", "id":20574, "ctx":"main","msg":"Error during global initialization","attr":{"error":{"code":38,"codeName":"FileNotOpen","errmsg":"Failed to open /var/log/mongodb/mongod.log"}}}
instance exited with code 1
The file permissions are:
$ ls -l /var/log/mongodb/mongod.log
-rwxr-xr-x 1 mongodb mongodb 0 Dec 8 19:32 /var/log/mongodb/mongod.log
What else I've tried:
Shutting down and removing all containers and removing the build-cache
Removing all .sock files from /var/lib/mongodb
uninstalling and reinstalling docker.
Checking if the ports on my .conf file are unoccupied.
Adding user mongodb as owner and group to both the lib and log mongodb folders.
I am not sure anymore where this issue is coming from.
Would like to have some alternate solutions to this.
I had the same issue. I think the permission could be wrong for the folder. Try setting the permission 777 for log and data
If your mongodb was working well & suddenly it stopped working, then it can possible be an error related to permission. Below commands can be used to get back mongodb into running state -
check the permission of /var/lib/mongodb & /var/log/mongodb & match it with the official installtion guide.
try to make permission as same as guided by the official site.
If you are unable to resolve it that way or want a quick fix, you can do the following. it will definitely resolve the issue -
sudo chmod 777 -R /var/log/mongodb // not good from safety perspective.
sudo chmod 777 -R /var/lib/mongodb // not good from safety perspective.
sudo rm -rf /tmp/mongod-*.sock
and them you can simply restart the server & check the status with below commands -
sudo service mongod restart
sudo service mongod status
or
sudo systemctl restart mongod
sudo systemctl status mongod
If this answer works for you, please vote it.
I run MongoDB on Mac:
Shave:mongodb_simple Logan$ ./bin/mongod -f conf/mongod.conf
about to fork child process, waiting until server is ready for connections.
forked process: 5110
ERROR: child process failed, exited with error number 14
Is that because I shutdown it in wrong way?
You started and probably shutdown mongo in the wrong way.
1. TO START MONGODB
To start mongo in the background type: mongod --dbpath /data/db --fork --logpath /dev/null.
/data/db is the location of the db. If you haven't created one yet => type: mkdir /data/db
--fork means you want to start mongo in the background - deamon.
--logpath /dev/null means you don't want to log - you can change that by replacing /dev/null to a path like /var/log/mongo.log
2. TO SHUTDOWN MONGODB
Connect to your mongo by typing: mongo and then use admin and db.shutdownServer(). Like explain in mongoDB
If this technique doesn't work for some reason you can always kill the process.
Find the mongodb process PID by typing: lsof -i:27017 assuming your mongodb is running on port 27017
Type kill <PID>, replace <PID> by the value you found the previous command.
Check the ownership of the file /tmp/mongodb-27017.sock
It should be mongod. I got same error since it was root:root
For me it was ulimit issue, mongo could not open too many files.
Used ulimit -n 10000.
However as a generic pointer look into mongo logs file, they will tell where to look further. Generally the logs file are in /var/log/mongo.log but look into your mongo config file.
It's because you haven't configured your mongod instance correctly in the config file that you passed to the -f option.
Revisit your config file and make sure eveything is configured correctly.
By changing owner to mongodb for all files under /var/lib/mongodb/ it started working for me:
chown mongodb:mongodb -R /var/lib/mongodb/
This worked for me:
run in terminal
sudo rm -rf mongod.lock
export LC_ALL=C
then
sudo mongod --fork --config /xxxx/xx/mongod.conf --logpath /xxx/log/mongodb/mongodb.log
with me I remove file: /tmp/mongodb-27017.sock
then restart mongod
Just run this and start mongod
rm -f /tmp/mongodb-27017.sock
systemctl start mongod
Check if the mongod is running with pgrep mongod or ps -aef | grep mongod or systemctl status mongod
Stop and restart it to check if the issue gone
if you start mongod with mongod -f /etc/mongod.conf kill it with pkill -9 mongod then start it with mongod -f /etc/mongod.conf
fi you run it a service, use systemctl restart mongod to restart it.
If restart not works, figure out the issue by the /var/log/message and /var/log/mongodb/mongod.log file.
use tail -f /var/log/message and tail -f /var/log/mongodb/mongod.log to check the output when your action.
for example:
1.
Failed to unlink socket file /tmp/mongodb-27017.sock Operation not permitted
delete the sock file with `rm`
2.
WiredTiger error (13) [1596090168:830936][25997:0x7fe22f208b80], wiredtiger_open: __posix_open_file, 672: /data/mongo/WiredTiger.turtle: handle-open: open: Permission denied Raw: [1596090168:830936][25997:0x7fe22f208b80], wiredtiger_open: __posix_open_file, 672: /data/mongo/WiredTiger.turtle: handle-open: open: Permission denied
Failed to start up WiredTiger under any compatibility version
Reason: 13: Permission denied
check the file permission or owner with `ls` then change to the wright permission with `chmod` or right owner with `chown`
I had this same issue, but mine was the system clock being off so my SSL cert was technically invalid. Changing to the current date and time worked date --set "<DD M Y H:M>" Only found this by looking at the mongodb log
I encountered this issue on a GCP managed Compute Engine instance.
As this is the top answer on a Google search for the issue, I'll include what worked for me, and is a documented bug as per MongoDB (jira-link)
On linux systems, if the user running mongod does not have a locale set or the locale is misconfigured, mongod fails to start printing a stack trace.
The issue can be resolved by combining a few steps:
Install the required language packs (ref):
sudo apt-get install language-pack-XX
Run update locale (ref):
sudo update-locale
Restart your session, and check the same mongo command again
IFF the above doesn't work (it didn't for me), just manually add the following to the file at /etc/default/locale (ref):
LC_ALL=en_US.UTF-8
LANG=en_US.UTF-8
Just to admire the absence of those persistent warnings about LC_ALL not being set, run the following:
sudo dpkg-reconfigure locales
That's all, your MongoDB instance should be good to go now!
In my mongodb setup, in order to retain a specific version of mongoDB inline to existing servers and also to avoid having binary files placed under root disk, i changed the path of all mongo binaries in a different directory. i had to use rpm option instead of yum option (as yum installs only the latest version despite of mentioning the specific version).
rpm -ivh --prefix=/apps/mongodb /apps/mongo_rpm_packages/mongodb-org-*.rpm
Note: The default path where the binaries will be placed is /var/lib/mongo.
This approach does not either allow required permission for mongod user or its not provisioned properly and hence, i changed user and group in mongod.service file to root user and managed to successful start the process using:
service start mongod
Use --shutdown
mongod --shutdown
Then
service mongod restart
It work!
https://docs.mongodb.com/manual/tutorial/manage-mongodb-processes/#use-shutdown
I am new to MongoDB. I am trying to install MongoDb 3.0 on Ubuntu 13.0 LTS, which is a VM on Windows 7 Host. I have installed MongoDB successfully (packages etc.), but when I execute the command sudo service mongod start, I get the following error in the "/var/log/mongodb/mongod.log" log file. Can anyone help me understanding this error. There is nothing on internet related to this.
2015-04-23T00:12:00.876-0400 I CONTROL ***** SERVER RESTARTED *****
2015-04-23T00:12:00.931-0400 E NETWORK [initandlisten] Failed to unlink socket file /tmp/mongodb-27017.sock errno:1 Operation not permitted
2015-04-23T00:12:00.931-0400 I - [initandlisten] Fatal Assertion 28578
2015-04-23T00:12:00.931-0400 I - [initandlisten]
I have fixed this issue myself, by deleting the mongodb-27017.sock file . I ran the service after deleting this file, which worked fine. However, I am still not sure the root cause of the issue. The output of the command ls - lat /tmp/mongodb-27017.sock is now
srwx------ 1 mongodb nogroup 0 Apr 23 06:24 /tmp/mongodb-27017.sock
Alternative to the answer provided by KurioZ7, you can simply set the permissions of the .sock file to the current user:
sudo chown `whoami` /tmp/mongodb-27017.sock
This does the trick for me if I want to run mongod without sudo. If I delete the file like in KurioZ7s answer, I will simply get the same error the next time I restart my machine.
This issue occurs when you use the command
mongod
Before using the command
sudo service mongod start
To fix the issue, either:
Set appropriate permissions on the file:
/tmp/mongodb-27017.sock
OR
Remove the file
/tmp/mongodb-27017.sock
Run
sudo service mongod start && mongod
The most likely cause for this was that the mongod process was at some point started by the root user. The socket file (/tmp/mongodb-27017.sock) was therefore owned by the root user. The mongod process usually runs under its own dedicated user, and that user did not have the permissions to delete that file.
The solution, as you already found out, was to delete it. Then mongodb was able to recreate it with the correct permissions. This should persist after reboot, as long as mongodb is started using the init scripts, or under the correct user account.
$ sudo mongod
it solve problem for me
Change the ownership mongodb-27017.sock file in /tmp directory and start the mongod again.
cd /tmp
sudo chown mongodb:mongodb mongodb-27017.sock
sudo systemctl start mongod
For UNIX-based operating systems, as an alternative to the answer provided by Bastronaut, you could also specify the .sock file to be saved to a folder over which mongod has full user rights (corresponding to the way you are running mongod), that way mongod will also be able to remove the .sock file upon shutdown. The default folder to which the .sock file is saved is '/tmp'. To specify another folder, use a custom mongodb configuration file, for instance 'mongodb.conf', and add the following to it:
net:
unixDomainSocket:
pathPrefix: "anotherFolder"
After which you can run mongod with the command:
$ mongod --config /path/to/mongodb.conf
You can read the documentation on: https://docs.mongodb.org/manual/reference/configuration-options/#net.unixDomainSocket.pathPrefix
Manually restarting mongod service after restart fixed the problem.
Long-term solution was to add static host name, instead of ip address 'net' part of mongod.conf file (I suspect the problem is that ip address is not yet given to server, when mongod servis starts).
If you are having this problem using docker, refer to this question:
MongoDB docker container “Failed to unlink socket file”
I want to install PostgreSQL for a node project that I'm developing in OSX Yosemite. I use MacPorts and so tried the method described here: https://github.com/codeforamerica/ohana-api/wiki/Installing-PostgreSQL-with-MacPorts-on-OS-X
...but I get an error during step 2:
$ sudo gem install pg -- --with-pg-config=/opt/local/lib/postgresql93/bin/pg_config > ruby_error
ERROR: Error installing pg:
ERROR: Failed to build gem native extension.
/System/Library/Frameworks/Ruby.framework/Versions/2.0/usr/bin/ruby extconf.rb --with-pg-config=/opt/local/lib/postgresql93/bin/pg_config
Using config values from /opt/local/lib/postgresql93/bin/pg_config
checking for libpq-fe.h... yes
checking for libpq/libpq-fs.h... yes
checking for pg_config_manual.h... yes
checking for PQconnectdb() in -lpq... no
checking for PQconnectdb() in -llibpq... no
checking for PQconnectdb() in -lms/libpq... no
Can't find the PostgreSQL client library (libpq)
*** extconf.rb failed ***
Could not create Makefile due to some reason, probably lack of necessary
libraries and/or headers. Check the mkmf.log file for more details. You may
need configuration options.
...thinking that I may not need to install the pg gem since I want to work with Node and not Ruby, I moved on to the next steps. But there I run into an error during step 3.3:
$ sudo su postgres -c '/opt/local/lib/postgresql93/bin/initdb -D /opt/local/var/db/postgresql93/defaultdb'
shell-init: error retrieving current directory: getcwd: cannot access parent directories: Permission denied
could not identify current directory: Permission denied
could not identify current directory: Permission denied
could not identify current directory: Permission denied
The program "postgres" is needed by initdb but was not found in the
same directory as "initdb".
Check your installation.
...checking my /opt/local/lib/postgresql93/bin/ directory, I see both initdb and postgres. I see those lines saying Permission denied and am wondering what that's about.
Not sure how to progress. Thinking of using Postgres.app if it really is easier but not sure whether it would be better to install using MacPorts since I install most other things using MacPorts. Tips about any of my problems are appreciated!
The permissions/ownership on the directories between / and defaultdb likely need to be fixed. I think PostgreSQL can be sensitive to ownership of these, though it seems that in your case PostgreSQL simply doesn't have access to those. This is what I have for each directory.
$ ls -hlt /opt/local/var/db/
total 0
drwxr-xr-x 7 root admin 238B Jan 23 16:54 texmf
drwxr-xr-x 3 root admin 102B Dec 25 07:37 postgresql94
You could fix permissions by doing sudo chmod a+rx /opt/local/var/db/ as needed.
For the defaultdb directory itself, you should follow the instructions that you link to, which seem to have the same as I have:
sudo chown postgres:postgres /opt/local/var/db/postgresql93/defaultdb
Below are instructions adapted from my blog (though I recommend using PostgreSQL 9.4, which I now do). I've been running PostgreSQL using MacPorts since 9.1 without major problems.
1. Install PostgreSQL using MacPorts.
Of course, I assume you’ve got MacPorts up and running on your system.
sudo port install postgresql93 +perl +python27
sudo port install postgresql93-server
2. Set up PostgreSQL
I first need to initialize the database cluster and then get the server running. The following comes straight from the on-screen instructions supplied with the MacPorts port postgresql93-server.
sudo mkdir -p /opt/local/var/db/postgresql93/defaultdb
sudo chown postgres:postgres /opt/local/var/db/postgresql93/defaultdb
sudo su postgres -c '/opt/local/lib/postgresql93/bin/initdb -D /opt/local/var/db/postgresql93/defaultdb'
Note that MacPorts creates a launch daemon. To load it now and to make sure it launches on system start, do:
sudo defaults write /Library/LaunchDaemons/org.macports.postgresql93-server.plist Disabled -bool false
sudo launchctl load /Library/LaunchDaemons/org.macports.postgresql93-server.plist
I then use psql for some set-up to get my database going.
sudo su - postgres
/opt/local/lib/postgresql93/bin/psql -U postgres -d template1
If you get to here, then you have PostgreSQL running on your system.
I had the same issue when attempting to run initdb, even when following the description by Ian Gow:
$ sudo su postgres -c '/opt/local/lib/postgresql94/bin/initdb -D /opt/local/var/db/postgresql94/defaultdb'
shell-init: error retrieving current directory: getcwd: cannot access parent directories: Permission denied
could not identify current directory: Permission denied
could not identify current directory: Permission denied
could not identify current directory: Permission denied
The program "postgres" is needed by initdb but was not found in the
same directory as "initdb".
Check your installation.
Turns out that user postgres cannot do anything if you try to make it run a command from within your own home directory, because in there postgres is not allowed to read its own location and hence cannot figure out any other paths, either. So the simple solution is to run cd / before any command that must be run as postgres (initdb, pg_ctl, etcetera). Afterwards, you can quickly jump back to your previous working directory using cd -.
I have a config file for mongo that specifies an alternate port:
deploy#ip-xxx-xxx-22-107 ~/app $ tail /etc/mongodb.conf
port = 27033
Not very complex. I'm trying to use a file based config instead of command line, seems like a better idea. I'm on Ubuntu 11. The docs say:
On some packaged installs of MongoDB (for example Ubuntu & Debian),
the default file can be found in /etc/mongodb.conf, which is
automatically used when starting and stopping MongoDB from the service
I definitely can start mongo with sudo /etc/init.d/mongodb restart but it's starting on the wrong port, 27017:
deploy#ip-xxx-xxx-22-107 ~/app $ sudo lsof -iTCP | grep mongo
mongod 3594 mongodb 5u IPv4 260392 TCP localhost:27017 (LISTEN)
mongod 3594 mongodb 7u IPv4 260395 TCP localhost:28017 (LISTEN)
So there's mongo, but not the right port. Whenever I try passing in a config file to the mongodb command I get an error:
sudo /etc/init.d/mongodb -f /etc/mongodb.conf restart
* ERROR: wrong args ( -f )
I suspect the /etc/init.d/mongodb command isn't passing on my config request when it's starting mongo. But the config file should be read by default according to the docs. Is something wrong with my Ubuntu install (it's on a PaaS host)? Is there no advantage to using /etc/init.d/mongodb so I should just ignore this? I can get it to read the config file via mongod -f /etc/mongodb.conf but my docs say to use /etc/init.d/mongodb.
Where did you install the mongo package from? If you installed from the default repositories, then you may have a very old version - I just tried on 11.04 (don't have 11.10 handy, sorry) and I got 1.6.4 which is very old (current stable release as of writing this is 2.0.2).
You should remove the version you have, and add the one from the 10gen/MongoDB repositories. The instructions for doing so are here:
http://www.mongodb.org/display/DOCS/Ubuntu+and+Debian+packages
That will give you the latest mongod version and likely resolve your issues, because you seem to be doing things correctly.
Once you have the mongod started, then connect to it and try running this:
use admin
db.runCommand({getCmdLineOpts: 1})
That should give you all the passed and parsed options. There is a sample output shown on the Docs page for the command. It should allow you to see where the mongod is pointing for the config file and what is being parsed from it.