Mongodb – Can we change the default owner of mongodb to other than ‘mongod’ user

mongodb

mongod user is created on the system during installation and all of the appropriate files are created and owned by the mongod user.

Can we change the default owner of mongodb to other than 'mongod' user ?

Where to change ?

One of the Government Client wants to change as to tighten security.

Please share your ideas.

Best Answer

Yes! In /usr/lib/systemd/system/mongod.service. Changing User parameter value to wanted user name. Remember to change Group too and then chown -R all files and directories to that new user.

[Unit]
Description=High-performance, schema-free document-oriented database
After=network.target
Documentation=https://docs.mongodb.org/manual

[Service]
User=mongod
Group=mongod
Environment="OPTIONS=--quiet -f /etc/mongod.conf"
ExecStart=/usr/bin/mongod $OPTIONS run
ExecStartPre=/usr/bin/mkdir -p /var/run/mongodb
ExecStartPre=/usr/bin/chown mongod:mongod /var/run/mongodb
ExecStartPre=/usr/bin/chmod 0755 /var/run/mongodb
PermissionsStartOnly=true
PIDFile=/var/run/mongodb/mongod.pid
# file size
LimitFSIZE=infinity
# cpu time
LimitCPU=infinity
# virtual memory size
LimitAS=infinity
# open files
LimitNOFILE=64000
# processes/threads
LimitNPROC=64000
# total threads (user+kernel)
TasksMax=infinity
TasksAccounting=false
# Recommended limits for for mongod as specified in
# http://docs.mongodb.org/manual/reference/ulimit/#recommended-settings

[Install]
WantedBy=multi-user.target
Related Question