mongodb 3.4.3 Permission denied wiredtiger_kv_engine.cpp 267 error with ubuntu 16

Question

I'm having problems lauching mongod as a service: How is it possible that it works when I do sudo mongod -f /etc/mongod.conf but when launching it with sudo service mongod start I get an error in the log

Assertion: 28595:13: Permission denied src/mongo/db/storage/wiredtiger/wiredtiger_kv_engine.cpp 267

I'm running mongodb on ubuntu 16

I followed exactly the instructions in the mongodb documentation for installation of that version, so is this a bug? Any suggestions how to solve this are appreciated.

Additional information:

The mongodb service startup script looks like this and runs it as user mongodb, could this be connected to the error? lib/systemd/system/mongodb.service:

[Unit]
Description=MongoDB Database Service
Wants=network.target
After=network.target

[Service]
ExecStart=/usr/bin/mongod --config /etc/mongod.conf
ExecReload=/bin/kill -HUP $MAINPID
Restart=always
User=mongodb
Group=mongodb
StandardOutput=syslog
StandardError=syslog

[Install]
WantedBy=multi-user.target

Answer 1

I'm having problems lauching mongod as a service: How is it possible that it works when I do sudo mongod -f /etc/mongod.conf but when launching it with sudo service mongod start I get an error in the log

The sudo command starts mongod with root permissions (aka superuser access). If you run mongod as a service the user and group are configured in the service definition (mongodb for both in your example).

There is no need to run the mongod process as the root user, and this is strongly discouraged as per the common security practice of Principle of least privilege.

If you want to test a configuration from the command-line, you could use sudo to run with a specified user instead of the default (root) user.

For example:

sudo -u mongodb mongod -f /etc/mongod.conf 

In general, it's best to use a service configuration rather than running mongod manually. With manual invocation you will also have to remember to include parameters like the config file path (as there is no default config path). Without a configuration file, mongod also uses default options such as a dbPath of /data/db.

Assertion: 28595:13: Permission denied src/mongo/db/storage/wiredtiger/wiredtiger_kv_engine.cpp 267

The likely cause of your permission errors is having previously started mongod as the root user. Some directories and files may now be owned by the root user, so the mongodb user cannot access those. Your specific error relates to accessing files in the data directory (i.e. the configured storage.dbPath in mongod.conf).

Assuming you haven't changed the default paths in your mongod.conf file, you should be able to recursively adjust permissions to match what the mongod.service definition expects.

First, ensure you have stopped your mongod instance if it is currently running.

Then, recursively adjust permissions to the expected user and group:

# storage.dbPath
sudo chown -R mongodb:mongodb /var/lib/mongodb

# systemLog.path
sudo chown -R mongodb:mongodb /var/log/mongodb

Now you should be able to start mongod as a service. If the service fails to start, there should be further detail in the mongod log file (assuming the log file is writable by the mongodb service user).