mongodb_user.py: changes on comments

This commit is contained in:
Marcos Diez 2016-03-16 22:07:58 +02:00 committed by Matt Clay
parent 37ba9a3fe1
commit 1aec0a3ffb

View file

@ -209,17 +209,18 @@ def load_mongocnf():
def check_if_roles_changed(uinfo, roles, db_name): def check_if_roles_changed(uinfo, roles, db_name):
# The reason for such complicated method is a user which can read the oplog on a replicaset # We must be aware of users which can read the oplog on a replicaset
# This user must have access to the local DB, but since this DB does not have users # Such users must have access to the local DB, but since this DB does not store users credentials
# and is not synchronized among replica sets, the user must be stored on the admin db # and is not synchronized among replica sets, the user must be stored on the admin db
# Therefore their structure is the following :
# { # {
# "_id" : "admin.oplog_reader", # "_id" : "admin.oplog_reader",
# "user" : "oplog_reader", # "user" : "oplog_reader",
# "db" : "admin", # "db" : "admin", # <-- admin DB
# "roles" : [ # "roles" : [
# { # {
# "role" : "read", # "role" : "read",
# "db" : "local" # "db" : "local" # <-- local DB
# } # }
# ] # ]
# } # }