Home Fedora How To Install MongoDB on Fedora 44

How To Install MongoDB on Fedora 44

Fedora June 11, 2026 comments off

Install MongoDB on Fedora 44

If you have ever opened a terminal on Fedora 44 and typed sudo dnf install mongodb, you already know the frustration that follows: the package does not exist in the default repositories. This is not a bug, and it is not your fault. Fedora removed MongoDB from its official repos years ago because of a licensing conflict, and that decision has never changed. This guide shows you exactly how to install MongoDB on Fedora 44 using the official upstream repository, configure it properly, lock it down with authentication, and verify that everything works before you write a single line of application code.

You will follow a complete MongoDB on Fedora 44 setup from scratch, covering the repo configuration, package installation with dnf5, SELinux context management, firewalld rules, basic security hardening, and a functional verification test. By the end, you will have a production-ready MongoDB 8.0 instance running on Fedora 44 with systemd managing the service lifecycle.

Why MongoDB Is Not in Fedora’s Default Repos

Before you touch a single command, you need to understand why this problem exists. In 2018, MongoDB abandoned the Apache 2.0 license and relicensed its server code under the Server Side Public License (SSPL) v1. Fedora’s legal team reviewed the SSPL and determined it does not qualify as a Free Software license under Fedora’s guidelines. Because Fedora only ships packages with approved open-source licenses, MongoDB was formally removed from the distribution.

This is not a temporary gap. MongoDB will not return to Fedora’s default package repositories unless the licensing situation changes. That means every guide that tells you to run sudo dnf install mongodb without adding a custom repo is either outdated or wrong.

The correct solution is to use the official RPM repository that MongoDB maintains for Red Hat-based systems. Since Fedora 44 is binary-compatible with RHEL 9 for most system libraries, the MongoDB RHEL 9 packages install and run cleanly on Fedora 44 without workarounds.

Prerequisites

Before you begin, make sure your system meets the following requirements.

System requirements:

  • Fedora 44 (released April 28, 2026) — fully updated
  • Kernel 7.0.x or later (verify with uname -r)
  • dnf5 5.4.x as the default package manager (verify with dnf5 --version)
  • Architecture: x86_64 or aarch64

Access and permissions:

  • A user account with sudo privileges
  • Root access is required for repo configuration, package installation, and systemd management

Resources:

  • Minimum 2 GB RAM (MongoDB’s WiredTiger storage engine uses RAM for its internal cache)
  • Minimum 10 GB free disk space on the partition where /var/lib/mongodb resides
  • Active internet connection for GPG key and package downloads

Recommended tools already installed:

  • nano or vim for editing config files
  • ss for checking open ports
  • journalctl for reading systemd logs

Step 1: Update Your Fedora 44 System

The first thing to do before any package installation is bring your system fully up to date. This is not optional.

sudo dnf upgrade --refresh -y

The --refresh flag forces dnf5 to pull fresh metadata from all configured repositories before resolving dependencies. Without it, dnf5 might work from a cached copy of the package index that is hours or days old. If your system is not up to date, you risk dependency mismatches between existing packages and the ones MongoDB brings in.

After the upgrade completes, reboot if the kernel was updated.

sudo reboot

Why this matters: MongoDB 8.0 on RHEL-compatible systems links against glibc 2.34 or later. Fedora 44 ships glibc 2.43. A full system update ensures all shared library symlinks are current and no broken upgrades are sitting in a half-applied state.

Verify Your Current System Version

cat /etc/fedora-release
uname -r
dnf --version

Expected output will show Fedora release 44, a 7.x.x kernel string, and dnf5 in the version output. If you see an older kernel, your reboot from above may not have completed correctly.

Step 2: Add the Official MongoDB Repository

This is the most important step in the entire process. You are teaching dnf5 where to find MongoDB packages so it can handle installation, updates, and dependency resolution automatically.

Create the Repository File

sudo tee /etc/yum.repos.d/mongodb-org-8.0.repo > /dev/null <

Do not copy and retype this manually. Use tee with a heredoc to write the file atomically without risk of typos in the URL or key directives.

What each directive does and why it exists:

  • baseurl: Points dnf5 to MongoDB’s CDN where the RPM packages live. The $releasever variable automatically expands to your Fedora version number, and $basearch expands to your architecture (x86_64 or aarch64). This makes the repo file forward-compatible without editing.
  • gpgcheck=1: This tells dnf5 to cryptographically verify every RPM it downloads from this repo using MongoDB’s public signing key. Never set this to 0. A compromised mirror could serve you a backdoored binary, and without GPG verification, dnf5 has no way to detect it.
  • gpgkey: The URL where dnf5 fetches MongoDB’s public GPG key on the first installation. dnf5 stores this key in its trusted keyring so future installs do not re-download it.
  • enabled=1: Activates this repository immediately. Without this line, you would have to add --enablerepo=mongodb-org-8.0 to every dnf command.

Verify the Repository is Recognized

sudo dnf repolist | grep mongodb

You should see output similar to:

mongodb-org-8.0    MongoDB Repository

If the repo does not appear, check that the file exists and contains no YAML syntax errors:

cat /etc/yum.repos.d/mongodb-org-8.0.repo

Step 3: Install MongoDB on Fedora 44

Now that dnf5 knows where to find MongoDB, the installation itself is a single command.

sudo dnf install mongodb-org -y

The mongodb-org package is a meta-package. It does not install a single binary. It pulls in the following components as one coordinated transaction:

  • mongodb-org-server: The mongod daemon itself, the core database engine
  • mongodb-org-mongos: The query router for sharded cluster deployments
  • mongodb-mongosh: The modern MongoDB Shell, the official command-line interface for MongoDB 8.x
  • mongodb-org-tools: Includes mongodump, mongorestore, mongostat, and mongotop
  • mongodb-org-database-tools-extra: Extended administrative utilities

Why install the full meta-package instead of just the server? Because mongodump and mongorestore are not extras. They are the primary backup and disaster recovery tools for MongoDB. Installing the server without the tools is like setting up a MySQL instance without mysqldump. You will need them the first time something goes wrong.

Pin MongoDB to Prevent Unintended Major Version Upgrades

sudo dnf config-manager --save --setopt=mongodb-org-8.0.skip_if_unavailable=true
echo "exclude=mongodb-org,mongodb-org-*" | sudo tee -a /etc/dnf/dnf.conf

Why this is important: MongoDB major version upgrades (e.g., 8.0 to 9.0) require a formal migration procedure involving compatibility checks and data format changes. If you run sudo dnf upgrade and MongoDB is not pinned, dnf5 might silently upgrade your database engine to a version your application has not been tested against. Pinning gives you control over when and how that upgrade happens.

Step 4: Enable and Start the MongoDB Service

Installing a package on Fedora does not start the service automatically. You need to tell systemd to both start mongod now and register it to start on every boot.

sudo systemctl enable --now mongod

The --now flag combines enable and start into a single atomic operation. enable registers the mongod.service unit to start at boot. start launches it immediately in the current session.

Confirm the Service is Running

sudo systemctl status mongod --no-pager -l

The --no-pager flag prints output directly to the terminal instead of opening it in less. The -l flag shows full log lines without truncation, which is critical when you are debugging startup errors and need to see the complete message.

Expected healthy output:

● mongod.service - MongoDB Database Server
     Loaded: loaded (/usr/lib/systemd/system/mongod.service; enabled; preset: disabled)
     Active: active (running) since ...

Seeing active (running) and enabled in the same output confirms two things: MongoDB is running right now, and it will come back up automatically after a reboot.

Verify the Port is Bound

ss -tlnp | grep 27017

This command queries the kernel’s socket table for TCP listening sockets. If MongoDB started cleanly, you will see a line showing mongod bound to 127.0.0.1:27017.

Why check the port separately from the service status? Because systemd reports success when the process starts, not when it finishes initializing. In rare cases, mongod can start its process but fail to bind the socket due to a permission or config issue. Checking the port directly confirms MongoDB is actually accepting connections.

Step 5: Configure SELinux for MongoDB

This is the step most tutorials skip, and it is the reason people disable SELinux “temporarily” and never turn it back on. Do not do that.

Fedora 44 runs SELinux in enforcing mode by default. SELinux operates at the kernel level, below root. It does not care that you are running as root or that systemd started the service. It enforces mandatory access control policies based on security context labels attached to files, processes, and network ports. If the labels are wrong, MongoDB will fail to write data with cryptic Permission denied errors even though the Unix permissions look correct.

Check the Current SELinux Context on the Data Directory

ls -Z /var/lib/mongodb

After a clean install, the MongoDB RPM applies the correct SELinux context automatically. You should see mongod_var_lib_t in the output. If this directory was created manually or copied from another location, the context may be wrong.

Restore Correct SELinux Labels

sudo restorecon -Rv /var/lib/mongodb

restorecon reads the SELinux policy database and resets each file’s context label to its policy-defined correct value. -R processes all subdirectories recursively. -v prints each change so you can see exactly what was corrected.

Register MongoDB’s Port with SELinux

sudo semanage port -a -t mongod_port_t -p tcp 27017

This command adds port 27017 to the SELinux policy as a recognized MongoDB port. If you ever change the port in mongod.conf, SELinux will block connections on the new port unless you run this command again with the new port number. The mongod_port_t type is the SELinux label specifically defined for MongoDB network traffic.

Check for Active SELinux Denials

sudo journalctl -t setroubleshoot | tail -20

If SELinux is blocking anything MongoDB-related, setroubleshoot will log human-readable explanations with suggested fixes. Running this after starting the service tells you immediately if something needs attention.

Step 6: Configure firewalld and Enable Authentication

Open Port 27017 in firewalld

Fedora 44 uses firewalld as the default network firewall. By default, it blocks all inbound connections except SSH. To allow applications on other hosts to reach MongoDB, you need to open the port explicitly.

sudo firewall-cmd --permanent --add-port=27017/tcp
sudo firewall-cmd --reload

--permanent writes the rule to the XML configuration files in /etc/firewalld/. Without --permanent, the rule disappears at the next reboot. --reload applies the permanent rules to the live kernel netfilter ruleset without dropping active connections.

For production servers, restrict access to a specific subnet instead of opening it globally:

sudo firewall-cmd --permanent --zone=trusted --add-source=192.168.1.0/24
sudo firewall-cmd --reload

Replace 192.168.1.0/24 with your actual application server subnet. Exposing MongoDB port 27017 to the public internet without IP restrictions is how thousands of databases get breached.

Verify the Firewall Rule is Active

sudo firewall-cmd --list-ports

You should see 27017/tcp in the output.

Enable MongoDB Authentication

A fresh MongoDB install runs with zero authentication. Anyone who can reach port 27017 can read, write, or delete every database without a username or password. Fix this before you store anything important.

First, connect to the MongoDB shell before enabling auth:

mongosh

Create an admin user inside the shell:

use admin
db.createUser({
  user: "adminUser",
  pwd: passwordPrompt(),
  roles: [
    { role: "userAdminAnyDatabase", db: "admin" },
    "readWriteAnyDatabase"
  ]
})

passwordPrompt() accepts the password interactively without storing it in the shell history. The userAdminAnyDatabase role grants the ability to create and manage users across all databases.

Now exit the shell and enable authorization in the MongoDB configuration file:

sudo nano /etc/mongod.conf

Find the security: section (it is commented out by default) and edit it to match this exactly:

security:
  authorization: enabled

Critical note about YAML formatting: The indentation in mongod.conf uses two spaces, not tabs. MongoDB’s configuration parser is strict about YAML structure. A tab character or misaligned indentation will prevent mongod from starting and give you a config parse error in the logs.

Restart MongoDB to apply the change:

sudo systemctl restart mongod

Test that authentication is now required by attempting a connection without credentials:

mongosh --eval "db.adminCommand({listDatabases: 1})"

You should see an Authentication failed error, which confirms auth is working correctly.

Step 7: Verify the Complete Installation

Before you hand this instance to an application, run through this verification checklist to confirm everything is working end to end.

Check the Installed MongoDB Version

mongosh --eval "db.version()"

This should return 8.0.x. A version mismatch here suggests the package manager installed something other than what you configured in the repo file.

Run a Write and Read Test

Connect with your admin credentials and run a quick insert and query:

mongosh -u adminUser -p --authenticationDatabase admin

Inside the shell:

use testdb
db.verification.insertOne({ status: "MongoDB is working", timestamp: new Date() })
db.verification.findOne()

A successful response with the document you inserted confirms that WiredTiger can write to disk, the data directory permissions are correct, SELinux is not blocking file operations, and the authentication layer is functioning.

Confirm Auto-Start Survives a Reboot

sudo systemctl is-enabled mongod

The output should be enabled. If it returns disabled, MongoDB will not start after a kernel update or power cycle. Fix it with sudo systemctl enable mongod.

Troubleshooting Common Errors

Error: “No match for argument: mongodb”

Cause: You tried to install MongoDB without adding the custom repo first, or the repo file contains a typo.

Fix: Verify the repo file exists and is readable:

cat /etc/yum.repos.d/mongodb-org-8.0.repo
sudo dnf repolist | grep mongodb

If the repo does not appear in repolist, delete the file and recreate it using the tee command from Step 2.

Error: “GPG check FAILED”

Cause: The gpgkey URL is wrong, unreachable, or the key was updated by MongoDB.

Fix: Manually import the key and retry:

sudo rpm --import https://www.mongodb.org/static/pgp/server-8.0.asc
sudo dnf install mongodb-org -y

Never work around this by setting gpgcheck=0. That defeats the entire point of using a signed repository.

Error: “mongod.service: Failed with result ‘exit-code'”

Cause: A syntax error in /etc/mongod.conf is preventing mongod from parsing its config on startup.

Fix: Test the config directly:

sudo mongod --config /etc/mongod.conf --fork --logpath /tmp/mongod-test.log
cat /tmp/mongod-test.log

The log will show the exact YAML line that failed to parse. The most common cause is mixing tabs and spaces in the YAML indentation.

Error: “Permission denied” on /var/lib/mongodb

Cause: SELinux context label is wrong, or the directory ownership was changed from mongod:mongod.

Fix: Restore both at once:

sudo chown -R mongod:mongod /var/lib/mongodb
sudo restorecon -Rv /var/lib/mongodb
sudo systemctl restart mongod

Error: “Connection refused” from a Remote Host

Cause: Either firewalld is blocking port 27017, or mongod.conf has bindIp set to 127.0.0.1 only.

Fix (firewall): Open the port as shown in Step 6.

Fix (bind address): Edit /etc/mongod.conf and change the network section:

net:
  port: 27017
  bindIp: 0.0.0.0

Use 0.0.0.0 only in trusted network environments. On public servers, specify the exact IP addresses MongoDB should listen on. Restart mongod after any change to mongod.conf.

Quick Reference: MongoDB Service Commands

Keep these commands handy for day-to-day operations:

sudo systemctl start mongod       # Start the service
sudo systemctl stop mongod        # Stop the service
sudo systemctl restart mongod     # Restart after config changes
sudo systemctl status mongod      # Check health and recent logs
sudo systemctl enable mongod      # Enable automatic startup on boot
sudo systemctl disable mongod     # Disable automatic startup
journalctl -xeu mongod            # Full service log with explanations

[su_box title=”VPS Manage Service Offer” style=”bubbles” box_color=”#000000″ radius=”10″]If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal![/su_box]

r00t
r00t is a Linux Systems Administrator and open-source advocate with over ten years of hands-on experience in server infrastructure, system hardening, and performance tuning. Having worked across distributions such as Debian, Arch, RHEL, and Ubuntu, he brings real-world depth to every article published on this blog. r00t writes to bridge the gap between complex sysadmin concepts and practical, everyday application — whether you are configuring your first server or optimizing a production environment. Based in New York, US, he is a firm believer that knowledge, like open-source software, is best when shared freely.

Related Posts

How To Install GitLab on Fedora 44

How To Install Krita on Fedora 44

How To Install ReactJS on Fedora 44

How To Install FFmpeg on Fedora 44

How To Install Mesa Drivers on Fedora 44

How To Install Clonezilla on Fedora 44