Re: radosgw-admin caps

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Thu, Aug 29, 2013 at 6:35 AM, Derek Yarnell <derek@xxxxxxxxxxxxxx> wrote:
> Hi,
>
> So what am I doing wrong?  As I read the docs
> (http://ceph.com/docs/master/radosgw/adminops/) i need users=read which
> I applied with the command,
>
>   radosgw-admin caps add --uid=derek --caps="users=read"
>
> But when I try to access /admin/users I get the following in the
> radosgw.log and a 403 to the client.
>
> 2013-08-29 09:26:02.616168 7f91f9bf5700 10 auth_hdr:
> GET
>
>
> Thu, 29 Aug 2013 13:26:02 GMT
> /admin/user
> 2013-08-29 09:26:02.616238 7f91f9bf5700 15 calculated
> digest=IwccyjKmG14WzrJeh731lf0tHjw=
> 2013-08-29 09:26:02.616244 7f91f9bf5700 15
> auth_sign=IwccyjKmG14WzrJeh731lf0tHjw=
> 2013-08-29 09:26:02.616246 7f91f9bf5700 15 compare=0
> 2013-08-29 09:26:02.616249 7f91f9bf5700  2 req 1:0.004719::GET
> /admin/user:get_user_info:reading permissions
> 2013-08-29 09:26:02.616252 7f91f9bf5700  2 req 1:0.004723::GET
> /admin/user:get_user_info:verifying op mask
> 2013-08-29 09:26:02.616255 7f91f9bf5700 20 required_mask= 0 user.op_mask=7
> 2013-08-29 09:26:02.616257 7f91f9bf5700  2 req 1:0.004728::GET
> /admin/user:get_user_info:verifying op permissions
> 2013-08-29 09:26:02.616262 7f91f9bf5700  2 req 1:0.004733::GET
> /admin/user:get_user_info:verifying op params
> 2013-08-29 09:26:02.616264 7f91f9bf5700  2 req 1:0.004735::GET
> /admin/user:get_user_info:executing
> 2013-08-29 09:26:02.616307 7f91f9bf5700  2 req 1:0.004778::GET
> /admin/user:get_user_info:http status=403
> 2013-08-29 09:26:02.616362 7f91f9bf5700  1 ====== req done req=0x15a2bf0
> http_status=403 ======
>
> # radosgw-admin user info --uid=derek
> { "user_id": "derek",
>   "display_name": "Derek Yarnell",
>   "email": "",
>   "suspended": 0,
>   "max_buckets": 1000,
>   "auid": 0,
>   "subusers": [],
>   "keys": [
>         { "user": "derek",
>           "access_key": "XXXXXXXXXX",
>           "secret_key": "XXXXXXXXXX"}],
>   "swift_keys": [],
>   "caps": [
>         { "type": "users",
>           "perm": "read"}],
>   "op_mask": "read, write, delete",
>   "default_placement": "",
>   "placement_tags": []}
>
> Thanks,
> derek
>

You're not specifying which user you're trying to get info for. The
request needs extra 'uid' param that specifies the target user. Other
than that you're ok.

Yehuda
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
[Index of Archives]     [Information on CEPH]     [Linux Filesystem Development]     [Ceph Development]     [Ceph Large]     [Ceph Dev]     [Linux USB Development]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [xfs]

  Powered by Linux