On 01/08/2014 04:25 AM, Blair Nilsson wrote:
nope, doesn't work...
I have an admin user... with the right caps.
{ "user_id": "admin2",
"display_name": "Admin 2admin",
"email": "",
"suspended": 0,
"max_buckets": 1000,
"auid": 0,
"subusers": [],
"keys": [
{ "user": "admin2",
"access_key": "1DNQ2FK80XQZJMB14W1C",
"secret_key": "BJDKNhMnCc4Cib+3QIdSGMR4yOE0YVJVS9HCuAmW"},
{ "user": "admin2",
"access_key": "KXH0BM1IQ9CP24IB9IP9",
"secret_key": "wbtya+dX505X7zdfKKh926nbbRtBnLW8ghHAQo9j"}],
"swift_keys": [],
"caps": [
{ "type": "buckets",
"perm": "*"},
{ "type": "usage",
"perm": "*"},
{ "type": "users",
"perm": "*"}],
"op_mask": "read, write, delete",
"default_placement": "",
"placement_tags": [],
"bucket_quota": { "enabled": false,
"max_size_kb": -1,
"max_objects": -1}}
but....
./s3curl.pl <http://s3curl.pl/> --id=admin --
http://162.243.33.180/admin/user
gives me
{"Code":"AccessDenied"}
however... I CAN use
./s3curl.pl <http://s3curl.pl/> --id=admin --
http://162.243.33.180/admin/bucket
and it gives me.
["files.wyaeld.com <http://files.wyaeld.com/>","private.wyaeld.com
<http://private.wyaeld.com/>"]
which are the 2 buckets in the system.
Any ideas on what is going on?
So what Ceph version do you use? Since I've been running into the same
problem.
I could however query for a user, but a PUT request to create a user
would always give me AccessDenied.
I'm running 0.67.5 Dumpling.
Wido
On Fri, Dec 20, 2013 at 7:47 PM, JuanJose Galvez
<juanjose.galvez@xxxxxxxxxxx <mailto:juanjose.galvez@xxxxxxxxxxx>> wrote:
On 12/19/2013 2:02 PM, Blair Nilsson wrote:
How do find or create a user that can use the admin operations for
the object gateway?
The manual says "Some operations require that the user holds
special administrative capabilities."
But I can't find if there is a pre setup user with these, or how
to create one myself.
You would need to create the user. As an example I just created the
following on my cluster:
radosgw-admin user create --uid=admin --display-name="JuanJose
Galvez" --caps="usage=read, write; users=read, write; buckets=read,
write;"
You'll notice in the output that it has the following capabilities
which normal users do not have:
"caps": [
{ "type": "buckets",
"perm": "*"},
{ "type": "usage",
"perm": "*"},
{ "type": "users",
"perm": "*"}],
I hope that helps. If you need more information on the API and what
caps are needed for which functions that is found over here:
http://ceph.com/docs/master/radosgw/adminops/
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx <mailto:ceph-users@xxxxxxxxxxxxxx>
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
--
JuanJose "JJ" Galvez
Professional Services
Inktank Storage, Inc.
LinkedIn:http://www.linkedin.com/in/jjgalvez
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx <mailto:ceph-users@xxxxxxxxxxxxxx>
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
--
Wido den Hollander
42on B.V.
Phone: +31 (0)20 700 9902
Skype: contact42on
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
