Well, user jaseer has the 'system' flag set so it acts like a super user. On Wed, Jan 8, 2014 at 10:09 AM, Jaseer Tk <jaseer.tk@xxxxxxxxxx> wrote: > > You were right. Sorry for the misdirection. > > logs for getacl: > ================ > 2014-01-08 17:58:37.228949 7faae2d93780 20 enqueued request req=0x2182c90 > 2014-01-08 17:58:37.228968 7faae2d93780 20 RGWWQ: > 2014-01-08 17:58:37.228970 7faae2d93780 20 req: 0x2182c90 > 2014-01-08 17:58:37.228976 7faae2d93780 10 allocated request req=0x21829b0 > 2014-01-08 17:58:37.228999 7faa4ffdf700 20 dequeued request req=0x2182c90 > 2014-01-08 17:58:37.229009 7faa4ffdf700 20 RGWWQ: empty > 2014-01-08 17:58:37.229015 7faa4ffdf700 1 ====== starting new request > req=0x2182c90 ===== > 2014-01-08 17:58:37.229069 7faa4ffdf700 2 req 21:0.000054::GET > /Test3::initializing > 2014-01-08 17:58:37.229076 7faa4ffdf700 10 host=isp.inmobi.com > rgw_dns_name=isp.inmobi.com > 2014-01-08 17:58:37.229106 7faa4ffdf700 10 s->object=<NULL> s->bucket=Test3 > 2014-01-08 17:58:37.229112 7faa4ffdf700 20 FCGI_ROLE=RESPONDER > 2014-01-08 17:58:37.229113 7faa4ffdf700 20 SCRIPT_URL=/Test3 > 2014-01-08 17:58:37.229114 7faa4ffdf700 20 > SCRIPT_URI=http://isp.inmobi.com/Test3 > 2014-01-08 17:58:37.229115 7faa4ffdf700 20 HTTP_AUTHORIZATION=AWS > RDDGMHRBXJN6HY3BOEO7:5Dl428zBfcGMrNknuT6VwIFkYnE= > 2014-01-08 17:58:37.229116 7faa4ffdf700 20 HTTP_HOST=isp.inmobi.com > 2014-01-08 17:58:37.229117 7faa4ffdf700 20 > HTTP_USER_AGENT=aws-sdk-php2/2.1.0 Guzzle/3.1.2 curl/7.19.7 > PHP/5.3.2-1ubuntu4.22 > 2014-01-08 17:58:37.229119 7faa4ffdf700 20 HTTP_DATE=Wed, 08 Jan 2014 > 17:58:36 +0000 > 2014-01-08 17:58:37.229120 7faa4ffdf700 20 PATH=/usr/local/bin:/usr/bin:/bin > 2014-01-08 17:58:37.229120 7faa4ffdf700 20 SERVER_SIGNATURE= > 2014-01-08 17:58:37.229121 7faa4ffdf700 20 SERVER_SOFTWARE=Apache/2.2.22 > (Ubuntu) > 2014-01-08 17:58:37.229121 7faa4ffdf700 20 SERVER_NAME=isp.inmobi.com > 2014-01-08 17:58:37.229122 7faa4ffdf700 20 SERVER_ADDR=10.2.4.203 > 2014-01-08 17:58:37.229122 7faa4ffdf700 20 SERVER_PORT=80 > 2014-01-08 17:58:37.229123 7faa4ffdf700 20 REMOTE_ADDR=10.14.100.34 > 2014-01-08 17:58:37.229124 7faa4ffdf700 20 DOCUMENT_ROOT=/var/www > 2014-01-08 17:58:37.229124 7faa4ffdf700 20 SERVER_ADMIN=app-ops@xxxxxxxxxx > 2014-01-08 17:58:37.229125 7faa4ffdf700 20 > SCRIPT_FILENAME=/var/www/s3gw.fcgi > 2014-01-08 17:58:37.229125 7faa4ffdf700 20 REMOTE_PORT=50682 > 2014-01-08 17:58:37.229126 7faa4ffdf700 20 GATEWAY_INTERFACE=CGI/1.1 > 2014-01-08 17:58:37.229126 7faa4ffdf700 20 SERVER_PROTOCOL=HTTP/1.1 > 2014-01-08 17:58:37.229127 7faa4ffdf700 20 REQUEST_METHOD=GET > 2014-01-08 17:58:37.229127 7faa4ffdf700 20 > QUERY_STRING=page=Test3¶ms=&acl > 2014-01-08 17:58:37.229128 7faa4ffdf700 20 REQUEST_URI=/Test3?acl > 2014-01-08 17:58:37.229129 7faa4ffdf700 20 SCRIPT_NAME=/Test3 > 2014-01-08 17:58:37.229130 7faa4ffdf700 2 req 21:0.000115:s3:GET > /Test3::getting op > 2014-01-08 17:58:37.229134 7faa4ffdf700 2 req 21:0.000119:s3:GET > /Test3:get_acls:authorizing > 2014-01-08 17:58:37.229156 7faa4ffdf700 20 get_obj_state: > rctx=0x7fa9b4004670 obj=.us-east-1.users:RDDGMHRBXJN6HY3BOEO7 > state=0x7fa9b4004738 s->prefetch_data=0 > 2014-01-08 17:58:37.229166 7faa4ffdf700 10 moving > .us-east-1.users+RDDGMHRBXJN6HY3BOEO7 to cache LRU end > 2014-01-08 17:58:37.229169 7faa4ffdf700 10 cache get: > name=.us-east-1.users+RDDGMHRBXJN6HY3BOEO7 : hit > 2014-01-08 17:58:37.229177 7faa4ffdf700 20 get_obj_state: s->obj_tag was set > empty > 2014-01-08 17:58:37.229182 7faa4ffdf700 10 moving > .us-east-1.users+RDDGMHRBXJN6HY3BOEO7 to cache LRU end > 2014-01-08 17:58:37.229184 7faa4ffdf700 10 cache get: > name=.us-east-1.users+RDDGMHRBXJN6HY3BOEO7 : hit > 2014-01-08 17:58:37.229199 7faa4ffdf700 20 get_obj_state: > rctx=0x7fa9b4004a50 obj=.us-east-1.users.uid:app-ops state=0x7fa9b4004738 > s->prefetch_data=0 > 2014-01-08 17:58:37.229206 7faa4ffdf700 10 moving > .us-east-1.users.uid+app-ops to cache LRU end > 2014-01-08 17:58:37.229208 7faa4ffdf700 10 cache get: > name=.us-east-1.users.uid+app-ops : hit > 2014-01-08 17:58:37.229212 7faa4ffdf700 20 get_obj_state: s->obj_tag was set > empty > 2014-01-08 17:58:37.229215 7faa4ffdf700 10 moving > .us-east-1.users.uid+app-ops to cache LRU end > 2014-01-08 17:58:37.229216 7faa4ffdf700 10 cache get: > name=.us-east-1.users.uid+app-ops : hit > 2014-01-08 17:58:37.229264 7faa4ffdf700 10 get_canon_resource(): > dest=/Test3?acl > 2014-01-08 17:58:37.229267 7faa4ffdf700 10 auth_hdr: > GET > > > Wed, 08 Jan 2014 17:58:36 +0000 > /Test3?acl > 2014-01-08 17:58:37.229330 7faa4ffdf700 15 calculated > digest=5Dl428zBfcGMrNknuT6VwIFkYnE= > 2014-01-08 17:58:37.229332 7faa4ffdf700 15 > auth_sign=5Dl428zBfcGMrNknuT6VwIFkYnE= > 2014-01-08 17:58:37.229333 7faa4ffdf700 15 compare=0 > 2014-01-08 17:58:37.229335 7faa4ffdf700 20 system request > 2014-01-08 17:58:37.229338 7faa4ffdf700 2 req 21:0.000323:s3:GET > /Test3:get_acls:reading permissions > 2014-01-08 17:58:37.229349 7faa4ffdf700 20 get_obj_state: > rctx=0x7fa9b4000ee0 obj=.us-east-1.rgw:Test3 state=0x7fa9b40062c8 > s->prefetch_data=0 > 2014-01-08 17:58:37.229356 7faa4ffdf700 10 moving .us-east-1.rgw+Test3 to > cache LRU end > 2014-01-08 17:58:37.229357 7faa4ffdf700 10 cache get: > name=.us-east-1.rgw+Test3 : hit > 2014-01-08 17:58:37.229360 7faa4ffdf700 20 get_obj_state: s->obj_tag was set > empty > 2014-01-08 17:58:37.229363 7faa4ffdf700 20 Read xattr: user.rgw.idtag > 2014-01-08 17:58:37.229363 7faa4ffdf700 20 Read xattr: user.rgw.manifest > 2014-01-08 17:58:37.229366 7faa4ffdf700 10 moving .us-east-1.rgw+Test3 to > cache LRU end > 2014-01-08 17:58:37.229366 7faa4ffdf700 10 cache get: > name=.us-east-1.rgw+Test3 : hit > 2014-01-08 17:58:37.229374 7faa4ffdf700 20 rgw_get_bucket_info: bucket > instance: > Test3(@{i=.us-east-1.rgw.buckets.index}.us-east-1.rgw.buckets[east-1.8607.1]) > 2014-01-08 17:58:37.229379 7faa4ffdf700 20 reading from > .us-east-1.rgw:.bucket.meta.Test3:east-1.8607.1 > 2014-01-08 17:58:37.229383 7faa4ffdf700 20 get_obj_state: > rctx=0x7fa9b4000ee0 obj=.us-east-1.rgw:.bucket.meta.Test3:east-1.8607.1 > state=0x7fa9b4006ff8 s->prefetch_data=0 > 2014-01-08 17:58:37.229388 7faa4ffdf700 10 moving > .us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 to cache LRU end > 2014-01-08 17:58:37.229389 7faa4ffdf700 10 cache get: > name=.us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 : hit > 2014-01-08 17:58:37.229394 7faa4ffdf700 20 get_obj_state: s->obj_tag was set > empty > 2014-01-08 17:58:37.229396 7faa4ffdf700 20 Read xattr: user.rgw.acl > 2014-01-08 17:58:37.229397 7faa4ffdf700 20 Read xattr: user.rgw.idtag > 2014-01-08 17:58:37.229397 7faa4ffdf700 20 Read xattr: user.rgw.manifest > 2014-01-08 17:58:37.229399 7faa4ffdf700 10 moving > .us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 to cache LRU end > 2014-01-08 17:58:37.229400 7faa4ffdf700 10 cache get: > name=.us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 : hit > 2014-01-08 17:58:37.229423 7faa4ffdf700 15 Read > AccessControlPolicy<AccessControlPolicy > xmlns="http://s3.amazonaws.com/doc/2006-03-01/";><Owner><ID>app-ops</ID><DisplayName>Region-US > Zone-East</DisplayName></Owner><AccessControlList><Grant><Grantee > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > xsi:type="CanonicalUser"><ID>jaseer</ID><DisplayName>Jaseer > TK</DisplayName></Grantee><Permission>READ</Permission></Grant></AccessControlList></AccessControlPolicy> > 2014-01-08 17:58:37.229436 7faa4ffdf700 15 Read > AccessControlPolicy<AccessControlPolicy > xmlns="http://s3.amazonaws.com/doc/2006-03-01/";><Owner><ID>app-ops</ID><DisplayName>Region-US > Zone-East</DisplayName></Owner><AccessControlList><Grant><Grantee > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > xsi:type="CanonicalUser"><ID>jaseer</ID><DisplayName>Jaseer > TK</DisplayName></Grantee><Permission>READ</Permission></Grant></AccessControlList></AccessControlPolicy> > 2014-01-08 17:58:37.229441 7faa4ffdf700 2 req 21:0.000426:s3:GET > /Test3:get_acls:init op > 2014-01-08 17:58:37.229444 7faa4ffdf700 2 req 21:0.000429:s3:GET > /Test3:get_acls:verifying op mask > 2014-01-08 17:58:37.229446 7faa4ffdf700 20 required_mask= 1 user.op_mask=7 > 2014-01-08 17:58:37.229448 7faa4ffdf700 2 req 21:0.000432:s3:GET > /Test3:get_acls:verifying op permissions > 2014-01-08 17:58:37.229450 7faa4ffdf700 5 Searching permissions for > uid=app-ops mask=52 > 2014-01-08 17:58:37.229452 7faa4ffdf700 5 Permissions for user not found > 2014-01-08 17:58:37.229453 7faa4ffdf700 5 Searching permissions for group=1 > mask=52 > 2014-01-08 17:58:37.229454 7faa4ffdf700 5 Permissions for group not found > 2014-01-08 17:58:37.229455 7faa4ffdf700 5 Searching permissions for group=2 > mask=52 > 2014-01-08 17:58:37.229456 7faa4ffdf700 5 Permissions for group not found > 2014-01-08 17:58:37.229456 7faa4ffdf700 5 Getting permissions id=app-ops > owner=app-ops perm=4 > 2014-01-08 17:58:37.229457 7faa4ffdf700 10 uid=app-ops requested perm > (type)=4, policy perm=4, user_perm_mask=4, acl perm=4 > 2014-01-08 17:58:37.229459 7faa4ffdf700 2 req 21:0.000444:s3:GET > /Test3:get_acls:verifying op params > 2014-01-08 17:58:37.229460 7faa4ffdf700 2 req 21:0.000445:s3:GET > /Test3:get_acls:executing > 2014-01-08 17:58:37.229480 7faa4ffdf700 2 req 21:0.000465:s3:GET > /Test3:get_acls:http status=200 > 2014-01-08 17:58:37.229658 7faa4ffdf700 1 ====== req done req=0x2182c90 > http_status=200 ====== > > > ============== > > > > Logs for putacl: > =============== > > 2014-01-08 18:00:35.160860 7faae2d93780 20 enqueued request req=0x21829b0 > 2014-01-08 18:00:35.160884 7faae2d93780 20 RGWWQ: > 2014-01-08 18:00:35.160887 7faae2d93780 20 req: 0x21829b0 > 2014-01-08 18:00:35.160956 7faae2d93780 10 allocated request req=0x2132c60 > 2014-01-08 18:00:35.161006 7faa67fff700 20 dequeued request req=0x21829b0 > 2014-01-08 18:00:35.161023 7faa67fff700 20 RGWWQ: empty > 2014-01-08 18:00:35.161033 7faa67fff700 1 ====== starting new request > req=0x21829b0 ===== > 2014-01-08 18:00:35.161114 7faa67fff700 2 req 22:0.000082::PUT > /Test3::initializing > 2014-01-08 18:00:35.161123 7faa67fff700 10 host=isp.inmobi.com > rgw_dns_name=isp.inmobi.com > 2014-01-08 18:00:35.161161 7faa67fff700 10 s->object=<NULL> s->bucket=Test3 > 2014-01-08 18:00:35.161174 7faa67fff700 20 FCGI_ROLE=RESPONDER > 2014-01-08 18:00:35.161176 7faa67fff700 20 SCRIPT_URL=/Test3 > 2014-01-08 18:00:35.161177 7faa67fff700 20 > SCRIPT_URI=http://isp.inmobi.com/Test3 > 2014-01-08 18:00:35.161177 7faa67fff700 20 HTTP_AUTHORIZATION=AWS > RDDGMHRBXJN6HY3BOEO7:N0+TC4Kr2N45xKKxUZkCyHpgQ74= > 2014-01-08 18:00:35.161178 7faa67fff700 20 HTTP_USER_AGENT=S3/php > 2014-01-08 18:00:35.161179 7faa67fff700 20 HTTP_ACCEPT=*/* > 2014-01-08 18:00:35.161179 7faa67fff700 20 HTTP_HOST=isp.inmobi.com > 2014-01-08 18:00:35.161180 7faa67fff700 20 HTTP_DATE=Wed, 08 Jan 2014 > 18:00:34 GMT > 2014-01-08 18:00:35.161181 7faa67fff700 20 CONTENT_TYPE=application/xml > 2014-01-08 18:00:35.161181 7faa67fff700 20 CONTENT_LENGTH=447 > 2014-01-08 18:00:35.161182 7faa67fff700 20 PATH=/usr/local/bin:/usr/bin:/bin > 2014-01-08 18:00:35.161183 7faa67fff700 20 SERVER_SIGNATURE= > 2014-01-08 18:00:35.161183 7faa67fff700 20 SERVER_SOFTWARE=Apache/2.2.22 > (Ubuntu) > 2014-01-08 18:00:35.161184 7faa67fff700 20 SERVER_NAME=isp.inmobi.com > 2014-01-08 18:00:35.161185 7faa67fff700 20 SERVER_ADDR=10.2.4.203 > 2014-01-08 18:00:35.161185 7faa67fff700 20 SERVER_PORT=80 > 2014-01-08 18:00:35.161186 7faa67fff700 20 REMOTE_ADDR=10.14.100.34 > 2014-01-08 18:00:35.161187 7faa67fff700 20 DOCUMENT_ROOT=/var/www > 2014-01-08 18:00:35.161187 7faa67fff700 20 SERVER_ADMIN=app-ops@xxxxxxxxxx > 2014-01-08 18:00:35.161188 7faa67fff700 20 > SCRIPT_FILENAME=/var/www/s3gw.fcgi > 2014-01-08 18:00:35.161188 7faa67fff700 20 REMOTE_PORT=50702 > 2014-01-08 18:00:35.161189 7faa67fff700 20 GATEWAY_INTERFACE=CGI/1.1 > 2014-01-08 18:00:35.161189 7faa67fff700 20 SERVER_PROTOCOL=HTTP/1.1 > 2014-01-08 18:00:35.161190 7faa67fff700 20 REQUEST_METHOD=PUT > 2014-01-08 18:00:35.161190 7faa67fff700 20 > QUERY_STRING=page=Test3¶ms=&acl > 2014-01-08 18:00:35.161191 7faa67fff700 20 REQUEST_URI=/Test3?acl > 2014-01-08 18:00:35.161191 7faa67fff700 20 SCRIPT_NAME=/Test3 > 2014-01-08 18:00:35.161192 7faa67fff700 2 req 22:0.000160:s3:PUT > /Test3::getting op > 2014-01-08 18:00:35.161195 7faa67fff700 2 req 22:0.000163:s3:PUT > /Test3:put_acls:authorizing > 2014-01-08 18:00:35.161214 7faa67fff700 20 get_obj_state: > rctx=0x7faa20005110 obj=.us-east-1.users:RDDGMHRBXJN6HY3BOEO7 > state=0x7faa200051d8 s->prefetch_data=0 > 2014-01-08 18:00:35.161224 7faa67fff700 10 moving > .us-east-1.users+RDDGMHRBXJN6HY3BOEO7 to cache LRU end > 2014-01-08 18:00:35.161227 7faa67fff700 10 cache get: > name=.us-east-1.users+RDDGMHRBXJN6HY3BOEO7 : hit > 2014-01-08 18:00:35.161233 7faa67fff700 20 get_obj_state: s->obj_tag was set > empty > 2014-01-08 18:00:35.161238 7faa67fff700 10 moving > .us-east-1.users+RDDGMHRBXJN6HY3BOEO7 to cache LRU end > 2014-01-08 18:00:35.161239 7faa67fff700 10 cache get: > name=.us-east-1.users+RDDGMHRBXJN6HY3BOEO7 : hit > 2014-01-08 18:00:35.161252 7faa67fff700 20 get_obj_state: > rctx=0x7faa20005300 obj=.us-east-1.users.uid:app-ops state=0x7faa20005948 > s->prefetch_data=0 > 2014-01-08 18:00:35.161260 7faa67fff700 10 moving > .us-east-1.users.uid+app-ops to cache LRU end > 2014-01-08 18:00:35.161262 7faa67fff700 10 cache get: > name=.us-east-1.users.uid+app-ops : hit > 2014-01-08 18:00:35.161265 7faa67fff700 20 get_obj_state: s->obj_tag was set > empty > 2014-01-08 18:00:35.161268 7faa67fff700 10 moving > .us-east-1.users.uid+app-ops to cache LRU end > 2014-01-08 18:00:35.161269 7faa67fff700 10 cache get: > name=.us-east-1.users.uid+app-ops : hit > 2014-01-08 18:00:35.161304 7faa67fff700 10 get_canon_resource(): > dest=/Test3?acl > 2014-01-08 18:00:35.161306 7faa67fff700 10 auth_hdr: > PUT > > application/xml > Wed, 08 Jan 2014 18:00:34 GMT > /Test3?acl > 2014-01-08 18:00:35.161373 7faa67fff700 15 calculated > digest=N0+TC4Kr2N45xKKxUZkCyHpgQ74= > 2014-01-08 18:00:35.161375 7faa67fff700 15 > auth_sign=N0+TC4Kr2N45xKKxUZkCyHpgQ74= > 2014-01-08 18:00:35.161376 7faa67fff700 15 compare=0 > 2014-01-08 18:00:35.161377 7faa67fff700 20 system request > 2014-01-08 18:00:35.161381 7faa67fff700 2 req 22:0.000348:s3:PUT > /Test3:put_acls:reading permissions > 2014-01-08 18:00:35.161391 7faa67fff700 20 get_obj_state: > rctx=0x7faa20000ee0 obj=.us-east-1.rgw:Test3 state=0x7faa20006a78 > s->prefetch_data=0 > 2014-01-08 18:00:35.161397 7faa67fff700 10 moving .us-east-1.rgw+Test3 to > cache LRU end > 2014-01-08 18:00:35.161399 7faa67fff700 10 cache get: > name=.us-east-1.rgw+Test3 : hit > 2014-01-08 18:00:35.161403 7faa67fff700 20 get_obj_state: s->obj_tag was set > empty > 2014-01-08 18:00:35.161404 7faa67fff700 20 Read xattr: user.rgw.idtag > 2014-01-08 18:00:35.161405 7faa67fff700 20 Read xattr: user.rgw.manifest > 2014-01-08 18:00:35.161407 7faa67fff700 10 moving .us-east-1.rgw+Test3 to > cache LRU end > 2014-01-08 18:00:35.161408 7faa67fff700 10 cache get: > name=.us-east-1.rgw+Test3 : hit > 2014-01-08 18:00:35.161462 7faa67fff700 20 rgw_get_bucket_info: bucket > instance: > Test3(@{i=.us-east-1.rgw.buckets.index}.us-east-1.rgw.buckets[east-1.8607.1]) > 2014-01-08 18:00:35.161547 7faa67fff700 20 reading from > .us-east-1.rgw:.bucket.meta.Test3:east-1.8607.1 > 2014-01-08 18:00:35.161551 7faa67fff700 20 get_obj_state: > rctx=0x7faa20000ee0 obj=.us-east-1.rgw:.bucket.meta.Test3:east-1.8607.1 > state=0x7faa200076f8 s->prefetch_data=0 > 2014-01-08 18:00:35.161557 7faa67fff700 10 moving > .us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 to cache LRU end > 2014-01-08 18:00:35.161559 7faa67fff700 10 cache get: > name=.us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 : hit > 2014-01-08 18:00:35.161564 7faa67fff700 20 get_obj_state: s->obj_tag was set > empty > 2014-01-08 18:00:35.161565 7faa67fff700 20 Read xattr: user.rgw.acl > 2014-01-08 18:00:35.161567 7faa67fff700 20 Read xattr: user.rgw.idtag > 2014-01-08 18:00:35.161568 7faa67fff700 20 Read xattr: user.rgw.manifest > 2014-01-08 18:00:35.161570 7faa67fff700 10 moving > .us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 to cache LRU end > 2014-01-08 18:00:35.161572 7faa67fff700 10 cache get: > name=.us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 : hit > 2014-01-08 18:00:35.161592 7faa67fff700 15 Read > AccessControlPolicy<AccessControlPolicy > xmlns="http://s3.amazonaws.com/doc/2006-03-01/";><Owner><ID>app-ops</ID><DisplayName>Region-US > Zone-East</DisplayName></Owner><AccessControlList><Grant><Grantee > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > xsi:type="CanonicalUser"><ID>jaseer</ID><DisplayName>Jaseer > TK</DisplayName></Grantee><Permission>READ</Permission></Grant></AccessControlList></AccessControlPolicy> > 2014-01-08 18:00:35.161604 7faa67fff700 15 Read > AccessControlPolicy<AccessControlPolicy > xmlns="http://s3.amazonaws.com/doc/2006-03-01/";><Owner><ID>app-ops</ID><DisplayName>Region-US > Zone-East</DisplayName></Owner><AccessControlList><Grant><Grantee > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > xsi:type="CanonicalUser"><ID>jaseer</ID><DisplayName>Jaseer > TK</DisplayName></Grantee><Permission>READ</Permission></Grant></AccessControlList></AccessControlPolicy> > 2014-01-08 18:00:35.161610 7faa67fff700 2 req 22:0.000578:s3:PUT > /Test3:put_acls:init op > 2014-01-08 18:00:35.161613 7faa67fff700 2 req 22:0.000581:s3:PUT > /Test3:put_acls:verifying op mask > 2014-01-08 18:00:35.161615 7faa67fff700 20 required_mask= 2 user.op_mask=7 > 2014-01-08 18:00:35.161616 7faa67fff700 2 req 22:0.000584:s3:PUT > /Test3:put_acls:verifying op permissions > 2014-01-08 18:00:35.161619 7faa67fff700 5 Searching permissions for > uid=app-ops mask=56 > 2014-01-08 18:00:35.161620 7faa67fff700 5 Permissions for user not found > 2014-01-08 18:00:35.161621 7faa67fff700 5 Searching permissions for group=1 > mask=56 > 2014-01-08 18:00:35.161622 7faa67fff700 5 Permissions for group not found > 2014-01-08 18:00:35.161623 7faa67fff700 5 Searching permissions for group=2 > mask=56 > 2014-01-08 18:00:35.161624 7faa67fff700 5 Permissions for group not found > 2014-01-08 18:00:35.161625 7faa67fff700 5 Getting permissions id=app-ops > owner=app-ops perm=8 > 2014-01-08 18:00:35.161626 7faa67fff700 10 uid=app-ops requested perm > (type)=8, policy perm=8, user_perm_mask=8, acl perm=8 > 2014-01-08 18:00:35.161627 7faa67fff700 2 req 22:0.000595:s3:PUT > /Test3:put_acls:verifying op params > 2014-01-08 18:00:35.161629 7faa67fff700 2 req 22:0.000597:s3:PUT > /Test3:put_acls:executing > 2014-01-08 18:00:35.161641 7faa67fff700 15 read len=447 data=<?xml > version="1.0"?> > <AccessControlPolicy> > <Owner> > <ID>app-ops</ID> > <DisplayName>Region-US Zone-East</DisplayName> > </Owner> > <AccessControlList> > <Grant> > <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > xsi:type="CanonicalUser"> > <ID>jaseer</ID> > <DisplayName>Jaseer TK</DisplayName> > </Grantee> > <Permission>READ</Permission> > </Grant> > </AccessControlList> > </AccessControlPolicy> > > 2014-01-08 18:00:35.161701 7faa67fff700 15 Old > AccessControlPolicy<AccessControlPolicy > xmlns="http://s3.amazonaws.com/doc/2006-03-01/";><Owner><ID>app-ops</ID><DisplayName>Region-US > Zone-East</DisplayName></Owner><AccessControlList><Grant><Grantee > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > xsi:type="CanonicalUser"><ID>jaseer</ID><DisplayName>Jaseer > TK</DisplayName></Grantee><Permission>READ</Permission></Grant></AccessControlList></AccessControlPolicy> > 2014-01-08 18:00:35.161712 7faa67fff700 20 get_obj_state: > rctx=0x7faa2000d9b0 obj=.us-east-1.users.uid:app-ops state=0x7faa2000dd68 > s->prefetch_data=0 > 2014-01-08 18:00:35.161718 7faa67fff700 10 moving > .us-east-1.users.uid+app-ops to cache LRU end > 2014-01-08 18:00:35.161723 7faa67fff700 10 cache get: > name=.us-east-1.users.uid+app-ops : hit > 2014-01-08 18:00:35.161726 7faa67fff700 20 get_obj_state: s->obj_tag was set > empty > 2014-01-08 18:00:35.161730 7faa67fff700 10 moving > .us-east-1.users.uid+app-ops to cache LRU end > 2014-01-08 18:00:35.161731 7faa67fff700 10 cache get: > name=.us-east-1.users.uid+app-ops : hit > 2014-01-08 18:00:35.161744 7faa67fff700 20 owner id=app-ops > 2014-01-08 18:00:35.161746 7faa67fff700 20 dest owner id=app-ops > 2014-01-08 18:00:35.161750 7faa67fff700 20 get_obj_state: > rctx=0x7faa2000e1a0 obj=.us-east-1.users.uid:jaseer state=0x7faa2000e668 > s->prefetch_data=0 > 2014-01-08 18:00:35.161755 7faa67fff700 10 moving > .us-east-1.users.uid+jaseer to cache LRU end > 2014-01-08 18:00:35.161756 7faa67fff700 10 cache get: > name=.us-east-1.users.uid+jaseer : hit > 2014-01-08 18:00:35.161759 7faa67fff700 20 get_obj_state: s->obj_tag was set > empty > 2014-01-08 18:00:35.161762 7faa67fff700 10 moving > .us-east-1.users.uid+jaseer to cache LRU end > 2014-01-08 18:00:35.161763 7faa67fff700 10 cache get: > name=.us-east-1.users.uid+jaseer : hit > 2014-01-08 18:00:35.161771 7faa67fff700 10 new grant: jaseer:Jaseer TK > 2014-01-08 18:00:35.161775 7faa67fff700 15 New > AccessControlPolicy:<AccessControlPolicy > xmlns="http://s3.amazonaws.com/doc/2006-03-01/";><Owner><ID>app-ops</ID><DisplayName>Region-US > Zone-East</DisplayName></Owner><AccessControlList><Grant><Grantee > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > xsi:type="CanonicalUser"><ID>jaseer</ID><DisplayName>Jaseer > TK</DisplayName></Grantee><Permission>READ</Permission></Grant></AccessControlList></AccessControlPolicy> > 2014-01-08 18:00:35.161873 7faa67fff700 1 -- 10.2.4.203:0/1004169 --> > 10.2.4.203:6855/22095 -- osd_op(client.8604.0:1243 > .bucket.meta.Test3:east-1.8607.1 [call version.check_conds,call > version.set,setxattr user.rgw.acl (150)] 16.7d61d036 e567) v4 -- ?+0 > 0x7faa2000fd30 con 0x7faabc032950 > 2014-01-08 18:00:35.190879 7faad8d3c700 1 -- 10.2.4.203:0/1004169 <== > osd.56 10.2.4.203:6855/22095 1 ==== osd_op_reply(1243 > .bucket.meta.Test3:east-1.8607.1 [call,call,setxattr (150)] v567'4 uv4 > ondisk = 0) v6 ==== 275+0+0 (1563155070 0 0) 0x7fa9d0000fa0 con > 0x7faabc032950 > 2014-01-08 18:00:35.191067 7faa67fff700 10 cache put: > name=.us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 > 2014-01-08 18:00:35.191104 7faa67fff700 10 moving > .us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 to cache LRU end > 2014-01-08 18:00:35.191108 7faa67fff700 10 appending xattr: > name=user.rgw.acl bl.length()=150 > 2014-01-08 18:00:35.191132 7faa67fff700 10 distributing notification > oid=notify.5 bl.length()=458 > 2014-01-08 18:00:35.191206 7faa67fff700 1 -- 10.2.4.203:0/1004169 --> > 10.2.4.90:6826/28037 -- osd_op(client.8604.0:1244 notify.5 [notify 13~0] > 5.31099063 e567) v4 -- ?+0 0x7faa2000f900 con 0x2191210 > 2014-01-08 18:00:35.192695 7faad8d3c700 1 -- 10.2.4.203:0/1004169 <== > osd.10 10.2.4.90:6826/28037 100 ==== watch-notify(c=6 v=1 i=2435246456858 > opcode=1) v1 ==== 488+0+0 (3994886606 0 0) 0x7faa8000bf30 con 0x2191210 > 2014-01-08 18:00:35.192919 7faad1ffb700 10 RGWWatcher::notify() opcode=1 > ver=1 bl.length()=458 > 2014-01-08 18:00:35.193030 7faad1ffb700 10 cache put: > name=.us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 > 2014-01-08 18:00:35.193037 7faad1ffb700 10 moving > .us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 to cache LRU end > 2014-01-08 18:00:35.193041 7faad1ffb700 10 appending xattr: > name=user.rgw.acl bl.length()=150 > 2014-01-08 18:00:35.193103 7faad1ffb700 1 -- 10.2.4.203:0/1004169 --> > 10.2.4.90:6826/28037 -- osd_op(client.8604.0:1245 notify.5 [notify-ack > 2435246456858~1] 5.31099063 e567) v4 -- ?+0 0x7faa840048d0 con 0x2191210 > 2014-01-08 18:00:35.193114 7faad8d3c700 1 -- 10.2.4.203:0/1004169 <== > osd.10 10.2.4.90:6826/28037 101 ==== osd_op_reply(1244 notify.5 [notify > 13~0] v0'0 uv1 ondisk = 0) v6 ==== 167+0+0 (1829242010 0 0) 0x7faa8001db70 > con 0x2191210 > 2014-01-08 18:00:35.194590 7faad8d3c700 1 -- 10.2.4.203:0/1004169 <== > osd.10 10.2.4.90:6826/28037 102 ==== osd_op_reply(1245 notify.5 [notify-ack > 2435246456858~1] v0'0 uv1 ondisk = 0) v6 ==== 167+0+0 (2561335616 0 0) > 0x7faa8001db70 con 0x2191210 > 2014-01-08 18:00:35.194931 7faad8d3c700 1 -- 10.2.4.203:0/1004169 <== > osd.10 10.2.4.90:6826/28037 103 ==== watch-notify(c=13 v=1 i=2435246456858 > opcode=1) v1 ==== 488+0+0 (1666694009 0 0) 0x7faa8001db70 con 0x2191210 > 2014-01-08 18:00:35.195164 7faad1ffb700 1 -- 10.2.4.203:0/1004169 --> > 10.2.4.90:6826/28037 -- osd_op(client.8604.0:1246 notify.5 [notify-ack > 2435246456858~1] 5.31099063 e567) v4 -- ?+0 0x7faa840048d0 con 0x2191210 > 2014-01-08 18:00:35.195532 7faa67fff700 2 req 22:0.034499:s3:PUT > /Test3:put_acls:http status=200 > 2014-01-08 18:00:35.195818 7faa67fff700 1 ====== req done req=0x21829b0 > http_status=200 ====== > > > > ========================= > > > Logs for s3 file deletion: > > ======= > 2014-01-08 18:06:46.389380 7faae2d93780 20 enqueued request req=0x214c030 > 2014-01-08 18:06:46.389405 7faae2d93780 20 RGWWQ: > 2014-01-08 18:06:46.389407 7faae2d93780 20 req: 0x214c030 > 2014-01-08 18:06:46.389473 7faae2d93780 10 allocated request req=0x217a960 > 2014-01-08 18:06:46.389529 7faa3c7b8700 20 dequeued request req=0x214c030 > 2014-01-08 18:06:46.389539 7faa3c7b8700 20 RGWWQ: empty > 2014-01-08 18:06:46.389552 7faa3c7b8700 1 ====== starting new request > req=0x214c030 ===== > 2014-01-08 18:06:46.389615 7faa3c7b8700 2 req 24:0.000064::DELETE > /Test3/vip.txt::initializing > 2014-01-08 18:06:46.389622 7faa3c7b8700 10 host=isp.inmobi.com > rgw_dns_name=isp.inmobi.com > 2014-01-08 18:06:46.389634 7faa3c7b8700 10 meta>> HTTP_X_AMZ_DATE > 2014-01-08 18:06:46.389640 7faa3c7b8700 10 x>> x-amz-date:Wed, 08 Jan 2014 > 18:06:42 +0000 > 2014-01-08 18:06:46.389658 7faa3c7b8700 10 s->object=vip.txt s->bucket=Test3 > 2014-01-08 18:06:46.389665 7faa3c7b8700 20 FCGI_ROLE=RESPONDER > 2014-01-08 18:06:46.389666 7faa3c7b8700 20 SCRIPT_URL=/Test3/vip.txt > 2014-01-08 18:06:46.389667 7faa3c7b8700 20 > SCRIPT_URI=http://isp.inmobi.com/Test3/vip.txt > 2014-01-08 18:06:46.389668 7faa3c7b8700 20 HTTP_AUTHORIZATION=AWS > TJA9G6SOY6VERRZ629JP:PEPnhNtMAMFcg6h+OYGArn+RMX8= > 2014-01-08 18:06:46.389669 7faa3c7b8700 20 HTTP_HOST=isp.inmobi.com > 2014-01-08 18:06:46.389670 7faa3c7b8700 20 HTTP_ACCEPT_ENCODING=identity > 2014-01-08 18:06:46.389670 7faa3c7b8700 20 CONTENT_LENGTH=0 > 2014-01-08 18:06:46.389671 7faa3c7b8700 20 HTTP_X_AMZ_DATE=Wed, 08 Jan 2014 > 18:06:42 +0000 > 2014-01-08 18:06:46.389672 7faa3c7b8700 20 PATH=/usr/local/bin:/usr/bin:/bin > 2014-01-08 18:06:46.389672 7faa3c7b8700 20 SERVER_SIGNATURE= > 2014-01-08 18:06:46.389673 7faa3c7b8700 20 SERVER_SOFTWARE=Apache/2.2.22 > (Ubuntu) > 2014-01-08 18:06:46.389673 7faa3c7b8700 20 SERVER_NAME=isp.inmobi.com > 2014-01-08 18:06:46.389674 7faa3c7b8700 20 SERVER_ADDR=10.2.4.203 > 2014-01-08 18:06:46.389674 7faa3c7b8700 20 SERVER_PORT=80 > 2014-01-08 18:06:46.389675 7faa3c7b8700 20 REMOTE_ADDR=10.14.118.100 > 2014-01-08 18:06:46.389675 7faa3c7b8700 20 DOCUMENT_ROOT=/var/www > 2014-01-08 18:06:46.389676 7faa3c7b8700 20 SERVER_ADMIN=app-ops@xxxxxxxxxx > 2014-01-08 18:06:46.389676 7faa3c7b8700 20 > SCRIPT_FILENAME=/var/www/s3gw.fcgi > 2014-01-08 18:06:46.389677 7faa3c7b8700 20 REMOTE_PORT=33904 > 2014-01-08 18:06:46.389678 7faa3c7b8700 20 GATEWAY_INTERFACE=CGI/1.1 > 2014-01-08 18:06:46.389679 7faa3c7b8700 20 SERVER_PROTOCOL=HTTP/1.1 > 2014-01-08 18:06:46.389680 7faa3c7b8700 20 REQUEST_METHOD=DELETE > 2014-01-08 18:06:46.389681 7faa3c7b8700 20 > QUERY_STRING=page=Test3¶ms=/vip.txt > 2014-01-08 18:06:46.389681 7faa3c7b8700 20 REQUEST_URI=/Test3/vip.txt > 2014-01-08 18:06:46.389682 7faa3c7b8700 20 SCRIPT_NAME=/Test3/vip.txt > 2014-01-08 18:06:46.389683 7faa3c7b8700 2 req 24:0.000132:s3:DELETE > /Test3/vip.txt::getting op > 2014-01-08 18:06:46.389686 7faa3c7b8700 2 req 24:0.000135:s3:DELETE > /Test3/vip.txt:delete_obj:authorizing > 2014-01-08 18:06:46.389708 7faa3c7b8700 20 get_obj_state: > rctx=0x7faa8c004b70 obj=.us-east-1.users:TJA9G6SOY6VERRZ629JP > state=0x7faa8c004c38 s->prefetch_data=0 > 2014-01-08 18:06:46.389719 7faa3c7b8700 10 moving > .us-east-1.users+TJA9G6SOY6VERRZ629JP to cache LRU end > 2014-01-08 18:06:46.389722 7faa3c7b8700 10 cache get: > name=.us-east-1.users+TJA9G6SOY6VERRZ629JP : hit > 2014-01-08 18:06:46.389731 7faa3c7b8700 20 get_obj_state: s->obj_tag was set > empty > 2014-01-08 18:06:46.389736 7faa3c7b8700 10 moving > .us-east-1.users+TJA9G6SOY6VERRZ629JP to cache LRU end > 2014-01-08 18:06:46.389737 7faa3c7b8700 10 cache get: > name=.us-east-1.users+TJA9G6SOY6VERRZ629JP : hit > 2014-01-08 18:06:46.389753 7faa3c7b8700 20 get_obj_state: > rctx=0x7faa8c004d60 obj=.us-east-1.users.uid:jaseer state=0x7faa8c006b18 > s->prefetch_data=0 > 2014-01-08 18:06:46.389758 7faa3c7b8700 10 moving > .us-east-1.users.uid+jaseer to cache LRU end > 2014-01-08 18:06:46.389760 7faa3c7b8700 10 cache get: > name=.us-east-1.users.uid+jaseer : hit > 2014-01-08 18:06:46.389763 7faa3c7b8700 20 get_obj_state: s->obj_tag was set > empty > 2014-01-08 18:06:46.389766 7faa3c7b8700 10 moving > .us-east-1.users.uid+jaseer to cache LRU end > 2014-01-08 18:06:46.389767 7faa3c7b8700 10 cache get: > name=.us-east-1.users.uid+jaseer : hit > 2014-01-08 18:06:46.389808 7faa3c7b8700 10 get_canon_resource(): > dest=/Test3/vip.txt > 2014-01-08 18:06:46.389811 7faa3c7b8700 10 auth_hdr: > DELETE > > > > x-amz-date:Wed, 08 Jan 2014 18:06:42 +0000 > /Test3/vip.txt > 2014-01-08 18:06:46.389885 7faa3c7b8700 15 calculated > digest=PEPnhNtMAMFcg6h+OYGArn+RMX8= > 2014-01-08 18:06:46.389887 7faa3c7b8700 15 > auth_sign=PEPnhNtMAMFcg6h+OYGArn+RMX8= > 2014-01-08 18:06:46.389888 7faa3c7b8700 15 compare=0 > 2014-01-08 18:06:46.389890 7faa3c7b8700 20 system request > 2014-01-08 18:06:46.389892 7faa3c7b8700 2 req 24:0.000341:s3:DELETE > /Test3/vip.txt:delete_obj:reading permissions > 2014-01-08 18:06:46.389904 7faa3c7b8700 20 get_obj_state: > rctx=0x7faa8c000fe0 obj=.us-east-1.rgw:Test3 state=0x7faa8c005c98 > s->prefetch_data=0 > 2014-01-08 18:06:46.389911 7faa3c7b8700 10 moving .us-east-1.rgw+Test3 to > cache LRU end > 2014-01-08 18:06:46.389912 7faa3c7b8700 10 cache get: > name=.us-east-1.rgw+Test3 : hit > 2014-01-08 18:06:46.389917 7faa3c7b8700 20 get_obj_state: s->obj_tag was set > empty > 2014-01-08 18:06:46.389920 7faa3c7b8700 20 Read xattr: user.rgw.idtag > 2014-01-08 18:06:46.389921 7faa3c7b8700 20 Read xattr: user.rgw.manifest > 2014-01-08 18:06:46.389924 7faa3c7b8700 10 moving .us-east-1.rgw+Test3 to > cache LRU end > 2014-01-08 18:06:46.389925 7faa3c7b8700 10 cache get: > name=.us-east-1.rgw+Test3 : hit > 2014-01-08 18:06:46.389934 7faa3c7b8700 20 rgw_get_bucket_info: bucket > instance: > Test3(@{i=.us-east-1.rgw.buckets.index}.us-east-1.rgw.buckets[east-1.8607.1]) > 2014-01-08 18:06:46.389939 7faa3c7b8700 20 reading from > .us-east-1.rgw:.bucket.meta.Test3:east-1.8607.1 > 2014-01-08 18:06:46.389944 7faa3c7b8700 20 get_obj_state: > rctx=0x7faa8c000fe0 obj=.us-east-1.rgw:.bucket.meta.Test3:east-1.8607.1 > state=0x7faa8c00a5e8 s->prefetch_data=0 > 2014-01-08 18:06:46.389949 7faa3c7b8700 10 moving > .us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 to cache LRU end > 2014-01-08 18:06:46.389950 7faa3c7b8700 10 cache get: > name=.us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 : hit > 2014-01-08 18:06:46.389955 7faa3c7b8700 20 get_obj_state: s->obj_tag was set > empty > 2014-01-08 18:06:46.389956 7faa3c7b8700 20 Read xattr: user.rgw.acl > 2014-01-08 18:06:46.389957 7faa3c7b8700 20 Read xattr: user.rgw.idtag > 2014-01-08 18:06:46.389958 7faa3c7b8700 20 Read xattr: user.rgw.manifest > 2014-01-08 18:06:46.389961 7faa3c7b8700 10 moving > .us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 to cache LRU end > 2014-01-08 18:06:46.389963 7faa3c7b8700 10 cache get: > name=.us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 : hit > 2014-01-08 18:06:46.389980 7faa3c7b8700 15 Read > AccessControlPolicy<AccessControlPolicy > xmlns="http://s3.amazonaws.com/doc/2006-03-01/";><Owner><ID>app-ops</ID><DisplayName>Region-US > Zone-East</DisplayName></Owner><AccessControlList><Grant><Grantee > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > xsi:type="CanonicalUser"><ID>jaseer</ID><DisplayName>Jaseer > TK</DisplayName></Grantee><Permission>READ</Permission></Grant></AccessControlList></AccessControlPolicy> > 2014-01-08 18:06:46.389988 7faa3c7b8700 2 req 24:0.000437:s3:DELETE > /Test3/vip.txt:delete_obj:init op > 2014-01-08 18:06:46.389992 7faa3c7b8700 2 req 24:0.000440:s3:DELETE > /Test3/vip.txt:delete_obj:verifying op mask > 2014-01-08 18:06:46.389993 7faa3c7b8700 20 required_mask= 4 user.op_mask=7 > 2014-01-08 18:06:46.389994 7faa3c7b8700 2 req 24:0.000443:s3:DELETE > /Test3/vip.txt:delete_obj:verifying op permissions > 2014-01-08 18:06:46.389997 7faa3c7b8700 5 Searching permissions for > uid=jaseer mask=50 > 2014-01-08 18:06:46.389999 7faa3c7b8700 5 Found permission: 1 > 2014-01-08 18:06:46.390000 7faa3c7b8700 5 Searching permissions for group=1 > mask=50 > 2014-01-08 18:06:46.390001 7faa3c7b8700 5 Permissions for group not found > 2014-01-08 18:06:46.390002 7faa3c7b8700 5 Searching permissions for group=2 > mask=50 > 2014-01-08 18:06:46.390003 7faa3c7b8700 5 Permissions for group not found > 2014-01-08 18:06:46.390003 7faa3c7b8700 5 Getting permissions id=jaseer > owner=app-ops perm=0 > 2014-01-08 18:06:46.390004 7faa3c7b8700 10 uid=jaseer requested perm > (type)=2, policy perm=0, user_perm_mask=2, acl perm=0 > 2014-01-08 18:06:46.390006 7faa3c7b8700 2 overriding permissions due to > system operation > 2014-01-08 18:06:46.390007 7faa3c7b8700 2 req 24:0.000456:s3:DELETE > /Test3/vip.txt:delete_obj:verifying op params > 2014-01-08 18:06:46.390008 7faa3c7b8700 2 req 24:0.000457:s3:DELETE > /Test3/vip.txt:delete_obj:executing > 2014-01-08 18:06:46.390017 7faa3c7b8700 20 get_obj_state: > rctx=0x7faa8c000fe0 obj=Test3:vip.txt state=0x7faa8c008078 > s->prefetch_data=0 > 2014-01-08 18:06:46.390068 7faa3c7b8700 1 -- 10.2.4.203:0/1004169 --> > 10.2.4.203:6865/22234 -- osd_op(client.8604.0:1248 east-1.8607.1_vip.txt > [getxattrs,stat] 8.eb952482 e567) v4 -- ?+0 0x7faa8c008eb0 con > 0x7faabc043070 > 2014-01-08 18:06:46.392062 7faad8d3c700 1 -- 10.2.4.203:0/1004169 <== > osd.54 10.2.4.203:6865/22234 1 ==== osd_op_reply(1248 east-1.8607.1_vip.txt > [getxattrs,stat] v0'0 uv59 ondisk = 0) v6 ==== 222+0+807 (325389612 0 > 3984178414) 0x7faa18001a30 con 0x7faabc043070 > 2014-01-08 18:06:46.392290 7faa3c7b8700 10 manifest: total_size = 1621 > 2014-01-08 18:06:46.392305 7faa3c7b8700 10 manifest: ofs=0 loc=Test3:vip.txt > 2014-01-08 18:06:46.392308 7faa3c7b8700 20 get_obj_state: setting s->obj_tag > to east-1.8607.1055 > 2014-01-08 18:06:46.392352 7faa3c7b8700 10 setting object > write_tag=_I_fXnf11cDCPWJ0oFS5dVwsVgDFziHe > 2014-01-08 18:06:46.392413 7faa3c7b8700 1 -- 10.2.4.203:0/1004169 --> > 10.2.4.203:6845/21995 -- osd_op(client.8604.0:1249 .dir.east-1.8607.1 [call > rgw.bucket_prepare_op] 7.8e7e5c51 e567) v4 -- ?+0 0x7faa8c00b300 con > 0x7faabc036150 > 2014-01-08 18:06:46.436377 7faad8d3c700 1 -- 10.2.4.203:0/1004169 <== > osd.58 10.2.4.203:6845/21995 2 ==== osd_op_reply(1249 .dir.east-1.8607.1 > [call] v567'10 uv10 ondisk = 0) v6 ==== 177+0+0 (779774278 0 0) > 0x7faa2000edb0 con 0x7faabc036150 > 2014-01-08 18:06:46.436616 7faa3c7b8700 1 -- 10.2.4.203:0/1004169 --> > 10.2.4.203:6865/22234 -- osd_op(client.8604.0:1250 east-1.8607.1_vip.txt > [cmpxattr user.rgw.idtag (17) op 1 mode 1,setxattr user.rgw.idtag (33),call > refcount.put] 8.eb952482 e567) v4 -- ?+0 0x7faa8c009d50 con 0x7faabc043070 > 2014-01-08 18:06:46.463235 7faad8d3c700 1 -- 10.2.4.203:0/1004169 <== > osd.54 10.2.4.203:6865/22234 2 ==== osd_op_reply(1250 east-1.8607.1_vip.txt > [cmpxattr (17) op 1 mode 1,setxattr (33),call] v567'60 uv60 ondisk = 0) v6 > ==== 264+0+0 (530216734 0 0) 0x7faa18001440 con 0x7faabc043070 > 2014-01-08 18:06:46.463488 7faa3c7b8700 1 -- 10.2.4.203:0/1004169 --> > 10.2.4.203:6845/21995 -- osd_op(client.8604.0:1251 .dir.east-1.8607.1 [call > rgw.bucket_complete_op] 7.8e7e5c51 e567) v4 -- ?+0 0x7faa8c00b300 con > 0x7faabc036150 > 2014-01-08 18:06:46.463677 7faa3c7b8700 1 -- 10.2.4.203:0/1004169 --> > 10.2.4.90:6895/359 -- osd_op(client.8604.0:1252 gc.7 [call rgw.gc_set_entry] > 6.21d2251d e567) v4 -- ?+0 0x7faa8c00f2c0 con 0x7faabc033610 > 2014-01-08 18:06:46.463730 7faa3c7b8700 2 req 24:0.074179:s3:DELETE > /Test3/vip.txt:delete_obj:http status=204 > 2014-01-08 18:06:46.463954 7faa3c7b8700 1 ====== req done req=0x214c030 > http_status=204 ====== > ================= > > > > Thank you, > Jaseer TK > > > On Wed, Jan 8, 2014 at 11:13 PM, Yehuda Sadeh <yehuda@xxxxxxxxxxx> wrote: >> >> On Wed, Jan 8, 2014 at 9:40 AM, Jaseer Tk <jaseer.tk@xxxxxxxxxx> wrote: >> > >> > Thanks Yehuda, >> > >> > But I am seeing only this much in the logs with the log options we set. >> > I'll >> > try once again and update you. >> >> There should be much more. >> >> > >> > Do you think any global parameter (like region/zone settings or user's >> > privileges ) could be causing these buckets to be writable all users ? >> > >> >> At the moment it looks like all users are actually mapping to the same >> user, or something along that line. It is not highly unlikely that >> misconfiguration caused it. >> >> Yehuda >> >> >> > Thank you, >> > Jaseer TK >> > >> > >> > >> > >> > >> > On Wed, Jan 8, 2014 at 10:27 PM, Yehuda Sadeh <yehuda@xxxxxxxxxxx> >> > wrote: >> >> >> >> On Tue, Jan 7, 2014 at 11:16 PM, Jaseer Tk <jaseer.tk@xxxxxxxxxx> >> >> wrote: >> >> > >> >> > Hi Yehuda, >> >> > >> >> > Thanks for response. >> >> > >> >> > my setup is on ubuntu 12.04 servers, ceph pkg's: >> >> > >> >> > ======== >> >> > ii ceph 0.72.2-1precise >> >> > distributed storage and file system >> >> > ii ceph-common 0.72.2-1precise >> >> > common utilities to mount and interact with a ceph storage cluster >> >> > ii ceph-fs-common 0.72.2-1precise >> >> > common utilities to mount and interact with a ceph file system >> >> > ii ceph-mds 0.72.2-1precise >> >> > metadata server for the ceph distributed file system >> >> > ========== >> >> > >> >> > rados version: >> >> > ===== >> >> > ii librados2 0.72.2-1precise >> >> > RADOS distributed object store client library >> >> > ii radosgw 0.72.2-1precise >> >> > REST gateway for RADOS distributed object store >> >> > ii radosgw-agent 1.1-1precise >> >> > ======= >> >> > >> >> > >> >> > rados conf: >> >> > >> >> > [client.radosgw.us-east-1] >> >> > rgw region = us >> >> > rgw region root pool = .us.rgw.root >> >> > rgw zone = east-1 >> >> > rgw zone root pool = .us-east-1.rgw.root >> >> > keyring = /etc/ceph/ceph.client.radosgw.keyring >> >> > debug rgw = 20 >> >> > debug ms = 1 >> >> > rgw_dns_name = my_domain >> >> > rgw socket path = /var/run/ceph/client.radosgw.us-east-1.sock >> >> > log file = /var/log/ceph/radosgw.log >> >> > host = my_rados_hostname >> >> > >> >> > >> >> > Logs while doing putacl, >> >> > ========= >> >> > 2014-01-08 07:01:00.364967 7f0180f5d700 10 RGWWatcher::notify() >> >> > opcode=1 >> >> > ver=1 bl.length()=462 >> >> > 2014-01-08 07:01:00.365006 7f0180f5d700 10 cache put: >> >> > name=.us-east-1.rgw+.bucket.meta.App-Ops:east-1.5350.1 >> >> > 2014-01-08 07:01:00.365013 7f0180f5d700 10 moving >> >> > .us-east-1.rgw+.bucket.meta.App-Ops:east-1.5350.1 to cache LRU end >> >> > 2014-01-08 07:01:00.365017 7f0180f5d700 10 appending xattr: >> >> > name=user.rgw.acl bl.length()=150 >> >> > 2014-01-08 07:01:01.501663 7f016bfff700 2 >> >> > RGWDataChangesLog::ChangesRenewThread: start >> >> > ========== >> >> >> >> These aren't very thorough logs, looks like a very small snippet. Is >> >> that all you're getting? >> >> >> >> >> >> > >> >> > No rgw logs when doing s3cmd del. >> >> > >> >> > I am using http://undesigned.org.za/2007/10/22/amazon-s3-php-class/ >> >> > with >> >> > minor modifications to use with rados s3 interface. >> >> > getacl shows my acl is applied. But user is still able to delete. >> >> > Please >> >> > let me know if you want me to share my php code for getacl and >> >> > putacl. >> >> > >> >> > >> >> > >> >> > >> >> > -- >> >> > Thank you, >> >> > Jaseer TK >> >> > >> >> > >> >> > >> >> > >> >> > >> >> > >> >> > >> >> > >> >> > On Tue, Jan 7, 2014 at 9:30 PM, Yehuda Sadeh <yehuda@xxxxxxxxxxx> >> >> > wrote: >> >> >> >> >> >> On Tue, Jan 7, 2014 at 2:40 AM, Jaseer Tk <jaseer.tk@xxxxxxxxxx> >> >> >> wrote: >> >> >> > >> >> >> > Hi all, >> >> >> > >> >> >> > I tried to apply custom ACL(only Read) on an s3 bucket created. >> >> >> > The >> >> >> > rules >> >> >> > seems to have got applied. But it looks the ACL's not getting >> >> >> > honored. >> >> >> > >> >> >> > when I use getacl, I get the result. >> >> >> > ======= >> >> >> > >> >> >> > Array >> >> >> > ( >> >> >> > [0] => Array >> >> >> > ( >> >> >> > [Grantee] => Array >> >> >> > ( >> >> >> > [ID] => test-user >> >> >> > [DisplayName] => Test User >> >> >> > ) >> >> >> > >> >> >> > [Permission] => READ >> >> >> > ) >> >> >> > >> >> >> > ) >> >> >> > >> >> >> > >> >> >> > But Still this user is able to delete files from the bucket :( >> >> >> > >> >> >> > Am I missing something here ? >> >> >> > >> >> >> > >> >> >> What version are you running? Just tried it with dumpling and it >> >> >> worked ok. Can you provide rgw logs for it? (acl setting + removal; >> >> >> set 'debug rgw = 20' and 'debug ms = 1'). >> >> >> >> >> >> Thanks, >> >> >> Yehuda >> >> > >> >> > >> >> > >> >> > _____________________________________________________________ >> >> > The information contained in this communication is intended solely >> >> > for >> >> > the >> >> > use of the individual or entity to whom it is addressed and others >> >> > authorized to receive it. It may contain confidential or legally >> >> > privileged >> >> > information. If you are not the intended recipient you are hereby >> >> > notified >> >> > that any disclosure, copying, distribution or taking any action in >> >> > reliance >> >> > on the contents of this information is strictly prohibited and may be >> >> > unlawful. If you have received this communication in error, please >> >> > notify us >> >> > immediately by responding to this email and then delete it from your >> >> > system. >> >> > The firm is neither liable for the proper and complete transmission >> >> > of >> >> > the >> >> > information contained in this communication nor for any delay in its >> >> > receipt. >> > >> > >> > >> > _____________________________________________________________ >> > The information contained in this communication is intended solely for >> > the >> > use of the individual or entity to whom it is addressed and others >> > authorized to receive it. It may contain confidential or legally >> > privileged >> > information. If you are not the intended recipient you are hereby >> > notified >> > that any disclosure, copying, distribution or taking any action in >> > reliance >> > on the contents of this information is strictly prohibited and may be >> > unlawful. If you have received this communication in error, please >> > notify us >> > immediately by responding to this email and then delete it from your >> > system. >> > The firm is neither liable for the proper and complete transmission of >> > the >> > information contained in this communication nor for any delay in its >> > receipt. > > > > _____________________________________________________________ > The information contained in this communication is intended solely for the > use of the individual or entity to whom it is addressed and others > authorized to receive it. It may contain confidential or legally privileged > information. If you are not the intended recipient you are hereby notified > that any disclosure, copying, distribution or taking any action in reliance > on the contents of this information is strictly prohibited and may be > unlawful. If you have received this communication in error, please notify us > immediately by responding to this email and then delete it from your system. > The firm is neither liable for the proper and complete transmission of the > information contained in this communication nor for any delay in its > receipt. _______________________________________________ ceph-users mailing list ceph-users@xxxxxxxxxxxxxx http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
 |