Re: Custom ACL's are not being honoured.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Try
$ radosgw-admin user modify --uid=jaseer --system=false

Users should not be created with the system flag by default.

On Wed, Jan 8, 2014 at 10:24 AM, hemant burman <hemant.burman@xxxxxxxxx> wrote:
> Thanks a lot Yehuda for pointing that out, so how should we create a
> non-system user and also how should we remove the system flag from a user?
>
> -Hemant
>
>
> On Wed, Jan 8, 2014 at 11:44 PM, Yehuda Sadeh <yehuda@xxxxxxxxxxx> wrote:
>>
>> Well, user jaseer has the 'system' flag set so it acts like a super user.
>>
>> On Wed, Jan 8, 2014 at 10:09 AM, Jaseer Tk <jaseer.tk@xxxxxxxxxx> wrote:
>> >
>> > You were right. Sorry for the misdirection.
>> >
>> > logs for getacl:
>> > ================
>> > 2014-01-08 17:58:37.228949 7faae2d93780 20 enqueued request
>> > req=0x2182c90
>> > 2014-01-08 17:58:37.228968 7faae2d93780 20 RGWWQ:
>> > 2014-01-08 17:58:37.228970 7faae2d93780 20 req: 0x2182c90
>> > 2014-01-08 17:58:37.228976 7faae2d93780 10 allocated request
>> > req=0x21829b0
>> > 2014-01-08 17:58:37.228999 7faa4ffdf700 20 dequeued request
>> > req=0x2182c90
>> > 2014-01-08 17:58:37.229009 7faa4ffdf700 20 RGWWQ: empty
>> > 2014-01-08 17:58:37.229015 7faa4ffdf700  1 ====== starting new request
>> > req=0x2182c90 =====
>> > 2014-01-08 17:58:37.229069 7faa4ffdf700  2 req 21:0.000054::GET
>> > /Test3::initializing
>> > 2014-01-08 17:58:37.229076 7faa4ffdf700 10 host=isp.inmobi.com
>> > rgw_dns_name=isp.inmobi.com
>> > 2014-01-08 17:58:37.229106 7faa4ffdf700 10 s->object=<NULL>
>> > s->bucket=Test3
>> > 2014-01-08 17:58:37.229112 7faa4ffdf700 20 FCGI_ROLE=RESPONDER
>> > 2014-01-08 17:58:37.229113 7faa4ffdf700 20 SCRIPT_URL=/Test3
>> > 2014-01-08 17:58:37.229114 7faa4ffdf700 20
>> > SCRIPT_URI=http://isp.inmobi.com/Test3
>> > 2014-01-08 17:58:37.229115 7faa4ffdf700 20 HTTP_AUTHORIZATION=AWS
>> > RDDGMHRBXJN6HY3BOEO7:5Dl428zBfcGMrNknuT6VwIFkYnE=
>> > 2014-01-08 17:58:37.229116 7faa4ffdf700 20 HTTP_HOST=isp.inmobi.com
>> > 2014-01-08 17:58:37.229117 7faa4ffdf700 20
>> > HTTP_USER_AGENT=aws-sdk-php2/2.1.0 Guzzle/3.1.2 curl/7.19.7
>> > PHP/5.3.2-1ubuntu4.22
>> > 2014-01-08 17:58:37.229119 7faa4ffdf700 20 HTTP_DATE=Wed, 08 Jan 2014
>> > 17:58:36 +0000
>> > 2014-01-08 17:58:37.229120 7faa4ffdf700 20
>> > PATH=/usr/local/bin:/usr/bin:/bin
>> > 2014-01-08 17:58:37.229120 7faa4ffdf700 20 SERVER_SIGNATURE=
>> > 2014-01-08 17:58:37.229121 7faa4ffdf700 20 SERVER_SOFTWARE=Apache/2.2.22
>> > (Ubuntu)
>> > 2014-01-08 17:58:37.229121 7faa4ffdf700 20 SERVER_NAME=isp.inmobi.com
>> > 2014-01-08 17:58:37.229122 7faa4ffdf700 20 SERVER_ADDR=10.2.4.203
>> > 2014-01-08 17:58:37.229122 7faa4ffdf700 20 SERVER_PORT=80
>> > 2014-01-08 17:58:37.229123 7faa4ffdf700 20 REMOTE_ADDR=10.14.100.34
>> > 2014-01-08 17:58:37.229124 7faa4ffdf700 20 DOCUMENT_ROOT=/var/www
>> > 2014-01-08 17:58:37.229124 7faa4ffdf700 20
>> > SERVER_ADMIN=app-ops@xxxxxxxxxx
>> > 2014-01-08 17:58:37.229125 7faa4ffdf700 20
>> > SCRIPT_FILENAME=/var/www/s3gw.fcgi
>> > 2014-01-08 17:58:37.229125 7faa4ffdf700 20 REMOTE_PORT=50682
>> > 2014-01-08 17:58:37.229126 7faa4ffdf700 20 GATEWAY_INTERFACE=CGI/1.1
>> > 2014-01-08 17:58:37.229126 7faa4ffdf700 20 SERVER_PROTOCOL=HTTP/1.1
>> > 2014-01-08 17:58:37.229127 7faa4ffdf700 20 REQUEST_METHOD=GET
>> > 2014-01-08 17:58:37.229127 7faa4ffdf700 20
>> > QUERY_STRING=page=Test3&params=&acl
>> > 2014-01-08 17:58:37.229128 7faa4ffdf700 20 REQUEST_URI=/Test3?acl
>> > 2014-01-08 17:58:37.229129 7faa4ffdf700 20 SCRIPT_NAME=/Test3
>> > 2014-01-08 17:58:37.229130 7faa4ffdf700  2 req 21:0.000115:s3:GET
>> > /Test3::getting op
>> > 2014-01-08 17:58:37.229134 7faa4ffdf700  2 req 21:0.000119:s3:GET
>> > /Test3:get_acls:authorizing
>> > 2014-01-08 17:58:37.229156 7faa4ffdf700 20 get_obj_state:
>> > rctx=0x7fa9b4004670 obj=.us-east-1.users:RDDGMHRBXJN6HY3BOEO7
>> > state=0x7fa9b4004738 s->prefetch_data=0
>> > 2014-01-08 17:58:37.229166 7faa4ffdf700 10 moving
>> > .us-east-1.users+RDDGMHRBXJN6HY3BOEO7 to cache LRU end
>> > 2014-01-08 17:58:37.229169 7faa4ffdf700 10 cache get:
>> > name=.us-east-1.users+RDDGMHRBXJN6HY3BOEO7 : hit
>> > 2014-01-08 17:58:37.229177 7faa4ffdf700 20 get_obj_state: s->obj_tag was
>> > set
>> > empty
>> > 2014-01-08 17:58:37.229182 7faa4ffdf700 10 moving
>> > .us-east-1.users+RDDGMHRBXJN6HY3BOEO7 to cache LRU end
>> > 2014-01-08 17:58:37.229184 7faa4ffdf700 10 cache get:
>> > name=.us-east-1.users+RDDGMHRBXJN6HY3BOEO7 : hit
>> > 2014-01-08 17:58:37.229199 7faa4ffdf700 20 get_obj_state:
>> > rctx=0x7fa9b4004a50 obj=.us-east-1.users.uid:app-ops
>> > state=0x7fa9b4004738
>> > s->prefetch_data=0
>> > 2014-01-08 17:58:37.229206 7faa4ffdf700 10 moving
>> > .us-east-1.users.uid+app-ops to cache LRU end
>> > 2014-01-08 17:58:37.229208 7faa4ffdf700 10 cache get:
>> > name=.us-east-1.users.uid+app-ops : hit
>> > 2014-01-08 17:58:37.229212 7faa4ffdf700 20 get_obj_state: s->obj_tag was
>> > set
>> > empty
>> > 2014-01-08 17:58:37.229215 7faa4ffdf700 10 moving
>> > .us-east-1.users.uid+app-ops to cache LRU end
>> > 2014-01-08 17:58:37.229216 7faa4ffdf700 10 cache get:
>> > name=.us-east-1.users.uid+app-ops : hit
>> > 2014-01-08 17:58:37.229264 7faa4ffdf700 10 get_canon_resource():
>> > dest=/Test3?acl
>> > 2014-01-08 17:58:37.229267 7faa4ffdf700 10 auth_hdr:
>> > GET
>> >
>> >
>> > Wed, 08 Jan 2014 17:58:36 +0000
>> > /Test3?acl
>> > 2014-01-08 17:58:37.229330 7faa4ffdf700 15 calculated
>> > digest=5Dl428zBfcGMrNknuT6VwIFkYnE=
>> > 2014-01-08 17:58:37.229332 7faa4ffdf700 15
>> > auth_sign=5Dl428zBfcGMrNknuT6VwIFkYnE=
>> > 2014-01-08 17:58:37.229333 7faa4ffdf700 15 compare=0
>> > 2014-01-08 17:58:37.229335 7faa4ffdf700 20 system request
>> > 2014-01-08 17:58:37.229338 7faa4ffdf700  2 req 21:0.000323:s3:GET
>> > /Test3:get_acls:reading permissions
>> > 2014-01-08 17:58:37.229349 7faa4ffdf700 20 get_obj_state:
>> > rctx=0x7fa9b4000ee0 obj=.us-east-1.rgw:Test3 state=0x7fa9b40062c8
>> > s->prefetch_data=0
>> > 2014-01-08 17:58:37.229356 7faa4ffdf700 10 moving .us-east-1.rgw+Test3
>> > to
>> > cache LRU end
>> > 2014-01-08 17:58:37.229357 7faa4ffdf700 10 cache get:
>> > name=.us-east-1.rgw+Test3 : hit
>> > 2014-01-08 17:58:37.229360 7faa4ffdf700 20 get_obj_state: s->obj_tag was
>> > set
>> > empty
>> > 2014-01-08 17:58:37.229363 7faa4ffdf700 20 Read xattr: user.rgw.idtag
>> > 2014-01-08 17:58:37.229363 7faa4ffdf700 20 Read xattr: user.rgw.manifest
>> > 2014-01-08 17:58:37.229366 7faa4ffdf700 10 moving .us-east-1.rgw+Test3
>> > to
>> > cache LRU end
>> > 2014-01-08 17:58:37.229366 7faa4ffdf700 10 cache get:
>> > name=.us-east-1.rgw+Test3 : hit
>> > 2014-01-08 17:58:37.229374 7faa4ffdf700 20 rgw_get_bucket_info: bucket
>> > instance:
>> >
>> > Test3(@{i=.us-east-1.rgw.buckets.index}.us-east-1.rgw.buckets[east-1.8607.1])
>> > 2014-01-08 17:58:37.229379 7faa4ffdf700 20 reading from
>> > .us-east-1.rgw:.bucket.meta.Test3:east-1.8607.1
>> > 2014-01-08 17:58:37.229383 7faa4ffdf700 20 get_obj_state:
>> > rctx=0x7fa9b4000ee0 obj=.us-east-1.rgw:.bucket.meta.Test3:east-1.8607.1
>> > state=0x7fa9b4006ff8 s->prefetch_data=0
>> > 2014-01-08 17:58:37.229388 7faa4ffdf700 10 moving
>> > .us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 to cache LRU end
>> > 2014-01-08 17:58:37.229389 7faa4ffdf700 10 cache get:
>> > name=.us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 : hit
>> > 2014-01-08 17:58:37.229394 7faa4ffdf700 20 get_obj_state: s->obj_tag was
>> > set
>> > empty
>> > 2014-01-08 17:58:37.229396 7faa4ffdf700 20 Read xattr: user.rgw.acl
>> > 2014-01-08 17:58:37.229397 7faa4ffdf700 20 Read xattr: user.rgw.idtag
>> > 2014-01-08 17:58:37.229397 7faa4ffdf700 20 Read xattr: user.rgw.manifest
>> > 2014-01-08 17:58:37.229399 7faa4ffdf700 10 moving
>> > .us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 to cache LRU end
>> > 2014-01-08 17:58:37.229400 7faa4ffdf700 10 cache get:
>> > name=.us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 : hit
>> > 2014-01-08 17:58:37.229423 7faa4ffdf700 15 Read
>> > AccessControlPolicy<AccessControlPolicy
>> >
>> > xmlns="http://s3.amazonaws.com/doc/2006-03-01/";><Owner><ID>app-ops</ID><DisplayName>Region-US
>> > Zone-East</DisplayName></Owner><AccessControlList><Grant><Grantee
>> > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
>> > xsi:type="CanonicalUser"><ID>jaseer</ID><DisplayName>Jaseer
>> >
>> > TK</DisplayName></Grantee><Permission>READ</Permission></Grant></AccessControlList></AccessControlPolicy>
>> > 2014-01-08 17:58:37.229436 7faa4ffdf700 15 Read
>> > AccessControlPolicy<AccessControlPolicy
>> >
>> > xmlns="http://s3.amazonaws.com/doc/2006-03-01/";><Owner><ID>app-ops</ID><DisplayName>Region-US
>> > Zone-East</DisplayName></Owner><AccessControlList><Grant><Grantee
>> > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
>> > xsi:type="CanonicalUser"><ID>jaseer</ID><DisplayName>Jaseer
>> >
>> > TK</DisplayName></Grantee><Permission>READ</Permission></Grant></AccessControlList></AccessControlPolicy>
>> > 2014-01-08 17:58:37.229441 7faa4ffdf700  2 req 21:0.000426:s3:GET
>> > /Test3:get_acls:init op
>> > 2014-01-08 17:58:37.229444 7faa4ffdf700  2 req 21:0.000429:s3:GET
>> > /Test3:get_acls:verifying op mask
>> > 2014-01-08 17:58:37.229446 7faa4ffdf700 20 required_mask= 1
>> > user.op_mask=7
>> > 2014-01-08 17:58:37.229448 7faa4ffdf700  2 req 21:0.000432:s3:GET
>> > /Test3:get_acls:verifying op permissions
>> > 2014-01-08 17:58:37.229450 7faa4ffdf700  5 Searching permissions for
>> > uid=app-ops mask=52
>> > 2014-01-08 17:58:37.229452 7faa4ffdf700  5 Permissions for user not
>> > found
>> > 2014-01-08 17:58:37.229453 7faa4ffdf700  5 Searching permissions for
>> > group=1
>> > mask=52
>> > 2014-01-08 17:58:37.229454 7faa4ffdf700  5 Permissions for group not
>> > found
>> > 2014-01-08 17:58:37.229455 7faa4ffdf700  5 Searching permissions for
>> > group=2
>> > mask=52
>> > 2014-01-08 17:58:37.229456 7faa4ffdf700  5 Permissions for group not
>> > found
>> > 2014-01-08 17:58:37.229456 7faa4ffdf700  5 Getting permissions
>> > id=app-ops
>> > owner=app-ops perm=4
>> > 2014-01-08 17:58:37.229457 7faa4ffdf700 10  uid=app-ops requested perm
>> > (type)=4, policy perm=4, user_perm_mask=4, acl perm=4
>> > 2014-01-08 17:58:37.229459 7faa4ffdf700  2 req 21:0.000444:s3:GET
>> > /Test3:get_acls:verifying op params
>> > 2014-01-08 17:58:37.229460 7faa4ffdf700  2 req 21:0.000445:s3:GET
>> > /Test3:get_acls:executing
>> > 2014-01-08 17:58:37.229480 7faa4ffdf700  2 req 21:0.000465:s3:GET
>> > /Test3:get_acls:http status=200
>> > 2014-01-08 17:58:37.229658 7faa4ffdf700  1 ====== req done req=0x2182c90
>> > http_status=200 ======
>> >
>> >
>> > ==============
>> >
>> >
>> >
>> > Logs for putacl:
>> > ===============
>> >
>> > 2014-01-08 18:00:35.160860 7faae2d93780 20 enqueued request
>> > req=0x21829b0
>> > 2014-01-08 18:00:35.160884 7faae2d93780 20 RGWWQ:
>> > 2014-01-08 18:00:35.160887 7faae2d93780 20 req: 0x21829b0
>> > 2014-01-08 18:00:35.160956 7faae2d93780 10 allocated request
>> > req=0x2132c60
>> > 2014-01-08 18:00:35.161006 7faa67fff700 20 dequeued request
>> > req=0x21829b0
>> > 2014-01-08 18:00:35.161023 7faa67fff700 20 RGWWQ: empty
>> > 2014-01-08 18:00:35.161033 7faa67fff700  1 ====== starting new request
>> > req=0x21829b0 =====
>> > 2014-01-08 18:00:35.161114 7faa67fff700  2 req 22:0.000082::PUT
>> > /Test3::initializing
>> > 2014-01-08 18:00:35.161123 7faa67fff700 10 host=isp.inmobi.com
>> > rgw_dns_name=isp.inmobi.com
>> > 2014-01-08 18:00:35.161161 7faa67fff700 10 s->object=<NULL>
>> > s->bucket=Test3
>> > 2014-01-08 18:00:35.161174 7faa67fff700 20 FCGI_ROLE=RESPONDER
>> > 2014-01-08 18:00:35.161176 7faa67fff700 20 SCRIPT_URL=/Test3
>> > 2014-01-08 18:00:35.161177 7faa67fff700 20
>> > SCRIPT_URI=http://isp.inmobi.com/Test3
>> > 2014-01-08 18:00:35.161177 7faa67fff700 20 HTTP_AUTHORIZATION=AWS
>> > RDDGMHRBXJN6HY3BOEO7:N0+TC4Kr2N45xKKxUZkCyHpgQ74=
>> > 2014-01-08 18:00:35.161178 7faa67fff700 20 HTTP_USER_AGENT=S3/php
>> > 2014-01-08 18:00:35.161179 7faa67fff700 20 HTTP_ACCEPT=*/*
>> > 2014-01-08 18:00:35.161179 7faa67fff700 20 HTTP_HOST=isp.inmobi.com
>> > 2014-01-08 18:00:35.161180 7faa67fff700 20 HTTP_DATE=Wed, 08 Jan 2014
>> > 18:00:34 GMT
>> > 2014-01-08 18:00:35.161181 7faa67fff700 20 CONTENT_TYPE=application/xml
>> > 2014-01-08 18:00:35.161181 7faa67fff700 20 CONTENT_LENGTH=447
>> > 2014-01-08 18:00:35.161182 7faa67fff700 20
>> > PATH=/usr/local/bin:/usr/bin:/bin
>> > 2014-01-08 18:00:35.161183 7faa67fff700 20 SERVER_SIGNATURE=
>> > 2014-01-08 18:00:35.161183 7faa67fff700 20 SERVER_SOFTWARE=Apache/2.2.22
>> > (Ubuntu)
>> > 2014-01-08 18:00:35.161184 7faa67fff700 20 SERVER_NAME=isp.inmobi.com
>> > 2014-01-08 18:00:35.161185 7faa67fff700 20 SERVER_ADDR=10.2.4.203
>> > 2014-01-08 18:00:35.161185 7faa67fff700 20 SERVER_PORT=80
>> > 2014-01-08 18:00:35.161186 7faa67fff700 20 REMOTE_ADDR=10.14.100.34
>> > 2014-01-08 18:00:35.161187 7faa67fff700 20 DOCUMENT_ROOT=/var/www
>> > 2014-01-08 18:00:35.161187 7faa67fff700 20
>> > SERVER_ADMIN=app-ops@xxxxxxxxxx
>> > 2014-01-08 18:00:35.161188 7faa67fff700 20
>> > SCRIPT_FILENAME=/var/www/s3gw.fcgi
>> > 2014-01-08 18:00:35.161188 7faa67fff700 20 REMOTE_PORT=50702
>> > 2014-01-08 18:00:35.161189 7faa67fff700 20 GATEWAY_INTERFACE=CGI/1.1
>> > 2014-01-08 18:00:35.161189 7faa67fff700 20 SERVER_PROTOCOL=HTTP/1.1
>> > 2014-01-08 18:00:35.161190 7faa67fff700 20 REQUEST_METHOD=PUT
>> > 2014-01-08 18:00:35.161190 7faa67fff700 20
>> > QUERY_STRING=page=Test3&params=&acl
>> > 2014-01-08 18:00:35.161191 7faa67fff700 20 REQUEST_URI=/Test3?acl
>> > 2014-01-08 18:00:35.161191 7faa67fff700 20 SCRIPT_NAME=/Test3
>> > 2014-01-08 18:00:35.161192 7faa67fff700  2 req 22:0.000160:s3:PUT
>> > /Test3::getting op
>> > 2014-01-08 18:00:35.161195 7faa67fff700  2 req 22:0.000163:s3:PUT
>> > /Test3:put_acls:authorizing
>> > 2014-01-08 18:00:35.161214 7faa67fff700 20 get_obj_state:
>> > rctx=0x7faa20005110 obj=.us-east-1.users:RDDGMHRBXJN6HY3BOEO7
>> > state=0x7faa200051d8 s->prefetch_data=0
>> > 2014-01-08 18:00:35.161224 7faa67fff700 10 moving
>> > .us-east-1.users+RDDGMHRBXJN6HY3BOEO7 to cache LRU end
>> > 2014-01-08 18:00:35.161227 7faa67fff700 10 cache get:
>> > name=.us-east-1.users+RDDGMHRBXJN6HY3BOEO7 : hit
>> > 2014-01-08 18:00:35.161233 7faa67fff700 20 get_obj_state: s->obj_tag was
>> > set
>> > empty
>> > 2014-01-08 18:00:35.161238 7faa67fff700 10 moving
>> > .us-east-1.users+RDDGMHRBXJN6HY3BOEO7 to cache LRU end
>> > 2014-01-08 18:00:35.161239 7faa67fff700 10 cache get:
>> > name=.us-east-1.users+RDDGMHRBXJN6HY3BOEO7 : hit
>> > 2014-01-08 18:00:35.161252 7faa67fff700 20 get_obj_state:
>> > rctx=0x7faa20005300 obj=.us-east-1.users.uid:app-ops
>> > state=0x7faa20005948
>> > s->prefetch_data=0
>> > 2014-01-08 18:00:35.161260 7faa67fff700 10 moving
>> > .us-east-1.users.uid+app-ops to cache LRU end
>> > 2014-01-08 18:00:35.161262 7faa67fff700 10 cache get:
>> > name=.us-east-1.users.uid+app-ops : hit
>> > 2014-01-08 18:00:35.161265 7faa67fff700 20 get_obj_state: s->obj_tag was
>> > set
>> > empty
>> > 2014-01-08 18:00:35.161268 7faa67fff700 10 moving
>> > .us-east-1.users.uid+app-ops to cache LRU end
>> > 2014-01-08 18:00:35.161269 7faa67fff700 10 cache get:
>> > name=.us-east-1.users.uid+app-ops : hit
>> > 2014-01-08 18:00:35.161304 7faa67fff700 10 get_canon_resource():
>> > dest=/Test3?acl
>> > 2014-01-08 18:00:35.161306 7faa67fff700 10 auth_hdr:
>> > PUT
>> >
>> > application/xml
>> > Wed, 08 Jan 2014 18:00:34 GMT
>> > /Test3?acl
>> > 2014-01-08 18:00:35.161373 7faa67fff700 15 calculated
>> > digest=N0+TC4Kr2N45xKKxUZkCyHpgQ74=
>> > 2014-01-08 18:00:35.161375 7faa67fff700 15
>> > auth_sign=N0+TC4Kr2N45xKKxUZkCyHpgQ74=
>> > 2014-01-08 18:00:35.161376 7faa67fff700 15 compare=0
>> > 2014-01-08 18:00:35.161377 7faa67fff700 20 system request
>> > 2014-01-08 18:00:35.161381 7faa67fff700  2 req 22:0.000348:s3:PUT
>> > /Test3:put_acls:reading permissions
>> > 2014-01-08 18:00:35.161391 7faa67fff700 20 get_obj_state:
>> > rctx=0x7faa20000ee0 obj=.us-east-1.rgw:Test3 state=0x7faa20006a78
>> > s->prefetch_data=0
>> > 2014-01-08 18:00:35.161397 7faa67fff700 10 moving .us-east-1.rgw+Test3
>> > to
>> > cache LRU end
>> > 2014-01-08 18:00:35.161399 7faa67fff700 10 cache get:
>> > name=.us-east-1.rgw+Test3 : hit
>> > 2014-01-08 18:00:35.161403 7faa67fff700 20 get_obj_state: s->obj_tag was
>> > set
>> > empty
>> > 2014-01-08 18:00:35.161404 7faa67fff700 20 Read xattr: user.rgw.idtag
>> > 2014-01-08 18:00:35.161405 7faa67fff700 20 Read xattr: user.rgw.manifest
>> > 2014-01-08 18:00:35.161407 7faa67fff700 10 moving .us-east-1.rgw+Test3
>> > to
>> > cache LRU end
>> > 2014-01-08 18:00:35.161408 7faa67fff700 10 cache get:
>> > name=.us-east-1.rgw+Test3 : hit
>> > 2014-01-08 18:00:35.161462 7faa67fff700 20 rgw_get_bucket_info: bucket
>> > instance:
>> >
>> > Test3(@{i=.us-east-1.rgw.buckets.index}.us-east-1.rgw.buckets[east-1.8607.1])
>> > 2014-01-08 18:00:35.161547 7faa67fff700 20 reading from
>> > .us-east-1.rgw:.bucket.meta.Test3:east-1.8607.1
>> > 2014-01-08 18:00:35.161551 7faa67fff700 20 get_obj_state:
>> > rctx=0x7faa20000ee0 obj=.us-east-1.rgw:.bucket.meta.Test3:east-1.8607.1
>> > state=0x7faa200076f8 s->prefetch_data=0
>> > 2014-01-08 18:00:35.161557 7faa67fff700 10 moving
>> > .us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 to cache LRU end
>> > 2014-01-08 18:00:35.161559 7faa67fff700 10 cache get:
>> > name=.us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 : hit
>> > 2014-01-08 18:00:35.161564 7faa67fff700 20 get_obj_state: s->obj_tag was
>> > set
>> > empty
>> > 2014-01-08 18:00:35.161565 7faa67fff700 20 Read xattr: user.rgw.acl
>> > 2014-01-08 18:00:35.161567 7faa67fff700 20 Read xattr: user.rgw.idtag
>> > 2014-01-08 18:00:35.161568 7faa67fff700 20 Read xattr: user.rgw.manifest
>> > 2014-01-08 18:00:35.161570 7faa67fff700 10 moving
>> > .us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 to cache LRU end
>> > 2014-01-08 18:00:35.161572 7faa67fff700 10 cache get:
>> > name=.us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 : hit
>> > 2014-01-08 18:00:35.161592 7faa67fff700 15 Read
>> > AccessControlPolicy<AccessControlPolicy
>> >
>> > xmlns="http://s3.amazonaws.com/doc/2006-03-01/";><Owner><ID>app-ops</ID><DisplayName>Region-US
>> > Zone-East</DisplayName></Owner><AccessControlList><Grant><Grantee
>> > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
>> > xsi:type="CanonicalUser"><ID>jaseer</ID><DisplayName>Jaseer
>> >
>> > TK</DisplayName></Grantee><Permission>READ</Permission></Grant></AccessControlList></AccessControlPolicy>
>> > 2014-01-08 18:00:35.161604 7faa67fff700 15 Read
>> > AccessControlPolicy<AccessControlPolicy
>> >
>> > xmlns="http://s3.amazonaws.com/doc/2006-03-01/";><Owner><ID>app-ops</ID><DisplayName>Region-US
>> > Zone-East</DisplayName></Owner><AccessControlList><Grant><Grantee
>> > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
>> > xsi:type="CanonicalUser"><ID>jaseer</ID><DisplayName>Jaseer
>> >
>> > TK</DisplayName></Grantee><Permission>READ</Permission></Grant></AccessControlList></AccessControlPolicy>
>> > 2014-01-08 18:00:35.161610 7faa67fff700  2 req 22:0.000578:s3:PUT
>> > /Test3:put_acls:init op
>> > 2014-01-08 18:00:35.161613 7faa67fff700  2 req 22:0.000581:s3:PUT
>> > /Test3:put_acls:verifying op mask
>> > 2014-01-08 18:00:35.161615 7faa67fff700 20 required_mask= 2
>> > user.op_mask=7
>> > 2014-01-08 18:00:35.161616 7faa67fff700  2 req 22:0.000584:s3:PUT
>> > /Test3:put_acls:verifying op permissions
>> > 2014-01-08 18:00:35.161619 7faa67fff700  5 Searching permissions for
>> > uid=app-ops mask=56
>> > 2014-01-08 18:00:35.161620 7faa67fff700  5 Permissions for user not
>> > found
>> > 2014-01-08 18:00:35.161621 7faa67fff700  5 Searching permissions for
>> > group=1
>> > mask=56
>> > 2014-01-08 18:00:35.161622 7faa67fff700  5 Permissions for group not
>> > found
>> > 2014-01-08 18:00:35.161623 7faa67fff700  5 Searching permissions for
>> > group=2
>> > mask=56
>> > 2014-01-08 18:00:35.161624 7faa67fff700  5 Permissions for group not
>> > found
>> > 2014-01-08 18:00:35.161625 7faa67fff700  5 Getting permissions
>> > id=app-ops
>> > owner=app-ops perm=8
>> > 2014-01-08 18:00:35.161626 7faa67fff700 10  uid=app-ops requested perm
>> > (type)=8, policy perm=8, user_perm_mask=8, acl perm=8
>> > 2014-01-08 18:00:35.161627 7faa67fff700  2 req 22:0.000595:s3:PUT
>> > /Test3:put_acls:verifying op params
>> > 2014-01-08 18:00:35.161629 7faa67fff700  2 req 22:0.000597:s3:PUT
>> > /Test3:put_acls:executing
>> > 2014-01-08 18:00:35.161641 7faa67fff700 15 read len=447 data=<?xml
>> > version="1.0"?>
>> > <AccessControlPolicy>
>> >   <Owner>
>> >     <ID>app-ops</ID>
>> >     <DisplayName>Region-US Zone-East</DisplayName>
>> >   </Owner>
>> >   <AccessControlList>
>> >     <Grant>
>> >       <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
>> > xsi:type="CanonicalUser">
>> >         <ID>jaseer</ID>
>> >         <DisplayName>Jaseer TK</DisplayName>
>> >       </Grantee>
>> >       <Permission>READ</Permission>
>> >     </Grant>
>> >   </AccessControlList>
>> > </AccessControlPolicy>
>> >
>> > 2014-01-08 18:00:35.161701 7faa67fff700 15 Old
>> > AccessControlPolicy<AccessControlPolicy
>> >
>> > xmlns="http://s3.amazonaws.com/doc/2006-03-01/";><Owner><ID>app-ops</ID><DisplayName>Region-US
>> > Zone-East</DisplayName></Owner><AccessControlList><Grant><Grantee
>> > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
>> > xsi:type="CanonicalUser"><ID>jaseer</ID><DisplayName>Jaseer
>> >
>> > TK</DisplayName></Grantee><Permission>READ</Permission></Grant></AccessControlList></AccessControlPolicy>
>> > 2014-01-08 18:00:35.161712 7faa67fff700 20 get_obj_state:
>> > rctx=0x7faa2000d9b0 obj=.us-east-1.users.uid:app-ops
>> > state=0x7faa2000dd68
>> > s->prefetch_data=0
>> > 2014-01-08 18:00:35.161718 7faa67fff700 10 moving
>> > .us-east-1.users.uid+app-ops to cache LRU end
>> > 2014-01-08 18:00:35.161723 7faa67fff700 10 cache get:
>> > name=.us-east-1.users.uid+app-ops : hit
>> > 2014-01-08 18:00:35.161726 7faa67fff700 20 get_obj_state: s->obj_tag was
>> > set
>> > empty
>> > 2014-01-08 18:00:35.161730 7faa67fff700 10 moving
>> > .us-east-1.users.uid+app-ops to cache LRU end
>> > 2014-01-08 18:00:35.161731 7faa67fff700 10 cache get:
>> > name=.us-east-1.users.uid+app-ops : hit
>> > 2014-01-08 18:00:35.161744 7faa67fff700 20 owner id=app-ops
>> > 2014-01-08 18:00:35.161746 7faa67fff700 20 dest owner id=app-ops
>> > 2014-01-08 18:00:35.161750 7faa67fff700 20 get_obj_state:
>> > rctx=0x7faa2000e1a0 obj=.us-east-1.users.uid:jaseer state=0x7faa2000e668
>> > s->prefetch_data=0
>> > 2014-01-08 18:00:35.161755 7faa67fff700 10 moving
>> > .us-east-1.users.uid+jaseer to cache LRU end
>> > 2014-01-08 18:00:35.161756 7faa67fff700 10 cache get:
>> > name=.us-east-1.users.uid+jaseer : hit
>> > 2014-01-08 18:00:35.161759 7faa67fff700 20 get_obj_state: s->obj_tag was
>> > set
>> > empty
>> > 2014-01-08 18:00:35.161762 7faa67fff700 10 moving
>> > .us-east-1.users.uid+jaseer to cache LRU end
>> > 2014-01-08 18:00:35.161763 7faa67fff700 10 cache get:
>> > name=.us-east-1.users.uid+jaseer : hit
>> > 2014-01-08 18:00:35.161771 7faa67fff700 10 new grant: jaseer:Jaseer TK
>> > 2014-01-08 18:00:35.161775 7faa67fff700 15 New
>> > AccessControlPolicy:<AccessControlPolicy
>> >
>> > xmlns="http://s3.amazonaws.com/doc/2006-03-01/";><Owner><ID>app-ops</ID><DisplayName>Region-US
>> > Zone-East</DisplayName></Owner><AccessControlList><Grant><Grantee
>> > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
>> > xsi:type="CanonicalUser"><ID>jaseer</ID><DisplayName>Jaseer
>> >
>> > TK</DisplayName></Grantee><Permission>READ</Permission></Grant></AccessControlList></AccessControlPolicy>
>> > 2014-01-08 18:00:35.161873 7faa67fff700  1 -- 10.2.4.203:0/1004169 -->
>> > 10.2.4.203:6855/22095 -- osd_op(client.8604.0:1243
>> > .bucket.meta.Test3:east-1.8607.1 [call version.check_conds,call
>> > version.set,setxattr user.rgw.acl (150)] 16.7d61d036 e567) v4 -- ?+0
>> > 0x7faa2000fd30 con 0x7faabc032950
>> > 2014-01-08 18:00:35.190879 7faad8d3c700  1 -- 10.2.4.203:0/1004169 <==
>> > osd.56 10.2.4.203:6855/22095 1 ==== osd_op_reply(1243
>> > .bucket.meta.Test3:east-1.8607.1 [call,call,setxattr (150)] v567'4 uv4
>> > ondisk = 0) v6 ==== 275+0+0 (1563155070 0 0) 0x7fa9d0000fa0 con
>> > 0x7faabc032950
>> > 2014-01-08 18:00:35.191067 7faa67fff700 10 cache put:
>> > name=.us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1
>> > 2014-01-08 18:00:35.191104 7faa67fff700 10 moving
>> > .us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 to cache LRU end
>> > 2014-01-08 18:00:35.191108 7faa67fff700 10 appending xattr:
>> > name=user.rgw.acl bl.length()=150
>> > 2014-01-08 18:00:35.191132 7faa67fff700 10 distributing notification
>> > oid=notify.5 bl.length()=458
>> > 2014-01-08 18:00:35.191206 7faa67fff700  1 -- 10.2.4.203:0/1004169 -->
>> > 10.2.4.90:6826/28037 -- osd_op(client.8604.0:1244 notify.5 [notify 13~0]
>> > 5.31099063 e567) v4 -- ?+0 0x7faa2000f900 con 0x2191210
>> > 2014-01-08 18:00:35.192695 7faad8d3c700  1 -- 10.2.4.203:0/1004169 <==
>> > osd.10 10.2.4.90:6826/28037 100 ==== watch-notify(c=6 v=1
>> > i=2435246456858
>> > opcode=1) v1 ==== 488+0+0 (3994886606 0 0) 0x7faa8000bf30 con 0x2191210
>> > 2014-01-08 18:00:35.192919 7faad1ffb700 10 RGWWatcher::notify() opcode=1
>> > ver=1 bl.length()=458
>> > 2014-01-08 18:00:35.193030 7faad1ffb700 10 cache put:
>> > name=.us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1
>> > 2014-01-08 18:00:35.193037 7faad1ffb700 10 moving
>> > .us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 to cache LRU end
>> > 2014-01-08 18:00:35.193041 7faad1ffb700 10 appending xattr:
>> > name=user.rgw.acl bl.length()=150
>> > 2014-01-08 18:00:35.193103 7faad1ffb700  1 -- 10.2.4.203:0/1004169 -->
>> > 10.2.4.90:6826/28037 -- osd_op(client.8604.0:1245 notify.5 [notify-ack
>> > 2435246456858~1] 5.31099063 e567) v4 -- ?+0 0x7faa840048d0 con 0x2191210
>> > 2014-01-08 18:00:35.193114 7faad8d3c700  1 -- 10.2.4.203:0/1004169 <==
>> > osd.10 10.2.4.90:6826/28037 101 ==== osd_op_reply(1244 notify.5 [notify
>> > 13~0] v0'0 uv1 ondisk = 0) v6 ==== 167+0+0 (1829242010 0 0)
>> > 0x7faa8001db70
>> > con 0x2191210
>> > 2014-01-08 18:00:35.194590 7faad8d3c700  1 -- 10.2.4.203:0/1004169 <==
>> > osd.10 10.2.4.90:6826/28037 102 ==== osd_op_reply(1245 notify.5
>> > [notify-ack
>> > 2435246456858~1] v0'0 uv1 ondisk = 0) v6 ==== 167+0+0 (2561335616 0 0)
>> > 0x7faa8001db70 con 0x2191210
>> > 2014-01-08 18:00:35.194931 7faad8d3c700  1 -- 10.2.4.203:0/1004169 <==
>> > osd.10 10.2.4.90:6826/28037 103 ==== watch-notify(c=13 v=1
>> > i=2435246456858
>> > opcode=1) v1 ==== 488+0+0 (1666694009 0 0) 0x7faa8001db70 con 0x2191210
>> > 2014-01-08 18:00:35.195164 7faad1ffb700  1 -- 10.2.4.203:0/1004169 -->
>> > 10.2.4.90:6826/28037 -- osd_op(client.8604.0:1246 notify.5 [notify-ack
>> > 2435246456858~1] 5.31099063 e567) v4 -- ?+0 0x7faa840048d0 con 0x2191210
>> > 2014-01-08 18:00:35.195532 7faa67fff700  2 req 22:0.034499:s3:PUT
>> > /Test3:put_acls:http status=200
>> > 2014-01-08 18:00:35.195818 7faa67fff700  1 ====== req done req=0x21829b0
>> > http_status=200 ======
>> >
>> >
>> >
>> > =========================
>> >
>> >
>> > Logs for s3 file deletion:
>> >
>> > =======
>> > 2014-01-08 18:06:46.389380 7faae2d93780 20 enqueued request
>> > req=0x214c030
>> > 2014-01-08 18:06:46.389405 7faae2d93780 20 RGWWQ:
>> > 2014-01-08 18:06:46.389407 7faae2d93780 20 req: 0x214c030
>> > 2014-01-08 18:06:46.389473 7faae2d93780 10 allocated request
>> > req=0x217a960
>> > 2014-01-08 18:06:46.389529 7faa3c7b8700 20 dequeued request
>> > req=0x214c030
>> > 2014-01-08 18:06:46.389539 7faa3c7b8700 20 RGWWQ: empty
>> > 2014-01-08 18:06:46.389552 7faa3c7b8700  1 ====== starting new request
>> > req=0x214c030 =====
>> > 2014-01-08 18:06:46.389615 7faa3c7b8700  2 req 24:0.000064::DELETE
>> > /Test3/vip.txt::initializing
>> > 2014-01-08 18:06:46.389622 7faa3c7b8700 10 host=isp.inmobi.com
>> > rgw_dns_name=isp.inmobi.com
>> > 2014-01-08 18:06:46.389634 7faa3c7b8700 10 meta>> HTTP_X_AMZ_DATE
>> > 2014-01-08 18:06:46.389640 7faa3c7b8700 10 x>> x-amz-date:Wed, 08 Jan
>> > 2014
>> > 18:06:42 +0000
>> > 2014-01-08 18:06:46.389658 7faa3c7b8700 10 s->object=vip.txt
>> > s->bucket=Test3
>> > 2014-01-08 18:06:46.389665 7faa3c7b8700 20 FCGI_ROLE=RESPONDER
>> > 2014-01-08 18:06:46.389666 7faa3c7b8700 20 SCRIPT_URL=/Test3/vip.txt
>> > 2014-01-08 18:06:46.389667 7faa3c7b8700 20
>> > SCRIPT_URI=http://isp.inmobi.com/Test3/vip.txt
>> > 2014-01-08 18:06:46.389668 7faa3c7b8700 20 HTTP_AUTHORIZATION=AWS
>> > TJA9G6SOY6VERRZ629JP:PEPnhNtMAMFcg6h+OYGArn+RMX8=
>> > 2014-01-08 18:06:46.389669 7faa3c7b8700 20 HTTP_HOST=isp.inmobi.com
>> > 2014-01-08 18:06:46.389670 7faa3c7b8700 20 HTTP_ACCEPT_ENCODING=identity
>> > 2014-01-08 18:06:46.389670 7faa3c7b8700 20 CONTENT_LENGTH=0
>> > 2014-01-08 18:06:46.389671 7faa3c7b8700 20 HTTP_X_AMZ_DATE=Wed, 08 Jan
>> > 2014
>> > 18:06:42 +0000
>> > 2014-01-08 18:06:46.389672 7faa3c7b8700 20
>> > PATH=/usr/local/bin:/usr/bin:/bin
>> > 2014-01-08 18:06:46.389672 7faa3c7b8700 20 SERVER_SIGNATURE=
>> > 2014-01-08 18:06:46.389673 7faa3c7b8700 20 SERVER_SOFTWARE=Apache/2.2.22
>> > (Ubuntu)
>> > 2014-01-08 18:06:46.389673 7faa3c7b8700 20 SERVER_NAME=isp.inmobi.com
>> > 2014-01-08 18:06:46.389674 7faa3c7b8700 20 SERVER_ADDR=10.2.4.203
>> > 2014-01-08 18:06:46.389674 7faa3c7b8700 20 SERVER_PORT=80
>> > 2014-01-08 18:06:46.389675 7faa3c7b8700 20 REMOTE_ADDR=10.14.118.100
>> > 2014-01-08 18:06:46.389675 7faa3c7b8700 20 DOCUMENT_ROOT=/var/www
>> > 2014-01-08 18:06:46.389676 7faa3c7b8700 20
>> > SERVER_ADMIN=app-ops@xxxxxxxxxx
>> > 2014-01-08 18:06:46.389676 7faa3c7b8700 20
>> > SCRIPT_FILENAME=/var/www/s3gw.fcgi
>> > 2014-01-08 18:06:46.389677 7faa3c7b8700 20 REMOTE_PORT=33904
>> > 2014-01-08 18:06:46.389678 7faa3c7b8700 20 GATEWAY_INTERFACE=CGI/1.1
>> > 2014-01-08 18:06:46.389679 7faa3c7b8700 20 SERVER_PROTOCOL=HTTP/1.1
>> > 2014-01-08 18:06:46.389680 7faa3c7b8700 20 REQUEST_METHOD=DELETE
>> > 2014-01-08 18:06:46.389681 7faa3c7b8700 20
>> > QUERY_STRING=page=Test3&params=/vip.txt
>> > 2014-01-08 18:06:46.389681 7faa3c7b8700 20 REQUEST_URI=/Test3/vip.txt
>> > 2014-01-08 18:06:46.389682 7faa3c7b8700 20 SCRIPT_NAME=/Test3/vip.txt
>> > 2014-01-08 18:06:46.389683 7faa3c7b8700  2 req 24:0.000132:s3:DELETE
>> > /Test3/vip.txt::getting op
>> > 2014-01-08 18:06:46.389686 7faa3c7b8700  2 req 24:0.000135:s3:DELETE
>> > /Test3/vip.txt:delete_obj:authorizing
>> > 2014-01-08 18:06:46.389708 7faa3c7b8700 20 get_obj_state:
>> > rctx=0x7faa8c004b70 obj=.us-east-1.users:TJA9G6SOY6VERRZ629JP
>> > state=0x7faa8c004c38 s->prefetch_data=0
>> > 2014-01-08 18:06:46.389719 7faa3c7b8700 10 moving
>> > .us-east-1.users+TJA9G6SOY6VERRZ629JP to cache LRU end
>> > 2014-01-08 18:06:46.389722 7faa3c7b8700 10 cache get:
>> > name=.us-east-1.users+TJA9G6SOY6VERRZ629JP : hit
>> > 2014-01-08 18:06:46.389731 7faa3c7b8700 20 get_obj_state: s->obj_tag was
>> > set
>> > empty
>> > 2014-01-08 18:06:46.389736 7faa3c7b8700 10 moving
>> > .us-east-1.users+TJA9G6SOY6VERRZ629JP to cache LRU end
>> > 2014-01-08 18:06:46.389737 7faa3c7b8700 10 cache get:
>> > name=.us-east-1.users+TJA9G6SOY6VERRZ629JP : hit
>> > 2014-01-08 18:06:46.389753 7faa3c7b8700 20 get_obj_state:
>> > rctx=0x7faa8c004d60 obj=.us-east-1.users.uid:jaseer state=0x7faa8c006b18
>> > s->prefetch_data=0
>> > 2014-01-08 18:06:46.389758 7faa3c7b8700 10 moving
>> > .us-east-1.users.uid+jaseer to cache LRU end
>> > 2014-01-08 18:06:46.389760 7faa3c7b8700 10 cache get:
>> > name=.us-east-1.users.uid+jaseer : hit
>> > 2014-01-08 18:06:46.389763 7faa3c7b8700 20 get_obj_state: s->obj_tag was
>> > set
>> > empty
>> > 2014-01-08 18:06:46.389766 7faa3c7b8700 10 moving
>> > .us-east-1.users.uid+jaseer to cache LRU end
>> > 2014-01-08 18:06:46.389767 7faa3c7b8700 10 cache get:
>> > name=.us-east-1.users.uid+jaseer : hit
>> > 2014-01-08 18:06:46.389808 7faa3c7b8700 10 get_canon_resource():
>> > dest=/Test3/vip.txt
>> > 2014-01-08 18:06:46.389811 7faa3c7b8700 10 auth_hdr:
>> > DELETE
>> >
>> >
>> >
>> > x-amz-date:Wed, 08 Jan 2014 18:06:42 +0000
>> > /Test3/vip.txt
>> > 2014-01-08 18:06:46.389885 7faa3c7b8700 15 calculated
>> > digest=PEPnhNtMAMFcg6h+OYGArn+RMX8=
>> > 2014-01-08 18:06:46.389887 7faa3c7b8700 15
>> > auth_sign=PEPnhNtMAMFcg6h+OYGArn+RMX8=
>> > 2014-01-08 18:06:46.389888 7faa3c7b8700 15 compare=0
>> > 2014-01-08 18:06:46.389890 7faa3c7b8700 20 system request
>> > 2014-01-08 18:06:46.389892 7faa3c7b8700  2 req 24:0.000341:s3:DELETE
>> > /Test3/vip.txt:delete_obj:reading permissions
>> > 2014-01-08 18:06:46.389904 7faa3c7b8700 20 get_obj_state:
>> > rctx=0x7faa8c000fe0 obj=.us-east-1.rgw:Test3 state=0x7faa8c005c98
>> > s->prefetch_data=0
>> > 2014-01-08 18:06:46.389911 7faa3c7b8700 10 moving .us-east-1.rgw+Test3
>> > to
>> > cache LRU end
>> > 2014-01-08 18:06:46.389912 7faa3c7b8700 10 cache get:
>> > name=.us-east-1.rgw+Test3 : hit
>> > 2014-01-08 18:06:46.389917 7faa3c7b8700 20 get_obj_state: s->obj_tag was
>> > set
>> > empty
>> > 2014-01-08 18:06:46.389920 7faa3c7b8700 20 Read xattr: user.rgw.idtag
>> > 2014-01-08 18:06:46.389921 7faa3c7b8700 20 Read xattr: user.rgw.manifest
>> > 2014-01-08 18:06:46.389924 7faa3c7b8700 10 moving .us-east-1.rgw+Test3
>> > to
>> > cache LRU end
>> > 2014-01-08 18:06:46.389925 7faa3c7b8700 10 cache get:
>> > name=.us-east-1.rgw+Test3 : hit
>> > 2014-01-08 18:06:46.389934 7faa3c7b8700 20 rgw_get_bucket_info: bucket
>> > instance:
>> >
>> > Test3(@{i=.us-east-1.rgw.buckets.index}.us-east-1.rgw.buckets[east-1.8607.1])
>> > 2014-01-08 18:06:46.389939 7faa3c7b8700 20 reading from
>> > .us-east-1.rgw:.bucket.meta.Test3:east-1.8607.1
>> > 2014-01-08 18:06:46.389944 7faa3c7b8700 20 get_obj_state:
>> > rctx=0x7faa8c000fe0 obj=.us-east-1.rgw:.bucket.meta.Test3:east-1.8607.1
>> > state=0x7faa8c00a5e8 s->prefetch_data=0
>> > 2014-01-08 18:06:46.389949 7faa3c7b8700 10 moving
>> > .us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 to cache LRU end
>> > 2014-01-08 18:06:46.389950 7faa3c7b8700 10 cache get:
>> > name=.us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 : hit
>> > 2014-01-08 18:06:46.389955 7faa3c7b8700 20 get_obj_state: s->obj_tag was
>> > set
>> > empty
>> > 2014-01-08 18:06:46.389956 7faa3c7b8700 20 Read xattr: user.rgw.acl
>> > 2014-01-08 18:06:46.389957 7faa3c7b8700 20 Read xattr: user.rgw.idtag
>> > 2014-01-08 18:06:46.389958 7faa3c7b8700 20 Read xattr: user.rgw.manifest
>> > 2014-01-08 18:06:46.389961 7faa3c7b8700 10 moving
>> > .us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 to cache LRU end
>> > 2014-01-08 18:06:46.389963 7faa3c7b8700 10 cache get:
>> > name=.us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 : hit
>> > 2014-01-08 18:06:46.389980 7faa3c7b8700 15 Read
>> > AccessControlPolicy<AccessControlPolicy
>> >
>> > xmlns="http://s3.amazonaws.com/doc/2006-03-01/";><Owner><ID>app-ops</ID><DisplayName>Region-US
>> > Zone-East</DisplayName></Owner><AccessControlList><Grant><Grantee
>> > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
>> > xsi:type="CanonicalUser"><ID>jaseer</ID><DisplayName>Jaseer
>> >
>> > TK</DisplayName></Grantee><Permission>READ</Permission></Grant></AccessControlList></AccessControlPolicy>
>> > 2014-01-08 18:06:46.389988 7faa3c7b8700  2 req 24:0.000437:s3:DELETE
>> > /Test3/vip.txt:delete_obj:init op
>> > 2014-01-08 18:06:46.389992 7faa3c7b8700  2 req 24:0.000440:s3:DELETE
>> > /Test3/vip.txt:delete_obj:verifying op mask
>> > 2014-01-08 18:06:46.389993 7faa3c7b8700 20 required_mask= 4
>> > user.op_mask=7
>> > 2014-01-08 18:06:46.389994 7faa3c7b8700  2 req 24:0.000443:s3:DELETE
>> > /Test3/vip.txt:delete_obj:verifying op permissions
>> > 2014-01-08 18:06:46.389997 7faa3c7b8700  5 Searching permissions for
>> > uid=jaseer mask=50
>> > 2014-01-08 18:06:46.389999 7faa3c7b8700  5 Found permission: 1
>> > 2014-01-08 18:06:46.390000 7faa3c7b8700  5 Searching permissions for
>> > group=1
>> > mask=50
>> > 2014-01-08 18:06:46.390001 7faa3c7b8700  5 Permissions for group not
>> > found
>> > 2014-01-08 18:06:46.390002 7faa3c7b8700  5 Searching permissions for
>> > group=2
>> > mask=50
>> > 2014-01-08 18:06:46.390003 7faa3c7b8700  5 Permissions for group not
>> > found
>> > 2014-01-08 18:06:46.390003 7faa3c7b8700  5 Getting permissions id=jaseer
>> > owner=app-ops perm=0
>> > 2014-01-08 18:06:46.390004 7faa3c7b8700 10  uid=jaseer requested perm
>> > (type)=2, policy perm=0, user_perm_mask=2, acl perm=0
>> > 2014-01-08 18:06:46.390006 7faa3c7b8700  2 overriding permissions due to
>> > system operation
>> > 2014-01-08 18:06:46.390007 7faa3c7b8700  2 req 24:0.000456:s3:DELETE
>> > /Test3/vip.txt:delete_obj:verifying op params
>> > 2014-01-08 18:06:46.390008 7faa3c7b8700  2 req 24:0.000457:s3:DELETE
>> > /Test3/vip.txt:delete_obj:executing
>> > 2014-01-08 18:06:46.390017 7faa3c7b8700 20 get_obj_state:
>> > rctx=0x7faa8c000fe0 obj=Test3:vip.txt state=0x7faa8c008078
>> > s->prefetch_data=0
>> > 2014-01-08 18:06:46.390068 7faa3c7b8700  1 -- 10.2.4.203:0/1004169 -->
>> > 10.2.4.203:6865/22234 -- osd_op(client.8604.0:1248 east-1.8607.1_vip.txt
>> > [getxattrs,stat] 8.eb952482 e567) v4 -- ?+0 0x7faa8c008eb0 con
>> > 0x7faabc043070
>> > 2014-01-08 18:06:46.392062 7faad8d3c700  1 -- 10.2.4.203:0/1004169 <==
>> > osd.54 10.2.4.203:6865/22234 1 ==== osd_op_reply(1248
>> > east-1.8607.1_vip.txt
>> > [getxattrs,stat] v0'0 uv59 ondisk = 0) v6 ==== 222+0+807 (325389612 0
>> > 3984178414) 0x7faa18001a30 con 0x7faabc043070
>> > 2014-01-08 18:06:46.392290 7faa3c7b8700 10 manifest: total_size = 1621
>> > 2014-01-08 18:06:46.392305 7faa3c7b8700 10 manifest: ofs=0
>> > loc=Test3:vip.txt
>> > 2014-01-08 18:06:46.392308 7faa3c7b8700 20 get_obj_state: setting
>> > s->obj_tag
>> > to east-1.8607.1055
>> > 2014-01-08 18:06:46.392352 7faa3c7b8700 10 setting object
>> > write_tag=_I_fXnf11cDCPWJ0oFS5dVwsVgDFziHe
>> > 2014-01-08 18:06:46.392413 7faa3c7b8700  1 -- 10.2.4.203:0/1004169 -->
>> > 10.2.4.203:6845/21995 -- osd_op(client.8604.0:1249 .dir.east-1.8607.1
>> > [call
>> > rgw.bucket_prepare_op] 7.8e7e5c51 e567) v4 -- ?+0 0x7faa8c00b300 con
>> > 0x7faabc036150
>> > 2014-01-08 18:06:46.436377 7faad8d3c700  1 -- 10.2.4.203:0/1004169 <==
>> > osd.58 10.2.4.203:6845/21995 2 ==== osd_op_reply(1249 .dir.east-1.8607.1
>> > [call] v567'10 uv10 ondisk = 0) v6 ==== 177+0+0 (779774278 0 0)
>> > 0x7faa2000edb0 con 0x7faabc036150
>> > 2014-01-08 18:06:46.436616 7faa3c7b8700  1 -- 10.2.4.203:0/1004169 -->
>> > 10.2.4.203:6865/22234 -- osd_op(client.8604.0:1250 east-1.8607.1_vip.txt
>> > [cmpxattr user.rgw.idtag (17) op 1 mode 1,setxattr user.rgw.idtag
>> > (33),call
>> > refcount.put] 8.eb952482 e567) v4 -- ?+0 0x7faa8c009d50 con
>> > 0x7faabc043070
>> > 2014-01-08 18:06:46.463235 7faad8d3c700  1 -- 10.2.4.203:0/1004169 <==
>> > osd.54 10.2.4.203:6865/22234 2 ==== osd_op_reply(1250
>> > east-1.8607.1_vip.txt
>> > [cmpxattr (17) op 1 mode 1,setxattr (33),call] v567'60 uv60 ondisk = 0)
>> > v6
>> > ==== 264+0+0 (530216734 0 0) 0x7faa18001440 con 0x7faabc043070
>> > 2014-01-08 18:06:46.463488 7faa3c7b8700  1 -- 10.2.4.203:0/1004169 -->
>> > 10.2.4.203:6845/21995 -- osd_op(client.8604.0:1251 .dir.east-1.8607.1
>> > [call
>> > rgw.bucket_complete_op] 7.8e7e5c51 e567) v4 -- ?+0 0x7faa8c00b300 con
>> > 0x7faabc036150
>> > 2014-01-08 18:06:46.463677 7faa3c7b8700  1 -- 10.2.4.203:0/1004169 -->
>> > 10.2.4.90:6895/359 -- osd_op(client.8604.0:1252 gc.7 [call
>> > rgw.gc_set_entry]
>> > 6.21d2251d e567) v4 -- ?+0 0x7faa8c00f2c0 con 0x7faabc033610
>> > 2014-01-08 18:06:46.463730 7faa3c7b8700  2 req 24:0.074179:s3:DELETE
>> > /Test3/vip.txt:delete_obj:http status=204
>> > 2014-01-08 18:06:46.463954 7faa3c7b8700  1 ====== req done req=0x214c030
>> > http_status=204 ======
>> > =================
>> >
>> >
>> >
>> > Thank you,
>> > Jaseer TK
>> >
>> >
>> > On Wed, Jan 8, 2014 at 11:13 PM, Yehuda Sadeh <yehuda@xxxxxxxxxxx>
>> > wrote:
>> >>
>> >> On Wed, Jan 8, 2014 at 9:40 AM, Jaseer Tk <jaseer.tk@xxxxxxxxxx> wrote:
>> >> >
>> >> > Thanks Yehuda,
>> >> >
>> >> > But I am seeing only this much in the logs with the log options we
>> >> > set.
>> >> > I'll
>> >> > try once again and update you.
>> >>
>> >> There should be much more.
>> >>
>> >> >
>> >> > Do you think any global parameter (like region/zone settings or
>> >> > user's
>> >> > privileges ) could be causing these buckets to be writable all users
>> >> > ?
>> >> >
>> >>
>> >> At the moment it looks like all users are actually mapping to the same
>> >> user, or something along that line. It is not highly unlikely that
>> >> misconfiguration caused it.
>> >>
>> >> Yehuda
>> >>
>> >>
>> >> > Thank you,
>> >> > Jaseer TK
>> >> >
>> >> >
>> >> >
>> >> >
>> >> >
>> >> > On Wed, Jan 8, 2014 at 10:27 PM, Yehuda Sadeh <yehuda@xxxxxxxxxxx>
>> >> > wrote:
>> >> >>
>> >> >> On Tue, Jan 7, 2014 at 11:16 PM, Jaseer Tk <jaseer.tk@xxxxxxxxxx>
>> >> >> wrote:
>> >> >> >
>> >> >> > Hi Yehuda,
>> >> >> >
>> >> >> > Thanks for response.
>> >> >> >
>> >> >> > my setup is on ubuntu 12.04 servers, ceph pkg's:
>> >> >> >
>> >> >> > ========
>> >> >> > ii  ceph                             0.72.2-1precise
>> >> >> > distributed storage and file system
>> >> >> > ii  ceph-common                      0.72.2-1precise
>> >> >> > common utilities to mount and interact with a ceph storage cluster
>> >> >> > ii  ceph-fs-common                   0.72.2-1precise
>> >> >> > common utilities to mount and interact with a ceph file system
>> >> >> > ii  ceph-mds                         0.72.2-1precise
>> >> >> > metadata server for the ceph distributed file system
>> >> >> > ==========
>> >> >> >
>> >> >> > rados version:
>> >> >> > =====
>> >> >> > ii  librados2                        0.72.2-1precise
>> >> >> > RADOS distributed object store client library
>> >> >> > ii  radosgw                          0.72.2-1precise
>> >> >> > REST gateway for RADOS distributed object store
>> >> >> > ii  radosgw-agent                    1.1-1precise
>> >> >> > =======
>> >> >> >
>> >> >> >
>> >> >> > rados conf:
>> >> >> >
>> >> >> > [client.radosgw.us-east-1]
>> >> >> >     rgw region = us
>> >> >> >     rgw region root pool = .us.rgw.root
>> >> >> >     rgw zone = east-1
>> >> >> >     rgw zone root pool = .us-east-1.rgw.root
>> >> >> >     keyring = /etc/ceph/ceph.client.radosgw.keyring
>> >> >> >     debug rgw = 20
>> >> >> >     debug ms = 1
>> >> >> >     rgw_dns_name = my_domain
>> >> >> >     rgw socket path = /var/run/ceph/client.radosgw.us-east-1.sock
>> >> >> >     log file = /var/log/ceph/radosgw.log
>> >> >> >     host = my_rados_hostname
>> >> >> >
>> >> >> >
>> >> >> > Logs while doing putacl,
>> >> >> > =========
>> >> >> > 2014-01-08 07:01:00.364967 7f0180f5d700 10 RGWWatcher::notify()
>> >> >> > opcode=1
>> >> >> > ver=1 bl.length()=462
>> >> >> > 2014-01-08 07:01:00.365006 7f0180f5d700 10 cache put:
>> >> >> > name=.us-east-1.rgw+.bucket.meta.App-Ops:east-1.5350.1
>> >> >> > 2014-01-08 07:01:00.365013 7f0180f5d700 10 moving
>> >> >> > .us-east-1.rgw+.bucket.meta.App-Ops:east-1.5350.1 to cache LRU end
>> >> >> > 2014-01-08 07:01:00.365017 7f0180f5d700 10 appending xattr:
>> >> >> > name=user.rgw.acl bl.length()=150
>> >> >> > 2014-01-08 07:01:01.501663 7f016bfff700  2
>> >> >> > RGWDataChangesLog::ChangesRenewThread: start
>> >> >> > ==========
>> >> >>
>> >> >> These aren't very thorough logs, looks like a very small snippet. Is
>> >> >> that all you're getting?
>> >> >>
>> >> >>
>> >> >> >
>> >> >> > No rgw logs when doing s3cmd del.
>> >> >> >
>> >> >> > I am using
>> >> >> > http://undesigned.org.za/2007/10/22/amazon-s3-php-class/
>> >> >> > with
>> >> >> > minor modifications to use with rados s3 interface.
>> >> >> > getacl  shows my acl is applied. But user is still able to delete.
>> >> >> > Please
>> >> >> > let me know if you want me to share my php code for getacl and
>> >> >> > putacl.
>> >> >> >
>> >> >> >
>> >> >> >
>> >> >> >
>> >> >> > --
>> >> >> > Thank you,
>> >> >> > Jaseer TK
>> >> >> >
>> >> >> >
>> >> >> >
>> >> >> >
>> >> >> >
>> >> >> >
>> >> >> >
>> >> >> >
>> >> >> > On Tue, Jan 7, 2014 at 9:30 PM, Yehuda Sadeh <yehuda@xxxxxxxxxxx>
>> >> >> > wrote:
>> >> >> >>
>> >> >> >> On Tue, Jan 7, 2014 at 2:40 AM, Jaseer Tk <jaseer.tk@xxxxxxxxxx>
>> >> >> >> wrote:
>> >> >> >> >
>> >> >> >> > Hi all,
>> >> >> >> >
>> >> >> >> > I tried to apply custom ACL(only Read) on an s3 bucket created.
>> >> >> >> > The
>> >> >> >> > rules
>> >> >> >> > seems to have got applied. But it looks the ACL's not getting
>> >> >> >> > honored.
>> >> >> >> >
>> >> >> >> > when I use getacl, I get the result.
>> >> >> >> > =======
>> >> >> >> >
>> >> >> >> > Array
>> >> >> >> > (
>> >> >> >> >     [0] => Array
>> >> >> >> >         (
>> >> >> >> >             [Grantee] => Array
>> >> >> >> >                 (
>> >> >> >> >                     [ID] => test-user
>> >> >> >> >                     [DisplayName] => Test User
>> >> >> >> >                 )
>> >> >> >> >
>> >> >> >> >             [Permission] => READ
>> >> >> >> >         )
>> >> >> >> >
>> >> >> >> > )
>> >> >> >> >
>> >> >> >> >
>> >> >> >> > But Still this user is able to delete files from the bucket :(
>> >> >> >> >
>> >> >> >> > Am I missing something here ?
>> >> >> >> >
>> >> >> >> >
>> >> >> >> What version are you running? Just tried it with dumpling and it
>> >> >> >> worked ok. Can you provide rgw logs for it? (acl setting +
>> >> >> >> removal;
>> >> >> >> set 'debug rgw = 20' and 'debug ms = 1').
>> >> >> >>
>> >> >> >> Thanks,
>> >> >> >> Yehuda
>> >> >> >
>> >> >> >
>> >> >> >
>> >> >> > _____________________________________________________________
>> >> >> > The information contained in this communication is intended solely
>> >> >> > for
>> >> >> > the
>> >> >> > use of the individual or entity to whom it is addressed and others
>> >> >> > authorized to receive it. It may contain confidential or legally
>> >> >> > privileged
>> >> >> > information. If you are not the intended recipient you are hereby
>> >> >> > notified
>> >> >> > that any disclosure, copying, distribution or taking any action in
>> >> >> > reliance
>> >> >> > on the contents of this information is strictly prohibited and may
>> >> >> > be
>> >> >> > unlawful. If you have received this communication in error, please
>> >> >> > notify us
>> >> >> > immediately by responding to this email and then delete it from
>> >> >> > your
>> >> >> > system.
>> >> >> > The firm is neither liable for the proper and complete
>> >> >> > transmission
>> >> >> > of
>> >> >> > the
>> >> >> > information contained in this communication nor for any delay in
>> >> >> > its
>> >> >> > receipt.
>> >> >
>> >> >
>> >> >
>> >> > _____________________________________________________________
>> >> > The information contained in this communication is intended solely
>> >> > for
>> >> > the
>> >> > use of the individual or entity to whom it is addressed and others
>> >> > authorized to receive it. It may contain confidential or legally
>> >> > privileged
>> >> > information. If you are not the intended recipient you are hereby
>> >> > notified
>> >> > that any disclosure, copying, distribution or taking any action in
>> >> > reliance
>> >> > on the contents of this information is strictly prohibited and may be
>> >> > unlawful. If you have received this communication in error, please
>> >> > notify us
>> >> > immediately by responding to this email and then delete it from your
>> >> > system.
>> >> > The firm is neither liable for the proper and complete transmission
>> >> > of
>> >> > the
>> >> > information contained in this communication nor for any delay in its
>> >> > receipt.
>> >
>> >
>> >
>> > _____________________________________________________________
>> > The information contained in this communication is intended solely for
>> > the
>> > use of the individual or entity to whom it is addressed and others
>> > authorized to receive it. It may contain confidential or legally
>> > privileged
>> > information. If you are not the intended recipient you are hereby
>> > notified
>> > that any disclosure, copying, distribution or taking any action in
>> > reliance
>> > on the contents of this information is strictly prohibited and may be
>> > unlawful. If you have received this communication in error, please
>> > notify us
>> > immediately by responding to this email and then delete it from your
>> > system.
>> > The firm is neither liable for the proper and complete transmission of
>> > the
>> > information contained in this communication nor for any delay in its
>> > receipt.
>> _______________________________________________
>> ceph-users mailing list
>> ceph-users@xxxxxxxxxxxxxx
>> http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
>
>
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
[Index of Archives]     [Information on CEPH]     [Linux Filesystem Development]     [Ceph Development]     [Ceph Large]     [Ceph Dev]     [Linux USB Development]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [xfs]

  Powered by Linux