Try $ radosgw-admin user modify --uid=jaseer --system=false Users should not be created with the system flag by default. On Wed, Jan 8, 2014 at 10:24 AM, hemant burman <hemant.burman@xxxxxxxxx> wrote: > Thanks a lot Yehuda for pointing that out, so how should we create a > non-system user and also how should we remove the system flag from a user? > > -Hemant > > > On Wed, Jan 8, 2014 at 11:44 PM, Yehuda Sadeh <yehuda@xxxxxxxxxxx> wrote: >> >> Well, user jaseer has the 'system' flag set so it acts like a super user. >> >> On Wed, Jan 8, 2014 at 10:09 AM, Jaseer Tk <jaseer.tk@xxxxxxxxxx> wrote: >> > >> > You were right. Sorry for the misdirection. >> > >> > logs for getacl: >> > ================ >> > 2014-01-08 17:58:37.228949 7faae2d93780 20 enqueued request >> > req=0x2182c90 >> > 2014-01-08 17:58:37.228968 7faae2d93780 20 RGWWQ: >> > 2014-01-08 17:58:37.228970 7faae2d93780 20 req: 0x2182c90 >> > 2014-01-08 17:58:37.228976 7faae2d93780 10 allocated request >> > req=0x21829b0 >> > 2014-01-08 17:58:37.228999 7faa4ffdf700 20 dequeued request >> > req=0x2182c90 >> > 2014-01-08 17:58:37.229009 7faa4ffdf700 20 RGWWQ: empty >> > 2014-01-08 17:58:37.229015 7faa4ffdf700 1 ====== starting new request >> > req=0x2182c90 ===== >> > 2014-01-08 17:58:37.229069 7faa4ffdf700 2 req 21:0.000054::GET >> > /Test3::initializing >> > 2014-01-08 17:58:37.229076 7faa4ffdf700 10 host=isp.inmobi.com >> > rgw_dns_name=isp.inmobi.com >> > 2014-01-08 17:58:37.229106 7faa4ffdf700 10 s->object=<NULL> >> > s->bucket=Test3 >> > 2014-01-08 17:58:37.229112 7faa4ffdf700 20 FCGI_ROLE=RESPONDER >> > 2014-01-08 17:58:37.229113 7faa4ffdf700 20 SCRIPT_URL=/Test3 >> > 2014-01-08 17:58:37.229114 7faa4ffdf700 20 >> > SCRIPT_URI=http://isp.inmobi.com/Test3 >> > 2014-01-08 17:58:37.229115 7faa4ffdf700 20 HTTP_AUTHORIZATION=AWS >> > RDDGMHRBXJN6HY3BOEO7:5Dl428zBfcGMrNknuT6VwIFkYnE= >> > 2014-01-08 17:58:37.229116 7faa4ffdf700 20 HTTP_HOST=isp.inmobi.com >> > 2014-01-08 17:58:37.229117 7faa4ffdf700 20 >> > HTTP_USER_AGENT=aws-sdk-php2/2.1.0 Guzzle/3.1.2 curl/7.19.7 >> > PHP/5.3.2-1ubuntu4.22 >> > 2014-01-08 17:58:37.229119 7faa4ffdf700 20 HTTP_DATE=Wed, 08 Jan 2014 >> > 17:58:36 +0000 >> > 2014-01-08 17:58:37.229120 7faa4ffdf700 20 >> > PATH=/usr/local/bin:/usr/bin:/bin >> > 2014-01-08 17:58:37.229120 7faa4ffdf700 20 SERVER_SIGNATURE= >> > 2014-01-08 17:58:37.229121 7faa4ffdf700 20 SERVER_SOFTWARE=Apache/2.2.22 >> > (Ubuntu) >> > 2014-01-08 17:58:37.229121 7faa4ffdf700 20 SERVER_NAME=isp.inmobi.com >> > 2014-01-08 17:58:37.229122 7faa4ffdf700 20 SERVER_ADDR=10.2.4.203 >> > 2014-01-08 17:58:37.229122 7faa4ffdf700 20 SERVER_PORT=80 >> > 2014-01-08 17:58:37.229123 7faa4ffdf700 20 REMOTE_ADDR=10.14.100.34 >> > 2014-01-08 17:58:37.229124 7faa4ffdf700 20 DOCUMENT_ROOT=/var/www >> > 2014-01-08 17:58:37.229124 7faa4ffdf700 20 >> > SERVER_ADMIN=app-ops@xxxxxxxxxx >> > 2014-01-08 17:58:37.229125 7faa4ffdf700 20 >> > SCRIPT_FILENAME=/var/www/s3gw.fcgi >> > 2014-01-08 17:58:37.229125 7faa4ffdf700 20 REMOTE_PORT=50682 >> > 2014-01-08 17:58:37.229126 7faa4ffdf700 20 GATEWAY_INTERFACE=CGI/1.1 >> > 2014-01-08 17:58:37.229126 7faa4ffdf700 20 SERVER_PROTOCOL=HTTP/1.1 >> > 2014-01-08 17:58:37.229127 7faa4ffdf700 20 REQUEST_METHOD=GET >> > 2014-01-08 17:58:37.229127 7faa4ffdf700 20 >> > QUERY_STRING=page=Test3¶ms=&acl >> > 2014-01-08 17:58:37.229128 7faa4ffdf700 20 REQUEST_URI=/Test3?acl >> > 2014-01-08 17:58:37.229129 7faa4ffdf700 20 SCRIPT_NAME=/Test3 >> > 2014-01-08 17:58:37.229130 7faa4ffdf700 2 req 21:0.000115:s3:GET >> > /Test3::getting op >> > 2014-01-08 17:58:37.229134 7faa4ffdf700 2 req 21:0.000119:s3:GET >> > /Test3:get_acls:authorizing >> > 2014-01-08 17:58:37.229156 7faa4ffdf700 20 get_obj_state: >> > rctx=0x7fa9b4004670 obj=.us-east-1.users:RDDGMHRBXJN6HY3BOEO7 >> > state=0x7fa9b4004738 s->prefetch_data=0 >> > 2014-01-08 17:58:37.229166 7faa4ffdf700 10 moving >> > .us-east-1.users+RDDGMHRBXJN6HY3BOEO7 to cache LRU end >> > 2014-01-08 17:58:37.229169 7faa4ffdf700 10 cache get: >> > name=.us-east-1.users+RDDGMHRBXJN6HY3BOEO7 : hit >> > 2014-01-08 17:58:37.229177 7faa4ffdf700 20 get_obj_state: s->obj_tag was >> > set >> > empty >> > 2014-01-08 17:58:37.229182 7faa4ffdf700 10 moving >> > .us-east-1.users+RDDGMHRBXJN6HY3BOEO7 to cache LRU end >> > 2014-01-08 17:58:37.229184 7faa4ffdf700 10 cache get: >> > name=.us-east-1.users+RDDGMHRBXJN6HY3BOEO7 : hit >> > 2014-01-08 17:58:37.229199 7faa4ffdf700 20 get_obj_state: >> > rctx=0x7fa9b4004a50 obj=.us-east-1.users.uid:app-ops >> > state=0x7fa9b4004738 >> > s->prefetch_data=0 >> > 2014-01-08 17:58:37.229206 7faa4ffdf700 10 moving >> > .us-east-1.users.uid+app-ops to cache LRU end >> > 2014-01-08 17:58:37.229208 7faa4ffdf700 10 cache get: >> > name=.us-east-1.users.uid+app-ops : hit >> > 2014-01-08 17:58:37.229212 7faa4ffdf700 20 get_obj_state: s->obj_tag was >> > set >> > empty >> > 2014-01-08 17:58:37.229215 7faa4ffdf700 10 moving >> > .us-east-1.users.uid+app-ops to cache LRU end >> > 2014-01-08 17:58:37.229216 7faa4ffdf700 10 cache get: >> > name=.us-east-1.users.uid+app-ops : hit >> > 2014-01-08 17:58:37.229264 7faa4ffdf700 10 get_canon_resource(): >> > dest=/Test3?acl >> > 2014-01-08 17:58:37.229267 7faa4ffdf700 10 auth_hdr: >> > GET >> > >> > >> > Wed, 08 Jan 2014 17:58:36 +0000 >> > /Test3?acl >> > 2014-01-08 17:58:37.229330 7faa4ffdf700 15 calculated >> > digest=5Dl428zBfcGMrNknuT6VwIFkYnE= >> > 2014-01-08 17:58:37.229332 7faa4ffdf700 15 >> > auth_sign=5Dl428zBfcGMrNknuT6VwIFkYnE= >> > 2014-01-08 17:58:37.229333 7faa4ffdf700 15 compare=0 >> > 2014-01-08 17:58:37.229335 7faa4ffdf700 20 system request >> > 2014-01-08 17:58:37.229338 7faa4ffdf700 2 req 21:0.000323:s3:GET >> > /Test3:get_acls:reading permissions >> > 2014-01-08 17:58:37.229349 7faa4ffdf700 20 get_obj_state: >> > rctx=0x7fa9b4000ee0 obj=.us-east-1.rgw:Test3 state=0x7fa9b40062c8 >> > s->prefetch_data=0 >> > 2014-01-08 17:58:37.229356 7faa4ffdf700 10 moving .us-east-1.rgw+Test3 >> > to >> > cache LRU end >> > 2014-01-08 17:58:37.229357 7faa4ffdf700 10 cache get: >> > name=.us-east-1.rgw+Test3 : hit >> > 2014-01-08 17:58:37.229360 7faa4ffdf700 20 get_obj_state: s->obj_tag was >> > set >> > empty >> > 2014-01-08 17:58:37.229363 7faa4ffdf700 20 Read xattr: user.rgw.idtag >> > 2014-01-08 17:58:37.229363 7faa4ffdf700 20 Read xattr: user.rgw.manifest >> > 2014-01-08 17:58:37.229366 7faa4ffdf700 10 moving .us-east-1.rgw+Test3 >> > to >> > cache LRU end >> > 2014-01-08 17:58:37.229366 7faa4ffdf700 10 cache get: >> > name=.us-east-1.rgw+Test3 : hit >> > 2014-01-08 17:58:37.229374 7faa4ffdf700 20 rgw_get_bucket_info: bucket >> > instance: >> > >> > Test3(@{i=.us-east-1.rgw.buckets.index}.us-east-1.rgw.buckets[east-1.8607.1]) >> > 2014-01-08 17:58:37.229379 7faa4ffdf700 20 reading from >> > .us-east-1.rgw:.bucket.meta.Test3:east-1.8607.1 >> > 2014-01-08 17:58:37.229383 7faa4ffdf700 20 get_obj_state: >> > rctx=0x7fa9b4000ee0 obj=.us-east-1.rgw:.bucket.meta.Test3:east-1.8607.1 >> > state=0x7fa9b4006ff8 s->prefetch_data=0 >> > 2014-01-08 17:58:37.229388 7faa4ffdf700 10 moving >> > .us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 to cache LRU end >> > 2014-01-08 17:58:37.229389 7faa4ffdf700 10 cache get: >> > name=.us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 : hit >> > 2014-01-08 17:58:37.229394 7faa4ffdf700 20 get_obj_state: s->obj_tag was >> > set >> > empty >> > 2014-01-08 17:58:37.229396 7faa4ffdf700 20 Read xattr: user.rgw.acl >> > 2014-01-08 17:58:37.229397 7faa4ffdf700 20 Read xattr: user.rgw.idtag >> > 2014-01-08 17:58:37.229397 7faa4ffdf700 20 Read xattr: user.rgw.manifest >> > 2014-01-08 17:58:37.229399 7faa4ffdf700 10 moving >> > .us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 to cache LRU end >> > 2014-01-08 17:58:37.229400 7faa4ffdf700 10 cache get: >> > name=.us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 : hit >> > 2014-01-08 17:58:37.229423 7faa4ffdf700 15 Read >> > AccessControlPolicy<AccessControlPolicy >> > >> > xmlns="http://s3.amazonaws.com/doc/2006-03-01/";><Owner><ID>app-ops</ID><DisplayName>Region-US >> > Zone-East</DisplayName></Owner><AccessControlList><Grant><Grantee >> > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; >> > xsi:type="CanonicalUser"><ID>jaseer</ID><DisplayName>Jaseer >> > >> > TK</DisplayName></Grantee><Permission>READ</Permission></Grant></AccessControlList></AccessControlPolicy> >> > 2014-01-08 17:58:37.229436 7faa4ffdf700 15 Read >> > AccessControlPolicy<AccessControlPolicy >> > >> > xmlns="http://s3.amazonaws.com/doc/2006-03-01/";><Owner><ID>app-ops</ID><DisplayName>Region-US >> > Zone-East</DisplayName></Owner><AccessControlList><Grant><Grantee >> > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; >> > xsi:type="CanonicalUser"><ID>jaseer</ID><DisplayName>Jaseer >> > >> > TK</DisplayName></Grantee><Permission>READ</Permission></Grant></AccessControlList></AccessControlPolicy> >> > 2014-01-08 17:58:37.229441 7faa4ffdf700 2 req 21:0.000426:s3:GET >> > /Test3:get_acls:init op >> > 2014-01-08 17:58:37.229444 7faa4ffdf700 2 req 21:0.000429:s3:GET >> > /Test3:get_acls:verifying op mask >> > 2014-01-08 17:58:37.229446 7faa4ffdf700 20 required_mask= 1 >> > user.op_mask=7 >> > 2014-01-08 17:58:37.229448 7faa4ffdf700 2 req 21:0.000432:s3:GET >> > /Test3:get_acls:verifying op permissions >> > 2014-01-08 17:58:37.229450 7faa4ffdf700 5 Searching permissions for >> > uid=app-ops mask=52 >> > 2014-01-08 17:58:37.229452 7faa4ffdf700 5 Permissions for user not >> > found >> > 2014-01-08 17:58:37.229453 7faa4ffdf700 5 Searching permissions for >> > group=1 >> > mask=52 >> > 2014-01-08 17:58:37.229454 7faa4ffdf700 5 Permissions for group not >> > found >> > 2014-01-08 17:58:37.229455 7faa4ffdf700 5 Searching permissions for >> > group=2 >> > mask=52 >> > 2014-01-08 17:58:37.229456 7faa4ffdf700 5 Permissions for group not >> > found >> > 2014-01-08 17:58:37.229456 7faa4ffdf700 5 Getting permissions >> > id=app-ops >> > owner=app-ops perm=4 >> > 2014-01-08 17:58:37.229457 7faa4ffdf700 10 uid=app-ops requested perm >> > (type)=4, policy perm=4, user_perm_mask=4, acl perm=4 >> > 2014-01-08 17:58:37.229459 7faa4ffdf700 2 req 21:0.000444:s3:GET >> > /Test3:get_acls:verifying op params >> > 2014-01-08 17:58:37.229460 7faa4ffdf700 2 req 21:0.000445:s3:GET >> > /Test3:get_acls:executing >> > 2014-01-08 17:58:37.229480 7faa4ffdf700 2 req 21:0.000465:s3:GET >> > /Test3:get_acls:http status=200 >> > 2014-01-08 17:58:37.229658 7faa4ffdf700 1 ====== req done req=0x2182c90 >> > http_status=200 ====== >> > >> > >> > ============== >> > >> > >> > >> > Logs for putacl: >> > =============== >> > >> > 2014-01-08 18:00:35.160860 7faae2d93780 20 enqueued request >> > req=0x21829b0 >> > 2014-01-08 18:00:35.160884 7faae2d93780 20 RGWWQ: >> > 2014-01-08 18:00:35.160887 7faae2d93780 20 req: 0x21829b0 >> > 2014-01-08 18:00:35.160956 7faae2d93780 10 allocated request >> > req=0x2132c60 >> > 2014-01-08 18:00:35.161006 7faa67fff700 20 dequeued request >> > req=0x21829b0 >> > 2014-01-08 18:00:35.161023 7faa67fff700 20 RGWWQ: empty >> > 2014-01-08 18:00:35.161033 7faa67fff700 1 ====== starting new request >> > req=0x21829b0 ===== >> > 2014-01-08 18:00:35.161114 7faa67fff700 2 req 22:0.000082::PUT >> > /Test3::initializing >> > 2014-01-08 18:00:35.161123 7faa67fff700 10 host=isp.inmobi.com >> > rgw_dns_name=isp.inmobi.com >> > 2014-01-08 18:00:35.161161 7faa67fff700 10 s->object=<NULL> >> > s->bucket=Test3 >> > 2014-01-08 18:00:35.161174 7faa67fff700 20 FCGI_ROLE=RESPONDER >> > 2014-01-08 18:00:35.161176 7faa67fff700 20 SCRIPT_URL=/Test3 >> > 2014-01-08 18:00:35.161177 7faa67fff700 20 >> > SCRIPT_URI=http://isp.inmobi.com/Test3 >> > 2014-01-08 18:00:35.161177 7faa67fff700 20 HTTP_AUTHORIZATION=AWS >> > RDDGMHRBXJN6HY3BOEO7:N0+TC4Kr2N45xKKxUZkCyHpgQ74= >> > 2014-01-08 18:00:35.161178 7faa67fff700 20 HTTP_USER_AGENT=S3/php >> > 2014-01-08 18:00:35.161179 7faa67fff700 20 HTTP_ACCEPT=*/* >> > 2014-01-08 18:00:35.161179 7faa67fff700 20 HTTP_HOST=isp.inmobi.com >> > 2014-01-08 18:00:35.161180 7faa67fff700 20 HTTP_DATE=Wed, 08 Jan 2014 >> > 18:00:34 GMT >> > 2014-01-08 18:00:35.161181 7faa67fff700 20 CONTENT_TYPE=application/xml >> > 2014-01-08 18:00:35.161181 7faa67fff700 20 CONTENT_LENGTH=447 >> > 2014-01-08 18:00:35.161182 7faa67fff700 20 >> > PATH=/usr/local/bin:/usr/bin:/bin >> > 2014-01-08 18:00:35.161183 7faa67fff700 20 SERVER_SIGNATURE= >> > 2014-01-08 18:00:35.161183 7faa67fff700 20 SERVER_SOFTWARE=Apache/2.2.22 >> > (Ubuntu) >> > 2014-01-08 18:00:35.161184 7faa67fff700 20 SERVER_NAME=isp.inmobi.com >> > 2014-01-08 18:00:35.161185 7faa67fff700 20 SERVER_ADDR=10.2.4.203 >> > 2014-01-08 18:00:35.161185 7faa67fff700 20 SERVER_PORT=80 >> > 2014-01-08 18:00:35.161186 7faa67fff700 20 REMOTE_ADDR=10.14.100.34 >> > 2014-01-08 18:00:35.161187 7faa67fff700 20 DOCUMENT_ROOT=/var/www >> > 2014-01-08 18:00:35.161187 7faa67fff700 20 >> > SERVER_ADMIN=app-ops@xxxxxxxxxx >> > 2014-01-08 18:00:35.161188 7faa67fff700 20 >> > SCRIPT_FILENAME=/var/www/s3gw.fcgi >> > 2014-01-08 18:00:35.161188 7faa67fff700 20 REMOTE_PORT=50702 >> > 2014-01-08 18:00:35.161189 7faa67fff700 20 GATEWAY_INTERFACE=CGI/1.1 >> > 2014-01-08 18:00:35.161189 7faa67fff700 20 SERVER_PROTOCOL=HTTP/1.1 >> > 2014-01-08 18:00:35.161190 7faa67fff700 20 REQUEST_METHOD=PUT >> > 2014-01-08 18:00:35.161190 7faa67fff700 20 >> > QUERY_STRING=page=Test3¶ms=&acl >> > 2014-01-08 18:00:35.161191 7faa67fff700 20 REQUEST_URI=/Test3?acl >> > 2014-01-08 18:00:35.161191 7faa67fff700 20 SCRIPT_NAME=/Test3 >> > 2014-01-08 18:00:35.161192 7faa67fff700 2 req 22:0.000160:s3:PUT >> > /Test3::getting op >> > 2014-01-08 18:00:35.161195 7faa67fff700 2 req 22:0.000163:s3:PUT >> > /Test3:put_acls:authorizing >> > 2014-01-08 18:00:35.161214 7faa67fff700 20 get_obj_state: >> > rctx=0x7faa20005110 obj=.us-east-1.users:RDDGMHRBXJN6HY3BOEO7 >> > state=0x7faa200051d8 s->prefetch_data=0 >> > 2014-01-08 18:00:35.161224 7faa67fff700 10 moving >> > .us-east-1.users+RDDGMHRBXJN6HY3BOEO7 to cache LRU end >> > 2014-01-08 18:00:35.161227 7faa67fff700 10 cache get: >> > name=.us-east-1.users+RDDGMHRBXJN6HY3BOEO7 : hit >> > 2014-01-08 18:00:35.161233 7faa67fff700 20 get_obj_state: s->obj_tag was >> > set >> > empty >> > 2014-01-08 18:00:35.161238 7faa67fff700 10 moving >> > .us-east-1.users+RDDGMHRBXJN6HY3BOEO7 to cache LRU end >> > 2014-01-08 18:00:35.161239 7faa67fff700 10 cache get: >> > name=.us-east-1.users+RDDGMHRBXJN6HY3BOEO7 : hit >> > 2014-01-08 18:00:35.161252 7faa67fff700 20 get_obj_state: >> > rctx=0x7faa20005300 obj=.us-east-1.users.uid:app-ops >> > state=0x7faa20005948 >> > s->prefetch_data=0 >> > 2014-01-08 18:00:35.161260 7faa67fff700 10 moving >> > .us-east-1.users.uid+app-ops to cache LRU end >> > 2014-01-08 18:00:35.161262 7faa67fff700 10 cache get: >> > name=.us-east-1.users.uid+app-ops : hit >> > 2014-01-08 18:00:35.161265 7faa67fff700 20 get_obj_state: s->obj_tag was >> > set >> > empty >> > 2014-01-08 18:00:35.161268 7faa67fff700 10 moving >> > .us-east-1.users.uid+app-ops to cache LRU end >> > 2014-01-08 18:00:35.161269 7faa67fff700 10 cache get: >> > name=.us-east-1.users.uid+app-ops : hit >> > 2014-01-08 18:00:35.161304 7faa67fff700 10 get_canon_resource(): >> > dest=/Test3?acl >> > 2014-01-08 18:00:35.161306 7faa67fff700 10 auth_hdr: >> > PUT >> > >> > application/xml >> > Wed, 08 Jan 2014 18:00:34 GMT >> > /Test3?acl >> > 2014-01-08 18:00:35.161373 7faa67fff700 15 calculated >> > digest=N0+TC4Kr2N45xKKxUZkCyHpgQ74= >> > 2014-01-08 18:00:35.161375 7faa67fff700 15 >> > auth_sign=N0+TC4Kr2N45xKKxUZkCyHpgQ74= >> > 2014-01-08 18:00:35.161376 7faa67fff700 15 compare=0 >> > 2014-01-08 18:00:35.161377 7faa67fff700 20 system request >> > 2014-01-08 18:00:35.161381 7faa67fff700 2 req 22:0.000348:s3:PUT >> > /Test3:put_acls:reading permissions >> > 2014-01-08 18:00:35.161391 7faa67fff700 20 get_obj_state: >> > rctx=0x7faa20000ee0 obj=.us-east-1.rgw:Test3 state=0x7faa20006a78 >> > s->prefetch_data=0 >> > 2014-01-08 18:00:35.161397 7faa67fff700 10 moving .us-east-1.rgw+Test3 >> > to >> > cache LRU end >> > 2014-01-08 18:00:35.161399 7faa67fff700 10 cache get: >> > name=.us-east-1.rgw+Test3 : hit >> > 2014-01-08 18:00:35.161403 7faa67fff700 20 get_obj_state: s->obj_tag was >> > set >> > empty >> > 2014-01-08 18:00:35.161404 7faa67fff700 20 Read xattr: user.rgw.idtag >> > 2014-01-08 18:00:35.161405 7faa67fff700 20 Read xattr: user.rgw.manifest >> > 2014-01-08 18:00:35.161407 7faa67fff700 10 moving .us-east-1.rgw+Test3 >> > to >> > cache LRU end >> > 2014-01-08 18:00:35.161408 7faa67fff700 10 cache get: >> > name=.us-east-1.rgw+Test3 : hit >> > 2014-01-08 18:00:35.161462 7faa67fff700 20 rgw_get_bucket_info: bucket >> > instance: >> > >> > Test3(@{i=.us-east-1.rgw.buckets.index}.us-east-1.rgw.buckets[east-1.8607.1]) >> > 2014-01-08 18:00:35.161547 7faa67fff700 20 reading from >> > .us-east-1.rgw:.bucket.meta.Test3:east-1.8607.1 >> > 2014-01-08 18:00:35.161551 7faa67fff700 20 get_obj_state: >> > rctx=0x7faa20000ee0 obj=.us-east-1.rgw:.bucket.meta.Test3:east-1.8607.1 >> > state=0x7faa200076f8 s->prefetch_data=0 >> > 2014-01-08 18:00:35.161557 7faa67fff700 10 moving >> > .us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 to cache LRU end >> > 2014-01-08 18:00:35.161559 7faa67fff700 10 cache get: >> > name=.us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 : hit >> > 2014-01-08 18:00:35.161564 7faa67fff700 20 get_obj_state: s->obj_tag was >> > set >> > empty >> > 2014-01-08 18:00:35.161565 7faa67fff700 20 Read xattr: user.rgw.acl >> > 2014-01-08 18:00:35.161567 7faa67fff700 20 Read xattr: user.rgw.idtag >> > 2014-01-08 18:00:35.161568 7faa67fff700 20 Read xattr: user.rgw.manifest >> > 2014-01-08 18:00:35.161570 7faa67fff700 10 moving >> > .us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 to cache LRU end >> > 2014-01-08 18:00:35.161572 7faa67fff700 10 cache get: >> > name=.us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 : hit >> > 2014-01-08 18:00:35.161592 7faa67fff700 15 Read >> > AccessControlPolicy<AccessControlPolicy >> > >> > xmlns="http://s3.amazonaws.com/doc/2006-03-01/";><Owner><ID>app-ops</ID><DisplayName>Region-US >> > Zone-East</DisplayName></Owner><AccessControlList><Grant><Grantee >> > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; >> > xsi:type="CanonicalUser"><ID>jaseer</ID><DisplayName>Jaseer >> > >> > TK</DisplayName></Grantee><Permission>READ</Permission></Grant></AccessControlList></AccessControlPolicy> >> > 2014-01-08 18:00:35.161604 7faa67fff700 15 Read >> > AccessControlPolicy<AccessControlPolicy >> > >> > xmlns="http://s3.amazonaws.com/doc/2006-03-01/";><Owner><ID>app-ops</ID><DisplayName>Region-US >> > Zone-East</DisplayName></Owner><AccessControlList><Grant><Grantee >> > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; >> > xsi:type="CanonicalUser"><ID>jaseer</ID><DisplayName>Jaseer >> > >> > TK</DisplayName></Grantee><Permission>READ</Permission></Grant></AccessControlList></AccessControlPolicy> >> > 2014-01-08 18:00:35.161610 7faa67fff700 2 req 22:0.000578:s3:PUT >> > /Test3:put_acls:init op >> > 2014-01-08 18:00:35.161613 7faa67fff700 2 req 22:0.000581:s3:PUT >> > /Test3:put_acls:verifying op mask >> > 2014-01-08 18:00:35.161615 7faa67fff700 20 required_mask= 2 >> > user.op_mask=7 >> > 2014-01-08 18:00:35.161616 7faa67fff700 2 req 22:0.000584:s3:PUT >> > /Test3:put_acls:verifying op permissions >> > 2014-01-08 18:00:35.161619 7faa67fff700 5 Searching permissions for >> > uid=app-ops mask=56 >> > 2014-01-08 18:00:35.161620 7faa67fff700 5 Permissions for user not >> > found >> > 2014-01-08 18:00:35.161621 7faa67fff700 5 Searching permissions for >> > group=1 >> > mask=56 >> > 2014-01-08 18:00:35.161622 7faa67fff700 5 Permissions for group not >> > found >> > 2014-01-08 18:00:35.161623 7faa67fff700 5 Searching permissions for >> > group=2 >> > mask=56 >> > 2014-01-08 18:00:35.161624 7faa67fff700 5 Permissions for group not >> > found >> > 2014-01-08 18:00:35.161625 7faa67fff700 5 Getting permissions >> > id=app-ops >> > owner=app-ops perm=8 >> > 2014-01-08 18:00:35.161626 7faa67fff700 10 uid=app-ops requested perm >> > (type)=8, policy perm=8, user_perm_mask=8, acl perm=8 >> > 2014-01-08 18:00:35.161627 7faa67fff700 2 req 22:0.000595:s3:PUT >> > /Test3:put_acls:verifying op params >> > 2014-01-08 18:00:35.161629 7faa67fff700 2 req 22:0.000597:s3:PUT >> > /Test3:put_acls:executing >> > 2014-01-08 18:00:35.161641 7faa67fff700 15 read len=447 data=<?xml >> > version="1.0"?> >> > <AccessControlPolicy> >> > <Owner> >> > <ID>app-ops</ID> >> > <DisplayName>Region-US Zone-East</DisplayName> >> > </Owner> >> > <AccessControlList> >> > <Grant> >> > <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; >> > xsi:type="CanonicalUser"> >> > <ID>jaseer</ID> >> > <DisplayName>Jaseer TK</DisplayName> >> > </Grantee> >> > <Permission>READ</Permission> >> > </Grant> >> > </AccessControlList> >> > </AccessControlPolicy> >> > >> > 2014-01-08 18:00:35.161701 7faa67fff700 15 Old >> > AccessControlPolicy<AccessControlPolicy >> > >> > xmlns="http://s3.amazonaws.com/doc/2006-03-01/";><Owner><ID>app-ops</ID><DisplayName>Region-US >> > Zone-East</DisplayName></Owner><AccessControlList><Grant><Grantee >> > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; >> > xsi:type="CanonicalUser"><ID>jaseer</ID><DisplayName>Jaseer >> > >> > TK</DisplayName></Grantee><Permission>READ</Permission></Grant></AccessControlList></AccessControlPolicy> >> > 2014-01-08 18:00:35.161712 7faa67fff700 20 get_obj_state: >> > rctx=0x7faa2000d9b0 obj=.us-east-1.users.uid:app-ops >> > state=0x7faa2000dd68 >> > s->prefetch_data=0 >> > 2014-01-08 18:00:35.161718 7faa67fff700 10 moving >> > .us-east-1.users.uid+app-ops to cache LRU end >> > 2014-01-08 18:00:35.161723 7faa67fff700 10 cache get: >> > name=.us-east-1.users.uid+app-ops : hit >> > 2014-01-08 18:00:35.161726 7faa67fff700 20 get_obj_state: s->obj_tag was >> > set >> > empty >> > 2014-01-08 18:00:35.161730 7faa67fff700 10 moving >> > .us-east-1.users.uid+app-ops to cache LRU end >> > 2014-01-08 18:00:35.161731 7faa67fff700 10 cache get: >> > name=.us-east-1.users.uid+app-ops : hit >> > 2014-01-08 18:00:35.161744 7faa67fff700 20 owner id=app-ops >> > 2014-01-08 18:00:35.161746 7faa67fff700 20 dest owner id=app-ops >> > 2014-01-08 18:00:35.161750 7faa67fff700 20 get_obj_state: >> > rctx=0x7faa2000e1a0 obj=.us-east-1.users.uid:jaseer state=0x7faa2000e668 >> > s->prefetch_data=0 >> > 2014-01-08 18:00:35.161755 7faa67fff700 10 moving >> > .us-east-1.users.uid+jaseer to cache LRU end >> > 2014-01-08 18:00:35.161756 7faa67fff700 10 cache get: >> > name=.us-east-1.users.uid+jaseer : hit >> > 2014-01-08 18:00:35.161759 7faa67fff700 20 get_obj_state: s->obj_tag was >> > set >> > empty >> > 2014-01-08 18:00:35.161762 7faa67fff700 10 moving >> > .us-east-1.users.uid+jaseer to cache LRU end >> > 2014-01-08 18:00:35.161763 7faa67fff700 10 cache get: >> > name=.us-east-1.users.uid+jaseer : hit >> > 2014-01-08 18:00:35.161771 7faa67fff700 10 new grant: jaseer:Jaseer TK >> > 2014-01-08 18:00:35.161775 7faa67fff700 15 New >> > AccessControlPolicy:<AccessControlPolicy >> > >> > xmlns="http://s3.amazonaws.com/doc/2006-03-01/";><Owner><ID>app-ops</ID><DisplayName>Region-US >> > Zone-East</DisplayName></Owner><AccessControlList><Grant><Grantee >> > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; >> > xsi:type="CanonicalUser"><ID>jaseer</ID><DisplayName>Jaseer >> > >> > TK</DisplayName></Grantee><Permission>READ</Permission></Grant></AccessControlList></AccessControlPolicy> >> > 2014-01-08 18:00:35.161873 7faa67fff700 1 -- 10.2.4.203:0/1004169 --> >> > 10.2.4.203:6855/22095 -- osd_op(client.8604.0:1243 >> > .bucket.meta.Test3:east-1.8607.1 [call version.check_conds,call >> > version.set,setxattr user.rgw.acl (150)] 16.7d61d036 e567) v4 -- ?+0 >> > 0x7faa2000fd30 con 0x7faabc032950 >> > 2014-01-08 18:00:35.190879 7faad8d3c700 1 -- 10.2.4.203:0/1004169 <== >> > osd.56 10.2.4.203:6855/22095 1 ==== osd_op_reply(1243 >> > .bucket.meta.Test3:east-1.8607.1 [call,call,setxattr (150)] v567'4 uv4 >> > ondisk = 0) v6 ==== 275+0+0 (1563155070 0 0) 0x7fa9d0000fa0 con >> > 0x7faabc032950 >> > 2014-01-08 18:00:35.191067 7faa67fff700 10 cache put: >> > name=.us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 >> > 2014-01-08 18:00:35.191104 7faa67fff700 10 moving >> > .us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 to cache LRU end >> > 2014-01-08 18:00:35.191108 7faa67fff700 10 appending xattr: >> > name=user.rgw.acl bl.length()=150 >> > 2014-01-08 18:00:35.191132 7faa67fff700 10 distributing notification >> > oid=notify.5 bl.length()=458 >> > 2014-01-08 18:00:35.191206 7faa67fff700 1 -- 10.2.4.203:0/1004169 --> >> > 10.2.4.90:6826/28037 -- osd_op(client.8604.0:1244 notify.5 [notify 13~0] >> > 5.31099063 e567) v4 -- ?+0 0x7faa2000f900 con 0x2191210 >> > 2014-01-08 18:00:35.192695 7faad8d3c700 1 -- 10.2.4.203:0/1004169 <== >> > osd.10 10.2.4.90:6826/28037 100 ==== watch-notify(c=6 v=1 >> > i=2435246456858 >> > opcode=1) v1 ==== 488+0+0 (3994886606 0 0) 0x7faa8000bf30 con 0x2191210 >> > 2014-01-08 18:00:35.192919 7faad1ffb700 10 RGWWatcher::notify() opcode=1 >> > ver=1 bl.length()=458 >> > 2014-01-08 18:00:35.193030 7faad1ffb700 10 cache put: >> > name=.us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 >> > 2014-01-08 18:00:35.193037 7faad1ffb700 10 moving >> > .us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 to cache LRU end >> > 2014-01-08 18:00:35.193041 7faad1ffb700 10 appending xattr: >> > name=user.rgw.acl bl.length()=150 >> > 2014-01-08 18:00:35.193103 7faad1ffb700 1 -- 10.2.4.203:0/1004169 --> >> > 10.2.4.90:6826/28037 -- osd_op(client.8604.0:1245 notify.5 [notify-ack >> > 2435246456858~1] 5.31099063 e567) v4 -- ?+0 0x7faa840048d0 con 0x2191210 >> > 2014-01-08 18:00:35.193114 7faad8d3c700 1 -- 10.2.4.203:0/1004169 <== >> > osd.10 10.2.4.90:6826/28037 101 ==== osd_op_reply(1244 notify.5 [notify >> > 13~0] v0'0 uv1 ondisk = 0) v6 ==== 167+0+0 (1829242010 0 0) >> > 0x7faa8001db70 >> > con 0x2191210 >> > 2014-01-08 18:00:35.194590 7faad8d3c700 1 -- 10.2.4.203:0/1004169 <== >> > osd.10 10.2.4.90:6826/28037 102 ==== osd_op_reply(1245 notify.5 >> > [notify-ack >> > 2435246456858~1] v0'0 uv1 ondisk = 0) v6 ==== 167+0+0 (2561335616 0 0) >> > 0x7faa8001db70 con 0x2191210 >> > 2014-01-08 18:00:35.194931 7faad8d3c700 1 -- 10.2.4.203:0/1004169 <== >> > osd.10 10.2.4.90:6826/28037 103 ==== watch-notify(c=13 v=1 >> > i=2435246456858 >> > opcode=1) v1 ==== 488+0+0 (1666694009 0 0) 0x7faa8001db70 con 0x2191210 >> > 2014-01-08 18:00:35.195164 7faad1ffb700 1 -- 10.2.4.203:0/1004169 --> >> > 10.2.4.90:6826/28037 -- osd_op(client.8604.0:1246 notify.5 [notify-ack >> > 2435246456858~1] 5.31099063 e567) v4 -- ?+0 0x7faa840048d0 con 0x2191210 >> > 2014-01-08 18:00:35.195532 7faa67fff700 2 req 22:0.034499:s3:PUT >> > /Test3:put_acls:http status=200 >> > 2014-01-08 18:00:35.195818 7faa67fff700 1 ====== req done req=0x21829b0 >> > http_status=200 ====== >> > >> > >> > >> > ========================= >> > >> > >> > Logs for s3 file deletion: >> > >> > ======= >> > 2014-01-08 18:06:46.389380 7faae2d93780 20 enqueued request >> > req=0x214c030 >> > 2014-01-08 18:06:46.389405 7faae2d93780 20 RGWWQ: >> > 2014-01-08 18:06:46.389407 7faae2d93780 20 req: 0x214c030 >> > 2014-01-08 18:06:46.389473 7faae2d93780 10 allocated request >> > req=0x217a960 >> > 2014-01-08 18:06:46.389529 7faa3c7b8700 20 dequeued request >> > req=0x214c030 >> > 2014-01-08 18:06:46.389539 7faa3c7b8700 20 RGWWQ: empty >> > 2014-01-08 18:06:46.389552 7faa3c7b8700 1 ====== starting new request >> > req=0x214c030 ===== >> > 2014-01-08 18:06:46.389615 7faa3c7b8700 2 req 24:0.000064::DELETE >> > /Test3/vip.txt::initializing >> > 2014-01-08 18:06:46.389622 7faa3c7b8700 10 host=isp.inmobi.com >> > rgw_dns_name=isp.inmobi.com >> > 2014-01-08 18:06:46.389634 7faa3c7b8700 10 meta>> HTTP_X_AMZ_DATE >> > 2014-01-08 18:06:46.389640 7faa3c7b8700 10 x>> x-amz-date:Wed, 08 Jan >> > 2014 >> > 18:06:42 +0000 >> > 2014-01-08 18:06:46.389658 7faa3c7b8700 10 s->object=vip.txt >> > s->bucket=Test3 >> > 2014-01-08 18:06:46.389665 7faa3c7b8700 20 FCGI_ROLE=RESPONDER >> > 2014-01-08 18:06:46.389666 7faa3c7b8700 20 SCRIPT_URL=/Test3/vip.txt >> > 2014-01-08 18:06:46.389667 7faa3c7b8700 20 >> > SCRIPT_URI=http://isp.inmobi.com/Test3/vip.txt >> > 2014-01-08 18:06:46.389668 7faa3c7b8700 20 HTTP_AUTHORIZATION=AWS >> > TJA9G6SOY6VERRZ629JP:PEPnhNtMAMFcg6h+OYGArn+RMX8= >> > 2014-01-08 18:06:46.389669 7faa3c7b8700 20 HTTP_HOST=isp.inmobi.com >> > 2014-01-08 18:06:46.389670 7faa3c7b8700 20 HTTP_ACCEPT_ENCODING=identity >> > 2014-01-08 18:06:46.389670 7faa3c7b8700 20 CONTENT_LENGTH=0 >> > 2014-01-08 18:06:46.389671 7faa3c7b8700 20 HTTP_X_AMZ_DATE=Wed, 08 Jan >> > 2014 >> > 18:06:42 +0000 >> > 2014-01-08 18:06:46.389672 7faa3c7b8700 20 >> > PATH=/usr/local/bin:/usr/bin:/bin >> > 2014-01-08 18:06:46.389672 7faa3c7b8700 20 SERVER_SIGNATURE= >> > 2014-01-08 18:06:46.389673 7faa3c7b8700 20 SERVER_SOFTWARE=Apache/2.2.22 >> > (Ubuntu) >> > 2014-01-08 18:06:46.389673 7faa3c7b8700 20 SERVER_NAME=isp.inmobi.com >> > 2014-01-08 18:06:46.389674 7faa3c7b8700 20 SERVER_ADDR=10.2.4.203 >> > 2014-01-08 18:06:46.389674 7faa3c7b8700 20 SERVER_PORT=80 >> > 2014-01-08 18:06:46.389675 7faa3c7b8700 20 REMOTE_ADDR=10.14.118.100 >> > 2014-01-08 18:06:46.389675 7faa3c7b8700 20 DOCUMENT_ROOT=/var/www >> > 2014-01-08 18:06:46.389676 7faa3c7b8700 20 >> > SERVER_ADMIN=app-ops@xxxxxxxxxx >> > 2014-01-08 18:06:46.389676 7faa3c7b8700 20 >> > SCRIPT_FILENAME=/var/www/s3gw.fcgi >> > 2014-01-08 18:06:46.389677 7faa3c7b8700 20 REMOTE_PORT=33904 >> > 2014-01-08 18:06:46.389678 7faa3c7b8700 20 GATEWAY_INTERFACE=CGI/1.1 >> > 2014-01-08 18:06:46.389679 7faa3c7b8700 20 SERVER_PROTOCOL=HTTP/1.1 >> > 2014-01-08 18:06:46.389680 7faa3c7b8700 20 REQUEST_METHOD=DELETE >> > 2014-01-08 18:06:46.389681 7faa3c7b8700 20 >> > QUERY_STRING=page=Test3¶ms=/vip.txt >> > 2014-01-08 18:06:46.389681 7faa3c7b8700 20 REQUEST_URI=/Test3/vip.txt >> > 2014-01-08 18:06:46.389682 7faa3c7b8700 20 SCRIPT_NAME=/Test3/vip.txt >> > 2014-01-08 18:06:46.389683 7faa3c7b8700 2 req 24:0.000132:s3:DELETE >> > /Test3/vip.txt::getting op >> > 2014-01-08 18:06:46.389686 7faa3c7b8700 2 req 24:0.000135:s3:DELETE >> > /Test3/vip.txt:delete_obj:authorizing >> > 2014-01-08 18:06:46.389708 7faa3c7b8700 20 get_obj_state: >> > rctx=0x7faa8c004b70 obj=.us-east-1.users:TJA9G6SOY6VERRZ629JP >> > state=0x7faa8c004c38 s->prefetch_data=0 >> > 2014-01-08 18:06:46.389719 7faa3c7b8700 10 moving >> > .us-east-1.users+TJA9G6SOY6VERRZ629JP to cache LRU end >> > 2014-01-08 18:06:46.389722 7faa3c7b8700 10 cache get: >> > name=.us-east-1.users+TJA9G6SOY6VERRZ629JP : hit >> > 2014-01-08 18:06:46.389731 7faa3c7b8700 20 get_obj_state: s->obj_tag was >> > set >> > empty >> > 2014-01-08 18:06:46.389736 7faa3c7b8700 10 moving >> > .us-east-1.users+TJA9G6SOY6VERRZ629JP to cache LRU end >> > 2014-01-08 18:06:46.389737 7faa3c7b8700 10 cache get: >> > name=.us-east-1.users+TJA9G6SOY6VERRZ629JP : hit >> > 2014-01-08 18:06:46.389753 7faa3c7b8700 20 get_obj_state: >> > rctx=0x7faa8c004d60 obj=.us-east-1.users.uid:jaseer state=0x7faa8c006b18 >> > s->prefetch_data=0 >> > 2014-01-08 18:06:46.389758 7faa3c7b8700 10 moving >> > .us-east-1.users.uid+jaseer to cache LRU end >> > 2014-01-08 18:06:46.389760 7faa3c7b8700 10 cache get: >> > name=.us-east-1.users.uid+jaseer : hit >> > 2014-01-08 18:06:46.389763 7faa3c7b8700 20 get_obj_state: s->obj_tag was >> > set >> > empty >> > 2014-01-08 18:06:46.389766 7faa3c7b8700 10 moving >> > .us-east-1.users.uid+jaseer to cache LRU end >> > 2014-01-08 18:06:46.389767 7faa3c7b8700 10 cache get: >> > name=.us-east-1.users.uid+jaseer : hit >> > 2014-01-08 18:06:46.389808 7faa3c7b8700 10 get_canon_resource(): >> > dest=/Test3/vip.txt >> > 2014-01-08 18:06:46.389811 7faa3c7b8700 10 auth_hdr: >> > DELETE >> > >> > >> > >> > x-amz-date:Wed, 08 Jan 2014 18:06:42 +0000 >> > /Test3/vip.txt >> > 2014-01-08 18:06:46.389885 7faa3c7b8700 15 calculated >> > digest=PEPnhNtMAMFcg6h+OYGArn+RMX8= >> > 2014-01-08 18:06:46.389887 7faa3c7b8700 15 >> > auth_sign=PEPnhNtMAMFcg6h+OYGArn+RMX8= >> > 2014-01-08 18:06:46.389888 7faa3c7b8700 15 compare=0 >> > 2014-01-08 18:06:46.389890 7faa3c7b8700 20 system request >> > 2014-01-08 18:06:46.389892 7faa3c7b8700 2 req 24:0.000341:s3:DELETE >> > /Test3/vip.txt:delete_obj:reading permissions >> > 2014-01-08 18:06:46.389904 7faa3c7b8700 20 get_obj_state: >> > rctx=0x7faa8c000fe0 obj=.us-east-1.rgw:Test3 state=0x7faa8c005c98 >> > s->prefetch_data=0 >> > 2014-01-08 18:06:46.389911 7faa3c7b8700 10 moving .us-east-1.rgw+Test3 >> > to >> > cache LRU end >> > 2014-01-08 18:06:46.389912 7faa3c7b8700 10 cache get: >> > name=.us-east-1.rgw+Test3 : hit >> > 2014-01-08 18:06:46.389917 7faa3c7b8700 20 get_obj_state: s->obj_tag was >> > set >> > empty >> > 2014-01-08 18:06:46.389920 7faa3c7b8700 20 Read xattr: user.rgw.idtag >> > 2014-01-08 18:06:46.389921 7faa3c7b8700 20 Read xattr: user.rgw.manifest >> > 2014-01-08 18:06:46.389924 7faa3c7b8700 10 moving .us-east-1.rgw+Test3 >> > to >> > cache LRU end >> > 2014-01-08 18:06:46.389925 7faa3c7b8700 10 cache get: >> > name=.us-east-1.rgw+Test3 : hit >> > 2014-01-08 18:06:46.389934 7faa3c7b8700 20 rgw_get_bucket_info: bucket >> > instance: >> > >> > Test3(@{i=.us-east-1.rgw.buckets.index}.us-east-1.rgw.buckets[east-1.8607.1]) >> > 2014-01-08 18:06:46.389939 7faa3c7b8700 20 reading from >> > .us-east-1.rgw:.bucket.meta.Test3:east-1.8607.1 >> > 2014-01-08 18:06:46.389944 7faa3c7b8700 20 get_obj_state: >> > rctx=0x7faa8c000fe0 obj=.us-east-1.rgw:.bucket.meta.Test3:east-1.8607.1 >> > state=0x7faa8c00a5e8 s->prefetch_data=0 >> > 2014-01-08 18:06:46.389949 7faa3c7b8700 10 moving >> > .us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 to cache LRU end >> > 2014-01-08 18:06:46.389950 7faa3c7b8700 10 cache get: >> > name=.us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 : hit >> > 2014-01-08 18:06:46.389955 7faa3c7b8700 20 get_obj_state: s->obj_tag was >> > set >> > empty >> > 2014-01-08 18:06:46.389956 7faa3c7b8700 20 Read xattr: user.rgw.acl >> > 2014-01-08 18:06:46.389957 7faa3c7b8700 20 Read xattr: user.rgw.idtag >> > 2014-01-08 18:06:46.389958 7faa3c7b8700 20 Read xattr: user.rgw.manifest >> > 2014-01-08 18:06:46.389961 7faa3c7b8700 10 moving >> > .us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 to cache LRU end >> > 2014-01-08 18:06:46.389963 7faa3c7b8700 10 cache get: >> > name=.us-east-1.rgw+.bucket.meta.Test3:east-1.8607.1 : hit >> > 2014-01-08 18:06:46.389980 7faa3c7b8700 15 Read >> > AccessControlPolicy<AccessControlPolicy >> > >> > xmlns="http://s3.amazonaws.com/doc/2006-03-01/";><Owner><ID>app-ops</ID><DisplayName>Region-US >> > Zone-East</DisplayName></Owner><AccessControlList><Grant><Grantee >> > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; >> > xsi:type="CanonicalUser"><ID>jaseer</ID><DisplayName>Jaseer >> > >> > TK</DisplayName></Grantee><Permission>READ</Permission></Grant></AccessControlList></AccessControlPolicy> >> > 2014-01-08 18:06:46.389988 7faa3c7b8700 2 req 24:0.000437:s3:DELETE >> > /Test3/vip.txt:delete_obj:init op >> > 2014-01-08 18:06:46.389992 7faa3c7b8700 2 req 24:0.000440:s3:DELETE >> > /Test3/vip.txt:delete_obj:verifying op mask >> > 2014-01-08 18:06:46.389993 7faa3c7b8700 20 required_mask= 4 >> > user.op_mask=7 >> > 2014-01-08 18:06:46.389994 7faa3c7b8700 2 req 24:0.000443:s3:DELETE >> > /Test3/vip.txt:delete_obj:verifying op permissions >> > 2014-01-08 18:06:46.389997 7faa3c7b8700 5 Searching permissions for >> > uid=jaseer mask=50 >> > 2014-01-08 18:06:46.389999 7faa3c7b8700 5 Found permission: 1 >> > 2014-01-08 18:06:46.390000 7faa3c7b8700 5 Searching permissions for >> > group=1 >> > mask=50 >> > 2014-01-08 18:06:46.390001 7faa3c7b8700 5 Permissions for group not >> > found >> > 2014-01-08 18:06:46.390002 7faa3c7b8700 5 Searching permissions for >> > group=2 >> > mask=50 >> > 2014-01-08 18:06:46.390003 7faa3c7b8700 5 Permissions for group not >> > found >> > 2014-01-08 18:06:46.390003 7faa3c7b8700 5 Getting permissions id=jaseer >> > owner=app-ops perm=0 >> > 2014-01-08 18:06:46.390004 7faa3c7b8700 10 uid=jaseer requested perm >> > (type)=2, policy perm=0, user_perm_mask=2, acl perm=0 >> > 2014-01-08 18:06:46.390006 7faa3c7b8700 2 overriding permissions due to >> > system operation >> > 2014-01-08 18:06:46.390007 7faa3c7b8700 2 req 24:0.000456:s3:DELETE >> > /Test3/vip.txt:delete_obj:verifying op params >> > 2014-01-08 18:06:46.390008 7faa3c7b8700 2 req 24:0.000457:s3:DELETE >> > /Test3/vip.txt:delete_obj:executing >> > 2014-01-08 18:06:46.390017 7faa3c7b8700 20 get_obj_state: >> > rctx=0x7faa8c000fe0 obj=Test3:vip.txt state=0x7faa8c008078 >> > s->prefetch_data=0 >> > 2014-01-08 18:06:46.390068 7faa3c7b8700 1 -- 10.2.4.203:0/1004169 --> >> > 10.2.4.203:6865/22234 -- osd_op(client.8604.0:1248 east-1.8607.1_vip.txt >> > [getxattrs,stat] 8.eb952482 e567) v4 -- ?+0 0x7faa8c008eb0 con >> > 0x7faabc043070 >> > 2014-01-08 18:06:46.392062 7faad8d3c700 1 -- 10.2.4.203:0/1004169 <== >> > osd.54 10.2.4.203:6865/22234 1 ==== osd_op_reply(1248 >> > east-1.8607.1_vip.txt >> > [getxattrs,stat] v0'0 uv59 ondisk = 0) v6 ==== 222+0+807 (325389612 0 >> > 3984178414) 0x7faa18001a30 con 0x7faabc043070 >> > 2014-01-08 18:06:46.392290 7faa3c7b8700 10 manifest: total_size = 1621 >> > 2014-01-08 18:06:46.392305 7faa3c7b8700 10 manifest: ofs=0 >> > loc=Test3:vip.txt >> > 2014-01-08 18:06:46.392308 7faa3c7b8700 20 get_obj_state: setting >> > s->obj_tag >> > to east-1.8607.1055 >> > 2014-01-08 18:06:46.392352 7faa3c7b8700 10 setting object >> > write_tag=_I_fXnf11cDCPWJ0oFS5dVwsVgDFziHe >> > 2014-01-08 18:06:46.392413 7faa3c7b8700 1 -- 10.2.4.203:0/1004169 --> >> > 10.2.4.203:6845/21995 -- osd_op(client.8604.0:1249 .dir.east-1.8607.1 >> > [call >> > rgw.bucket_prepare_op] 7.8e7e5c51 e567) v4 -- ?+0 0x7faa8c00b300 con >> > 0x7faabc036150 >> > 2014-01-08 18:06:46.436377 7faad8d3c700 1 -- 10.2.4.203:0/1004169 <== >> > osd.58 10.2.4.203:6845/21995 2 ==== osd_op_reply(1249 .dir.east-1.8607.1 >> > [call] v567'10 uv10 ondisk = 0) v6 ==== 177+0+0 (779774278 0 0) >> > 0x7faa2000edb0 con 0x7faabc036150 >> > 2014-01-08 18:06:46.436616 7faa3c7b8700 1 -- 10.2.4.203:0/1004169 --> >> > 10.2.4.203:6865/22234 -- osd_op(client.8604.0:1250 east-1.8607.1_vip.txt >> > [cmpxattr user.rgw.idtag (17) op 1 mode 1,setxattr user.rgw.idtag >> > (33),call >> > refcount.put] 8.eb952482 e567) v4 -- ?+0 0x7faa8c009d50 con >> > 0x7faabc043070 >> > 2014-01-08 18:06:46.463235 7faad8d3c700 1 -- 10.2.4.203:0/1004169 <== >> > osd.54 10.2.4.203:6865/22234 2 ==== osd_op_reply(1250 >> > east-1.8607.1_vip.txt >> > [cmpxattr (17) op 1 mode 1,setxattr (33),call] v567'60 uv60 ondisk = 0) >> > v6 >> > ==== 264+0+0 (530216734 0 0) 0x7faa18001440 con 0x7faabc043070 >> > 2014-01-08 18:06:46.463488 7faa3c7b8700 1 -- 10.2.4.203:0/1004169 --> >> > 10.2.4.203:6845/21995 -- osd_op(client.8604.0:1251 .dir.east-1.8607.1 >> > [call >> > rgw.bucket_complete_op] 7.8e7e5c51 e567) v4 -- ?+0 0x7faa8c00b300 con >> > 0x7faabc036150 >> > 2014-01-08 18:06:46.463677 7faa3c7b8700 1 -- 10.2.4.203:0/1004169 --> >> > 10.2.4.90:6895/359 -- osd_op(client.8604.0:1252 gc.7 [call >> > rgw.gc_set_entry] >> > 6.21d2251d e567) v4 -- ?+0 0x7faa8c00f2c0 con 0x7faabc033610 >> > 2014-01-08 18:06:46.463730 7faa3c7b8700 2 req 24:0.074179:s3:DELETE >> > /Test3/vip.txt:delete_obj:http status=204 >> > 2014-01-08 18:06:46.463954 7faa3c7b8700 1 ====== req done req=0x214c030 >> > http_status=204 ====== >> > ================= >> > >> > >> > >> > Thank you, >> > Jaseer TK >> > >> > >> > On Wed, Jan 8, 2014 at 11:13 PM, Yehuda Sadeh <yehuda@xxxxxxxxxxx> >> > wrote: >> >> >> >> On Wed, Jan 8, 2014 at 9:40 AM, Jaseer Tk <jaseer.tk@xxxxxxxxxx> wrote: >> >> > >> >> > Thanks Yehuda, >> >> > >> >> > But I am seeing only this much in the logs with the log options we >> >> > set. >> >> > I'll >> >> > try once again and update you. >> >> >> >> There should be much more. >> >> >> >> > >> >> > Do you think any global parameter (like region/zone settings or >> >> > user's >> >> > privileges ) could be causing these buckets to be writable all users >> >> > ? >> >> > >> >> >> >> At the moment it looks like all users are actually mapping to the same >> >> user, or something along that line. It is not highly unlikely that >> >> misconfiguration caused it. >> >> >> >> Yehuda >> >> >> >> >> >> > Thank you, >> >> > Jaseer TK >> >> > >> >> > >> >> > >> >> > >> >> > >> >> > On Wed, Jan 8, 2014 at 10:27 PM, Yehuda Sadeh <yehuda@xxxxxxxxxxx> >> >> > wrote: >> >> >> >> >> >> On Tue, Jan 7, 2014 at 11:16 PM, Jaseer Tk <jaseer.tk@xxxxxxxxxx> >> >> >> wrote: >> >> >> > >> >> >> > Hi Yehuda, >> >> >> > >> >> >> > Thanks for response. >> >> >> > >> >> >> > my setup is on ubuntu 12.04 servers, ceph pkg's: >> >> >> > >> >> >> > ======== >> >> >> > ii ceph 0.72.2-1precise >> >> >> > distributed storage and file system >> >> >> > ii ceph-common 0.72.2-1precise >> >> >> > common utilities to mount and interact with a ceph storage cluster >> >> >> > ii ceph-fs-common 0.72.2-1precise >> >> >> > common utilities to mount and interact with a ceph file system >> >> >> > ii ceph-mds 0.72.2-1precise >> >> >> > metadata server for the ceph distributed file system >> >> >> > ========== >> >> >> > >> >> >> > rados version: >> >> >> > ===== >> >> >> > ii librados2 0.72.2-1precise >> >> >> > RADOS distributed object store client library >> >> >> > ii radosgw 0.72.2-1precise >> >> >> > REST gateway for RADOS distributed object store >> >> >> > ii radosgw-agent 1.1-1precise >> >> >> > ======= >> >> >> > >> >> >> > >> >> >> > rados conf: >> >> >> > >> >> >> > [client.radosgw.us-east-1] >> >> >> > rgw region = us >> >> >> > rgw region root pool = .us.rgw.root >> >> >> > rgw zone = east-1 >> >> >> > rgw zone root pool = .us-east-1.rgw.root >> >> >> > keyring = /etc/ceph/ceph.client.radosgw.keyring >> >> >> > debug rgw = 20 >> >> >> > debug ms = 1 >> >> >> > rgw_dns_name = my_domain >> >> >> > rgw socket path = /var/run/ceph/client.radosgw.us-east-1.sock >> >> >> > log file = /var/log/ceph/radosgw.log >> >> >> > host = my_rados_hostname >> >> >> > >> >> >> > >> >> >> > Logs while doing putacl, >> >> >> > ========= >> >> >> > 2014-01-08 07:01:00.364967 7f0180f5d700 10 RGWWatcher::notify() >> >> >> > opcode=1 >> >> >> > ver=1 bl.length()=462 >> >> >> > 2014-01-08 07:01:00.365006 7f0180f5d700 10 cache put: >> >> >> > name=.us-east-1.rgw+.bucket.meta.App-Ops:east-1.5350.1 >> >> >> > 2014-01-08 07:01:00.365013 7f0180f5d700 10 moving >> >> >> > .us-east-1.rgw+.bucket.meta.App-Ops:east-1.5350.1 to cache LRU end >> >> >> > 2014-01-08 07:01:00.365017 7f0180f5d700 10 appending xattr: >> >> >> > name=user.rgw.acl bl.length()=150 >> >> >> > 2014-01-08 07:01:01.501663 7f016bfff700 2 >> >> >> > RGWDataChangesLog::ChangesRenewThread: start >> >> >> > ========== >> >> >> >> >> >> These aren't very thorough logs, looks like a very small snippet. Is >> >> >> that all you're getting? >> >> >> >> >> >> >> >> >> > >> >> >> > No rgw logs when doing s3cmd del. >> >> >> > >> >> >> > I am using >> >> >> > http://undesigned.org.za/2007/10/22/amazon-s3-php-class/ >> >> >> > with >> >> >> > minor modifications to use with rados s3 interface. >> >> >> > getacl shows my acl is applied. But user is still able to delete. >> >> >> > Please >> >> >> > let me know if you want me to share my php code for getacl and >> >> >> > putacl. >> >> >> > >> >> >> > >> >> >> > >> >> >> > >> >> >> > -- >> >> >> > Thank you, >> >> >> > Jaseer TK >> >> >> > >> >> >> > >> >> >> > >> >> >> > >> >> >> > >> >> >> > >> >> >> > >> >> >> > >> >> >> > On Tue, Jan 7, 2014 at 9:30 PM, Yehuda Sadeh <yehuda@xxxxxxxxxxx> >> >> >> > wrote: >> >> >> >> >> >> >> >> On Tue, Jan 7, 2014 at 2:40 AM, Jaseer Tk <jaseer.tk@xxxxxxxxxx> >> >> >> >> wrote: >> >> >> >> > >> >> >> >> > Hi all, >> >> >> >> > >> >> >> >> > I tried to apply custom ACL(only Read) on an s3 bucket created. >> >> >> >> > The >> >> >> >> > rules >> >> >> >> > seems to have got applied. But it looks the ACL's not getting >> >> >> >> > honored. >> >> >> >> > >> >> >> >> > when I use getacl, I get the result. >> >> >> >> > ======= >> >> >> >> > >> >> >> >> > Array >> >> >> >> > ( >> >> >> >> > [0] => Array >> >> >> >> > ( >> >> >> >> > [Grantee] => Array >> >> >> >> > ( >> >> >> >> > [ID] => test-user >> >> >> >> > [DisplayName] => Test User >> >> >> >> > ) >> >> >> >> > >> >> >> >> > [Permission] => READ >> >> >> >> > ) >> >> >> >> > >> >> >> >> > ) >> >> >> >> > >> >> >> >> > >> >> >> >> > But Still this user is able to delete files from the bucket :( >> >> >> >> > >> >> >> >> > Am I missing something here ? >> >> >> >> > >> >> >> >> > >> >> >> >> What version are you running? Just tried it with dumpling and it >> >> >> >> worked ok. Can you provide rgw logs for it? (acl setting + >> >> >> >> removal; >> >> >> >> set 'debug rgw = 20' and 'debug ms = 1'). >> >> >> >> >> >> >> >> Thanks, >> >> >> >> Yehuda >> >> >> > >> >> >> > >> >> >> > >> >> >> > _____________________________________________________________ >> >> >> > The information contained in this communication is intended solely >> >> >> > for >> >> >> > the >> >> >> > use of the individual or entity to whom it is addressed and others >> >> >> > authorized to receive it. It may contain confidential or legally >> >> >> > privileged >> >> >> > information. If you are not the intended recipient you are hereby >> >> >> > notified >> >> >> > that any disclosure, copying, distribution or taking any action in >> >> >> > reliance >> >> >> > on the contents of this information is strictly prohibited and may >> >> >> > be >> >> >> > unlawful. If you have received this communication in error, please >> >> >> > notify us >> >> >> > immediately by responding to this email and then delete it from >> >> >> > your >> >> >> > system. >> >> >> > The firm is neither liable for the proper and complete >> >> >> > transmission >> >> >> > of >> >> >> > the >> >> >> > information contained in this communication nor for any delay in >> >> >> > its >> >> >> > receipt. >> >> > >> >> > >> >> > >> >> > _____________________________________________________________ >> >> > The information contained in this communication is intended solely >> >> > for >> >> > the >> >> > use of the individual or entity to whom it is addressed and others >> >> > authorized to receive it. It may contain confidential or legally >> >> > privileged >> >> > information. If you are not the intended recipient you are hereby >> >> > notified >> >> > that any disclosure, copying, distribution or taking any action in >> >> > reliance >> >> > on the contents of this information is strictly prohibited and may be >> >> > unlawful. If you have received this communication in error, please >> >> > notify us >> >> > immediately by responding to this email and then delete it from your >> >> > system. >> >> > The firm is neither liable for the proper and complete transmission >> >> > of >> >> > the >> >> > information contained in this communication nor for any delay in its >> >> > receipt. >> > >> > >> > >> > _____________________________________________________________ >> > The information contained in this communication is intended solely for >> > the >> > use of the individual or entity to whom it is addressed and others >> > authorized to receive it. It may contain confidential or legally >> > privileged >> > information. If you are not the intended recipient you are hereby >> > notified >> > that any disclosure, copying, distribution or taking any action in >> > reliance >> > on the contents of this information is strictly prohibited and may be >> > unlawful. If you have received this communication in error, please >> > notify us >> > immediately by responding to this email and then delete it from your >> > system. >> > The firm is neither liable for the proper and complete transmission of >> > the >> > information contained in this communication nor for any delay in its >> > receipt. >> _______________________________________________ >> ceph-users mailing list >> ceph-users@xxxxxxxxxxxxxx >> http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com > > _______________________________________________ ceph-users mailing list ceph-users@xxxxxxxxxxxxxx http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
 |