On 11/27/2013 10:43 PM, Yehuda Sadeh wrote:
I just pushed a fix for review for the s3cmd --setacl issue. It should
land a stable release soonish.
So this is commit 14cf4caff58cc2c535101d48c53afd54d8632104 right?
It says:
Fixes: #6892
Backport: dumpling, emperor
But it never got backported to Dumpling 0.67.5. I now manually cherry
picked it on a system of mine and building.
The issue: http://tracker.ceph.com/issues/6892
Wido
Thanks,
Yehuda
On Wed, Nov 27, 2013 at 10:12 AM, Shain Miley <SMiley@xxxxxxx> wrote:
Derek,
That's great...I am hopeful it makes it into the next release too...it will solve several issues we are having, trying to working around radosgw bucket and object permissions when there are multiple users writing files to our buckets.
And with the 's3cmd setacl' failing...at this point I don't see too many other alternatives for us.
Thanks again,
Shain
Shain Miley | Manager of Systems and Infrastructure, Digital Media | smiley@xxxxxxx | 202.513.3649
________________________________________
From: Derek Yarnell [derek@xxxxxxxxxxxxxx]
Sent: Wednesday, November 27, 2013 11:21 AM
To: Shain Miley
Cc: derek@xxxxxxxxxxxxxx; ceph-users
Subject: Re: radosgw setting puplic ACLs fails.
On 11/26/13, 3:31 PM, Shain Miley wrote:
Micha,
Did you ever figure out a work around for this issue?
I also had plans of using s3cmd to put, and recursively set acl's on a nightly basis...however we are getting the 403 errors as well during our testing.
I was just wondering if you were able to find another solution.
Hi,
There is code[1] in the master branch (I am not sure but I hope it will
make it into the next stable release, it is not in 0.72.x) that allows
you defer to the bucket ACLs. defer_to_bucket_acls is the configurable
which allows for two different modes. Recurse just propagates the
specific bucket acls to all the keys, it does fall through to the key
ACL if the bucket ACL doesn't apply. Full_control allows someone with
FULL_CONTROL at the bucket level to do whatever they want to the keys
(including replace the whole ACL), and again falls through to the key ACL.
Note this breaks AWS S3 compatibility and is why it is a configurable.
[1] - https://github.com/ceph/ceph/pull/672
Thanks,
derek
--
Derek T. Yarnell
University of Maryland
Institute for Advanced Computer Studies
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
--
Wido den Hollander
42on B.V.
Phone: +31 (0)20 700 9902
Skype: contact42on
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com