Re: Creating RGW S3 User using the Admin Ops API

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Sat, Nov 15, 2014 at 6:20 AM, Wido den Hollander <wido@xxxxxxxx> wrote:
> Hi,
>
> I'm having trouble with creating a new user using the Admin Ops API and
> I'm not sure where the problem lies.
>
> I'm using: http://eu.ceph.com/docs/master/radosgw/adminops/#create-user
>
> Using pycurl I send the requesting using PUT and sending the JSON data,
> but I always get a 403: AccessDenied
>
> Looking at the RGW logs I see:
>
> 2014-11-15 13:19:36.761358 7fe7897ea700 15 calculated
> digest=7+ZV9ndzDbHiBOLP8yKrokF2DOc=
> 2014-11-15 13:19:36.761364 7fe7897ea700 15
> auth_sign=7+ZV9ndzDbHiBOLP8yKrokF2DOc=
> 2014-11-15 13:19:36.761367 7fe7897ea700 15 compare=0
> 2014-11-15 13:19:36.761373 7fe7897ea700  2 req 2879:0.001038::PUT
> /admin/user:create_user:reading permissions
> 2014-11-15 13:19:36.761381 7fe7897ea700  2 req 2879:0.001047::PUT
> /admin/user:create_user:verifying op mask
> 2014-11-15 13:19:36.761388 7fe7897ea700 20 required_mask= 0 user.op_mask=7
> 2014-11-15 13:19:36.761393 7fe7897ea700  2 req 2879:0.001058::PUT
> /admin/user:create_user:verifying op permissions
> 2014-11-15 13:19:36.761402 7fe7897ea700  2 req 2879:0.001067::PUT
> /admin/user:create_user:verifying op params
> 2014-11-15 13:19:36.761407 7fe7897ea700  2 req 2879:0.001073::PUT
> /admin/user:create_user:executing
> 2014-11-15 13:19:36.761474 7fe7897ea700  2 req 2879:0.001140::PUT
> /admin/user:create_user:http status=403
> 2014-11-15 13:19:36.761689 7fe7897ea700  1 ====== req done req=0x147b910
> http_status=403 ======
>
> It seems that the user has all the permissions since it actually goes
> towards create_user, but suddenly it's a 403.
>
> I'm send 'uid', 'email' and 'display-name', but it always instantly
> responds with a 403.
>
> Using GET to get user information is not a problem, it's just that
> creating a user fails.
>
> Has anybody used the Admin Ops API before and tried this? This cluster
> is still running Dumpling btw.

Not sure where it would come from. It would return that if uid was not
specified. What happens if you try to create a user that already
exists, same error?

Yehuda
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
[Index of Archives]     [Information on CEPH]     [Linux Filesystem Development]     [Ceph Development]     [Ceph Large]     [Linux USB Development]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [xfs]

  Powered by Linux