if you set a RGW user to have abucket quota of 0 buckets you can
still create buckets. The only way I have found to prevent a user
from being able to create buckets is to set the op_mask to read. 1.)
it looks like bucket_policy is not enforced when you have it set to
anything below 1. It looks like the only way to prevent a user from
creating buckets is to set the op_mask but this is not documented.
How would I set the op_mask via the radosgw admin api? I keep
getting a 200 success code but the op_mask of the user stays the
same. relavent pastebins: http://pastebin.com/Rbzdy52c -- shows user info with bucket quota set but shows ability to create buckets. http://pastebin.com/J9K3dgdF -- shows inability to set op_mask from admin api (that or I don't know how) 1.) does anyone know how to set the op_mask via the admin api? 2.) why can I create what seems like an infinite amount of buckets when my bucket quota is set to 0 objects and 0 size? Shouldn't it be enforced for anything above -1? |
_______________________________________________ ceph-users mailing list ceph-users@xxxxxxxxxxxxxx http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com