|
Hello, We had a S3 user which created couple of buckets and couple of million objects in his buckets. Due to security issues in customers company, we had to change user and access/secret key for customer. This is the output of one of the buckets... radosgw-admin bucket policy --bucket=user-bucket 2016-08-01 11:31:22.742159 7f5ab09c1a40 0 RGWZoneParams::create(): error creating default zone params: (17) File exists { "acl": { "acl_user_map": [ { "user": "user", "acl": 15 } ], "acl_group_map": [], "grant_map": [ { "id": "user", "grant": { "type": { "type": 0 }, "id": "user", "email": "", "permission": { "flags": 15 }, "name": "USER", "group": 0 } } ] }, "owner": { "id": "user", "display_name": "USER" } } radosgw-admin bucket stats --bucket=user-bucket 2016-08-01 11:32:25.007535 7f8a1ab93a40 0 RGWZoneParams::create(): error creating default zone params: (17) File exists { "bucket": "user-bucket", "pool": "default.rgw.buckets.data", "index_pool": "default.rgw.buckets.index", "id": "ef4069bf-70fb-4414-a9d9-6bf5b32608fb.4195.3", "marker": "ef4069bf-70fb-4414-a9d9-6bf5b32608fb.4195.3", "owner": "user", "ver": "0#5", "master_ver": "0#0", "mtime": "2016-08-01 10:19:54.991187", "max_marker": "0#", "usage": { "rgw.main": { "size_kb": 1, "size_kb_actual": 4, "num_objects": 1 } }, "bucket_quota": { "enabled": false, "max_size_kb": -1, "max_objects": -1 } } And one of the objects... radosgw-admin bucket list --bucket=mcs-bucket 2016-08-01 11:33:48.106801 7fa6cfa5ea40 0 RGWZoneParams::create(): error creating default zone params: (17) File exists [ { "name": "hello.txt", "instance": "", "namespace": "", "owner": "user", "owner_display_name": "USER", "size": 12, "mtime": "2016-05-09 12:56:42.388150Z", "etag": "ed076287532e86365e841e92bfc50d8c\u0000", "content_type": "application\/octet-stream\u0000", "tag": "_SE2ZMisxCO_WYdVbFLpNk22gpNiPiKt", "flags": 0 } ] Now, if I link user to a bucket radosgw-admin bucket link --bucket user-bucket --bucket-id ef4069bf-70fb-4414-a9d9-6bf5b32608fb.4195.3 --uid user2 all I get is changed owner of a bucket, but all the objects in a bucket remain with the old owner (the new user is getting 403 forbidden when trying to access any object). I have googled, but without much success about this or similar problems.
Is there a way to change ownership of all the objects and buckets to a certain user? Or, maybe I can grant permissions for a new user, without having to touch ownerhip? Best regards! |
_______________________________________________ ceph-users mailing list ceph-users@xxxxxxxxxxxxxx http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
