Re: rgw make container private again

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

There is an existing bug related to the impossibility to delete the read ACL of Swift.
Check https://tracker.ceph.com/issues/22897

V.

On 30/03/18, 18:11 , "ceph-users on behalf of Vladimir Prokofev" <ceph-users-bounces@xxxxxxxxxxxxxx on behalf of v@xxxxxxxxxxx> wrote:

    As usual, I found solution after a while.
    Metadata field is not deleting as it should by API docs, but it can be changed. So I just changed it with
    curl -X POST -i -H "X-Auth-Token: <authtoken> -H "X-Container-Read: <project_id>:*" https://endpoint.url/swift/v1/containername
    
    and now metadata field looks like this
    X-Container-Read: <project_id>:*
    
    
    Essentialy this behaves the same as when there's no  
    X-Container-Read at all.
    
    
    But
     overall this is still an issue - what should've taken 5 seconds to just uncheck a box in Horizon interface turned into couple hours of debugging.
    Can
     anyone who uses same version check if this issue is reproducible? If so - this seems to be a ticket-worthy.
    
    
    
    
    2018-03-30 17:40 GMT+03:00 Vladimir Prokofev 
    <v@xxxxxxxxxxx>:
    
    CEPH 12.2.2, RGW.
    I'm using it as an object storage endpoint for Openstack.
    
    
    Recently while browsing an object storage from Horizon, I accidently marked container as public. The issue is - I can't make it private again!
    Docs state that to do it I should simply delete X-Container-Read metadata, but I just can't!
    
    
    Examples:
    private container headers(only relevant output, some other empty container):
    X-Container-Bytes-Used-Actual: 0
    
    X-Storage-Policy: default-placement
    
    
    
    public container headers(only
     relevant output):
    X-Container-Bytes-Used-Actual: 114688
    X-Container-Read: .r:*,.rlistings
    X-Storage-Policy: default-placement
    
    
    As you can see, there's now an X-Container-Read
     header.
    
    
    
    
    I've tried to make it back private with swift client and curl, but to no success. Here're some curl examples.
    
    
    Updating works!
    If I do
    curl -X POST -i -H "X-Auth-Token: <authoken>" -H "X-Container-Read: .r:test"
    https://endpoint.url/swift/v1/containername
    
    metadata will become
    X-Container-Read: .r:test
    
    
    
    But if I do
    curl -X POST -i -H "X-Auth-Token: <authtoken>" -H "X-Remove-Container-Read: x"
    https://endpoint.url/swift/v1/containername
    
    
    
    nothing happens, metadata field will remain there.
    
    
    So is this a broken API in RGW, or am I missing something? Maybe there's some explicit warning that after becoming public you can't make container private again?
    
    
    
    
    
    
    
    

_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
[Index of Archives]     [Information on CEPH]     [Linux Filesystem Development]     [Ceph Development]     [Ceph Large]     [Ceph Dev]     [Linux USB Development]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [xfs]

  Powered by Linux