Bugzilla (bugzilla.redhat.com) will be under maintenance for infrastructure upgrades and will not be available on July 31st between 12:30 AM - 05:30 AM UTC. We appreciate your understanding and patience. You can follow status.redhat.com for details.
Bug 1497299 - Swift gets a permission denied
Summary: Swift gets a permission denied
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Ceph Storage
Classification: Red Hat
Component: RGW
Version: 2.3
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: 3.1
Assignee: Matt Benjamin (redhat)
QA Contact: ceph-qe-bugs
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-09-29 16:46 UTC by David Vallee Delisle
Modified: 2021-03-11 15:53 UTC (History)
10 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-10-06 13:06:49 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Bugzilla 1495538 0 urgent CLOSED Fix ec2tokens validation in v2 after regression in metadata_ref removal 2021-03-11 15:51:02 UTC

Description David Vallee Delisle 2017-09-29 16:46:45 UTC
Description of problem:


Please, have a look at:
https://bugzilla.redhat.com/show_bug.cgi?id=1495538#c10


Something works since it's able to detect if bucket exists or not

~~~
$ swift list firstbucket
Container u'firstbucket' not found

$ swift list foobar
Container GET failed: https://ch-dc-s3-gsn-33.eecloud.nsn-net.net:10032/foobar?format=json 403 Forbidden  [first 60 chars of response] {"Code":"AccessDenied","BucketName":"foobar","RequestId":"tx

$ swift post firstbucket
Container PUT failed: https://ch-dc-s3-gsn-33.eecloud.nsn-net.net:10032/firstbucket 403 Forbidden  [first 60 chars of response] <?xml version="1.0" encoding="UTF-8"?><Error><Code>AccessDen
~~~


Actual results:
...
2017-09-29 08:39:15.270706 7efc6cfe1700  2 req 2:0.000074:s3:PUT /firstbucket:create_bucket:verifying op mask
2017-09-29 08:39:15.270708 7efc6cfe1700 20 required_mask= 2 user.op_mask=7
2017-09-29 08:39:15.270709 7efc6cfe1700  2 req 2:0.000077:s3:PUT /firstbucket:create_bucket:verifying op permissions
2017-09-29 08:39:15.270713 7efc6cfe1700 20 op->ERRORHANDLER: err_no=-13 new_err_no=-13
2017-09-29 08:39:15.270782 7efc6cfe1700  2 req 2:0.000150:s3:PUT /firstbucket:create_bucket:op status=0
2017-09-29 08:39:15.270788 7efc6cfe1700  2 req 2:0.000156:s3:PUT /firstbucket:create_bucket:http status=403
2017-09-29 08:39:15.270794 7efc6cfe1700  1 ====== req done req=0x7efc6cfdb710 op status=0 http_status=403 ======
2017-09-29 08:39:15.270800 7efc6cfe1700 20 process_request() returned -13
2017-09-29 08:39:15.270829 7efc6cfe1700  1 civetweb: 0x7efe78005f70: 127.0.0.1 - - [29/Sep/2017:08:39:15 -0500] "PUT /firstbucket HTTP/1.1" 403 0 - python-swiftclient-3.3.0
...


Note You need to log in before you can comment on or make changes to this bug.