Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
This project is now read‑only. Starting Monday, February 2, please use https://ibm-ceph.atlassian.net/ for all bug tracking management.

Bug 1650674

Summary: Wildcard resources in policies not matching objects with colons in the key
Product: [Red Hat Storage] Red Hat Ceph Storage Reporter: Adam C. Emerson <aemerson>
Component: RGWAssignee: Adam C. Emerson <aemerson>
Status: CLOSED ERRATA QA Contact: Tejas <tchandra>
Severity: medium Docs Contact: Aron Gunn <agunn>
Priority: medium    
Version: 3.2CC: aemerson, cbodley, ceph-eng-bugs, edonnell, hnallurv, jbrier, kbader, mbenjamin, pasik, sweil, tchandra, tserlin
Target Milestone: z1   
Target Release: 3.2   
Hardware: All   
OS: All   
Whiteboard:
Fixed In Version: RHEL: ceph-12.2.8-76.el7cp Ubuntu: ceph_12.2.8-61redhat1 Doc Type: Bug Fix
Doc Text:
.Wildcard policies match objects with colons in the name Previously, using colons in the name caused an error in a matching function not allowing wildcards to match beyond colons. In this release, colons can be used to match objects.
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-03-07 15:50:56 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1629656    

Description Adam C. Emerson 2018-11-16 19:58:40 UTC
Description of problem:

Policies not being applied properly to resources with colons in the key.

How reproducible:


Steps to Reproduce:
1. Set a wildcard bucket on a policy granting access to a user
2. Upload an object with a : in the name
3. Try to download as that user

Actual results:

Failure to download

Expected results:

Success in downloading.

Comment 4 Adam C. Emerson 2018-11-16 20:08:44 UTC
Fix present. Will backport as soon as it's merged.

Comment 11 errata-xmlrpc 2019-03-07 15:50:56 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:0475