Actions
Bug #38722
closedrgw: fix RGWDeleteMultiObj::verify_permission
% Done:
0%
Source:
Tags:
rgw
Backport:
luminous mimic nautilus
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:
Crash signature (v1):
Crash signature (v2):
Description
So.
Set Policy on bucket
{
"Version": "2012-10-17",
"Statement": [
{
"Sid":"AddPerm",
"Effect": "Allow",
"Principal": {"AWS": [
"arn:aws:iam::dev:user/infas"
]},
"Action": [
"s3:Put*",
"s3:List*"
],
"Resource": [
"arn:aws:s3:::sb1/*",
"arn:aws:s3:::sb1"
]
}
]
}
Put objects
kataklysm@infas:~/tmp> ~/bin/s3cmd-2.0.2/s3cmd put winlogbeat-test -c ~/.s3cfg1 s3://sb1/ upload: 'winlogbeat-test' -> 's3://sb1/winlogbeat-test' [1 of 1] 14778761 of 14778761 100% in 0s 16.60 MB/s done kataklysm@infas:~/tmp> ~/bin/s3cmd-2.0.2/s3cmd put winlogbeat-6.4.2-2018.11.21_20790.json.gzip_2018-11-22\ 03\:01\:05.933494181\ +0300\ MSK\ m\=+6.245462125 -c ~/.s3cfg1 s3://sb1/ upload: 'winlogbeat-6.4.2-2018.11.21_20790.json.gzip_2018-11-22 03:01:05.933494181 +0300 MSK m=+6.245462125' -> 's3://sb1/winlogbeat-6.4.2-2018.11.21_20790.json.gzip_2018-11-22 03:01:05.933494181 +0300 MSK m=+6.245462125' [1 of 1] 1165202 of 1165202 100% in 0s 8.72 MB/s done
List Bucket
kataklysm@infas:~/tmp> ~/bin/s3cmd-2.0.2/s3cmd -c ~/.s3cfg1 ls -l s3://sb1/ 2019-03-13 13:58 1165202 3f244bc9e225c4fab09ac5d9f8506126 STANDARD s3://sb1/winlogbeat-6.4.2-2018.11.21_20790.json.gzip_2018-11-22 03:01:05.933494181 +0300 MSK m=+6.245462125 2019-03-13 13:57 14778761 a3200c53eae46e7c8f0dd7f95add5b81 STANDARD s3://sb1/winlogbeat-test
Trying to delete objects...Wow
kataklysm@infas:~/tmp> ~/bin/s3cmd-2.0.2/s3cmd -c ~/.s3cfg1 rm -rf s3://sb1/ delete: 's3://sb1/winlogbeat-6.4.2-2018.11.21_20790.json.gzip_2018-11-22 03:01:05.933494181 +0300 MSK m=+6.245462125' delete: 's3://sb1/winlogbeat-test' kataklysm@infas:~/tmp> ~/bin/s3cmd-2.0.2/s3cmd -c ~/.s3cfg1 rm -rf s3://sb1/ delete: 's3://sb1/winlogbeat-6.4.2-2018.11.21_20790.json.gzip_2018-11-22 03:01:05.933494181 +0300 MSK m=+6.245462125' delete: 's3://sb1/winlogbeat-test' kataklysm@infas:~/tmp> ~/bin/s3cmd-2.0.2/s3cmd -c ~/.s3cfg1 rm -rf s3://sb1/ delete: 's3://sb1/winlogbeat-6.4.2-2018.11.21_20790.json.gzip_2018-11-22 03:01:05.933494181 +0300 MSK m=+6.245462125' delete: 's3://sb1/winlogbeat-test'
In fact, the user does not have access rights. You must receive a response 403
Updated by Irek Fasikhov about 5 years ago
Updated by Irek Fasikhov about 5 years ago
fix for master
https://github.com/ceph/ceph/pull/26947
Updated by Nathan Cutler about 5 years ago
- Backport set to mimic
- Pull request ID changed from 26928 to 26947
Updated by Nathan Cutler about 5 years ago
- Status changed from New to Fix Under Review
Updated by Casey Bodley about 5 years ago
- Status changed from Fix Under Review to 7
Updated by Casey Bodley about 5 years ago
- Status changed from 7 to Pending Backport
- Backport changed from mimic to luminous mimic nautilus
Updated by Nathan Cutler about 5 years ago
- Copied to Backport #38978: luminous: rgw: fix RGWDeleteMultiObj::verify_permission added
Updated by Nathan Cutler about 5 years ago
- Copied to Backport #38979: mimic: rgw: fix RGWDeleteMultiObj::verify_permission added
Updated by Nathan Cutler about 5 years ago
- Copied to Backport #38980: nautilus: rgw: fix RGWDeleteMultiObj::verify_permission added
Updated by Nathan Cutler about 3 years ago
- Status changed from Pending Backport to Resolved
While running with --resolve-parent, the script "backport-create-issue" noticed that all backports of this issue are in status "Resolved" or "Rejected".
Actions