Actions
Bug #38722
closedrgw: fix RGWDeleteMultiObj::verify_permission
% Done:
0%
Source:
Tags:
rgw
Backport:
luminous mimic nautilus
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:
Crash signature (v1):
Crash signature (v2):
Description
So.
Set Policy on bucket
{
"Version": "2012-10-17",
"Statement": [
{
"Sid":"AddPerm",
"Effect": "Allow",
"Principal": {"AWS": [
"arn:aws:iam::dev:user/infas"
]},
"Action": [
"s3:Put*",
"s3:List*"
],
"Resource": [
"arn:aws:s3:::sb1/*",
"arn:aws:s3:::sb1"
]
}
]
}
Put objects
kataklysm@infas:~/tmp> ~/bin/s3cmd-2.0.2/s3cmd put winlogbeat-test -c ~/.s3cfg1 s3://sb1/ upload: 'winlogbeat-test' -> 's3://sb1/winlogbeat-test' [1 of 1] 14778761 of 14778761 100% in 0s 16.60 MB/s done kataklysm@infas:~/tmp> ~/bin/s3cmd-2.0.2/s3cmd put winlogbeat-6.4.2-2018.11.21_20790.json.gzip_2018-11-22\ 03\:01\:05.933494181\ +0300\ MSK\ m\=+6.245462125 -c ~/.s3cfg1 s3://sb1/ upload: 'winlogbeat-6.4.2-2018.11.21_20790.json.gzip_2018-11-22 03:01:05.933494181 +0300 MSK m=+6.245462125' -> 's3://sb1/winlogbeat-6.4.2-2018.11.21_20790.json.gzip_2018-11-22 03:01:05.933494181 +0300 MSK m=+6.245462125' [1 of 1] 1165202 of 1165202 100% in 0s 8.72 MB/s done
List Bucket
kataklysm@infas:~/tmp> ~/bin/s3cmd-2.0.2/s3cmd -c ~/.s3cfg1 ls -l s3://sb1/ 2019-03-13 13:58 1165202 3f244bc9e225c4fab09ac5d9f8506126 STANDARD s3://sb1/winlogbeat-6.4.2-2018.11.21_20790.json.gzip_2018-11-22 03:01:05.933494181 +0300 MSK m=+6.245462125 2019-03-13 13:57 14778761 a3200c53eae46e7c8f0dd7f95add5b81 STANDARD s3://sb1/winlogbeat-test
Trying to delete objects...Wow
kataklysm@infas:~/tmp> ~/bin/s3cmd-2.0.2/s3cmd -c ~/.s3cfg1 rm -rf s3://sb1/ delete: 's3://sb1/winlogbeat-6.4.2-2018.11.21_20790.json.gzip_2018-11-22 03:01:05.933494181 +0300 MSK m=+6.245462125' delete: 's3://sb1/winlogbeat-test' kataklysm@infas:~/tmp> ~/bin/s3cmd-2.0.2/s3cmd -c ~/.s3cfg1 rm -rf s3://sb1/ delete: 's3://sb1/winlogbeat-6.4.2-2018.11.21_20790.json.gzip_2018-11-22 03:01:05.933494181 +0300 MSK m=+6.245462125' delete: 's3://sb1/winlogbeat-test' kataklysm@infas:~/tmp> ~/bin/s3cmd-2.0.2/s3cmd -c ~/.s3cfg1 rm -rf s3://sb1/ delete: 's3://sb1/winlogbeat-6.4.2-2018.11.21_20790.json.gzip_2018-11-22 03:01:05.933494181 +0300 MSK m=+6.245462125' delete: 's3://sb1/winlogbeat-test'
In fact, the user does not have access rights. You must receive a response 403
Actions