Bug #20252
closedRGW:RGWPutBucketPolicy error when set BucketPolicy again without delete pre set Policy
0%
Description
hi,when i create a bucket and set policy to the bucket,use
s3cmd setpolicy 2-referpolicy s3://test1
it set policy success. but when i rerun
s3cmd setpolicy 2-referpolicy s3://test1
and
then
s3cmd ls s3://test1
and it return 403 access deny,
and i found it is rapidjson::KParseErrorDocumentRootNotSigngular error,
and i found the policy turn to be
"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Effect\": \"Allow\",\n \"Principal\": \"*\",\n \"Action\": \"s3:GetObject\",\n \"Resource\": [\n \"arn:aws:s3:::test3/*\"\n ],\n \"Condition\": {\n \"StringLike\": {\n \"aws:Referer\": \"http://www.baidu.com\"\n }\n }\n }]\n}\n{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":\"*\",\"Action\":\"s3:GetObject\",\"Resource\":[\"arn:aws:s3:::test3/*\"],\"Condition\":{\"StringLike\":{\"aws:Referer\":\"http://www.baidu.com\"}}}]}\n"
yes, it append to the pre set policy, rather to take place of it.
so, we need to clear() before append
https://github.com/ceph/ceph/pull/15617 this pr fix the problem
Updated by Nathan Cutler almost 7 years ago
- Status changed from New to Fix Under Review
Updated by Nathan Cutler almost 7 years ago
- Status changed from Fix Under Review to Pending Backport
- Backport set to jewel
Updated by Nathan Cutler almost 7 years ago
- Copied to Backport #20406: jewel: RGW:RGWPutBucketPolicy error when set BucketPolicy again without delete pre set Policy added
Updated by Nathan Cutler over 6 years ago
joke lee wrote:
can this pr backport to jewel
Hi joke lee - I tried to backport this bugfix to jewel, but the feature it is fixing - https://github.com/ceph/ceph/pull/14307 - is not in jewel at all.
It's quite late in the jewel release cycle to be adding features, but if you can convince the rgw developers to do it... ?
Updated by Nathan Cutler over 6 years ago
- Status changed from Pending Backport to Need More Info
Updated by Nathan Cutler over 5 years ago
- Status changed from Need More Info to Resolved