Project

General

Profile

Bug #51377

rgw: daemon crash when using both s3 bucket acl and s3 bucket policy

Added by Stanislav Datskevych almost 3 years ago. Updated over 2 years ago.

Status:
Duplicate
Priority:
Normal
Assignee:
-
Target version:
-
% Done:

0%

Source:
Community (user)
Tags:
Backport:
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:
Crash signature (v1):
Crash signature (v2):

Description

Dear Ceph devs,

I have encountered with rgw daemon crashing while using both bucket ACL and bucket policy applied.

Ceph version 16.2.4 deployed with cephadm/docker.

I have created a bucket intended to store backups with object lock enabled and lifecycle policy applied (see bucket_obj_lock_config.json and bucket_lifecycle_config.json).
Then, I created a non-privileged user that will only have handful of permissions to actually store the data in the bucket. To achieve that I created a bucket ACL (bucket_acl.json file) that allows the backup user to perform reads/writes, and a bucket policy to allow additional actions such as s3:GetBucketLocation (bucketpolicy.json file).

When I try uploading something it triggers rgw daemon crash (see the log attached). Restarting rgw doesn't help, it seems to be 100% reproducible in my setup. When I remove the bucket policy and leave only bucket ACL applied, it works fine.

Feel free to ask me for additional info or to perform some changed to see if it helps.

Thanks in advance!

bucket_lifecycle_config.json (214 Bytes) Stanislav Datskevych, 06/27/2021 01:39 PM

bucket_acl.json (1.01 KB) Stanislav Datskevych, 06/27/2021 01:39 PM

bucketpolicy.json (613 Bytes) Stanislav Datskevych, 06/27/2021 01:39 PM

bucket_obj_lock_config.json (225 Bytes) Stanislav Datskevych, 06/27/2021 01:39 PM

crash.log View (19 KB) Stanislav Datskevych, 06/27/2021 01:39 PM


Related issues

Duplicates rgw - Bug #50556: Reproducible crash on multipart upload to bucket with policy Resolved

History

#1 Updated by Daniel Gryniewicz over 2 years ago

  • Duplicates Bug #50556: Reproducible crash on multipart upload to bucket with policy added

#2 Updated by Daniel Gryniewicz over 2 years ago

  • Status changed from New to Duplicate

This is already fixed upstream, and backported. It'll be in the next release.

Also available in: Atom PDF