Bug #51377
rgw: daemon crash when using both s3 bucket acl and s3 bucket policy
0%
Description
Dear Ceph devs,
I have encountered with rgw daemon crashing while using both bucket ACL and bucket policy applied.
Ceph version 16.2.4 deployed with cephadm/docker.
I have created a bucket intended to store backups with object lock enabled and lifecycle policy applied (see bucket_obj_lock_config.json and bucket_lifecycle_config.json).
Then, I created a non-privileged user that will only have handful of permissions to actually store the data in the bucket. To achieve that I created a bucket ACL (bucket_acl.json file) that allows the backup user to perform reads/writes, and a bucket policy to allow additional actions such as s3:GetBucketLocation (bucketpolicy.json file).
When I try uploading something it triggers rgw daemon crash (see the log attached). Restarting rgw doesn't help, it seems to be 100% reproducible in my setup. When I remove the bucket policy and leave only bucket ACL applied, it works fine.
Feel free to ask me for additional info or to perform some changed to see if it helps.
Thanks in advance!
Related issues
History
#1 Updated by Daniel Gryniewicz over 2 years ago
- Duplicates Bug #50556: Reproducible crash on multipart upload to bucket with policy added
#2 Updated by Daniel Gryniewicz over 2 years ago
- Status changed from New to Duplicate
This is already fixed upstream, and backported. It'll be in the next release.