I see : acct_user=foo, acct_name=foo, Are you using radosgw with tenants? If not it could be the problem
Orit On Sat, Apr 1, 2017 at 7:43 AM, Ben Hines <bhi...@gmail.com> wrote: > I'm also trying to use lifecycles (via boto3) but i'm getting permission > denied trying to create the lifecycle. I'm bucket owner with full_control > and WRITE_ACP for good measure. Any ideas? > > This is debug ms=20 debug radosgw=20 > > > > 2017-03-31 21:28:18.382217 7f50d0010700 2 req 8:0.000693:s3:PUT > /bentest:put_lifecycle:verifying op permissions > 2017-03-31 21:28:18.382222 7f50d0010700 5 Searching permissions for > identity=RGWThirdPartyAccountAuthApplier() -> > RGWLocalAuthApplier(acct_user=foo, acct_name=foo, subuser=, perm_mask=15, > is_admin=) mask=56 > 2017-03-31 21:28:18.382232 7f50d0010700 5 Searching permissions for > uid=foo > 2017-03-31 21:28:18.382235 7f50d0010700 5 Found permission: 15 > 2017-03-31 21:28:18.382237 7f50d0010700 5 Searching permissions for > group=1 mask=56 > 2017-03-31 21:28:18.382297 7f50d0010700 5 Found permission: 3 > 2017-03-31 21:28:18.382307 7f50d0010700 5 Searching permissions for > group=2 mask=56 > 2017-03-31 21:28:18.382313 7f50d0010700 5 Permissions for group not found > 2017-03-31 21:28:18.382318 7f50d0010700 5 Getting permissions > identity=RGWThirdPartyAccountAuthApplier() -> > RGWLocalAuthApplier(acct_user=foo, acct_name=foo, subuser=, perm_mask=15, > is_admin=) owner=foo perm=8 > 2017-03-31 21:28:18.382325 7f50d0010700 10 > identity=RGWThirdPartyAccountAuthApplier() > -> RGWLocalAuthApplier(acct_user=foo, acct_name=foo, subuser=, > perm_mask=15, is_admin=) requested perm (type)=8, policy perm=8, > user_perm_mask=8, acl perm=8 > 2017-03-31 21:28:18.382330 7f50d0010700 2 req 8:0.000808:s3:PUT > /bentest:put_lifecycle:verifying op params > 2017-03-31 21:28:18.382334 7f50d0010700 2 req 8:0.000813:s3:PUT > /bentest:put_lifecycle:pre-executing > 2017-03-31 21:28:18.382339 7f50d0010700 2 req 8:0.000817:s3:PUT > /bentest:put_lifecycle:executing > 2017-03-31 21:28:18.382361 7f50d0010700 15 read len=183 > data=<LifecycleConfiguration xmlns="http://s3.amazonaws.com > /doc/2006-03-01/"><Rule><Status>Enabled</Status><Expiration> > <Days>1</Days></Expiration><ID>0</ID></Rule></LifecycleConfiguration> > 2017-03-31 21:28:18.382439 7f50d0010700 2 req 8:0.000917:s3:PUT > /bentest:put_lifecycle:completing > 2017-03-31 21:28:18.382594 7f50d0010700 2 req 8:0.001072:s3:PUT > /bentest:put_lifecycle:op status=-13 > 2017-03-31 21:28:18.382620 7f50d0010700 2 req 8:0.001098:s3:PUT > /bentest:put_lifecycle:http status=403 > 2017-03-31 21:28:18.382665 7f50d0010700 1 ====== req done > req=0x7f50d000a340 op status=-13 http_status=403 ====== > > > -Ben > > On Tue, Mar 28, 2017 at 6:42 AM, Daniel Gryniewicz <d...@redhat.com> > wrote: > >> On 03/27/2017 04:28 PM, ceph.nov...@habmalnefrage.de wrote: >> >>> Hi Cephers. >>> >>> Couldn't find any special documentation about the "S3 object expiration" >>> so I assume it should work "AWS S3 like" (?!?) ... BUT ... >>> we have a test cluster based on 11.2.0 - Kraken and I set some object >>> expiration dates via CyberDuck and DragonDisk, but the objects are still >>> there, days after the applied date/time. Do I miss something? >>> >>> Thanks & regards >>> >>> >> It is intended to work like AWS S3, yes. Not every feature of AWS >> lifecycle is supported, (for example no moving between storage tiers), but >> deletion works, and is tested in teuthology runs. >> >> Did you somehow turn it off? The config option rgw_enable_lc_threads >> controls it, but it defaults to "on". Also make sure rgw_lc_debug_interval >> is not set, and that rgw_lifecycle_work_time isn't set to some interval too >> small scan your objects... >> >> Daniel >> >> _______________________________________________ >> ceph-users mailing list >> ceph-users@lists.ceph.com >> http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com >> > > > _______________________________________________ > ceph-users mailing list > ceph-users@lists.ceph.com > http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com > >
_______________________________________________ ceph-users mailing list ceph-users@lists.ceph.com http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
