[ceph-users] bucket owner vs S3 ACL?

Mon, 29 Jun 2015 08:48:10 -0700 

Hi guys,

We use the radosgw (v0.80.9) with the Openstack Keystone integration.
One project have been deleted, so now I have to transfer the ownership of all the buckets to another user/project. 

Using radosgw-admin I have changed the owner:

radosgw-admin bucket link --uid <NEW_USER_ID> --bucket <BUCKET_NAME>

And the owner have been update:

radosgw-admin bucket stats --bucket <BUCKET_NAME>

{ "bucket": "<BUCKET_NAME>",
  "pool": ".rgw.buckets",
  "index_pool": ".rgw.buckets.index",
  "id": "default.4063334.17",
  "marker": "default.4063334.17",
  "owner": "<NEW_USER_ID>",
  "ver": 66301,
  "master_ver": 0,
  "mtime": 1435583681,
  "max_marker": "",
  "usage": { "rgw.main": { "size_kb": 189433890,
          "size_kb_actual": 189473684,
          "num_objects": 19043},
      "rgw.multimeta": { "size_kb": 0,
          "size_kb_actual": 0,
          "num_objects": 0}},
  "bucket_quota": { "enabled": false,
      "max_size_kb": -1,
      "max_objects": -1}
}
But the S3 ACL of this bucket is still referencing the old user/project (from radosgw.log) when I try to access it with the new owner:
2015-06-29 17:08:33.236265 7f40d8a76700 15 Read AccessControlPolicy<AccessControlPolicy xmlns="http://s3.amazonaws.com/doc/2006-03-01/";><Owner><ID>OLD_USER_ID</ID><DisplayName>OLD_PROJECT_NAME</DisplayName></Owner><AccessControlList><Grant><Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:type="CanonicalUser"><ID>OLD_USER_ID</ID><DisplayName>OLD_PROJECT_NAME</DisplayName></Grantee><Permission>FULL_CONTROL</Permission></Grant></AccessControlList></AccessControlPolicy>
Therefore I get a 403, because the S3 ACL still enforce the old owner, not the new one.
How can I update these S3 ACL, and fully transfer the ownership to the new owner/project??? 

Cheers,
Valery



--
SWITCH
--------------------------
Valery Tschopp, Software Engineer, Peta Solutions
Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland
email: [email protected] phone: +41 44 268 1544

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
ceph-users mailing list
[email protected]
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com

Reply via email to