[ceph-users] change owner of objects in a bucket

Mon, 01 Aug 2016 02:40:00 -0700 

Hello,

We had a S3 user which created couple of buckets and couple of million objects 
in his buckets. Due to security issues in customers company, we had to change 
user and access/secret key for customer.

This is the output of one of the buckets...
radosgw-admin bucket policy --bucket=user-bucket
2016-08-01 11:31:22.742159 7f5ab09c1a40  0 RGWZoneParams::create(): error 
creating default zone params: (17) File exists
{
    "acl": {
        "acl_user_map": [
            {
                "user": "user",
                "acl": 15
            }
        ],
        "acl_group_map": [],
        "grant_map": [
            {
                "id": "user",
                "grant": {
                    "type": {
                        "type": 0
                    },
                    "id": "user",
                    "email": "",
                    "permission": {
                        "flags": 15
                    },
                    "name": "USER",
                    "group": 0
                }
            }
        ]
    },
    "owner": {
        "id": "user",
        "display_name": "USER"
    }
}

radosgw-admin bucket stats --bucket=user-bucket
2016-08-01 11:32:25.007535 7f8a1ab93a40  0 RGWZoneParams::create(): error 
creating default zone params: (17) File exists
{
    "bucket": "user-bucket",
    "pool": "default.rgw.buckets.data",
    "index_pool": "default.rgw.buckets.index",
    "id": "ef4069bf-70fb-4414-a9d9-6bf5b32608fb.4195.3",
    "marker": "ef4069bf-70fb-4414-a9d9-6bf5b32608fb.4195.3",
    "owner": "user",
    "ver": "0#5",
    "master_ver": "0#0",
    "mtime": "2016-08-01 10:19:54.991187",
    "max_marker": "0#",
    "usage": {
        "rgw.main": {
            "size_kb": 1,
            "size_kb_actual": 4,
            "num_objects": 1
        }
    },
    "bucket_quota": {
        "enabled": false,
        "max_size_kb": -1,
        "max_objects": -1
    }
}

And one of the objects...
radosgw-admin bucket list --bucket=mcs-bucket
2016-08-01 11:33:48.106801 7fa6cfa5ea40  0 RGWZoneParams::create(): error 
creating default zone params: (17) File exists
[
    {
        "name": "hello.txt",
        "instance": "",
        "namespace": "",
        "owner": "user",
        "owner_display_name": "USER",
        "size": 12,
        "mtime": "2016-05-09 12:56:42.388150Z",
        "etag": "ed076287532e86365e841e92bfc50d8c\u0000",
        "content_type": "application\/octet-stream\u0000",
        "tag": "_SE2ZMisxCO_WYdVbFLpNk22gpNiPiKt",
        "flags": 0
   }
]

Now, if I link user to a bucket
radosgw-admin bucket link --bucket user-bucket --bucket-id 
ef4069bf-70fb-4414-a9d9-6bf5b32608fb.4195.3 --uid user2

all I get is changed owner of a bucket, but all the objects in a bucket remain 
with the old owner (the new user is getting 403 forbidden when trying to access 
any object). I have googled, but without much success about this or similar 
problems. Is there a way to change ownership of all the objects and buckets to 
a certain user? Or, maybe I can grant permissions for a new user, without 
having to touch ownerhip?

Best regards!


_______________________________________________
ceph-users mailing list
[email protected]
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com

Reply via email to