[Openstack] Swift container ACLs and container visibility question
I'm setting up Swift storage for an internal project. For the project's use of Swift, I want all members of the project to be able to see what's stored in Swift. Applying suitable ACLs, it's possible for user's to see the contents of the projects container. However, is there any way to allow users to see a list of containers used by the project? Or must I create an additional container to store this type of project meta data? May be a dumb question and more of a architecture convention issue, but I'm just getting started with Swift and OpenStack in general and was wondering what other's have done. Thanks and regards, Ross ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Swift container ACLs and container visibility question
It all depends on the auth system you are using. Below is for swauth and tempauth: Are the users using the same shared storage? If so, set them up as .admin users with the same storage endpoint. If they are not using the same shared storage, then you may be stuck. The ACL support in swauth and tempauth is only on a container level (so you can't give permissions to do an account listing to see the containers in it). Of course, if this is something you need, then patches can be added to support this functionality. --John On Feb 23, 2012, at 3:55 PM, Lillie Ross-CDSR11 wrote: I'm setting up Swift storage for an internal project. For the project's use of Swift, I want all members of the project to be able to see what's stored in Swift. Applying suitable ACLs, it's possible for user's to see the contents of the projects container. However, is there any way to allow users to see a list of containers used by the project? Or must I create an additional container to store this type of project meta data? May be a dumb question and more of a architecture convention issue, but I'm just getting started with Swift and OpenStack in general and was wondering what other's have done. Thanks and regards, Ross ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp smime.p7s Description: S/MIME cryptographic signature ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Swift container ACLs and container visibility question
On Thu, Feb 23, 2012 at 10:25 PM, John Dickinson m...@not.mn wrote: It all depends on the auth system you are using. This is about the same for keystone but to be a .admin like in tempauth or swauth for keystone middleware you need to have one of the role specified in the configuration variable operator_roles[1] which is by default admin and SwiftOperator. Below is for swauth and tempauth: Chmouel. [1] https://github.com/openstack/keystone/blob/master/keystone/middleware/swift_auth.py#L80 ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Swift container ACLs and container visibility question
Sorry, I should have mentioned my setup. I'm using Keystone from the managedit repository combined with a swift keystone plugin to allow the proxy to use version 2 authentication. Ross (finger tapped on my iPhone) On Feb 23, 2012, at 4:38 PM, Chmouel Boudjnah chmo...@chmouel.com wrote: On Thu, Feb 23, 2012 at 10:25 PM, John Dickinson m...@not.mn wrote: It all depends on the auth system you are using. This is about the same for keystone but to be a .admin like in tempauth or swauth for keystone middleware you need to have one of the role specified in the configuration variable operator_roles[1] which is by default admin and SwiftOperator. Below is for swauth and tempauth: Chmouel. [1] https://github.com/openstack/keystone/blob/master/keystone/middleware/swift_auth.py#L80 ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
