Re: [ceph-users] identifying public buckets
On Thu, Feb 22, 2018 at 06:00:12AM +, Robin H. Johnson wrote: > You need to create a RGW user with the system flag set (it might be > possible with the newer admin flag as well). That was the missing piece - thanks very much! I have it working now. Cheers, Dave -- ** Dave Holland ** Systems Support -- Informatics Systems Group ** ** 01223 496923 **Wellcome Sanger Institute, Hinxton, UK** -- The Wellcome Sanger Institute is operated by Genome Research Limited, a charity registered in England with number 1021457 and a company registered in England with number 2742969, whose registered office is 215 Euston Road, London, NW1 2BE. ___ ceph-users mailing list ceph-users@lists.ceph.com http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
[ceph-users] identifying public buckets
Hi, We would like to scan our users' buckets to identify those which are publicly-accessible, to avoid potential embarrassment (or worse), e.g. http://www.bbc.co.uk/news/technology-42839462 I didn't find a way to use radosgw-admin to report ACL information for a given bucket. And using the API to query a bucket's information would require a valid access key for that bucket. What am I missing, please? (Ceph 10.2.7) thanks, Dave -- ** Dave Holland ** Systems Support -- Informatics Systems Group ** ** 01223 496923 **Wellcome Sanger Institute, Hinxton, UK** -- The Wellcome Sanger Institute is operated by Genome Research Limited, a charity registered in England with number 1021457 and a company registered in England with number 2742969, whose registered office is 215 Euston Road, London, NW1 2BE. ___ ceph-users mailing list ceph-users@lists.ceph.com http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
Re: [ceph-users] radosgw refuses upload when Content-Type missing from POST policy
On Sun, Jun 04, 2017 at 10:15:21PM +, Robin H. Johnson wrote: > Can you share the testcase and a capture on the user-side of it running? > (tcpdump showing the HTTP headers & complete payload for > request+response would be SUPERB). Thanks Robin, I put the captures I have in tracker #20201. Cheers, Dave -- ** Dave Holland ** Systems Support -- Informatics Systems Group ** ** 01223 496923 ** The Sanger Institute, Hinxton, Cambridge, UK ** -- The Wellcome Trust Sanger Institute is operated by Genome Research Limited, a charity registered in England with number 1021457 and a company registered in England with number 2742969, whose registered office is 215 Euston Road, London, NW1 2BE. ___ ceph-users mailing list ceph-users@lists.ceph.com http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
[ceph-users] radosgw refuses upload when Content-Type missing from POST policy
Hi, I'm trying to get files into radosgw (Ubuntu Ceph package 10.2.3-0ubuntu0.16.04.2) using Fine Uploader https://github.com/FineUploader/fine-uploader but I'm running into difficulties in the case where the uploaded file has a filename extension which the browser can't map to a MIME type (or, no extension at all). The radosgw replies with a 403 error, "Policy missing condition: Content-Type". Examining the policy which the browser sends as part of the multipart data confirms that there is no Content-Type. (The POST and multipart do have Content-Type headers.) The same code and POST works fine against AWS S3. Should radosgw require a Content-Type in the POST policy when AWS S3 doesn't? It seems that for maximum compatibility, it shouldn't. The bucket's CORS policy is "*" but it doesn't work with explicitly mentioning Content-Type either. I put a radosgw debug=20 log of the successful OPTIONS call and failing POST call here: https://docs.google.com/document/d/1i3exJSil1xj14ZrDOF_oM9eZC238gnNVAsnaZ-Pkvzo/edit?usp=sharing Happy to provide other debug info if necessary. thanks, Dave -- ** Dave Holland ** Systems Support -- Informatics Systems Group ** ** 01223 496923 ** The Sanger Institute, Hinxton, Cambridge, UK ** -- The Wellcome Trust Sanger Institute is operated by Genome Research Limited, a charity registered in England with number 1021457 and a company registered in England with number 2742969, whose registered office is 215 Euston Road, London, NW1 2BE. ___ ceph-users mailing list ceph-users@lists.ceph.com http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
Re: [ceph-users] would people mind a slow osd restart during luminous upgrade?
On Thu, Feb 09, 2017 at 10:41:44AM +0200, Henrik Korkuc wrote: > On 17-02-09 05:09, Sage Weil wrote: > >Does this concern anyone? It probably means the upgrades will take longer > >if you're going host by host since the time per host will go up. > In my opinion if this is clearly communicated (release notes + OSD logs) +1 for having the OSD log something when it starts the upgrade process, so the sysadmin who goes looking will see what's happening. Cheers, Dave -- ** Dave Holland ** Systems Support -- Informatics Systems Group ** ** 01223 496923 ** The Sanger Institute, Hinxton, Cambridge, UK ** -- The Wellcome Trust Sanger Institute is operated by Genome Research Limited, a charity registered in England with number 1021457 and a company registered in England with number 2742969, whose registered office is 215 Euston Road, London, NW1 2BE. ___ ceph-users mailing list ceph-users@lists.ceph.com http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
