** Description changed: - ## DRAFT ## + [Impact] + If a user tries to access a non-existent bucket, it should get a 'NoSuchBucket' error message (404) + But if there is such a bucket which is belonged to another user, radosgw will return 'AccessDenied' error (403) + This is an incorrect error message, radosgw should return 404 - [Impact] [Test Case] + Create a user by radosgw-admin, then create a bucket through S3 by this user + Create another user and try to access the bucket created by the above user + The error message must be 'NoSuchBucket', not 'AccessDenied' [Regression Potential] + Low - [Other Info] - - [Original Description] + [Other Information] Backport Ceph issue 38638 to Luminous. If a user different from the owner (or even an anonymous user) does a GetObject/HeadObject on a non existing object, Radosgw returns status code 403, rather than the correct status 404. A version of this was merged into Ceph master: https://tracker.ceph.com/issues/38638 https://github.com/ceph/ceph/commit/5eb50b7d10da51db72f705807c87775562b79b63 - And backported (acceptance pending): + And backported to luminous has been accepted: https://tracker.ceph.com/issues/39272 https://github.com/ceph/ceph/commit/a752b21f549cc83745e35324387b85b3d039dfd2
** Tags added: sts-sru-needed ** Also affects: ceph (Ubuntu Bionic) Importance: Undecided Status: New ** Changed in: ceph (Ubuntu Bionic) Assignee: (unassigned) => gerald.yang (gerald-yang-tw) ** Changed in: ceph (Ubuntu Bionic) Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1847544 Title: backport: S3 policy evaluated incorrectly To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ceph/+bug/1847544/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs