Ubuntu
ceph package

Unable to set swift container ACL's on existing containers

Bug #1322498 reported by James Page
14
This bug affects 2 people
Affects Status Importance Assigned to Milestone
ceph (Ubuntu)
Fix Released
High
Unassigned
Trusty
Fix Released
High
Unassigned
Utopic
Fix Released
High
Unassigned

Bug Description

[Impact]
Ceph RADOS Gateway users are unable to change ACL's on existing containers. Also breaks usage by juju.

[Test Case]
swift post -r '.r:*,.rlistings' 61853c5a-e1d4-11e3-b125-2c768a4f56ac
swift post -r '.r:*,.rlistings' 61853c5a-e1d4-11e3-b125-2c768a4f56ac
  ->
Container POST failed:
http://10.98.191.31/swift/v1/61853c5a-e1d4-11e3-b125-2c768a4f56ac 401
Unauthorized AccessDenied

[Regression Potential]
Minimal - the code change is limited in scope and is from the primary upstream developer.

[Original Bug Report]
Upstream bug: http://tracker.ceph.com/issues/8428

Setting ACL's on initial container creation works just fine:

$ swift post -r '.r:*,.rlistings' 61853c5a-e1d4-11e3-b125-2c768a4f56ac

container is created with ".r:*" read acl

but if I try to update the ACL post creation, I get a 401 unauthorized:

$ swift post -r '.r:*,.rlistings' 61853c5a-e1d4-11e3-b125-2c768a4f56ac
Container POST failed:
http://10.98.191.31/swift/v1/61853c5a-e1d4-11e3-b125-2c768a4f56ac 401
Unauthorized AccessDenied

ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: radosgw 0.80.1-0ubuntu1
ProcVersionSignature: User Name 3.13.0-24.46-generic 3.13.9
Uname: Linux 3.13.0-24-generic x86_64
ApportVersion: 2.14.1-0ubuntu3.2
Architecture: amd64
Date: Fri May 23 07:57:02 2014
ProcEnviron:
 TERM=screen-bce
 PATH=(custom, no user)
 LANG=en_US.UTF-8
 SHELL=/bin/bash
SourcePackage: ceph
UpgradeStatus: No upgrade log present (probably fresh install)

See original description
Revision history for this message
James Page (james-page) wrote :
Revision history for this message
James Page (james-page) wrote :

Note that this is not a proposed regression - 0.79 also has this problem.

Changed in ceph (Ubuntu):
importance: Undecided → High
Changed in ceph (Ubuntu Trusty):
importance: Undecided → High
status: New → Triaged
Changed in ceph (Ubuntu Utopic):
status: New → Triaged
James Page (james-page)
description: updated
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ceph - 0.80.1-1ubuntu1

---------------
ceph (0.80.1-1ubuntu1) utopic; urgency=medium

  * Fix issue setting Swift ACL's on existing containers (LP: #1322498):
    - d/p/bug-8428.patch: Cherry pick proposed fix from upstream VCS.
 -- James Page <email address hidden> Fri, 23 May 2014 14:08:25 +0100

Changed in ceph (Ubuntu Utopic):
status: Triaged → Fix Released
Revision history for this message
Stéphane Graber (stgraber) wrote : Please test proposed package

Hello James, or anyone else affected,

Accepted ceph into trusty-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/ceph/0.80.1-0ubuntu1.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in ceph (Ubuntu Trusty):
status: Triaged → Fix Committed
tags: added: verification-needed
Revision history for this message
James Page (james-page) wrote :

Tested OK - marking verification-done

tags: added: verification-done
removed: verification-needed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ceph - 0.80.1-0ubuntu1.1

---------------
ceph (0.80.1-0ubuntu1.1) trusty; urgency=medium

  * Fix issue setting Swift ACL's on existing containers (LP: #1322498):
    - d/p/bug-8428.patch: Cherry pick proposed fix from upstream VCS.
 -- James Page <email address hidden> Mon, 02 Jun 2014 09:09:37 +0100

Changed in ceph (Ubuntu Trusty):
status: Fix Committed → Fix Released
Revision history for this message
Scott Kitterman (kitterman) wrote : Update Released

The verification of the Stable Release Update for ceph has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regresssions.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.