Cloudfiles backend does not handle container ACLs
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Duplicity |
Fix Released
|
Medium
|
Unassigned |
Bug Description
duplicity --version - duplicity 0.7.14
python2 - Python 2.7.6
Ubuntu 14.04.5
Using a Rackspace Cloudfiles container (with ACLs enabled)
Accessed via the Pyrax backend (also tested with Cloudfiles)
With Duplicity, both the old Cloudfiles and newer Pyrax backend (both connect to Rackspace Cloudfiles-
Traceback of Pyrax error:
Traceback (most recent call last):
File "/usr/bin/
with_
File "/usr/bin/
fn()
File "/usr/bin/
action = commandline.
File "/usr/lib/
backup, local_pathname = set_backend(
File "/usr/lib/
globals.backend = backend.
File "/usr/lib/
obj = get_backend_
File "/usr/lib/
return factory(pu)
File "/usr/lib/
self.container = pyrax.cloudfile
File "/usr/local/
return self._manager.
File "/usr/local/
resp, resp_body = self.api.
File "/usr/local/
return self._api_
File "/usr/local/
resp, body = self._time_
File "/usr/local/
resp, body = self.request(uri, method, **kwargs)
File "/usr/local/
resp, body = pyrax.http.
File "/usr/local/
raise exc.from_
Forbidden: <html><
Changed in duplicity: | |
importance: | Undecided → Medium |
milestone: | none → 0.7.15 |
status: | New → Fix Committed |
Changed in duplicity: | |
status: | Fix Committed → Fix Released |
I have written a patch for the Pyrax backend to fix this bug, which uses get_container() initially, and only uses create_container() if necessary. It handles both completely unprivileged users, and read-only privileged users.
I can provide a diff in a separate comment if necessary?