* rgw: how to prevent rgw user from creating a new bucket?
@ 2016-12-02 11:18 Yang Joseph
[not found] ` <584158A2.9020303-/BaA95PH9wJWk0Htik3J/w@public.gmane.org>
0 siblings, 1 reply; 3+ messages in thread
From: Yang Joseph @ 2016-12-02 11:18 UTC (permalink / raw)
To: ceph-devel; +Cc: ceph-users-idqoXFIVOFJgJs9I8MT0rw, Javen Wu
Hello,
I would like only to allow the user to read the object in a already
existed bucket, and not allow users
to create new bucket. It supposed to execute the following command:
$ radosgw-admin metadata put user:test3 < ...
...
"caps": [
{
"type": "buckets",
"perm": "read"
}
But why user test3 can still create new bucket after I have set its caps
to "buckets=read"?
thx,
Yang Honggang
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: rgw: how to prevent rgw user from creating a new bucket?
[not found] ` <584158A2.9020303-/BaA95PH9wJWk0Htik3J/w@public.gmane.org>
@ 2016-12-02 16:13 ` Yehuda Sadeh-Weinraub
2016-12-05 3:01 ` [ceph-users] " Yang Joseph
0 siblings, 1 reply; 3+ messages in thread
From: Yehuda Sadeh-Weinraub @ 2016-12-02 16:13 UTC (permalink / raw)
To: Yang Joseph
Cc: ceph-devel, Javen Wu,
ceph-users-idqoXFIVOFJgJs9I8MT0rw@public.gmane.org
On Fri, Dec 2, 2016 at 3:18 AM, Yang Joseph <joseph.yang-/BaA95PH9wJWk0Htik3J/w@public.gmane.org> wrote:
> Hello,
>
> I would like only to allow the user to read the object in a already existed
> bucket, and not allow users
> to create new bucket. It supposed to execute the following command:
>
> $ radosgw-admin metadata put user:test3 < ...
> ...
> "caps": [
> {
> "type": "buckets",
> "perm": "read"
> }
>
> But why user test3 can still create new bucket after I have set its caps to
> "buckets=read"?
>
Because this cap is unrelated. iirc starting at jewel you can do:
$ radosgw-admin user modify --uid=test3 --max-buckets=-1
Yehuda
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [ceph-users] rgw: how to prevent rgw user from creating a new bucket?
2016-12-02 16:13 ` Yehuda Sadeh-Weinraub
@ 2016-12-05 3:01 ` Yang Joseph
0 siblings, 0 replies; 3+ messages in thread
From: Yang Joseph @ 2016-12-05 3:01 UTC (permalink / raw)
To: Yehuda Sadeh-Weinraub; +Cc: ceph-devel, ceph-users@lists.ceph.com, Javen Wu
Thank you very much for your response.
I‘m confused about what this cap related to?
On 12/03/2016 12:13 AM, Yehuda Sadeh-Weinraub wrote:
> On Fri, Dec 2, 2016 at 3:18 AM, Yang Joseph <joseph.yang@xtaotech.com> wrote:
>> Hello,
>>
>> I would like only to allow the user to read the object in a already existed
>> bucket, and not allow users
>> to create new bucket. It supposed to execute the following command:
>>
>> $ radosgw-admin metadata put user:test3 < ...
>> ...
>> "caps": [
>> {
>> "type": "buckets",
>> "perm": "read"
>> }
>>
>> But why user test3 can still create new bucket after I have set its caps to
>> "buckets=read"?
>>
>
> Because this cap is unrelated. iirc starting at jewel you can do:
>
> $ radosgw-admin user modify --uid=test3 --max-buckets=-1
>
> Yehuda
> --
> To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2016-12-05 3:01 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-12-02 11:18 rgw: how to prevent rgw user from creating a new bucket? Yang Joseph
[not found] ` <584158A2.9020303-/BaA95PH9wJWk0Htik3J/w@public.gmane.org>
2016-12-02 16:13 ` Yehuda Sadeh-Weinraub
2016-12-05 3:01 ` [ceph-users] " Yang Joseph
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.