As usual, I found solution after a while. Metadata field is not deleting as it should by API docs, but it can be changed. So I just changed it with curl -X POST -i -H "X-Auth-Token: <authtoken> -H "X-Container-Read: <project_id>:*" https://endpoint.url/swift/v1/containername and now metadata field looks like this X-Container-Read: <project_id>:*
Essentialy this behaves the same as when there's no X-Container-Read at all. But overall this is still an issue - what should've taken 5 seconds to just uncheck a box in Horizon interface turned into couple hours of debugging. Can anyone who uses same version check if this issue is reproducible? If so - this seems to be a ticket-worthy. 2018-03-30 17:40 GMT+03:00 Vladimir Prokofev <v...@prokofev.me>: > CEPH 12.2.2, RGW. > I'm using it as an object storage endpoint for Openstack. > > Recently while browsing an object storage from Horizon, I accidently > marked container as public. The issue is - I can't make it private again! > Docs state that to do it I should simply delete X-Container-Read metadata, > but I just can't! > > Examples: > private container headers(only relevant output, some other empty > container): > X-Container-Bytes-Used-Actual: 0 > X-Storage-Policy: default-placement > > public container headers(only relevant output): > X-Container-Bytes-Used-Actual: 114688 > X-Container-Read: .r:*,.rlistings > X-Storage-Policy: default-placement > > As you can see, there's now an X-Container-Read header. > > > I've tried to make it back private with swift client and curl, but to no > success. Here're some curl examples. > > Updating works! > If I do > curl -X POST -i -H "X-Auth-Token: <authoken>" -H "X-Container-Read: > .r:test" https://endpoint.url/swift/v1/containername > metadata will become > X-Container-Read: .r:test > > But if I do > curl -X POST -i -H "X-Auth-Token: <authtoken>" -H > "X-Remove-Container-Read: x" https://endpoint.url/swift/v1/containername > > nothing happens, metadata field will remain there. > > So is this a broken API in RGW, or am I missing something? Maybe there's > some explicit warning that after becoming public you can't make container > private again? >
_______________________________________________ ceph-users mailing list ceph-users@lists.ceph.com http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
