failed to run the auth-server deamon for SAIO setup

classic Classic list List threaded Threaded
8 messages Options
Reply | Threaded
Open this post in threaded view
|

failed to run the auth-server deamon for SAIO setup

shashidhar v
HI,

I am trying to install and test the Swift tool by following the SAIO
I have set up the repos and downloaded the code as per the steps given in
SAIO

swift at test3:~/swift$ cd ~/swift/trunk; sudo python setup.py develop
running develop
running egg_info
creating swift.egg-info
writing swift.egg-info/PKG-INFO
writing top-level names to swift.egg-info/top_level.txt
writing dependency_links to swift.egg-info/dependency_links.txt
writing entry points to swift.egg-info/entry_points.txt
writing manifest file 'swift.egg-info/SOURCES.txt'
reading manifest file 'swift.egg-info/SOURCES.txt'
reading manifest template 'MANIFEST.in'
warning: no files found matching 'ChangeLog'
writing manifest file 'swift.egg-info/SOURCES.txt'
running build_ext
Creating /usr/local/lib/python2.6/dist-packages/swift.egg-link (link to .)
Removing swift 1.3-dev from easy-install.pth file
Adding swift 1.3-dev to easy-install.pth file
Installing st script to /usr/local/bin
Installing swift-account-auditor script to /usr/local/bin
Installing swift-account-audit script to /usr/local/bin
Installing swift-account-reaper script to /usr/local/bin
Installing swift-account-replicator script to /usr/local/bin
Installing swift-account-server script to /usr/local/bin
Installing swift-container-auditor script to /usr/local/bin
Installing swift-container-replicator script to /usr/local/bin
Installing swift-container-server script to /usr/local/bin
Installing swift-container-updater script to /usr/local/bin
Installing swift-drive-audit script to /usr/local/bin
Installing swift-get-nodes script to /usr/local/bin
Installing swift-init script to /usr/local/bin
Installing swift-object-auditor script to /usr/local/bin
Installing swift-object-info script to /usr/local/bin
Installing swift-object-replicator script to /usr/local/bin
Installing swift-object-server script to /usr/local/bin
Installing swift-object-updater script to /usr/local/bin
Installing swift-proxy-server script to /usr/local/bin
Installing swift-ring-builder script to /usr/local/bin
Installing swift-stats-populate script to /usr/local/bin
Installing swift-stats-report script to /usr/local/bin
Installing swift-bench script to /usr/local/bin
Installing swift-log-uploader script to /usr/local/bin
Installing swift-log-stats-collector script to /usr/local/bin
Installing swift-account-stats-logger script to /usr/local/bin
Installing swauth-add-account script to /usr/local/bin
Installing swauth-add-user script to /usr/local/bin
Installing swauth-cleanup-tokens script to /usr/local/bin
Installing swauth-delete-account script to /usr/local/bin
Installing swauth-delete-user script to /usr/local/bin
Installing swauth-list script to /usr/local/bin
Installing swauth-prep script to /usr/local/bin
Installing swauth-set-account-service script to /usr/local/bin

Installed /home/swift/swift/trunk
Processing dependencies for swift==1.3-dev
Finished processing dependencies for swift==1.3-dev
swift at test3:~/swift/trunk$


swift at test3:~$ startmain
WARNING: Unable to increase file descriptor limit.  Running as non-root?
Starting proxy-server...(/etc/swift/proxy-server.conf)
Starting container-server...(/etc/swift/container-server/1.conf)
Starting container-server...(/etc/swift/container-server/2.conf)
Starting container-server...(/etc/swift/container-server/3.conf)
Starting container-server...(/etc/swift/container-server/4.conf)
Starting account-server...(/etc/swift/account-server/1.conf)
Starting account-server...(/etc/swift/account-server/2.conf)
Starting account-server...(/etc/swift/account-server/3.conf)
Starting account-server...(/etc/swift/account-server/4.conf)
Starting object-server...(/etc/swift/object-server/1.conf)
Starting object-server...(/etc/swift/object-server/2.conf)
Starting object-server...(/etc/swift/object-server/3.conf)
Starting object-server...(/etc/swift/object-server/4.conf)
Traceback (most recent call last):
  File "/usr/local/bin/swift-proxy-server", line 7, in <module>
    execfile(__file__)
  File "/home/swift/swift/trunk/bin/swift-proxy-server", line 22, in
<module>
    run_wsgi(conf_file, 'proxy-server', default_port=8080, **options)
  File "/home/swift/swift/trunk/swift/common/wsgi.py", line 123, in run_wsgi
    sock = get_socket(conf, default_port=kwargs.get('default_port', 8080))
  File "/home/swift/swift/trunk/swift/common/wsgi.py", line 89, in
get_socket
    bind_addr)
Exception: Could not bind to 0.0.0.0:8080 after trying for 30 seconds

WARNING: Unable to increase file descriptor limit.  Running as non-root?
Starting auth-server...(/etc/swift/auth-server.conf)
Traceback (most recent call last):
  File "/usr/local/bin/swift-auth-server", line 5, in <module>
    pkg_resources.run_script('swift==1.3-dev', 'swift-auth-server')
  File "/usr/lib/python2.6/dist-packages/pkg_resources.py", line 461, in
run_script
    self.require(requires)[0].run_script(script_name, ns)
  File "/usr/lib/python2.6/dist-packages/pkg_resources.py", line 1188, in
run_script
    raise ResolutionError("No script named %r" % script_name)
pkg_resources.ResolutionError: No script named 'swift-auth-server'

swift at test3:~$

Kindly help me to resolve the above error

Thanks & Regards,
shashi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20110331/ed4e8a23/attachment.html>

Reply | Threaded
Open this post in threaded view
|

failed to run the auth-server deamon for SAIO setup

Marcelo
Hi Shashi,

The first thing I would do to troubleshoot this is stop every swift  
service you have started up.

1. Problem #1 relates to proxy-server not able to bind to 8080. So I  
would run a "sudo netstat -tnpl"  to make sure that is actually not  
being used by any other app you might lreaday have running. If nothing  
is using that 8080 port, then try "swift-init proxy-server start" and  
see if you still get the error (try it running as the swift user and  
also as root)

2. The 1.3 dev docs provide a setup using swauth for authentication,  
therefore there is no reason to run devauth. Unless you decided to use  
devauth instead of swauth.


> swift at test3:~$ startmain
> WARNING: Unable to increase file descriptor limit.  Running as non-
> root?
> Starting proxy-server...(/etc/swift/proxy-server.conf)
> Starting container-server...(/etc/swift/container-server/1.conf)
> Starting container-server...(/etc/swift/container-server/2.conf)
> Starting container-server...(/etc/swift/container-server/3.conf)
> Starting container-server...(/etc/swift/container-server/4.conf)
> Starting account-server...(/etc/swift/account-server/1.conf)
> Starting account-server...(/etc/swift/account-server/2.conf)
> Starting account-server...(/etc/swift/account-server/3.conf)
> Starting account-server...(/etc/swift/account-server/4.conf)
> Starting object-server...(/etc/swift/object-server/1.conf)
> Starting object-server...(/etc/swift/object-server/2.conf)
> Starting object-server...(/etc/swift/object-server/3.conf)
> Starting object-server...(/etc/swift/object-server/4.conf)
> Traceback (most recent call last):
>   File "/usr/local/bin/swift-proxy-server", line 7, in <module>
>     execfile(__file__)
>   File "/home/swift/swift/trunk/bin/swift-proxy-server", line 22, in  
> <module>
>     run_wsgi(conf_file, 'proxy-server', default_port=8080, **options)
>   File "/home/swift/swift/trunk/swift/common/wsgi.py", line 123, in  
> run_wsgi
>     sock = get_socket(conf, default_port=kwargs.get('default_port',  
> 8080))
>   File "/home/swift/swift/trunk/swift/common/wsgi.py", line 89, in  
> get_socket
>     bind_addr)
> Exception: Could not bind to 0.0.0.0:8080 after trying for 30 seconds
>
> WARNING: Unable to increase file descriptor limit.  Running as non-
> root?
> Starting auth-server...(/etc/swift/auth-server.conf)
> Traceback (most recent call last):
>   File "/usr/local/bin/swift-auth-server", line 5, in <module>
>     pkg_resources.run_script('swift==1.3-dev', 'swift-auth-server')
>   File "/usr/lib/python2.6/dist-packages/pkg_resources.py", line  
> 461, in run_script
>     self.require(requires)[0].run_script(script_name, ns)
>   File "/usr/lib/python2.6/dist-packages/pkg_resources.py", line  
> 1188, in run_script
>     raise ResolutionError("No script named %r" % script_name)
> pkg_resources.ResolutionError: No script named 'swift-auth-server'
>
> swift at test3:~$




Marcelo
http://www.zeroaccess.org/
btorch @ IRC#openstack


On Mar 31, 2011, at 4:33 AM, shashidhar v wrote:

> HI,
>
> I am trying to install and test the Swift tool by following the SAIO
> I have set up the repos and downloaded the code as per the steps  
> given in SAIO
>
> swift at test3:~/swift$ cd ~/swift/trunk; sudo python setup.py develop
> running develop
> running egg_info
> creating swift.egg-info
> writing swift.egg-info/PKG-INFO
> writing top-level names to swift.egg-info/top_level.txt
> writing dependency_links to swift.egg-info/dependency_links.txt
> writing entry points to swift.egg-info/entry_points.txt
> writing manifest file 'swift.egg-info/SOURCES.txt'
> reading manifest file 'swift.egg-info/SOURCES.txt'
> reading manifest template 'MANIFEST.in'
> warning: no files found matching 'ChangeLog'
> writing manifest file 'swift.egg-info/SOURCES.txt'
> running build_ext
> Creating /usr/local/lib/python2.6/dist-packages/swift.egg-link (link  
> to .)
> Removing swift 1.3-dev from easy-install.pth file
> Adding swift 1.3-dev to easy-install.pth file
> Installing st script to /usr/local/bin
> Installing swift-account-auditor script to /usr/local/bin
> Installing swift-account-audit script to /usr/local/bin
> Installing swift-account-reaper script to /usr/local/bin
> Installing swift-account-replicator script to /usr/local/bin
> Installing swift-account-server script to /usr/local/bin
> Installing swift-container-auditor script to /usr/local/bin
> Installing swift-container-replicator script to /usr/local/bin
> Installing swift-container-server script to /usr/local/bin
> Installing swift-container-updater script to /usr/local/bin
> Installing swift-drive-audit script to /usr/local/bin
> Installing swift-get-nodes script to /usr/local/bin
> Installing swift-init script to /usr/local/bin
> Installing swift-object-auditor script to /usr/local/bin
> Installing swift-object-info script to /usr/local/bin
> Installing swift-object-replicator script to /usr/local/bin
> Installing swift-object-server script to /usr/local/bin
> Installing swift-object-updater script to /usr/local/bin
> Installing swift-proxy-server script to /usr/local/bin
> Installing swift-ring-builder script to /usr/local/bin
> Installing swift-stats-populate script to /usr/local/bin
> Installing swift-stats-report script to /usr/local/bin
> Installing swift-bench script to /usr/local/bin
> Installing swift-log-uploader script to /usr/local/bin
> Installing swift-log-stats-collector script to /usr/local/bin
> Installing swift-account-stats-logger script to /usr/local/bin
> Installing swauth-add-account script to /usr/local/bin
> Installing swauth-add-user script to /usr/local/bin
> Installing swauth-cleanup-tokens script to /usr/local/bin
> Installing swauth-delete-account script to /usr/local/bin
> Installing swauth-delete-user script to /usr/local/bin
> Installing swauth-list script to /usr/local/bin
> Installing swauth-prep script to /usr/local/bin
> Installing swauth-set-account-service script to /usr/local/bin
>
> Installed /home/swift/swift/trunk
> Processing dependencies for swift==1.3-dev
> Finished processing dependencies for swift==1.3-dev
> swift at test3:~/swift/trunk$
>
>
> swift at test3:~$ startmain
> WARNING: Unable to increase file descriptor limit.  Running as non-
> root?
> Starting proxy-server...(/etc/swift/proxy-server.conf)
> Starting container-server...(/etc/swift/container-server/1.conf)
> Starting container-server...(/etc/swift/container-server/2.conf)
> Starting container-server...(/etc/swift/container-server/3.conf)
> Starting container-server...(/etc/swift/container-server/4.conf)
> Starting account-server...(/etc/swift/account-server/1.conf)
> Starting account-server...(/etc/swift/account-server/2.conf)
> Starting account-server...(/etc/swift/account-server/3.conf)
> Starting account-server...(/etc/swift/account-server/4.conf)
> Starting object-server...(/etc/swift/object-server/1.conf)
> Starting object-server...(/etc/swift/object-server/2.conf)
> Starting object-server...(/etc/swift/object-server/3.conf)
> Starting object-server...(/etc/swift/object-server/4.conf)
> Traceback (most recent call last):
>   File "/usr/local/bin/swift-proxy-server", line 7, in <module>
>     execfile(__file__)
>   File "/home/swift/swift/trunk/bin/swift-proxy-server", line 22, in  
> <module>
>     run_wsgi(conf_file, 'proxy-server', default_port=8080, **options)
>   File "/home/swift/swift/trunk/swift/common/wsgi.py", line 123, in  
> run_wsgi
>     sock = get_socket(conf, default_port=kwargs.get('default_port',  
> 8080))
>   File "/home/swift/swift/trunk/swift/common/wsgi.py", line 89, in  
> get_socket
>     bind_addr)
> Exception: Could not bind to 0.0.0.0:8080 after trying for 30 seconds
>
> WARNING: Unable to increase file descriptor limit.  Running as non-
> root?
> Starting auth-server...(/etc/swift/auth-server.conf)
> Traceback (most recent call last):
>   File "/usr/local/bin/swift-auth-server", line 5, in <module>
>     pkg_resources.run_script('swift==1.3-dev', 'swift-auth-server')
>   File "/usr/lib/python2.6/dist-packages/pkg_resources.py", line  
> 461, in run_script
>     self.require(requires)[0].run_script(script_name, ns)
>   File "/usr/lib/python2.6/dist-packages/pkg_resources.py", line  
> 1188, in run_script
>     raise ResolutionError("No script named %r" % script_name)
> pkg_resources.ResolutionError: No script named 'swift-auth-server'
>
> swift at test3:~$
>
> Kindly help me to resolve the above error
>
> Thanks & Regards,
> shashi
>
> _______________________________________________
> Openstack-operators mailing list
> Openstack-operators at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack- 
> operators

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20110331/e01908cb/attachment.html>

Reply | Threaded
Open this post in threaded view
|

failed to run the auth-server deamon for SAIO setup

shashidhar v
In reply to this post by shashidhar v
HI Marcelo ,

Thanks for the reply ,

1. W.r.t problem #1 , I have stopped the tomcat service which is using the
port 8080 and then started the swift service without any errors .
It is using "swauth" auth. mechanisam  as you mentioned swift-1.3 develop
supports only swauth ,then  created the accounts using "recreateaccounts"
script of SAIO ,,

#!/bin/bash

# Replace swauthkey with whatever your super_admin key is (recorded in
# /etc/swift/proxy-server.conf).
swauth-prep -K swauthkey
swauth-add-user -K swauthkey -a test tester testing
swauth-add-user -K swauthkey -a test2 tester2 testing2
swauth-add-user -K swauthkey test tester3 testing3
swauth-add-user -K swauthkey -a -r reseller reseller reseller



[shashi at shashi samples]$ curl -v -H 'X-Storage-User: test:tester3' -H
'X-Storage-Pass: testing3' http://192.168.62.63:8080/auth/v1.0
* About to connect() to 192.168.62.63 port 8080
*   Trying 192.168.62.63... connected
* Connected to 192.168.62.63 (192.168.62.63) port 8080
> GET /auth/v1.0 HTTP/1.1
> User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5
OpenSSL/0.9.7a zlib/1.2.3 libidn/0.6.14
> Host: 192.168.62.63:8080
> Accept: */*
> X-Storage-User: test:tester3
> X-Storage-Pass: testing3
>
< HTTP/1.1 200 OK
< X-Storage-Url:
http://127.0.0.1:8080/v1/AUTH_74ac0809-6c3f-4a0b-a6c8-6a664477b32a
< X-Storage-Token: AUTH_tke67d8d3c037649688bd527a7b77cc287
< X-Auth-Token: AUTH_tke67d8d3c037649688bd527a7b77cc287
< Content-Length: 112
< Date: Fri, 01 Apr 2011 04:31:06 GMT
Connection #0 to host 192.168.62.63 left intact
* Closing connection #0
{"storage": {"default": "local", "local": "
http://127.0.0.1:8080/v1/AUTH_74ac0809-6c3f-4a0b-a6c8-6a664477b32a
"}}[shashi at shashi samples]$
[shashi at shashi samples]$

[shashi at shashi samples]$ curl -v -H 'X-Auth-Token:
AUTH_tke67d8d3c037649688bd527a7b77cc287'
http://192.168.62.63:8080/v1/AUTH_74ac0809-6c3f-4a0b-a6c8-6a664477b32a
* About to connect() to 192.168.62.63 port 8080
*   Trying 192.168.62.63... connected
* Connected to 192.168.62.63 (192.168.62.63) port 8080
> GET /v1/AUTH_74ac0809-6c3f-4a0b-a6c8-6a664477b32a HTTP/1.1
> User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5
OpenSSL/0.9.7a zlib/1.2.3 libidn/0.6.14
> Host: 192.168.62.63:8080
> Accept: */*
> X-Auth-Token: AUTH_tke67d8d3c037649688bd527a7b77cc287
>
< HTTP/1.1 403 Forbidden
< Content-Length: 157
< Content-Type: text/html; charset=UTF-8
< Date: Fri, 01 Apr 2011 04:45:35 GMT
<html>
 <head>
  <title>403 Forbidden</title>
 </head>
 <body>
  <h1>403 Forbidden</h1>
  Access was denied to this resource.<br /><br />

 </body>
Connection #0 to host 192.168.62.63 left intact
* Closing connection #0
</html>[shashi at shashi samples]$
[shashi at shashi samples]$

In the above script,  the third user is tester3 (non admin) which is not
allowed to create containers ? Then what's the role of non-admin users
created under swift , what operations they can perform ?

Swift supports ACL or not and  the containers/objects created by a admin
user can be shared with non-admin user for atleast downloading the objects ?


2.  In order to check the "devauth" authentication , I have donwloaded the
swift-1.2.0.tar.gz  in a second test node ,  what's the command to build the
code ,, sudo python setup.py develop   or  anyother command I need to use ?
Whether same SAIO doc can be referred to start the deamons ?



Thanks & Regards,
shashi



On Thu, Mar 31, 2011 at 9:35 PM, Marcelo Martins
<btorch-os at zeroaccess.org>wrote:

> Sent u a reply for the message below a few minutes ago .... Please reply
> to btorch-os at zeroaccess.org and the list when u do so.. Thanks
>
>
> Marcelo
>
>
> On Mar 31, 2011, at 4:33 AM, shashidhar v wrote:
>
> HI,
>
> I am trying to install and test the Swift tool by following the SAIO
> I have set up the repos and downloaded the code as per the steps given in
> SAIO
>
> swift at test3:~/swift$ cd ~/swift/trunk; sudo python setup.py develop
> running develop
> running egg_info
> creating swift.egg-info
> writing swift.egg-info/PKG-INFO
> writing top-level names to swift.egg-info/top_level.txt
> writing dependency_links to swift.egg-info/dependency_links.txt
> writing entry points to swift.egg-info/entry_points.txt
> writing manifest file 'swift.egg-info/SOURCES.txt'
> reading manifest file 'swift.egg-info/SOURCES.txt'
> reading manifest template 'MANIFEST.in'
> warning: no files found matching 'ChangeLog'
> writing manifest file 'swift.egg-info/SOURCES.txt'
> running build_ext
> Creating /usr/local/lib/python2.6/dist-packages/swift.egg-link (link to .)
> Removing swift 1.3-dev from easy-install.pth file
> Adding swift 1.3-dev to easy-install.pth file
> Installing st script to /usr/local/bin
> Installing swift-account-auditor script to /usr/local/bin
> Installing swift-account-audit script to /usr/local/bin
> Installing swift-account-reaper script to /usr/local/bin
> Installing swift-account-replicator script to /usr/local/bin
> Installing swift-account-server script to /usr/local/bin
> Installing swift-container-auditor script to /usr/local/bin
> Installing swift-container-replicator script to /usr/local/bin
> Installing swift-container-server script to /usr/local/bin
> Installing swift-container-updater script to /usr/local/bin
> Installing swift-drive-audit script to /usr/local/bin
> Installing swift-get-nodes script to /usr/local/bin
> Installing swift-init script to /usr/local/bin
> Installing swift-object-auditor script to /usr/local/bin
> Installing swift-object-info script to /usr/local/bin
> Installing swift-object-replicator script to /usr/local/bin
> Installing swift-object-server script to /usr/local/bin
> Installing swift-object-updater script to /usr/local/bin
> Installing swift-proxy-server script to /usr/local/bin
> Installing swift-ring-builder script to /usr/local/bin
> Installing swift-stats-populate script to /usr/local/bin
> Installing swift-stats-report script to /usr/local/bin
> Installing swift-bench script to /usr/local/bin
> Installing swift-log-uploader script to /usr/local/bin
> Installing swift-log-stats-collector script to /usr/local/bin
> Installing swift-account-stats-logger script to /usr/local/bin
> Installing swauth-add-account script to /usr/local/bin
> Installing swauth-add-user script to /usr/local/bin
> Installing swauth-cleanup-tokens script to /usr/local/bin
> Installing swauth-delete-account script to /usr/local/bin
> Installing swauth-delete-user script to /usr/local/bin
> Installing swauth-list script to /usr/local/bin
> Installing swauth-prep script to /usr/local/bin
> Installing swauth-set-account-service script to /usr/local/bin
>
> Installed /home/swift/swift/trunk
> Processing dependencies for swift==1.3-dev
> Finished processing dependencies for swift==1.3-dev
> swift at test3:~/swift/trunk$
>
>
> swift at test3:~$ startmain
> WARNING: Unable to increase file descriptor limit.  Running as non-root?
> Starting proxy-server...(/etc/swift/proxy-server.conf)
> Starting container-server...(/etc/swift/container-server/1.conf)
> Starting container-server...(/etc/swift/container-server/2.conf)
> Starting container-server...(/etc/swift/container-server/3.conf)
> Starting container-server...(/etc/swift/container-server/4.conf)
> Starting account-server...(/etc/swift/account-server/1.conf)
> Starting account-server...(/etc/swift/account-server/2.conf)
> Starting account-server...(/etc/swift/account-server/3.conf)
> Starting account-server...(/etc/swift/account-server/4.conf)
> Starting object-server...(/etc/swift/object-server/1.conf)
> Starting object-server...(/etc/swift/object-server/2.conf)
> Starting object-server...(/etc/swift/object-server/3.conf)
> Starting object-server...(/etc/swift/object-server/4.conf)
> Traceback (most recent call last):
>   File "/usr/local/bin/swift-proxy-server", line 7, in <module>
>     execfile(__file__)
>   File "/home/swift/swift/trunk/bin/swift-proxy-server", line 22, in
> <module>
>     run_wsgi(conf_file, 'proxy-server', default_port=8080, **options)
>   File "/home/swift/swift/trunk/swift/common/wsgi.py", line 123, in
> run_wsgi
>     sock = get_socket(conf, default_port=kwargs.get('default_port', 8080))
>   File "/home/swift/swift/trunk/swift/common/wsgi.py", line 89, in
> get_socket
>     bind_addr)
> Exception: Could not bind to 0.0.0.0:8080 after trying for 30 seconds
>
> WARNING: Unable to increase file descriptor limit.  Running as non-root?
> Starting auth-server...(/etc/swift/auth-server.conf)
> Traceback (most recent call last):
>   File "/usr/local/bin/swift-auth-server", line 5, in <module>
>     pkg_resources.run_script('swift==1.3-dev', 'swift-auth-server')
>   File "/usr/lib/python2.6/dist-packages/pkg_resources.py", line 461, in
> run_script
>     self.require(requires)[0].run_script(script_name, ns)
>   File "/usr/lib/python2.6/dist-packages/pkg_resources.py", line 1188, in
> run_script
>     raise ResolutionError("No script named %r" % script_name)
> pkg_resources.ResolutionError: No script named 'swift-auth-server'
>
> swift at test3:~$
>
> Kindly help me to resolve the above error
>
> Thanks & Regards,
> shashi
>
> _______________________________________________
> Openstack-operators mailing list
> Openstack-operators at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20110401/2351229c/attachment-0001.html>

Reply | Threaded
Open this post in threaded view
|

failed to run the auth-server deamon for SAIO setup

Greg Holt
On Apr 1, 2011, at 1:35 AM, shashidhar v wrote:

> In the above script,  the third user is tester3 (non admin) which is not allowed to create containers ? Then what's the role of non-admin users created under swift , what operations they can perform ?
>
> Swift supports ACL or not and  the containers/objects created by a admin user can be shared with non-admin user for atleast downloading the objects ?

Non-admin users can only perform operations per container based on the container?s X-Container-Read and X-Container-Write ACLs. With an admin account you could create a container for that non-admin user and set X-Container-Read: test:tester3 and X-Container-Write: test:tester3.

These may explain more:

http://swift.openstack.org/overview_auth.html
http://swift.openstack.org/misc.html#module-swift.common.middleware.acl


Reply | Threaded
Open this post in threaded view
|

failed to run the auth-server deamon for SAIO setup

shashidhar v
Hi Gholt,

I tried to set the container based read and write acl to share the container
with non admin user , but it is giving error as access denied

[shashi at shashi samples]$  curl -v -H 'X-Storage-User: test:tester' -H
'X-Storage-Pass: testing' http://192.168.62.63:8080/auth/v1.0* About to
connect() to 192.168.62.63 port 8080
*   Trying 192.168.62.63... connected
* Connected to 192.168.62.63 (192.168.62.63) port 8080
> GET /auth/v1.0 HTTP/1.1
> User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5
OpenSSL/0.9.7a zlib/1.2.3 libidn/0.6.14
> Host: 192.168.62.63:8080
> Accept: */*
> X-Storage-User: test:tester
> X-Storage-Pass: testing
>
< HTTP/1.1 200 OK
< X-Storage-Url:
http://127.0.0.1:8080/v1/AUTH_74ac0809-6c3f-4a0b-a6c8-6a664477b32a
< X-Storage-Token: AUTH_tk64b46c28eda84a839b7ba10cc54f3525
< X-Auth-Token: AUTH_tk64b46c28eda84a839b7ba10cc54f3525
< Content-Length: 112
< Date: Tue, 05 Apr 2011 10:18:31 GMT
Connection #0 to host 192.168.62.63 left intact
* Closing connection #0
{"storage": {"default": "local", "local": "
http://127.0.0.1:8080/v1/AUTH_74ac0809-6c3f-4a0b-a6c8-6a664477b32a
"}}[shashi at shashi samples]$


[shashi at shashi samples]$  curl -X HEAD -D - -H 'X-Auth-Token:
AUTH_tk64b46c28eda84a839b7ba10cc54f3525'
http://192.168.62.63:8080/v1/AUTH_74ac0809-6c3f-4a0b-a6c8-6a664477b32a
HTTP/1.1 204 No Content
X-Account-Object-Count: 0
X-Account-Bytes-Used: 0
X-Account-Container-Count: 1
Content-Length: 0
Date: Tue, 05 Apr 2011 10:20:19 GMT

[shashi at shashi samples]$
[shashi at shashi samples]$  curl -X HEAD -D - -H 'X-Auth-Token:
AUTH_tk64b46c28eda84a839b7ba10cc54f3525'
http://192.168.62.63:8080/v1/AUTH_74ac0809-6c3f-4a0b-a6c8-6a664477b32a/container1
HTTP/1.1 204 No Content
X-Container-Object-Count: 1
X-Container-Bytes-Used: 29
Content-Length: 0
Date: Tue, 05 Apr 2011 10:20:40 GMT

[shashi at shashi samples]$



Initially I have created a container named as "container1" using the admin
user "test:tester" and then trying to set read and write acl for the
container1 to share it with non-admin user ..........



[shashi at shashi samples]$  curl -v -H 'X-Auth-Token:
AUTH_tk64b46c28eda84a839b7ba10cc54f3525' -H 'X-Container-Read: test:tester3'
-H 'X-Container-Write: test:tester3'
http://192.168.62.63:8080/v1/AUTH_74ac0809-6c3f-4a0b-a6c8-6a664477b32a/container1
* About to connect() to 192.168.62.63 port 8080
*   Trying 192.168.62.63... connected
* Connected to 192.168.62.63 (192.168.62.63) port 8080
> GET /v1/AUTH_74ac0809-6c3f-4a0b-a6c8-6a664477b32a/container1 HTTP/1.1
> User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5
OpenSSL/0.9.7a zlib/1.2.3 libidn/0.6.14
> Host: 192.168.62.63:8080
> Accept: */*
> X-Auth-Token: AUTH_tk64b46c28eda84a839b7ba10cc54f3525
> X-Container-Read: test:tester3
> X-Container-Write: test:tester3
>
< HTTP/1.1 200 OK
< X-Container-Object-Count: 1
< X-Container-Bytes-Used: 29
< Content-Length: 10
< Content-Type: text/plain; charset=utf8
< Date: Tue, 05 Apr 2011 10:11:01 GMT
testfile1
* Connection #0 to host 192.168.62.63 left intact
* Closing connection #0
[shashi at shashi samples]$

[shashi at shashi samples]$  curl -v -H 'X-Storage-User: test:tester3' -H
'X-Storage-Pass: testing3' http://192.168.62.63:8080/auth/v1.0* About to
connect() to 192.168.62.63 port 8080
*   Trying 192.168.62.63... connected
* Connected to 192.168.62.63 (192.168.62.63) port 8080
> GET /auth/v1.0 HTTP/1.1
> User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5
OpenSSL/0.9.7a zlib/1.2.3 libidn/0.6.14
> Host: 192.168.62.63:8080
> Accept: */*
> X-Storage-User: test:tester3
> X-Storage-Pass: testing3
>
< HTTP/1.1 200 OK
< X-Storage-Url:
http://127.0.0.1:8080/v1/AUTH_74ac0809-6c3f-4a0b-a6c8-6a664477b32a
< X-Storage-Token: AUTH_tk124a8a19ad7e49c5a04710716fd4f126
< X-Auth-Token: AUTH_tk124a8a19ad7e49c5a04710716fd4f126
< Content-Length: 112
< Date: Tue, 05 Apr 2011 10:11:16 GMT
Connection #0 to host 192.168.62.63 left intact
* Closing connection #0
{"storage": {"default": "local", "local": "
http://127.0.0.1:8080/v1/AUTH_74ac0809-6c3f-4a0b-a6c8-6a664477b32a
"}}[shashi at shashi samples]$

[shashi at shashi samples]$  curl  -s -D - -H 'X-Auth-Token:
AUTH_tk124a8a19ad7e49c5a04710716fd4f126'
http://192.168.62.63:8080/v1/AUTH_74ac0809-6c3f-4a0b-a6c8-6a664477b32a/container1/testfile1
HTTP/1.1 403 Forbidden
Content-Length: 157
Content-Type: text/html; charset=UTF-8
Date: Tue, 05 Apr 2011 10:11:42 GMT

<html>
 <head>
  <title>403 Forbidden</title>
 </head>
 <body>
  <h1>403 Forbidden</h1>
  Access was denied to this resource.<br /><br />



 </body>
</html>[shashi at shashi samples]$
[shashi at shashi samples]$

Thanks & Regards,
shashi





On Fri, Apr 1, 2011 at 6:32 PM, Greg Holt <gholt at rackspace.com> wrote:

> On Apr 1, 2011, at 1:35 AM, shashidhar v wrote:
>
> > In the above script,  the third user is tester3 (non admin) which is not
> allowed to create containers ? Then what's the role of non-admin users
> created under swift , what operations they can perform ?
> >
> > Swift supports ACL or not and  the containers/objects created by a admin
> user can be shared with non-admin user for atleast downloading the objects ?
>
> Non-admin users can only perform operations per container based on the
> container?s X-Container-Read and X-Container-Write ACLs. With an admin
> account you could create a container for that non-admin user and set
> X-Container-Read: test:tester3 and X-Container-Write: test:tester3.
>
> These may explain more:
>
> http://swift.openstack.org/overview_auth.html
> http://swift.openstack.org/misc.html#module-swift.common.middleware.acl
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20110405/9182f04e/attachment.html>

Reply | Threaded
Open this post in threaded view
|

failed to run the auth-server deamon for SAIO setup

Greg Holt
You have to use the PUT or POST command when trying to set the headers on a container. Try adding -X POST to that curl command:

curl -v -X POST -H 'X-Auth-Token: AUTH_tk64b46c28eda84a839b7ba10cc54f3525' -H 'X-Container-Read: test:tester3' -H 'X-Container-Write: test:tester3' http://192.168.62.63:8080/v1/AUTH_74ac0809-6c3f-4a0b-a6c8-6a664477b32a/container1

If you GET or the HEAD the container afterwards, you should see the two headers returned to you with the appropriate values.

On Apr 5, 2011, at 5:32 AM, shashidhar v wrote:

> Hi Gholt,
>
> I tried to set the container based read and write acl to share the container with non admin user , but it is giving error as access denied
>
> [shashi at shashi samples]$  curl -v -H 'X-Storage-User: test:tester' -H 'X-Storage-Pass: testing' http://192.168.62.63:8080/auth/v1.0* About to connect() to 192.168.62.63 port 8080
> *   Trying 192.168.62.63... connected
> * Connected to 192.168.62.63 (192.168.62.63) port 8080
> > GET /auth/v1.0 HTTP/1.1
> > User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.7a zlib/1.2.3 libidn/0.6.14
> > Host: 192.168.62.63:8080
> > Accept: */*
> > X-Storage-User: test:tester
> > X-Storage-Pass: testing
> >
> < HTTP/1.1 200 OK
> < X-Storage-Url: http://127.0.0.1:8080/v1/AUTH_74ac0809-6c3f-4a0b-a6c8-6a664477b32a
> < X-Storage-Token: AUTH_tk64b46c28eda84a839b7ba10cc54f3525
> < X-Auth-Token: AUTH_tk64b46c28eda84a839b7ba10cc54f3525
> < Content-Length: 112
> < Date: Tue, 05 Apr 2011 10:18:31 GMT
> Connection #0 to host 192.168.62.63 left intact
> * Closing connection #0
> {"storage": {"default": "local", "local": "http://127.0.0.1:8080/v1/AUTH_74ac0809-6c3f-4a0b-a6c8-6a664477b32a"}}[shashi at shashi samples]$
>
>
> [shashi at shashi samples]$  curl -X HEAD -D - -H 'X-Auth-Token: AUTH_tk64b46c28eda84a839b7ba10cc54f3525' http://192.168.62.63:8080/v1/AUTH_74ac0809-6c3f-4a0b-a6c8-6a664477b32a
> HTTP/1.1 204 No Content
> X-Account-Object-Count: 0
> X-Account-Bytes-Used: 0
> X-Account-Container-Count: 1
> Content-Length: 0
> Date: Tue, 05 Apr 2011 10:20:19 GMT
>
> [shashi at shashi samples]$
> [shashi at shashi samples]$  curl -X HEAD -D - -H 'X-Auth-Token: AUTH_tk64b46c28eda84a839b7ba10cc54f3525' http://192.168.62.63:8080/v1/AUTH_74ac0809-6c3f-4a0b-a6c8-6a664477b32a/container1
> HTTP/1.1 204 No Content
> X-Container-Object-Count: 1
> X-Container-Bytes-Used: 29
> Content-Length: 0
> Date: Tue, 05 Apr 2011 10:20:40 GMT
>
> [shashi at shashi samples]$
>
>
>
> Initially I have created a container named as "container1" using the admin user "test:tester" and then trying to set read and write acl for the container1 to share it with non-admin user ..........
>
>
>
> [shashi at shashi samples]$  curl -v -H 'X-Auth-Token: AUTH_tk64b46c28eda84a839b7ba10cc54f3525' -H 'X-Container-Read: test:tester3' -H 'X-Container-Write: test:tester3' http://192.168.62.63:8080/v1/AUTH_74ac0809-6c3f-4a0b-a6c8-6a664477b32a/container1
> * About to connect() to 192.168.62.63 port 8080
> *   Trying 192.168.62.63... connected
> * Connected to 192.168.62.63 (192.168.62.63) port 8080
> > GET /v1/AUTH_74ac0809-6c3f-4a0b-a6c8-6a664477b32a/container1 HTTP/1.1
> > User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.7a zlib/1.2.3 libidn/0.6.14
> > Host: 192.168.62.63:8080
> > Accept: */*
> > X-Auth-Token: AUTH_tk64b46c28eda84a839b7ba10cc54f3525
> > X-Container-Read: test:tester3
> > X-Container-Write: test:tester3
> >
> < HTTP/1.1 200 OK
> < X-Container-Object-Count: 1
> < X-Container-Bytes-Used: 29
> < Content-Length: 10
> < Content-Type: text/plain; charset=utf8
> < Date: Tue, 05 Apr 2011 10:11:01 GMT
> testfile1
> * Connection #0 to host 192.168.62.63 left intact
> * Closing connection #0
> [shashi at shashi samples]$
>
> [shashi at shashi samples]$  curl -v -H 'X-Storage-User: test:tester3' -H 'X-Storage-Pass: testing3' http://192.168.62.63:8080/auth/v1.0* About to connect() to 192.168.62.63 port 8080
> *   Trying 192.168.62.63... connected
> * Connected to 192.168.62.63 (192.168.62.63) port 8080
> > GET /auth/v1.0 HTTP/1.1
> > User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.7a zlib/1.2.3 libidn/0.6.14
> > Host: 192.168.62.63:8080
> > Accept: */*
> > X-Storage-User: test:tester3
> > X-Storage-Pass: testing3
> >
> < HTTP/1.1 200 OK
> < X-Storage-Url: http://127.0.0.1:8080/v1/AUTH_74ac0809-6c3f-4a0b-a6c8-6a664477b32a
> < X-Storage-Token: AUTH_tk124a8a19ad7e49c5a04710716fd4f126
> < X-Auth-Token: AUTH_tk124a8a19ad7e49c5a04710716fd4f126
> < Content-Length: 112
> < Date: Tue, 05 Apr 2011 10:11:16 GMT
> Connection #0 to host 192.168.62.63 left intact
> * Closing connection #0
> {"storage": {"default": "local", "local": "http://127.0.0.1:8080/v1/AUTH_74ac0809-6c3f-4a0b-a6c8-6a664477b32a"}}[shashi at shashi samples]$
>
> [shashi at shashi samples]$  curl  -s -D - -H 'X-Auth-Token: AUTH_tk124a8a19ad7e49c5a04710716fd4f126' http://192.168.62.63:8080/v1/AUTH_74ac0809-6c3f-4a0b-a6c8-6a664477b32a/container1/testfile1
> HTTP/1.1 403 Forbidden
> Content-Length: 157
> Content-Type: text/html; charset=UTF-8
> Date: Tue, 05 Apr 2011 10:11:42 GMT
>
> <html>
>  <head>
>   <title>403 Forbidden</title>
>  </head>
>  <body>
>   <h1>403 Forbidden</h1>
>   Access was denied to this resource.<br /><br />
>
>
>
>  </body>
> </html>[shashi at shashi samples]$
> [shashi at shashi samples]$
>
> Thanks & Regards,
> shashi
>
>
>
>
>
> On Fri, Apr 1, 2011 at 6:32 PM, Greg Holt <gholt at rackspace.com> wrote:
> On Apr 1, 2011, at 1:35 AM, shashidhar v wrote:
>
> > In the above script,  the third user is tester3 (non admin) which is not allowed to create containers ? Then what's the role of non-admin users created under swift , what operations they can perform ?
> >
> > Swift supports ACL or not and  the containers/objects created by a admin user can be shared with non-admin user for atleast downloading the objects ?
>
> Non-admin users can only perform operations per container based on the container?s X-Container-Read and X-Container-Write ACLs. With an admin account you could create a container for that non-admin user and set X-Container-Read: test:tester3 and X-Container-Write: test:tester3.
>
> These may explain more:
>
> http://swift.openstack.org/overview_auth.html
> http://swift.openstack.org/misc.html#module-swift.common.middleware.acl
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20110405/9b34869a/attachment.html>

Reply | Threaded
Open this post in threaded view
|

failed to run the auth-server deamon for SAIO setup

shashidhar v
Hi Gholt ,

1) Container based ACL  was working fine ,,

[shashi at shashi samples]$  curl -X GET -D - -H
'X-Auth-Token:AUTH_tk124a8a19ad7e49c5a04710716fd4f126'
http://192.168.62.63:8080/v1/AUTH_74ac0809-6c3f-4a0b-a6c8-6a664477b32a/container1
HTTP/1.1 200 OK
X-Container-Object-Count: 1
X-Container-Read: test:tester3
X-Container-Bytes-Used: 29
Content-Length: 10
Content-Type: text/plain; charset=utf8
Date: Tue, 05 Apr 2011 12:57:49 GMT

testfile1
[shashi at shashi samples]$



2) How to create new accounts/users using the  admin "reseller" which was
created using the script "recreateaccounts" of SAIO


swift at test3:~/swift/trunk$ swauth-prep -K reseller
Auth subsystem prep failed: 403 Forbidden
swift at test3:~/swift/trunk$

swift at test3:~/swift/trunk$ swauth-add-user -U reseller:reseller -K reseller
-A http://192.168.62.63:8080/auth/v1.0 reseller user1 user1Account creation
failed: 400 Bad Request
User creation failed: 400 Bad Request

swift at test3:~/swift/trunk$ swauth-add-user -U reseller:reseller -K reseller
-A http://192.168.62.63:8080/v1/AUTH_a62419e4-7841-49d1-950f-521443c8a75dreseller
user1 password1
Account creation failed: 401 Unauthorized
User creation failed: 401 Unauthorized
swift at test3:~/swift/trunk$


3) Is it possible  to enforce the storage limit for a non admin account/user
in swift , if so how to set that storage limit for a user ? How to
distribute the  available storage among different users ?


Thanks & Regards,
shashi

On Tue, Apr 5, 2011 at 6:06 PM, Greg Holt <gholt at rackspace.com> wrote:

> You have to use the PUT or POST command when trying to set the headers on a
> container. Try adding -X POST to that curl command:
>
> curl -v *-X POST* -H 'X-Auth-Token:
> AUTH_tk64b46c28eda84a839b7ba10cc54f3525' -H 'X-Container-Read: test:tester3'
> -H 'X-Container-Write: test:tester3'
> http://192.168.62.63:8080/v1/AUTH_74ac0809-6c3f-4a0b-a6c8-6a664477b32a/container1
>
> If you GET or the HEAD the container afterwards, you should see the two
> headers returned to you with the appropriate values.
>
> On Apr 5, 2011, at 5:32 AM, shashidhar v wrote:
>
> Hi Gholt,
>
> I tried to set the container based read and write acl to share the
> container with non admin user , but it is giving error as access denied
>
> [shashi at shashi samples]$  curl -v -H 'X-Storage-User: test:tester' -H
> 'X-Storage-Pass: testing' http://192.168.62.63:8080/auth/v1.0* About to
> connect() to 192.168.62.63 port 8080
> *   Trying 192.168.62.63... connected
> * Connected to 192.168.62.63 (192.168.62.63) port 8080
> > GET /auth/v1.0 HTTP/1.1
> > User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5
> OpenSSL/0.9.7a zlib/1.2.3 libidn/0.6.14
> > Host: 192.168.62.63:8080
> > Accept: */*
> > X-Storage-User: test:tester
> > X-Storage-Pass: testing
> >
> < HTTP/1.1 200 OK
> < X-Storage-Url:
> http://127.0.0.1:8080/v1/AUTH_74ac0809-6c3f-4a0b-a6c8-6a664477b32a
> < X-Storage-Token: AUTH_tk64b46c28eda84a839b7ba10cc54f3525
> < X-Auth-Token: AUTH_tk64b46c28eda84a839b7ba10cc54f3525
> < Content-Length: 112
> < Date: Tue, 05 Apr 2011 10:18:31 GMT
> Connection #0 to host 192.168.62.63 left intact
> * Closing connection #0
> {"storage": {"default": "local", "local": "
> http://127.0.0.1:8080/v1/AUTH_74ac0809-6c3f-4a0b-a6c8-6a664477b32a
> "}}[shashi at shashi samples]$
>
>
> [shashi at shashi samples]$  curl -X HEAD -D - -H 'X-Auth-Token:
> AUTH_tk64b46c28eda84a839b7ba10cc54f3525'
> http://192.168.62.63:8080/v1/AUTH_74ac0809-6c3f-4a0b-a6c8-6a664477b32a
> HTTP/1.1 204 No Content
> X-Account-Object-Count: 0
> X-Account-Bytes-Used: 0
> X-Account-Container-Count: 1
> Content-Length: 0
> Date: Tue, 05 Apr 2011 10:20:19 GMT
>
> [shashi at shashi samples]$
> [shashi at shashi samples]$  curl -X HEAD -D - -H 'X-Auth-Token:
> AUTH_tk64b46c28eda84a839b7ba10cc54f3525'
> http://192.168.62.63:8080/v1/AUTH_74ac0809-6c3f-4a0b-a6c8-6a664477b32a/container1
> HTTP/1.1 204 No Content
> X-Container-Object-Count: 1
> X-Container-Bytes-Used: 29
> Content-Length: 0
> Date: Tue, 05 Apr 2011 10:20:40 GMT
>
> [shashi at shashi samples]$
>
>
>
> Initially I have created a container named as "container1" using the admin
> user "test:tester" and then trying to set read and write acl for the
> container1 to share it with non-admin user ..........
>
>
>
> [shashi at shashi samples]$  curl -v -H 'X-Auth-Token:
> AUTH_tk64b46c28eda84a839b7ba10cc54f3525' -H 'X-Container-Read: test:tester3'
> -H 'X-Container-Write: test:tester3'
> http://192.168.62.63:8080/v1/AUTH_74ac0809-6c3f-4a0b-a6c8-6a664477b32a/container1
> * About to connect() to 192.168.62.63 port 8080
> *   Trying 192.168.62.63... connected
> * Connected to 192.168.62.63 (192.168.62.63) port 8080
> > GET /v1/AUTH_74ac0809-6c3f-4a0b-a6c8-6a664477b32a/container1 HTTP/1.1
> > User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5
> OpenSSL/0.9.7a zlib/1.2.3 libidn/0.6.14
> > Host: 192.168.62.63:8080
> > Accept: */*
> > X-Auth-Token: AUTH_tk64b46c28eda84a839b7ba10cc54f3525
> > X-Container-Read: test:tester3
> > X-Container-Write: test:tester3
> >
> < HTTP/1.1 200 OK
> < X-Container-Object-Count: 1
> < X-Container-Bytes-Used: 29
> < Content-Length: 10
> < Content-Type: text/plain; charset=utf8
> < Date: Tue, 05 Apr 2011 10:11:01 GMT
> testfile1
> * Connection #0 to host 192.168.62.63 left intact
> * Closing connection #0
> [shashi at shashi samples]$
>
> [shashi at shashi samples]$  curl -v -H 'X-Storage-User: test:tester3' -H
> 'X-Storage-Pass: testing3' http://192.168.62.63:8080/auth/v1.0* About to
> connect() to 192.168.62.63 port 8080
> *   Trying 192.168.62.63... connected
> * Connected to 192.168.62.63 (192.168.62.63) port 8080
> > GET /auth/v1.0 HTTP/1.1
> > User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5
> OpenSSL/0.9.7a zlib/1.2.3 libidn/0.6.14
> > Host: 192.168.62.63:8080
> > Accept: */*
> > X-Storage-User: test:tester3
> > X-Storage-Pass: testing3
> >
> < HTTP/1.1 200 OK
> < X-Storage-Url:
> http://127.0.0.1:8080/v1/AUTH_74ac0809-6c3f-4a0b-a6c8-6a664477b32a
> < X-Storage-Token: AUTH_tk124a8a19ad7e49c5a04710716fd4f126
> < X-Auth-Token: AUTH_tk124a8a19ad7e49c5a04710716fd4f126
> < Content-Length: 112
> < Date: Tue, 05 Apr 2011 10:11:16 GMT
> Connection #0 to host 192.168.62.63 left intact
> * Closing connection #0
> {"storage": {"default": "local", "local": "
> http://127.0.0.1:8080/v1/AUTH_74ac0809-6c3f-4a0b-a6c8-6a664477b32a
> "}}[shashi at shashi samples]$
>
> [shashi at shashi samples]$  curl  -s -D - -H 'X-Auth-Token:
> AUTH_tk124a8a19ad7e49c5a04710716fd4f126'
> http://192.168.62.63:8080/v1/AUTH_74ac0809-6c3f-4a0b-a6c8-6a664477b32a/container1/testfile1
> HTTP/1.1 403 Forbidden
> Content-Length: 157
> Content-Type: text/html; charset=UTF-8
> Date: Tue, 05 Apr 2011 10:11:42 GMT
>
> <html>
>  <head>
>   <title>403 Forbidden</title>
>  </head>
>  <body>
>   <h1>403 Forbidden</h1>
>   Access was denied to this resource.<br /><br />
>
>
>
>  </body>
> </html>[shashi at shashi samples]$
> [shashi at shashi samples]$
>
> Thanks & Regards,
> shashi
>
>
>
>
>
> On Fri, Apr 1, 2011 at 6:32 PM, Greg Holt <gholt at rackspace.com> wrote:
>
>> On Apr 1, 2011, at 1:35 AM, shashidhar v wrote:
>>
>> > In the above script,  the third user is tester3 (non admin) which is not
>> allowed to create containers ? Then what's the role of non-admin users
>> created under swift , what operations they can perform ?
>> >
>> > Swift supports ACL or not and  the containers/objects created by a admin
>> user can be shared with non-admin user for atleast downloading the objects ?
>>
>> Non-admin users can only perform operations per container based on the
>> container?s X-Container-Read and X-Container-Write ACLs. With an admin
>> account you could create a container for that non-admin user and set
>> X-Container-Read: test:tester3 and X-Container-Write: test:tester3.
>>
>> These may explain more:
>>
>> http://swift.openstack.org/overview_auth.html
>> http://swift.openstack.org/misc.html#module-swift.common.middleware.acl
>>
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20110405/ae592ae6/attachment-0001.html>

Reply | Threaded
Open this post in threaded view
|

failed to run the auth-server deamon for SAIO setup

Greg Holt
On Apr 5, 2011, at 9:03 AM, shashidhar v wrote:

> 2) How to create new accounts/users using the  admin "reseller" which was created using the script "recreateaccounts" of SAIO
>
> swift at test3:~/swift/trunk$ swauth-add-user -U reseller:reseller -K reseller -A http://192.168.62.63:8080/auth/v1.0 reseller user1 user1

This one was closest. The -A ADMIN_URL should be -A http://192.168.62.63:8080/auth/
I often forget too, but if you run swauth-add-user with no options it has an example for a reminder.

> 3) Is it possible  to enforce the storage limit for a non admin account/user in swift , if so how to set that storage limit for a user ? How to distribute the  available storage among different users ?

Swift currently does not have quota support (limiting how much space a user can use). It's on the list, but not yet on a specific roadmap. Here at Rackspace we just make sure to mount new hard drives faster than folks can upload. :)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20110405/0b06312b/attachment.html>