starred/s3fs-fuse
1
0
Fork 0
mirror of https://github.com/s3fs-fuse/s3fs-fuse.git synced 2026-04-25 05:16:00 +03:00
Code Issues 305 Projects Releases 5 Packages Wiki Activity

[GH-ISSUE #465] Mount fails on eu-central-1 hosting, again? #257

New issue
Closed
opened 2026-03-04 01:43:44 +03:00 by kerem · 24 comments
kerem commented 2026-03-04 01:43:44 +03:00
Owner
Copy link

Originally created by @FlashBlack on GitHub (Sep 7, 2016).
Original GitHub issue: https://github.com/s3fs-fuse/s3fs-fuse/issues/465

Hi there!

I can't mount my bucket based on eu-central-1 (Frankfurt).

Version:
1.8 (from master)
Run:
s3fs my-bucket-name ./files/ -o passwd_file=/root/.passwd-s3fs -d -d -f -o f2 -o curldbg
Log:

FUSE library version: 2.9.3
nullpath_ok: 0
nopath: 0
utime_omit_ok: 0
unique: 1, opcode: INIT (26), nodeid: 0, insize: 56, pid: 0
INIT: 7.23
flags=0x0003f7fb
max_readahead=0x00020000
* Hostname was NOT found in DNS cache
*   Trying IP...
* Connected to my-bucket-name.s3.amazonaws.com (IP) port 80 (#0)
> GET / HTTP/1.1
User-Agent: s3fs/1.80 (commit hash 6be3236; OpenSSL)
Accept: */*
Authorization: AWS4-HMAC-SHA256 Credential=AKIAJVZ5NXTDKIFNYDAA/20160907/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=66a8a4ec658f6699ffa6d71691c58520cec908e51abd4b82ecab1d220e494f16
host: my-bucket-name.s3.amazonaws.com
x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996f0cec908e51abd4b82ecab1d220e494f16b855
x-amz-date: 20160907T144622Z

< HTTP/1.1 400 Bad Request
< x-amz-bucket-region: eu-central-1
< x-amz-request-id: 321A26DD764DDFD2
< x-amz-id-2: 4fy4kKr0v3BcoeY2oBRv3pdD0WQ7HoWl4ojMEkIN40i8D3ZE2czDz5dmNxmnDosIr3Z/tZ1vibE=
< Content-Type: application/xml
< Transfer-Encoding: chunked
< Date: Wed, 07 Sep 2016 14:46:22 GMT
< Connection: close
* Server AmazonS3 is not blacklisted
< Server: AmazonS3
< 
* Closing connection 0
* Hostname was NOT found in DNS cache
*   Trying IP...
* Connected to my-bucket-name.s3-eu-central-1.amazonaws.com (IP) port 80 (#1)
> GET / HTTP/1.1
User-Agent: s3fs/1.80 (commit hash 6be3236; OpenSSL)
Accept: */*
Authorization: AWS4-HMAC-SHA256 Credential=AKIAJVZ5NXTDKIFNYDAA/20160907/eu-central-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=ac55398cd648e3c30f6a3ead9e679c79d146b9b6304ba310a10931d90c7144e4
host: my-bucket-name.s3-eu-central-1.amazonaws.com
x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996f0cec908e51abd4b82ecab1d220e494f16b855
x-amz-date: 20160907T144622Z

< HTTP/1.1 403 Forbidden
< x-amz-bucket-region: eu-central-1
< x-amz-request-id: F2E9E949EFD66F0F
< x-amz-id-2: /DzzVQwU4lkTFFTun7rGQIDtaArpZrRYLPoG87JjFT/HBR4G/y9RYLt6zPa0NJ+QKNJyyYIagic=
< Content-Type: application/xml
< Transfer-Encoding: chunked
< Date: Wed, 07 Sep 2016 14:46:22 GMT
* Server AmazonS3 is not blacklisted
< Server: AmazonS3
< 
* Connection #1 to host my-bucket-name.s3-eu-central-1.amazonaws.com left intact
* Found bundle for host my-bucket-name.s3-eu-central-1.amazonaws.com: 0x7fa7b013edd0
* Re-using existing connection! (#1) with host my-bucket-name.s3-eu-central-1.amazonaws.com
* Connected to my-bucket-name.s3-eu-central-1.amazonaws.com (IP) port 80 (#1)
> GET / HTTP/1.1
User-Agent: s3fs/1.80 (commit hash 6be3236; OpenSSL)
Host: my-bucket-name.s3-eu-central-1.amazonaws.com
Accept: */*
Authorization: AWS AKIAJVZ5NXTDKIFNYDAA:WpkwkbvHlMZAipeZ25OhurhqM5c=
Date: Wed, 07 Sep 2016 14:46:22 GMT

< HTTP/1.1 400 Bad Request
< x-amz-bucket-region: eu-central-1
< x-amz-request-id: 7091B8B10326484A
< x-amz-id-2: bXZ8Ei0jDQ56F8GfR3GmZPEPMm8x/F1nWqvmUGXOczFzMUq9XEupHWr08+tjBAhe2Z/4y/QRylE=
< x-amz-region: eu-central-1
< Content-Type: application/xml
< Transfer-Encoding: chunked
< Date: Wed, 07 Sep 2016 14:46:22 GMT
< Connection: close
* Server AmazonS3 is not blacklisted
< Server: AmazonS3
< 
* Closing connection 1
[CRT] s3fs.cpp:set_s3fs_log_level(254): change debug level from [CRT] to [INF] 
[CRT] s3fs.cpp:set_s3fs_log_level(254): change debug level from [INF] to [DBG] 
[INF]     s3fs.cpp:set_moutpoint_attribute(4180): PROC(uid=0, gid=0) - MountPoint(uid=0, gid=0, mode=40755)
[CRT] s3fs.cpp:s3fs_init(3359): init v1.80(commit:6be3236) with OpenSSL
[INF] s3fs.cpp:s3fs_check_service(3737): check services.
[INF]       curl.cpp:CheckBucket(2860): check a bucket.
[DBG] curl.cpp:GetHandler(272): Get handler from pool: 31
[INF]       curl.cpp:prepare_url(4175): URL is http://s3.amazonaws.com/my-bucket-name/
[INF]       curl.cpp:prepare_url(4207): URL changed is http://my-bucket-name.s3.amazonaws.com/
[INF]       curl.cpp:insertV4Headers(2237): computing signature [GET] [/] [] []
[INF]       curl.cpp:url_to_host(100): url is http://s3.amazonaws.com
[DBG] curl.cpp:RequestPerform(1893): connecting to URL http://my-bucket-name.s3.amazonaws.com/
[INF]       curl.cpp:RequestPerform(1922): HTTP response code 400 was returned, returning EIO.
[DBG] curl.cpp:RequestPerform(1923): Body Text: <?xml version="1.0" encoding="UTF-8"?>
<Error><Code>AuthorizationHeaderMalformed</Code><Message>The authorization header is malformed; the region 'us-east-1' is wrong; expecting 'eu-central-1'</Message><Region>eu-central-1</Region><RequestId>6DD76321A24DDFD2</RequestId><HostId>sY2oBRkIN4fy4kD0WQ7HdmEDz5r0v3BcoemnDoNxl4ojKoWczv3pdM40i8D3ZE2Ir3Z/tZ1vibE=</HostId></Error>
[ERR] curl.cpp:CheckBucket(2899): Check bucket failed, S3 response: <?xml version="1.0" encoding="UTF-8"?>
<Error><Code>AuthorizationHeaderMalformed</Code><Message>The authorization header is malformed; the region 'us-east-1' is wrong; expecting 'eu-central-1'</Message><Region>eu-central-1</Region><RequestId>6DD76321A24DDFD2</RequestId><HostId>sY2oBRkIN4fy4kD0WQ7HdmEDz5r0v3BcoemnDoNxl4ojKoWczv3pdM40i8D3ZE2Ir3Z/tZ1vibE=</HostId></Error>
[CRT] s3fs.cpp:s3fs_check_service(3758): Could not connect wrong region us-east-1, so retry to connect region eu-central-1.
[DBG] curl.cpp:ReturnHandler(295): Return handler to pool: 31
[INF]       curl.cpp:CheckBucket(2860): check a bucket.
[DBG] curl.cpp:GetHandler(272): Get handler from pool: 31
[INF]       curl.cpp:prepare_url(4175): URL is http://s3-eu-central-1.amazonaws.com/my-bucket-name/
[INF]       curl.cpp:prepare_url(4207): URL changed is http://my-bucket-name.s3-eu-central-1.amazonaws.com/
[INF]       curl.cpp:insertV4Headers(2237): computing signature [GET] [/] [] []
[INF]       curl.cpp:url_to_host(100): url is http://s3-eu-central-1.amazonaws.com
[DBG] curl.cpp:RequestPerform(1893): connecting to URL http://my-bucket-name.s3-eu-central-1.amazonaws.com/
[INF]       curl.cpp:RequestPerform(1927): HTTP response code 403 was returned, returning EPERM
[DBG] curl.cpp:RequestPerform(1928): Body Text: <?xml version="1.0" encoding="UTF-8"?>
<Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>949EF2E9EFD66F0F</RequestId><HostId>/DzTun7rwU4lDtaAzkTFoG8rpZrRYGQIVQFPL7JjFT/4HBRG/+QyyYIy9RYLt6KNJzPa0NJagic=</HostId></Error>
[ERR] curl.cpp:CheckBucket(2899): Check bucket failed, S3 response: <?xml version="1.0" encoding="UTF-8"?>
<Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>949EF2E9EFD66F0F</RequestId><HostId>/DzTun7rwU4lDtaAzkTFoG8rpZrRYGQIVQFPL7JjFT/4HBRG/+QyyYIy9RYLt6KNJzPa0NJagic=</HostId></Error>
[WAN] s3fs.cpp:s3fs_check_service(3778): Could not connect, so retry to connect by signature version 2.
[DBG] curl.cpp:ReturnHandler(295): Return handler to pool: 31
[INF]       curl.cpp:CheckBucket(2860): check a bucket.
[DBG] curl.cpp:GetHandler(272): Get handler from pool: 31
[INF]       curl.cpp:prepare_url(4175): URL is http://s3-eu-central-1.amazonaws.com/my-bucket-name/
[INF]       curl.cpp:prepare_url(4207): URL changed is http://my-bucket-name.s3-eu-central-1.amazonaws.com/
[DBG] curl.cpp:RequestPerform(1893): connecting to URL http://my-bucket-name.s3-eu-central-1.amazonaws.com/
[INF]       curl.cpp:RequestPerform(1922): HTTP   INIT: 7.19
   flags=0x00000011
   max_readahead=0x00020000
   max_write=0x00020000
   max_background=0
   congestion_threshold=0
   unique: 1, success, outsize: 40
 response code 400 was returned, returning EIO.
[DBG] curl.cpp:RequestPerform(1923): Body Text: <?xml version="1.0" encoding="UTF-8"?>
<Error><Code>InvalidRequest</Code><Message>The authorization mechanism you have provided is not supported. Please use AWS4-HMAC-SHA256.</Message><RequestId>7091B8B10326484A</RequestId><HostId>EF3GmZP8GfRbXZ8EPMm8x/+tjBAF1FzMUq9XnGXOczWqvmUEupHWr08he2Z/4y/QRylE=</HostId></Error>
[ERR] curl.cpp:CheckBucket(2899): Check bucket failed, S3 response: <?xml version="1.0" encoding="UTF-8"?>
<Error><Code>InvalidRequest</Code><Message>The authorization mechanism you have provided is not supported. Please use AWS4-HMAC-SHA256.</Message><RequestId>7091B8B10326484A</RequestId><HostId>EF3GmZP8GfRbXZ8EPMm8x/+tjBAF1FzMUq9XnGXOczWqvmUEupHWr08he2Z/4y/QRylE=</HostId></Error>
[CRT] s3fs.cpp:s3fs_check_service(3790): Bad Request - result of checking service.
[DBG] curl.cpp:ReturnHandler(295): Return handler to pool: 31
[ERR] s3fs.cpp:s3fs_exit_fuseloop(3349): Exiting FUSE event loop due to errors

[INF] s3fs.cpp:s3fs_destroy(3424): destroy
[WAN] s3fs.cpp:s3fs_destroy(3428): Could not release curl library.
Originally created by @FlashBlack on GitHub (Sep 7, 2016). Original GitHub issue: https://github.com/s3fs-fuse/s3fs-fuse/issues/465 Hi there! I can't mount my bucket based on eu-central-1 (Frankfurt). Version: 1.8 (from master) Run: `s3fs my-bucket-name ./files/ -o passwd_file=/root/.passwd-s3fs -d -d -f -o f2 -o curldbg` Log: ``` FUSE library version: 2.9.3 nullpath_ok: 0 nopath: 0 utime_omit_ok: 0 unique: 1, opcode: INIT (26), nodeid: 0, insize: 56, pid: 0 INIT: 7.23 flags=0x0003f7fb max_readahead=0x00020000 * Hostname was NOT found in DNS cache * Trying IP... * Connected to my-bucket-name.s3.amazonaws.com (IP) port 80 (#0) > GET / HTTP/1.1 User-Agent: s3fs/1.80 (commit hash 6be3236; OpenSSL) Accept: */* Authorization: AWS4-HMAC-SHA256 Credential=AKIAJVZ5NXTDKIFNYDAA/20160907/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=66a8a4ec658f6699ffa6d71691c58520cec908e51abd4b82ecab1d220e494f16 host: my-bucket-name.s3.amazonaws.com x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996f0cec908e51abd4b82ecab1d220e494f16b855 x-amz-date: 20160907T144622Z < HTTP/1.1 400 Bad Request < x-amz-bucket-region: eu-central-1 < x-amz-request-id: 321A26DD764DDFD2 < x-amz-id-2: 4fy4kKr0v3BcoeY2oBRv3pdD0WQ7HoWl4ojMEkIN40i8D3ZE2czDz5dmNxmnDosIr3Z/tZ1vibE= < Content-Type: application/xml < Transfer-Encoding: chunked < Date: Wed, 07 Sep 2016 14:46:22 GMT < Connection: close * Server AmazonS3 is not blacklisted < Server: AmazonS3 < * Closing connection 0 * Hostname was NOT found in DNS cache * Trying IP... * Connected to my-bucket-name.s3-eu-central-1.amazonaws.com (IP) port 80 (#1) > GET / HTTP/1.1 User-Agent: s3fs/1.80 (commit hash 6be3236; OpenSSL) Accept: */* Authorization: AWS4-HMAC-SHA256 Credential=AKIAJVZ5NXTDKIFNYDAA/20160907/eu-central-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=ac55398cd648e3c30f6a3ead9e679c79d146b9b6304ba310a10931d90c7144e4 host: my-bucket-name.s3-eu-central-1.amazonaws.com x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996f0cec908e51abd4b82ecab1d220e494f16b855 x-amz-date: 20160907T144622Z < HTTP/1.1 403 Forbidden < x-amz-bucket-region: eu-central-1 < x-amz-request-id: F2E9E949EFD66F0F < x-amz-id-2: /DzzVQwU4lkTFFTun7rGQIDtaArpZrRYLPoG87JjFT/HBR4G/y9RYLt6zPa0NJ+QKNJyyYIagic= < Content-Type: application/xml < Transfer-Encoding: chunked < Date: Wed, 07 Sep 2016 14:46:22 GMT * Server AmazonS3 is not blacklisted < Server: AmazonS3 < * Connection #1 to host my-bucket-name.s3-eu-central-1.amazonaws.com left intact * Found bundle for host my-bucket-name.s3-eu-central-1.amazonaws.com: 0x7fa7b013edd0 * Re-using existing connection! (#1) with host my-bucket-name.s3-eu-central-1.amazonaws.com * Connected to my-bucket-name.s3-eu-central-1.amazonaws.com (IP) port 80 (#1) > GET / HTTP/1.1 User-Agent: s3fs/1.80 (commit hash 6be3236; OpenSSL) Host: my-bucket-name.s3-eu-central-1.amazonaws.com Accept: */* Authorization: AWS AKIAJVZ5NXTDKIFNYDAA:WpkwkbvHlMZAipeZ25OhurhqM5c= Date: Wed, 07 Sep 2016 14:46:22 GMT < HTTP/1.1 400 Bad Request < x-amz-bucket-region: eu-central-1 < x-amz-request-id: 7091B8B10326484A < x-amz-id-2: bXZ8Ei0jDQ56F8GfR3GmZPEPMm8x/F1nWqvmUGXOczFzMUq9XEupHWr08+tjBAhe2Z/4y/QRylE= < x-amz-region: eu-central-1 < Content-Type: application/xml < Transfer-Encoding: chunked < Date: Wed, 07 Sep 2016 14:46:22 GMT < Connection: close * Server AmazonS3 is not blacklisted < Server: AmazonS3 < * Closing connection 1 [CRT] s3fs.cpp:set_s3fs_log_level(254): change debug level from [CRT] to [INF] [CRT] s3fs.cpp:set_s3fs_log_level(254): change debug level from [INF] to [DBG] [INF] s3fs.cpp:set_moutpoint_attribute(4180): PROC(uid=0, gid=0) - MountPoint(uid=0, gid=0, mode=40755) [CRT] s3fs.cpp:s3fs_init(3359): init v1.80(commit:6be3236) with OpenSSL [INF] s3fs.cpp:s3fs_check_service(3737): check services. [INF] curl.cpp:CheckBucket(2860): check a bucket. [DBG] curl.cpp:GetHandler(272): Get handler from pool: 31 [INF] curl.cpp:prepare_url(4175): URL is http://s3.amazonaws.com/my-bucket-name/ [INF] curl.cpp:prepare_url(4207): URL changed is http://my-bucket-name.s3.amazonaws.com/ [INF] curl.cpp:insertV4Headers(2237): computing signature [GET] [/] [] [] [INF] curl.cpp:url_to_host(100): url is http://s3.amazonaws.com [DBG] curl.cpp:RequestPerform(1893): connecting to URL http://my-bucket-name.s3.amazonaws.com/ [INF] curl.cpp:RequestPerform(1922): HTTP response code 400 was returned, returning EIO. [DBG] curl.cpp:RequestPerform(1923): Body Text: <?xml version="1.0" encoding="UTF-8"?> <Error><Code>AuthorizationHeaderMalformed</Code><Message>The authorization header is malformed; the region 'us-east-1' is wrong; expecting 'eu-central-1'</Message><Region>eu-central-1</Region><RequestId>6DD76321A24DDFD2</RequestId><HostId>sY2oBRkIN4fy4kD0WQ7HdmEDz5r0v3BcoemnDoNxl4ojKoWczv3pdM40i8D3ZE2Ir3Z/tZ1vibE=</HostId></Error> [ERR] curl.cpp:CheckBucket(2899): Check bucket failed, S3 response: <?xml version="1.0" encoding="UTF-8"?> <Error><Code>AuthorizationHeaderMalformed</Code><Message>The authorization header is malformed; the region 'us-east-1' is wrong; expecting 'eu-central-1'</Message><Region>eu-central-1</Region><RequestId>6DD76321A24DDFD2</RequestId><HostId>sY2oBRkIN4fy4kD0WQ7HdmEDz5r0v3BcoemnDoNxl4ojKoWczv3pdM40i8D3ZE2Ir3Z/tZ1vibE=</HostId></Error> [CRT] s3fs.cpp:s3fs_check_service(3758): Could not connect wrong region us-east-1, so retry to connect region eu-central-1. [DBG] curl.cpp:ReturnHandler(295): Return handler to pool: 31 [INF] curl.cpp:CheckBucket(2860): check a bucket. [DBG] curl.cpp:GetHandler(272): Get handler from pool: 31 [INF] curl.cpp:prepare_url(4175): URL is http://s3-eu-central-1.amazonaws.com/my-bucket-name/ [INF] curl.cpp:prepare_url(4207): URL changed is http://my-bucket-name.s3-eu-central-1.amazonaws.com/ [INF] curl.cpp:insertV4Headers(2237): computing signature [GET] [/] [] [] [INF] curl.cpp:url_to_host(100): url is http://s3-eu-central-1.amazonaws.com [DBG] curl.cpp:RequestPerform(1893): connecting to URL http://my-bucket-name.s3-eu-central-1.amazonaws.com/ [INF] curl.cpp:RequestPerform(1927): HTTP response code 403 was returned, returning EPERM [DBG] curl.cpp:RequestPerform(1928): Body Text: <?xml version="1.0" encoding="UTF-8"?> <Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>949EF2E9EFD66F0F</RequestId><HostId>/DzTun7rwU4lDtaAzkTFoG8rpZrRYGQIVQFPL7JjFT/4HBRG/+QyyYIy9RYLt6KNJzPa0NJagic=</HostId></Error> [ERR] curl.cpp:CheckBucket(2899): Check bucket failed, S3 response: <?xml version="1.0" encoding="UTF-8"?> <Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>949EF2E9EFD66F0F</RequestId><HostId>/DzTun7rwU4lDtaAzkTFoG8rpZrRYGQIVQFPL7JjFT/4HBRG/+QyyYIy9RYLt6KNJzPa0NJagic=</HostId></Error> [WAN] s3fs.cpp:s3fs_check_service(3778): Could not connect, so retry to connect by signature version 2. [DBG] curl.cpp:ReturnHandler(295): Return handler to pool: 31 [INF] curl.cpp:CheckBucket(2860): check a bucket. [DBG] curl.cpp:GetHandler(272): Get handler from pool: 31 [INF] curl.cpp:prepare_url(4175): URL is http://s3-eu-central-1.amazonaws.com/my-bucket-name/ [INF] curl.cpp:prepare_url(4207): URL changed is http://my-bucket-name.s3-eu-central-1.amazonaws.com/ [DBG] curl.cpp:RequestPerform(1893): connecting to URL http://my-bucket-name.s3-eu-central-1.amazonaws.com/ [INF] curl.cpp:RequestPerform(1922): HTTP INIT: 7.19 flags=0x00000011 max_readahead=0x00020000 max_write=0x00020000 max_background=0 congestion_threshold=0 unique: 1, success, outsize: 40 response code 400 was returned, returning EIO. [DBG] curl.cpp:RequestPerform(1923): Body Text: <?xml version="1.0" encoding="UTF-8"?> <Error><Code>InvalidRequest</Code><Message>The authorization mechanism you have provided is not supported. Please use AWS4-HMAC-SHA256.</Message><RequestId>7091B8B10326484A</RequestId><HostId>EF3GmZP8GfRbXZ8EPMm8x/+tjBAF1FzMUq9XnGXOczWqvmUEupHWr08he2Z/4y/QRylE=</HostId></Error> [ERR] curl.cpp:CheckBucket(2899): Check bucket failed, S3 response: <?xml version="1.0" encoding="UTF-8"?> <Error><Code>InvalidRequest</Code><Message>The authorization mechanism you have provided is not supported. Please use AWS4-HMAC-SHA256.</Message><RequestId>7091B8B10326484A</RequestId><HostId>EF3GmZP8GfRbXZ8EPMm8x/+tjBAF1FzMUq9XnGXOczWqvmUEupHWr08he2Z/4y/QRylE=</HostId></Error> [CRT] s3fs.cpp:s3fs_check_service(3790): Bad Request - result of checking service. [DBG] curl.cpp:ReturnHandler(295): Return handler to pool: 31 [ERR] s3fs.cpp:s3fs_exit_fuseloop(3349): Exiting FUSE event loop due to errors [INF] s3fs.cpp:s3fs_destroy(3424): destroy [WAN] s3fs.cpp:s3fs_destroy(3428): Could not release curl library. ```
kerem closed this issue 2026-03-04 01:43:44 +03:00
kerem commented 2026-03-04 01:43:45 +03:00
Author
Owner
Copy link

@bubblegum76 commented on GitHub (Oct 24, 2016):

Same problem :( CentOS 7, fuse 1.8, Frankfurt region.

<!-- gh-comment-id:255689247 --> @bubblegum76 commented on GitHub (Oct 24, 2016): Same problem :( CentOS 7, fuse 1.8, Frankfurt region.
kerem commented 2026-03-04 01:43:45 +03:00
Author
Owner
Copy link

@devopsraman commented on GitHub (Nov 1, 2016):

me also have same issue .
I am not able to mount s3 bucket eu-central-1 regions.
s3fs s3://tui-nexus-backups/ /mnt/s3mnt -o passwd_file=/root/.passwd-s3fs -d -d -f -o f2 -o curldbg
[CRT] s3fs.cpp:set_s3fs_log_level(253): change debug level from [CRT] to [INF]
[CRT] s3fs.cpp:set_s3fs_log_level(253): change debug level from [INF] to [DBG]
[INF] s3fs.cpp:set_moutpoint_attribute(4151): PROC(uid=0, gid=0) - MountPoint(uid=0, gid=0, mode=40777)
FUSE library version: 2.9.7
nullpath_ok: 0
nopath: 0
utime_omit_ok: 0
unique: 1, opcode: INIT (26), nodeid: 0, insize: 56, pid: 0
INIT: 7.14
flags=0x0000f07b
max_readahead=0x00020000
[CRT] s3fs.cpp:s3fs_init(3334): init v1.80(commit:unknown) with OpenSSL
[WAN] curl.cpp:InitShareCurl(483): curl_share_setopt(SSL SESSION) returns 1(Unknown share option), but continue without shared ssl session data.
[INF] s3fs.cpp:s3fs_check_service(3708): check services.
[INF] curl.cpp:CheckBucket(2860): check a bucket.
[DBG] curl.cpp:GetHandler(272): Get handler from pool: 31
[INF] curl.cpp:prepare_url(4175): URL is http://s3.amazonaws.com/s3//tui-nexus-backups/
[INF] curl.cpp:prepare_url(4207): URL changed is http://s3.s3.amazonaws.com/s3//tui-nexus-backups/.amazonaws.com/s3//tui-nexus-backups/
[INF] curl.cpp:insertV4Headers(2237): computing signature [GET] [//tui-nexus-backups/] [] []
[INF] curl.cpp:url_to_host(100): url is http://s3.amazonaws.com
[DBG] curl.cpp:RequestPerform(1893): connecting to URL http://s3.s3.amazonaws.com/s3//tui-nexus-backups/.amazonaws.com/s3//tui-nexus-backups/

  • About to connect() to proxy 10.169.237.43 port 8888 (#0)

  • Trying 10.169.237.43... * connected

  • Connected to 10.169.237.43 (10.169.237.43) port 8888 (#0)

    GET http://s3.s3.amazonaws.com/s3//tui-nexus-backups/.amazonaws.com/s3//tui-nexus-backups/ HTTP/1.1
    User-Agent: s3fs/1.80 (commit hash unknown; OpenSSL)
    Accept: /
    Proxy-Connection: Keep-Alive
    Authorization: AWS4-HMAC-SHA256 Credential=AKIAIXEMHQLBSPEM2OCQ/20161101/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=607779e289f60c4ed452f2b47cffc02ef7c31101ef8484df87b0c49059df9d8d
    host: s3.s3.amazonaws.com
    x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
    x-amz-date: 20161101T145517Z

  • HTTP 1.0, assume close after body
    < HTTP/1.0 403 Forbidden
    < x-amz-request-id: 6883F308769A0744
    < x-amz-id-2: dDzvzEiODilaISRkSJScBWpLZ9fEHQ6lZs9OV8J3dgFmeooUlaJEWxtcqM/9CH+dBdfCIw9/Owo=
    < Content-Type: application/xml
    < Date: Tue, 01 Nov 2016 14:55:20 GMT
    < Server: AmazonS3
    < X-Cache: MISS from ip-10-169-237-43
    < X-Cache-Lookup: MISS from ip-10-169-237-43:8888
    < Via: 1.0 ip-10-169-237-43 (squid/3.1.23)
    < Connection: close
    <

  • Closing connection #0
    [INF] curl.cpp:RequestPerform(1927): HTTP response code 403 was returned, returning EPERM
    [DBG] curl.cpp:RequestPerform(1928): Body Text:
    SignatureDoesNotMatchThe request signature we calculated does not match the signature you provided. Check your key and signing method.AKIAIXEMHQLBSPEM2OCQAWS4-HMAC-SHA256
    20161101T145517Z
    20161101/us-east-1/s3/aws4_request
    ee38912397e57ffb2e80af70efddeeb43b33cd5abfd9b8047501049df966ce1f607779e289f60c4ed452f2b47cffc02ef7c31101ef8484df87b0c49059df9d8d41 57 53 34 2d 48 4d 41 43 2d 53 48 41 32 35 36 0a 32 30 31 36 31 31 30 31 54 31 34 35 35 31 37 5a 0a 32 30 31 36 31 31 30 31 2f 75 73 2d 65 61 73 74 2d 31 2f 73 33 2f 61 77 73 34 5f 72 65 71 75 65 73 74 0a 65 65 33 38 39 31 32 33 39 37 65 35 37 66 66 62 32 65 38 30 61 66 37 30 65 66 64 64 65 65 62 34 33 62 33 33 63 64 35 61 62 66 64 39 62 38 30 34 37 35 30 31 30 34 39 64 66 39 36 36 63 65 31 66GET
    /s3//tui-nexus-backups/.amazonaws.com/s3//tui-nexus-backups/

host:s3.s3.amazonaws.com
x-amz-content-sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
x-amz-date:20161101T145517Z

host;x-amz-content-sha256;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b85547 45 54 0a 2f 73 33 2f 2f 74 75 69 2d 6e 65 78 75 73 2d 62 61 63 6b 75 70 73 2f 2e 61 6d 61 7a 6f 6e 61 77 73 2e 63 6f 6d 2f 73 33 2f 2f 74 75 69 2d 6e 65 78 75 73 2d 62 61 63 6b 75 70 73 2f 0a 0a 68 6f 73 74 3a 73 33 2e 73 33 2e 61 6d 61 7a 6f 6e 61 77 73 2e 63 6f 6d 0a 78 2d 61 6d 7a 2d 63 6f 6e 74 65 6e 74 2d 73 68 61 32 35 36 3a 65 33 62 30 63 34 34 32 39 38 66 63 31 63 31 34 39 61 66 62 66 34 63 38 39 39 36 66 62 39 32 34 32 37 61 65 34 31 65 34 36 34 39 62 39 33 34 63 61 34 39 35 39 39 31 62 37 38 35 32 62 38 35 35 0a 78 2d 61 6d 7a 2d 64 61 74 65 3a 32 30 31 36 31 31 30 31 54 31 34 35 35 31 37 5a 0a 0a 68 6f 73 74 3b 78 2d 61 6d 7a 2d 63 6f 6e 74 65 6e 74 2d 73 68 61 32 35 36 3b 78 2d 61 6d 7a 2d 64 61 74 65 0a 65 33 62 30 63 34 34 32 39 38 66 63 31 63 31 34 39 61 66 62 66 34 63 38 39 39 36 66 62 39 32 34 32 37 61 65 34 31 65 34 36 34 39 62 39 33 34 63 61 34 39 35 39 39 31 62 37 38 35 32 62 38 35 356883F308769A0744dDzvzEiODilaISRkSJScBWpLZ9fEHQ6lZs9OV8J3dgFmeooUlaJEWxtcqM/9CH+dBdfCIw9/Owo=
[ERR] curl.cpp:CheckBucket(2899): Check bucket failed, S3 response:
SignatureDoesNotMatchThe request signature we calculated does not match the signature you provided. Check your key and signing method.AKIAIXEMHQLBSPEM2OCQAWS4-HMAC-SHA256
20161101T145517Z
20161101/us-east-1/s3/aws4_request
ee38912397e57ffb2e80af70efddeeb43b33cd5abfd9b8047501049df966ce1f607779e289f60c4ed452f2b47cffc02ef7c31101ef8484df87b0c49059df9d8d41 57 53 34 2d 48 4d 41 43 2d 53 48 41 32 35 36 0a 32 30 31 36 31 31 30 31 54 31 34 35 35 31 37 5a 0a 32 30 31 36 31 31 30 31 2f 75 73 2d 65 61 73 74 2d 31 2f 73 33 2f 61 77 73 34 5f 72 65 71 75 65 73 74 0a 65 65 33 38 39 31 32 33 39 37 65 35 37 66 66 62 32 65 38 30 61 66 37 30 65 66 64 64 65 65 62 34 33 62 33 33 63 64 35 61 62 66 64 39 62 38 30 34 37 35 30 31 30 34 39 64 66 39 36 36 63 65 31 66GET
/s3//tui-nexus-backups/.amazonaws.com/s3//tui-nexus-backups/

host:s3.s3.amazonaws.com
x-amz-content-sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
x-amz-date:20161101T145517Z

host;x-amz-content-sha256;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b85547 45 54 0a 2f 73 33 2f 2f 74 75 69 2d 6e 65 78 75 73 2d 62 61 63 6b 75 70 73 2f 2e 61 6d 61 7a 6f 6e 61 77 73 2e 63 6f 6d 2f 73 33 2f 2f 74 75 69 2d 6e 65 78 75 73 2d 62 61 63 6b 75 70 73 2f 0a 0a 68 6f 73 74 3a 73 33 2e 73 33 2e 61 6d 61 7a 6f 6e 61 77 73 2e 63 6f 6d 0a 78 2d 61 6d 7a 2d 63 6f 6e 74 65 6e 74 2d 73 68 61 32 35 36 3a 65 33 62 30 63 34 34 32 39 38 66 63 31 63 31 34 39 61 66 62 66 34 63 38 39 39 36 66 62 39 32 34 32 37 61 65 34 31 65 34 36 34 39 62 39 33 34 63 61 34 39 35 39 39 31 62 37 38 35 32 62 38 35 35 0a 78 2d 61 6d 7a 2d 64 61 74 65 3a 32 30 31 36 31 31 30 31 54 31 34 35 35 31 37 5a 0a 0a 68 6f 73 74 3b 78 2d 61 6d 7a 2d 63 6f 6e 74 65 6e 74 2d 73 68 61 32 35 36 3b 78 2d 61 6d 7a 2d 64 61 74 65 0a 65 33 62 30 63 34 34 32 39 38 66 63 31 63 31 34 39 61 66 62 66 34 63 38 39 39 36 66 62 39 32 34 32 37 61 65 34 31 65 34 36 34 39 62 39 33 34 63 61 34 39 35 39 39 31 62 37 38 35 32 62 38 35 356883F308769A0744dDzvzEiODilaISRkSJScBWpLZ9fEHQ6lZs9OV8J3dgFmeooUlaJEWxtcqM/9CH+dBdfCIw9/Owo=
[WAN] s3fs.cpp:s3fs_check_service(3749): Could not connect, so retry to connect by signature version 2.
[DBG] curl.cpp:ReturnHandler(295): Return handler to pool: 31
[INF] curl.cpp:CheckBucket(2860): check a bucket.
[DBG] curl.cpp:GetHandler(272): Get handler from pool: 31
[INF] curl.cpp:prepare_url(4175): URL is http://s3.amazonaws.com/s3//tui-nexus-backups/
[INF] curl.cpp:prepare_url(4207): URL changed is http://s3.s3.amazonaws.com/s3//tui-nexus-backups/.amazonaws.com/s3//tui-nexus-backups/
[DBG] curl.cpp:RequestPerform(1893): connecting to URL http://s3.s3.amazonaws.com/s3//tui-nexus-backups/.amazonaws.com/s3//tui-nexus-backups/

  • About to connect() to proxy 10.169.237.43 port 8888 (#0)

  • Trying 10.169.237.43... * connected

  • Connected to 10.169.237.43 (10.169.237.43) port 8888 (#0)

    GET http://s3.s3.amazonaws.com/s3//tui-nexus-backups/.amazonaws.com/s3//tui-nexus-backups/ HTTP/1.1
    User-Agent: s3fs/1.80 (commit hash unknown; OpenSSL)
    Host: s3.s3.amazonaws.com
    Accept: /
    Proxy-Connection: Keep-Alive
    Authorization: AWS AKIAIXEMHQLBSPEM2OCQ:ggU0G4cXp8mNAqCuArzD3dEILgQ=
    Date: Tue, 01 Nov 2016 14:55:17 GMT

  • HTTP 1.0, assume close after body
    < HTTP/1.0 403 Forbidden
    < x-amz-request-id: ED56F36ACBDEB44C
    < x-amz-id-2: bCUDQ17PSadNIPQi7fhxWS42JPL+D1qowOsqvrPfaIncf+jbVYABUMEEpWjUYHLnHTzk9E2ppzo=
    < Content-Type: application/xml
    < Date: Tue, 01 Nov 2016 14:55:20 GMT
    < Server: AmazonS3
    < X-Cache: MISS from ip-10-169-237-43
    < X-Cache-Lookup: MISS from ip-10-169-237-43:8888
    < Via: 1.0 ip-10-169-237-43 (squid/3.1.23)
    < Connection: close
    <

  • Closing connection #0
    [INF] curl.cpp:RequestPerform(1927): HTTP response code 403 was returned, returning EPERM
    [DBG] curl.cpp:RequestPerform(1928): Body Text:
    SignatureDoesNotMatchThe request signature we calculated does not match the signature you provided. Check your key and signing method.AKIAIXEMHQLBSPEM2OCQGET

Tue, 01 Nov 2016 14:55:17 GMT
/s3/s3//tui-nexus-backups/.amazonaws.com/s3//tui-nexus-backups/ggU0G4cXp8mNAqCuArzD3dEILgQ=47 45 54 0a 0a 0a 54 75 65 2c 20 30 31 20 4e 6f 76 20 32 30 31 36 20 31 34 3a 35 35 3a 31 37 20 47 4d 54 0a 2f 73 33 2f 73 33 2f 2f 74 75 69 2d 6e 65 78 75 73 2d 62 61 63 6b 75 70 73 2f 2e 61 6d 61 7a 6f 6e 61 77 73 2e 63 6f 6d 2f 73 33 2f 2f 74 75 69 2d 6e 65 78 75 73 2d 62 61 63 6b 75 70 73 2fED56F36ACBDEB44CbCUDQ17PSadNIPQi7fhxWS42JPL+D1qowOsqvrPfaIncf+jbVYABUMEEpWjUYHLnHTzk9E2ppzo=
[ERR] curl.cpp:CheckBucket(2899): Check bucket failed, S3 response:
SignatureDoesNotMatchThe request signature we calculated does not match the signature you provided. Check your key and signing method.AKIAIXEMHQLBSPEM2OCQGET

Tue, 01 Nov 2016 14:55:17 GMT
/s3/s3//tui-nexus-backups/.amazonaws.com/s3//tui-nexus-backups/ggU0G4cXp8mNAqCuArzD3dEILgQ=47 45 54 0a 0a 0a 54 75 65 2c 20 30 31 20 4e 6f 76 20 32 30 31 36 20 31 34 3a 35 35 3a 31 37 20 47 4d 54 0a 2f 73 33 2f 73 33 2f 2f 74 75 69 2d 6e 65 78 75 73 2d 62 61 63 6b 75 70 73 2f 2e 61 6d 61 7a 6f 6e 61 77 73 2e 63 6f 6d 2f 73 33 2f 2f 74 75 69 2d 6e 65 78 75 73 2d 62 61 63 6b 75 70 73 2fED56F36ACBDEB44CbCUDQ17PSadNIPQi7fhxWS42JPL+D1qowOsqvrPfaIncf+jbVYABUMEEpWjUYHLnHTzk9E2ppzo=
[CRT] s3fs.cpp:s3fs_check_service(3765): invalid credentials - result of checking service.
[DBG] curl.cpp:ReturnHandler(295): Return handler to pool: 31
[ERR] s3fs.cpp:s3fs_exit_fuseloop(3324): Exiting FUSE event loop due to errors

INIT: 7.19
flags=0x00000011
max_readahead=0x00020000
max_write=0x00020000
max_background=0
congestion_threshold=0
unique: 1, success, outsize: 40
[INF] s3fs.cpp:s3fs_destroy(3395): destroy
[WAN] s3fs.cpp:s3fs_destroy(3399): Could not release curl library.

<!-- gh-comment-id:257588486 --> @devopsraman commented on GitHub (Nov 1, 2016): me also have same issue . I am not able to mount s3 bucket eu-central-1 regions. s3fs s3://tui-nexus-backups/ /mnt/s3mnt -o passwd_file=/root/.passwd-s3fs -d -d -f -o f2 -o curldbg [CRT] s3fs.cpp:set_s3fs_log_level(253): change debug level from [CRT] to [INF] [CRT] s3fs.cpp:set_s3fs_log_level(253): change debug level from [INF] to [DBG] [INF] s3fs.cpp:set_moutpoint_attribute(4151): PROC(uid=0, gid=0) - MountPoint(uid=0, gid=0, mode=40777) FUSE library version: 2.9.7 nullpath_ok: 0 nopath: 0 utime_omit_ok: 0 unique: 1, opcode: INIT (26), nodeid: 0, insize: 56, pid: 0 INIT: 7.14 flags=0x0000f07b max_readahead=0x00020000 [CRT] s3fs.cpp:s3fs_init(3334): init v1.80(commit:unknown) with OpenSSL [WAN] curl.cpp:InitShareCurl(483): curl_share_setopt(SSL SESSION) returns 1(Unknown share option), but continue without shared ssl session data. [INF] s3fs.cpp:s3fs_check_service(3708): check services. [INF] curl.cpp:CheckBucket(2860): check a bucket. [DBG] curl.cpp:GetHandler(272): Get handler from pool: 31 [INF] curl.cpp:prepare_url(4175): URL is http://s3.amazonaws.com/s3//tui-nexus-backups/ [INF] curl.cpp:prepare_url(4207): URL changed is http://s3.s3.amazonaws.com/s3//tui-nexus-backups/.amazonaws.com/s3//tui-nexus-backups/ [INF] curl.cpp:insertV4Headers(2237): computing signature [GET] [//tui-nexus-backups/] [] [] [INF] curl.cpp:url_to_host(100): url is http://s3.amazonaws.com [DBG] curl.cpp:RequestPerform(1893): connecting to URL http://s3.s3.amazonaws.com/s3//tui-nexus-backups/.amazonaws.com/s3//tui-nexus-backups/ - About to connect() to proxy 10.169.237.43 port 8888 (#0) - Trying 10.169.237.43... \* connected - Connected to 10.169.237.43 (10.169.237.43) port 8888 (#0) > GET http://s3.s3.amazonaws.com/s3//tui-nexus-backups/.amazonaws.com/s3//tui-nexus-backups/ HTTP/1.1 > User-Agent: s3fs/1.80 (commit hash unknown; OpenSSL) > Accept: _/_ > Proxy-Connection: Keep-Alive > Authorization: AWS4-HMAC-SHA256 Credential=AKIAIXEMHQLBSPEM2OCQ/20161101/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=607779e289f60c4ed452f2b47cffc02ef7c31101ef8484df87b0c49059df9d8d > host: s3.s3.amazonaws.com > x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 > x-amz-date: 20161101T145517Z - HTTP 1.0, assume close after body < HTTP/1.0 403 Forbidden < x-amz-request-id: 6883F308769A0744 < x-amz-id-2: dDzvzEiODilaISRkSJScBWpLZ9fEHQ6lZs9OV8J3dgFmeooUlaJEWxtcqM/9CH+dBdfCIw9/Owo= < Content-Type: application/xml < Date: Tue, 01 Nov 2016 14:55:20 GMT < Server: AmazonS3 < X-Cache: MISS from ip-10-169-237-43 < X-Cache-Lookup: MISS from ip-10-169-237-43:8888 < Via: 1.0 ip-10-169-237-43 (squid/3.1.23) < Connection: close < - Closing connection #0 [INF] curl.cpp:RequestPerform(1927): HTTP response code 403 was returned, returning EPERM [DBG] curl.cpp:RequestPerform(1928): Body Text: <?xml version="1.0" encoding="UTF-8"?> <Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message><AWSAccessKeyId>AKIAIXEMHQLBSPEM2OCQ</AWSAccessKeyId><StringToSign>AWS4-HMAC-SHA256 20161101T145517Z 20161101/us-east-1/s3/aws4_request ee38912397e57ffb2e80af70efddeeb43b33cd5abfd9b8047501049df966ce1f</StringToSign><SignatureProvided>607779e289f60c4ed452f2b47cffc02ef7c31101ef8484df87b0c49059df9d8d</SignatureProvided><StringToSignBytes>41 57 53 34 2d 48 4d 41 43 2d 53 48 41 32 35 36 0a 32 30 31 36 31 31 30 31 54 31 34 35 35 31 37 5a 0a 32 30 31 36 31 31 30 31 2f 75 73 2d 65 61 73 74 2d 31 2f 73 33 2f 61 77 73 34 5f 72 65 71 75 65 73 74 0a 65 65 33 38 39 31 32 33 39 37 65 35 37 66 66 62 32 65 38 30 61 66 37 30 65 66 64 64 65 65 62 34 33 62 33 33 63 64 35 61 62 66 64 39 62 38 30 34 37 35 30 31 30 34 39 64 66 39 36 36 63 65 31 66</StringToSignBytes><CanonicalRequest>GET /s3//tui-nexus-backups/.amazonaws.com/s3//tui-nexus-backups/ host:s3.s3.amazonaws.com x-amz-content-sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 x-amz-date:20161101T145517Z host;x-amz-content-sha256;x-amz-date e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855</CanonicalRequest><CanonicalRequestBytes>47 45 54 0a 2f 73 33 2f 2f 74 75 69 2d 6e 65 78 75 73 2d 62 61 63 6b 75 70 73 2f 2e 61 6d 61 7a 6f 6e 61 77 73 2e 63 6f 6d 2f 73 33 2f 2f 74 75 69 2d 6e 65 78 75 73 2d 62 61 63 6b 75 70 73 2f 0a 0a 68 6f 73 74 3a 73 33 2e 73 33 2e 61 6d 61 7a 6f 6e 61 77 73 2e 63 6f 6d 0a 78 2d 61 6d 7a 2d 63 6f 6e 74 65 6e 74 2d 73 68 61 32 35 36 3a 65 33 62 30 63 34 34 32 39 38 66 63 31 63 31 34 39 61 66 62 66 34 63 38 39 39 36 66 62 39 32 34 32 37 61 65 34 31 65 34 36 34 39 62 39 33 34 63 61 34 39 35 39 39 31 62 37 38 35 32 62 38 35 35 0a 78 2d 61 6d 7a 2d 64 61 74 65 3a 32 30 31 36 31 31 30 31 54 31 34 35 35 31 37 5a 0a 0a 68 6f 73 74 3b 78 2d 61 6d 7a 2d 63 6f 6e 74 65 6e 74 2d 73 68 61 32 35 36 3b 78 2d 61 6d 7a 2d 64 61 74 65 0a 65 33 62 30 63 34 34 32 39 38 66 63 31 63 31 34 39 61 66 62 66 34 63 38 39 39 36 66 62 39 32 34 32 37 61 65 34 31 65 34 36 34 39 62 39 33 34 63 61 34 39 35 39 39 31 62 37 38 35 32 62 38 35 35</CanonicalRequestBytes><RequestId>6883F308769A0744</RequestId><HostId>dDzvzEiODilaISRkSJScBWpLZ9fEHQ6lZs9OV8J3dgFmeooUlaJEWxtcqM/9CH+dBdfCIw9/Owo=</HostId></Error> [ERR] curl.cpp:CheckBucket(2899): Check bucket failed, S3 response: <?xml version="1.0" encoding="UTF-8"?> <Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message><AWSAccessKeyId>AKIAIXEMHQLBSPEM2OCQ</AWSAccessKeyId><StringToSign>AWS4-HMAC-SHA256 20161101T145517Z 20161101/us-east-1/s3/aws4_request ee38912397e57ffb2e80af70efddeeb43b33cd5abfd9b8047501049df966ce1f</StringToSign><SignatureProvided>607779e289f60c4ed452f2b47cffc02ef7c31101ef8484df87b0c49059df9d8d</SignatureProvided><StringToSignBytes>41 57 53 34 2d 48 4d 41 43 2d 53 48 41 32 35 36 0a 32 30 31 36 31 31 30 31 54 31 34 35 35 31 37 5a 0a 32 30 31 36 31 31 30 31 2f 75 73 2d 65 61 73 74 2d 31 2f 73 33 2f 61 77 73 34 5f 72 65 71 75 65 73 74 0a 65 65 33 38 39 31 32 33 39 37 65 35 37 66 66 62 32 65 38 30 61 66 37 30 65 66 64 64 65 65 62 34 33 62 33 33 63 64 35 61 62 66 64 39 62 38 30 34 37 35 30 31 30 34 39 64 66 39 36 36 63 65 31 66</StringToSignBytes><CanonicalRequest>GET /s3//tui-nexus-backups/.amazonaws.com/s3//tui-nexus-backups/ host:s3.s3.amazonaws.com x-amz-content-sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 x-amz-date:20161101T145517Z host;x-amz-content-sha256;x-amz-date e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855</CanonicalRequest><CanonicalRequestBytes>47 45 54 0a 2f 73 33 2f 2f 74 75 69 2d 6e 65 78 75 73 2d 62 61 63 6b 75 70 73 2f 2e 61 6d 61 7a 6f 6e 61 77 73 2e 63 6f 6d 2f 73 33 2f 2f 74 75 69 2d 6e 65 78 75 73 2d 62 61 63 6b 75 70 73 2f 0a 0a 68 6f 73 74 3a 73 33 2e 73 33 2e 61 6d 61 7a 6f 6e 61 77 73 2e 63 6f 6d 0a 78 2d 61 6d 7a 2d 63 6f 6e 74 65 6e 74 2d 73 68 61 32 35 36 3a 65 33 62 30 63 34 34 32 39 38 66 63 31 63 31 34 39 61 66 62 66 34 63 38 39 39 36 66 62 39 32 34 32 37 61 65 34 31 65 34 36 34 39 62 39 33 34 63 61 34 39 35 39 39 31 62 37 38 35 32 62 38 35 35 0a 78 2d 61 6d 7a 2d 64 61 74 65 3a 32 30 31 36 31 31 30 31 54 31 34 35 35 31 37 5a 0a 0a 68 6f 73 74 3b 78 2d 61 6d 7a 2d 63 6f 6e 74 65 6e 74 2d 73 68 61 32 35 36 3b 78 2d 61 6d 7a 2d 64 61 74 65 0a 65 33 62 30 63 34 34 32 39 38 66 63 31 63 31 34 39 61 66 62 66 34 63 38 39 39 36 66 62 39 32 34 32 37 61 65 34 31 65 34 36 34 39 62 39 33 34 63 61 34 39 35 39 39 31 62 37 38 35 32 62 38 35 35</CanonicalRequestBytes><RequestId>6883F308769A0744</RequestId><HostId>dDzvzEiODilaISRkSJScBWpLZ9fEHQ6lZs9OV8J3dgFmeooUlaJEWxtcqM/9CH+dBdfCIw9/Owo=</HostId></Error> [WAN] s3fs.cpp:s3fs_check_service(3749): Could not connect, so retry to connect by signature version 2. [DBG] curl.cpp:ReturnHandler(295): Return handler to pool: 31 [INF] curl.cpp:CheckBucket(2860): check a bucket. [DBG] curl.cpp:GetHandler(272): Get handler from pool: 31 [INF] curl.cpp:prepare_url(4175): URL is http://s3.amazonaws.com/s3//tui-nexus-backups/ [INF] curl.cpp:prepare_url(4207): URL changed is http://s3.s3.amazonaws.com/s3//tui-nexus-backups/.amazonaws.com/s3//tui-nexus-backups/ [DBG] curl.cpp:RequestPerform(1893): connecting to URL http://s3.s3.amazonaws.com/s3//tui-nexus-backups/.amazonaws.com/s3//tui-nexus-backups/ - About to connect() to proxy 10.169.237.43 port 8888 (#0) - Trying 10.169.237.43... \* connected - Connected to 10.169.237.43 (10.169.237.43) port 8888 (#0) > GET http://s3.s3.amazonaws.com/s3//tui-nexus-backups/.amazonaws.com/s3//tui-nexus-backups/ HTTP/1.1 > User-Agent: s3fs/1.80 (commit hash unknown; OpenSSL) > Host: s3.s3.amazonaws.com > Accept: _/_ > Proxy-Connection: Keep-Alive > Authorization: AWS AKIAIXEMHQLBSPEM2OCQ:ggU0G4cXp8mNAqCuArzD3dEILgQ= > Date: Tue, 01 Nov 2016 14:55:17 GMT - HTTP 1.0, assume close after body < HTTP/1.0 403 Forbidden < x-amz-request-id: ED56F36ACBDEB44C < x-amz-id-2: bCUDQ17PSadNIPQi7fhxWS42JPL+D1qowOsqvrPfaIncf+jbVYABUMEEpWjUYHLnHTzk9E2ppzo= < Content-Type: application/xml < Date: Tue, 01 Nov 2016 14:55:20 GMT < Server: AmazonS3 < X-Cache: MISS from ip-10-169-237-43 < X-Cache-Lookup: MISS from ip-10-169-237-43:8888 < Via: 1.0 ip-10-169-237-43 (squid/3.1.23) < Connection: close < - Closing connection #0 [INF] curl.cpp:RequestPerform(1927): HTTP response code 403 was returned, returning EPERM [DBG] curl.cpp:RequestPerform(1928): Body Text: <?xml version="1.0" encoding="UTF-8"?> <Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message><AWSAccessKeyId>AKIAIXEMHQLBSPEM2OCQ</AWSAccessKeyId><StringToSign>GET Tue, 01 Nov 2016 14:55:17 GMT /s3/s3//tui-nexus-backups/.amazonaws.com/s3//tui-nexus-backups/</StringToSign><SignatureProvided>ggU0G4cXp8mNAqCuArzD3dEILgQ=</SignatureProvided><StringToSignBytes>47 45 54 0a 0a 0a 54 75 65 2c 20 30 31 20 4e 6f 76 20 32 30 31 36 20 31 34 3a 35 35 3a 31 37 20 47 4d 54 0a 2f 73 33 2f 73 33 2f 2f 74 75 69 2d 6e 65 78 75 73 2d 62 61 63 6b 75 70 73 2f 2e 61 6d 61 7a 6f 6e 61 77 73 2e 63 6f 6d 2f 73 33 2f 2f 74 75 69 2d 6e 65 78 75 73 2d 62 61 63 6b 75 70 73 2f</StringToSignBytes><RequestId>ED56F36ACBDEB44C</RequestId><HostId>bCUDQ17PSadNIPQi7fhxWS42JPL+D1qowOsqvrPfaIncf+jbVYABUMEEpWjUYHLnHTzk9E2ppzo=</HostId></Error> [ERR] curl.cpp:CheckBucket(2899): Check bucket failed, S3 response: <?xml version="1.0" encoding="UTF-8"?> <Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message><AWSAccessKeyId>AKIAIXEMHQLBSPEM2OCQ</AWSAccessKeyId><StringToSign>GET Tue, 01 Nov 2016 14:55:17 GMT /s3/s3//tui-nexus-backups/.amazonaws.com/s3//tui-nexus-backups/</StringToSign><SignatureProvided>ggU0G4cXp8mNAqCuArzD3dEILgQ=</SignatureProvided><StringToSignBytes>47 45 54 0a 0a 0a 54 75 65 2c 20 30 31 20 4e 6f 76 20 32 30 31 36 20 31 34 3a 35 35 3a 31 37 20 47 4d 54 0a 2f 73 33 2f 73 33 2f 2f 74 75 69 2d 6e 65 78 75 73 2d 62 61 63 6b 75 70 73 2f 2e 61 6d 61 7a 6f 6e 61 77 73 2e 63 6f 6d 2f 73 33 2f 2f 74 75 69 2d 6e 65 78 75 73 2d 62 61 63 6b 75 70 73 2f</StringToSignBytes><RequestId>ED56F36ACBDEB44C</RequestId><HostId>bCUDQ17PSadNIPQi7fhxWS42JPL+D1qowOsqvrPfaIncf+jbVYABUMEEpWjUYHLnHTzk9E2ppzo=</HostId></Error> [CRT] s3fs.cpp:s3fs_check_service(3765): invalid credentials - result of checking service. [DBG] curl.cpp:ReturnHandler(295): Return handler to pool: 31 [ERR] s3fs.cpp:s3fs_exit_fuseloop(3324): Exiting FUSE event loop due to errors INIT: 7.19 flags=0x00000011 max_readahead=0x00020000 max_write=0x00020000 max_background=0 congestion_threshold=0 unique: 1, success, outsize: 40 [INF] s3fs.cpp:s3fs_destroy(3395): destroy [WAN] s3fs.cpp:s3fs_destroy(3399): Could not release curl library.
kerem commented 2026-03-04 01:43:45 +03:00
Author
Owner
Copy link

@rikkouri commented on GitHub (Nov 29, 2016):

Bump. Same issue here.

$> s3fs s3://xxxxxxxxxxxxx/ data/ -o passwd_file=~/.xxxx/s3fs-credentials  -d -d -f -o f2 -o curldbg
[CRT] s3fs.cpp:set_s3fs_log_level(254): change debug level from [CRT] to [INF] 
[CRT] s3fs.cpp:set_s3fs_log_level(254): change debug level from [INF] to [DBG] 
[INF]     s3fs.cpp:set_mountpoint_attribute(4196): PROC(uid=500, gid=500) - MountPoint(uid=48, gid=48, mode=40775)
FUSE library version: 2.9.4
nullpath_ok: 0
nopath: 0
utime_omit_ok: 0
unique: 1, opcode: INIT (26), nodeid: 0, insize: 56, pid: 0
INIT: 7.23
flags=0x0003fffb
max_readahead=0x00020000
[CRT] s3fs.cpp:s3fs_init(3375): init v1.80(commit:8a11d7b) with OpenSSL
[INF] s3fs.cpp:s3fs_check_service(3753): check services.
[INF]       curl.cpp:CheckBucket(2883): check a bucket.
[DBG] curl.cpp:GetHandler(272): Get handler from pool: 31
[INF]       curl.cpp:prepare_url(4199): URL is http://s3.amazonaws.com/s3//xxxxxxxxxxxxx/
[INF]       curl.cpp:prepare_url(4231): URL changed is http://s3.s3.amazonaws.com/s3//gxxxxxxxxx/.amazonaws.com/s3//xxxxxxxxxxx/
[INF]       curl.cpp:insertV4Headers(2260): computing signature [GET] [//xxxxxxxxxxxxx/] [] []
[INF]       curl.cpp:url_to_host(100): url is http://s3.amazonaws.com
[DBG] curl.cpp:RequestPerform(1916): connecting to URL http://s3.s3.amazonaws.com/s3//xxxxxxxxxxxxxx/.amazonaws.com/s3//xxxxxxxxxxxxxxxxxx/
*   Trying 52.216.0.152...
* Connected to s3.s3.amazonaws.com (52.216.0.152) port 80 (#0)
> GET /s3//xxxxxxxxxxxxxx/.amazonaws.com/s3//xxxxxxxxxxxxxxxxxxx/ HTTP/1.1
host: s3.s3.amazonaws.com
User-Agent: s3fs/1.80 (commit hash 8a11d7b; OpenSSL)
Accept: */*
Authorization: AWS4-HMAC-SHA256 Credential=AxxxxxxxxxxxxxxxxxxQ/20161129/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=d522bd647f16cadbeeadef21fa9b2693488f5d8336a85231585f563ebe168ebe
x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
x-amz-date: 20161129T100003Z

< HTTP/1.1 403 Forbidden
< x-amz-request-id: B91C15261A89DCAA
< x-amz-id-2: 1Uwxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx843QGk+SAhddamCx3Mr+OQdl9DFs=
< Content-Type: application/xml
< Transfer-Encoding: chunked
< Date: Tue, 29 Nov 2016 10:00:02 GMT
< Server: AmazonS3
< 
* Connection #0 to host s3.s3.amazonaws.com left intact
[INF]       curl.cpp:RequestPerform(1950): HTTP response code 403 was returned, returning EPERM
[DBG] curl.cpp:RequestPerform(1951): Body Text: <?xml version="1.0" encoding="UTF-8"?>
<Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message><AWSAccessKeyId>AKIxxxxxxxxxxWQ</AWSAccessKeyId><StringToSign>AWS4-HMAC-SHA256
20161129T100003Z
20161129/us-east-1/s3/aws4_request
<!-- gh-comment-id:263528334 --> @rikkouri commented on GitHub (Nov 29, 2016): Bump. Same issue here. ``` $> s3fs s3://xxxxxxxxxxxxx/ data/ -o passwd_file=~/.xxxx/s3fs-credentials -d -d -f -o f2 -o curldbg [CRT] s3fs.cpp:set_s3fs_log_level(254): change debug level from [CRT] to [INF] [CRT] s3fs.cpp:set_s3fs_log_level(254): change debug level from [INF] to [DBG] [INF] s3fs.cpp:set_mountpoint_attribute(4196): PROC(uid=500, gid=500) - MountPoint(uid=48, gid=48, mode=40775) FUSE library version: 2.9.4 nullpath_ok: 0 nopath: 0 utime_omit_ok: 0 unique: 1, opcode: INIT (26), nodeid: 0, insize: 56, pid: 0 INIT: 7.23 flags=0x0003fffb max_readahead=0x00020000 [CRT] s3fs.cpp:s3fs_init(3375): init v1.80(commit:8a11d7b) with OpenSSL [INF] s3fs.cpp:s3fs_check_service(3753): check services. [INF] curl.cpp:CheckBucket(2883): check a bucket. [DBG] curl.cpp:GetHandler(272): Get handler from pool: 31 [INF] curl.cpp:prepare_url(4199): URL is http://s3.amazonaws.com/s3//xxxxxxxxxxxxx/ [INF] curl.cpp:prepare_url(4231): URL changed is http://s3.s3.amazonaws.com/s3//gxxxxxxxxx/.amazonaws.com/s3//xxxxxxxxxxx/ [INF] curl.cpp:insertV4Headers(2260): computing signature [GET] [//xxxxxxxxxxxxx/] [] [] [INF] curl.cpp:url_to_host(100): url is http://s3.amazonaws.com [DBG] curl.cpp:RequestPerform(1916): connecting to URL http://s3.s3.amazonaws.com/s3//xxxxxxxxxxxxxx/.amazonaws.com/s3//xxxxxxxxxxxxxxxxxx/ * Trying 52.216.0.152... * Connected to s3.s3.amazonaws.com (52.216.0.152) port 80 (#0) > GET /s3//xxxxxxxxxxxxxx/.amazonaws.com/s3//xxxxxxxxxxxxxxxxxxx/ HTTP/1.1 host: s3.s3.amazonaws.com User-Agent: s3fs/1.80 (commit hash 8a11d7b; OpenSSL) Accept: */* Authorization: AWS4-HMAC-SHA256 Credential=AxxxxxxxxxxxxxxxxxxQ/20161129/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=d522bd647f16cadbeeadef21fa9b2693488f5d8336a85231585f563ebe168ebe x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 x-amz-date: 20161129T100003Z < HTTP/1.1 403 Forbidden < x-amz-request-id: B91C15261A89DCAA < x-amz-id-2: 1Uwxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx843QGk+SAhddamCx3Mr+OQdl9DFs= < Content-Type: application/xml < Transfer-Encoding: chunked < Date: Tue, 29 Nov 2016 10:00:02 GMT < Server: AmazonS3 < * Connection #0 to host s3.s3.amazonaws.com left intact [INF] curl.cpp:RequestPerform(1950): HTTP response code 403 was returned, returning EPERM [DBG] curl.cpp:RequestPerform(1951): Body Text: <?xml version="1.0" encoding="UTF-8"?> <Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message><AWSAccessKeyId>AKIxxxxxxxxxxWQ</AWSAccessKeyId><StringToSign>AWS4-HMAC-SHA256 20161129T100003Z 20161129/us-east-1/s3/aws4_request ```
kerem commented 2026-03-04 01:43:45 +03:00
Author
Owner
Copy link

@rikkouri commented on GitHub (Nov 29, 2016):

Work around:
Mounting the s3 bucket in the fstab seems to still work fine:

s3fs#xxxxxxxxxx /yyyyyyyy fuse _netdev,allow_other,passwd_file=/root/.s3fs-credentials 0 0

$> df
Filesystem        1K-blocks    Used    Available Use% Mounted on
devtmpfs             498772      56       498716   1% /dev
tmpfs                509664       0       509664   0% /dev/shm
/dev/xvda1         12252316 1628504     10523564  14% /
s3fs           274877906944       0 274877906944   0% /var/www/html/data
<!-- gh-comment-id:263529968 --> @rikkouri commented on GitHub (Nov 29, 2016): Work around: Mounting the s3 bucket in the fstab seems to still work fine: ``` s3fs#xxxxxxxxxx /yyyyyyyy fuse _netdev,allow_other,passwd_file=/root/.s3fs-credentials 0 0 ``` ``` $> df Filesystem 1K-blocks Used Available Use% Mounted on devtmpfs 498772 56 498716 1% /dev tmpfs 509664 0 509664 0% /dev/shm /dev/xvda1 12252316 1628504 10523564 14% / s3fs 274877906944 0 274877906944 0% /var/www/html/data ```
kerem commented 2026-03-04 01:43:45 +03:00
Author
Owner
Copy link

@DenisBY commented on GitHub (Feb 10, 2017):

Workaround doesn't work for me. Same problem.

<!-- gh-comment-id:278946866 --> @DenisBY commented on GitHub (Feb 10, 2017): Workaround doesn't work for me. Same problem.
kerem commented 2026-03-04 01:43:45 +03:00
Author
Owner
Copy link

@PolGuixe commented on GitHub (Mar 6, 2017):

Has anyone found a solution? I am still hitting this issue.

<!-- gh-comment-id:284545801 --> @PolGuixe commented on GitHub (Mar 6, 2017): Has anyone found a solution? I am still hitting this issue.
kerem commented 2026-03-04 01:43:45 +03:00
Author
Owner
Copy link

@praveenkpatidar commented on GitHub (Apr 19, 2017):

FSTab solution worked for me but only for one or two sync and again the mount is lost.
If I restart it will work for one or two update

<!-- gh-comment-id:295120948 --> @praveenkpatidar commented on GitHub (Apr 19, 2017): FSTab solution worked for me but only for one or two sync and again the mount is lost. If I restart it will work for one or two update
kerem commented 2026-03-04 01:43:45 +03:00
Author
Owner
Copy link

@praveenkpatidar commented on GitHub (Apr 19, 2017):

The problem is I am not able to get debug log. Keep getting hung processes. df -h also hung.

<!-- gh-comment-id:295130339 --> @praveenkpatidar commented on GitHub (Apr 19, 2017): The problem is I am not able to get debug log. Keep getting hung processes. df -h also hung.
kerem commented 2026-03-04 01:43:45 +03:00
Author
Owner
Copy link

@sekiwired commented on GitHub (Apr 26, 2017):

Hi, same problem here,
My debug msg shows this :
[DBG] curl.cpp:RequestPerform(1953): Body Text:
AuthorizationHeaderMalformedThe authorization header is malformed; the region 'us-east-1' is wrong; expecting 'eu-central-1'eu-central-1

<!-- gh-comment-id:297331365 --> @sekiwired commented on GitHub (Apr 26, 2017): Hi, same problem here, My debug msg shows this : [DBG] curl.cpp:RequestPerform(1953): Body Text: <?xml version="1.0" encoding="UTF-8"?> <Error><Code>AuthorizationHeaderMalformed</Code><Message>The authorization header is malformed; the region 'us-east-1' is wrong; expecting 'eu-central-1'</Message><Region>eu-central-1</Region>
kerem commented 2026-03-04 01:43:45 +03:00
Author
Owner
Copy link

@gaul commented on GitHub (Apr 26, 2017):

I just created a bucket in eu-central-1 and successfully mounted it via s3fs using master at df0ff3a2fd. Which version do you use? Also please run again with the flags -f -o curldbg.

<!-- gh-comment-id:297406978 --> @gaul commented on GitHub (Apr 26, 2017): I just created a bucket in eu-central-1 and successfully mounted it via `s3fs` using master at df0ff3a2fd9f7115b1181ccc01234bcfc97b0132. Which version do you use? Also please run again with the flags `-f -o curldbg`.
kerem commented 2026-03-04 01:43:45 +03:00
Author
Owner
Copy link

@rangasoa commented on GitHub (May 4, 2017):

Hi, same problem here. trying to mount s3 bucket with IAM user with S3full access using access ID and key ID without success. This is in AWS Beijing china. do we have any fix or workaround

< HTTP/1.1 403 Forbidden
< x-amz-request-id: B91C15261A89DCAA
< x-amz-id-2: 1Uwxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx843QGk+SAhddamCx3Mr+OQdl9DFs=
< Content-Type: application/xml
< Transfer-Encoding: chunked

[CRT] s3fs.cpp:s3fs_check_service(3765): invalid credentials - result of checking service.
[DBG] curl.cpp:ReturnHandler(295): Return handler to pool: 31
[ERR] s3fs.cpp:s3fs_exit_fuseloop(3324): Exiting FUSE event loop due to errors

<!-- gh-comment-id:299101671 --> @rangasoa commented on GitHub (May 4, 2017): Hi, same problem here. trying to mount s3 bucket with IAM user with S3full access using access ID and key ID without success. This is in AWS Beijing china. do we have any fix or workaround **< HTTP/1.1 403 Forbidden** < x-amz-request-id: B91C15261A89DCAA < x-amz-id-2: 1Uwxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx843QGk+SAhddamCx3Mr+OQdl9DFs= < Content-Type: application/xml < Transfer-Encoding: chunked **[CRT] s3fs.cpp:s3fs_check_service(3765): invalid credentials - result of checking service.** [DBG] curl.cpp:ReturnHandler(295): Return handler to pool: 31 [ERR] s3fs.cpp:s3fs_exit_fuseloop(3324): Exiting FUSE event loop due to errors
kerem commented 2026-03-04 01:43:45 +03:00
Author
Owner
Copy link

@pelamfi commented on GitHub (May 9, 2017):

Same problem here

eu-frankfurt-1,
Ubuntu 16.04
apt-cache show s3fs:
Architecture: amd64
Source: s3fs-fuse
Version: 1.79+git90-g8f11507-2

[CRT] s3fs_init(3294): init v1.79(commit:unknown) with GnuTLS(gcrypt)
*   Trying 52.219.72.14...
* Connected to XXXXXX-log.s3.amazonaws.com (52.219.72.14) port 80 (#0)
> GET / HTTP/1.1
host: XXXXXX-log.s3.amazonaws.com
Accept: */*
Authorization: AWS4-HMAC-SHA256 Credential=AKIAJROITITAVXXXXXX/20170509/eu-central-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=XXXXXXXXXXXXX\
XXXX
x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
x-amz-date: 20170509T115610Z

< HTTP/1.1 403 Forbidden
< x-amz-bucket-region: eu-central-1
< x-amz-request-id: 2BA7C7BC514152B2
< x-amz-id-2: U42iV38KaQPd8Ivq4PK+CrweTcqH12O87IBdYZjgNxCMWT5/+o1KNfTRTpxrJI2odDlKTweVSxs=
< Content-Type: application/xml
< Transfer-Encoding: chunked
< Date: Tue, 09 May 2017 10:55:29 GMT
< Server: AmazonS3
<
* Connection #0 to host XXXXXX-log.s3.amazonaws.com left intact
* Hostname XXXXXX-log.s3.amazonaws.com was found in DNS cache
*   Trying 52.219.72.14...
* Connected to XXXXXX-log.s3.amazonaws.com (52.219.72.14) port 80 (#0)
> GET / HTTP/1.1
Host: XXXXXX-log.s3.amazonaws.com
Accept: */*
Authorization: AWS AKIAJROITITAVXXXXXX:XXXXXXX
Date: Tue, 09 May 2017 11:56:10 GMT

< HTTP/1.1 403 Forbidden
< x-amz-bucket-region: eu-central-1
< x-amz-request-id: 69066B5E7F9B12CF
< x-amz-id-2: BKCSoR5j9RMVRc5VA9zjOrD9rJotFGQLCwSeVp28yBCOiJomzAVTyNYLQ4whKqsEusSTiIB5S54=
< Content-Type: application/xml
< Transfer-Encoding: chunked
< Date: Tue, 09 May 2017 10:55:29 GMT
< Server: AmazonS3
<
* Connection #0 to host XXXXXX-log.s3.amazonaws.com left intact
[CRT] s3fs_check_service(3707): invalid credentials - result of checking service.
<!-- gh-comment-id:300130678 --> @pelamfi commented on GitHub (May 9, 2017): Same problem here eu-frankfurt-1, Ubuntu 16.04 apt-cache show s3fs: Architecture: amd64 Source: s3fs-fuse Version: 1.79+git90-g8f11507-2 [CRT] s3fs_init(3294): init v1.79(commit:unknown) with GnuTLS(gcrypt) * Trying 52.219.72.14... * Connected to XXXXXX-log.s3.amazonaws.com (52.219.72.14) port 80 (#0) > GET / HTTP/1.1 host: XXXXXX-log.s3.amazonaws.com Accept: */* Authorization: AWS4-HMAC-SHA256 Credential=AKIAJROITITAVXXXXXX/20170509/eu-central-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=XXXXXXXXXXXXX\ XXXX x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 x-amz-date: 20170509T115610Z < HTTP/1.1 403 Forbidden < x-amz-bucket-region: eu-central-1 < x-amz-request-id: 2BA7C7BC514152B2 < x-amz-id-2: U42iV38KaQPd8Ivq4PK+CrweTcqH12O87IBdYZjgNxCMWT5/+o1KNfTRTpxrJI2odDlKTweVSxs= < Content-Type: application/xml < Transfer-Encoding: chunked < Date: Tue, 09 May 2017 10:55:29 GMT < Server: AmazonS3 < * Connection #0 to host XXXXXX-log.s3.amazonaws.com left intact * Hostname XXXXXX-log.s3.amazonaws.com was found in DNS cache * Trying 52.219.72.14... * Connected to XXXXXX-log.s3.amazonaws.com (52.219.72.14) port 80 (#0) > GET / HTTP/1.1 Host: XXXXXX-log.s3.amazonaws.com Accept: */* Authorization: AWS AKIAJROITITAVXXXXXX:XXXXXXX Date: Tue, 09 May 2017 11:56:10 GMT < HTTP/1.1 403 Forbidden < x-amz-bucket-region: eu-central-1 < x-amz-request-id: 69066B5E7F9B12CF < x-amz-id-2: BKCSoR5j9RMVRc5VA9zjOrD9rJotFGQLCwSeVp28yBCOiJomzAVTyNYLQ4whKqsEusSTiIB5S54= < Content-Type: application/xml < Transfer-Encoding: chunked < Date: Tue, 09 May 2017 10:55:29 GMT < Server: AmazonS3 < * Connection #0 to host XXXXXX-log.s3.amazonaws.com left intact [CRT] s3fs_check_service(3707): invalid credentials - result of checking service.
kerem commented 2026-03-04 01:43:46 +03:00
Author
Owner
Copy link

@ghost commented on GitHub (Jul 13, 2017):

Works for me using commit github.com/s3fs-fuse/s3fs-fuse@620f6ec616 so far.

<!-- gh-comment-id:315228881 --> @ghost commented on GitHub (Jul 13, 2017): Works for me using commit https://github.com/s3fs-fuse/s3fs-fuse/commit/620f6ec61627d9cec812013ba79dc7d724b45914 so far.
kerem commented 2026-03-04 01:43:46 +03:00
Author
Owner
Copy link

@paulswanson commented on GitHub (Mar 2, 2018):

I'm experiencing exactly the same problem.

Created an S3 bucket in Frankfurt (eu-central-1), permissioned it correctly with a policy. Able to access the bucket over AWS CLI and AWS console with the appropriate access ID and key, but S3FS fails with the invalid credentials error, as above.

Repeated exactly the same process in N Virginia and it worked first time. Same access ID and policy applied.

I'm using the default package install of S3FS on Ubuntu 17.10. I looked through the debug logs for s3fs but it only lists the commit as "commit has unknown".

<!-- gh-comment-id:369805600 --> @paulswanson commented on GitHub (Mar 2, 2018): I'm experiencing exactly the same problem. Created an S3 bucket in Frankfurt (eu-central-1), permissioned it correctly with a policy. Able to access the bucket over AWS CLI and AWS console with the appropriate access ID and key, but S3FS fails with the invalid credentials error, as above. Repeated exactly the same process in N Virginia and it worked first time. Same access ID and policy applied. I'm using the default package install of S3FS on Ubuntu 17.10. I looked through the debug logs for s3fs but it only lists the commit as "commit has unknown".
kerem commented 2026-03-04 01:43:46 +03:00
Author
Owner
Copy link

@abrkn commented on GitHub (Mar 2, 2018):

I am having the same issue on Ubuntu 16.04 in the Singapore region:

ubuntu@ip-172-31-15-245:~/s3fs-fuse$ sudo s3fs -o use_cache=/tmp/cache mybucketname9861 -o curldbg -f -o passwd_file=/etc/passwd-s3fs /s3/mybucket/
[CRT] s3fs.cpp:s3fs_init(3367): init v1.82(commit:620f6ec) with OpenSSL
*   Trying 52.216.160.107...
* Connected to mybucketname9861.s3.amazonaws.com (52.216.160.107) port 443 (#0)
* found 148 certificates in /etc/ssl/certs/ca-certificates.crt
* found 592 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256
* 	 server certificate verification OK
* 	 server certificate status verification SKIPPED
* 	 common name: *.s3.amazonaws.com (matched)
* 	 server certificate expiration date OK
* 	 server certificate activation date OK
* 	 certificate public key: RSA
* 	 certificate version: #3
* 	 subject: C=US,ST=Washington,L=Seattle,O=Amazon.com Inc.,CN=*.s3.amazonaws.com
* 	 start date: Fri, 22 Sep 2017 00:00:00 GMT
* 	 expire date: Thu, 03 Jan 2019 12:00:00 GMT
* 	 issuer: C=US,O=DigiCert Inc,OU=www.digicert.com,CN=DigiCert Baltimore CA-2 G2
* 	 compression: NULL
* ALPN, server did not agree to a protocol
> GET / HTTP/1.1
host: mybucketname9861.s3.amazonaws.com
User-Agent: s3fs/1.82 (commit hash 620f6ec; OpenSSL)
Accept: */*
Authorization: AWS4-HMAC-SHA256 Credential=AKIAI4OQWVIZQSONJDKA/20180302/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=3c77b0b40a6b24ac8d043147b8519cbd2175117b4de389d631a9bb558d378d1d
x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
x-amz-date: 20180302T122304Z

< HTTP/1.1 307 Temporary Redirect
< x-amz-bucket-region: ap-southeast-1
< x-amz-request-id: 8987D4C714961B71
< x-amz-id-2: YG6HX8jNnUv+KXjMRJuI0PXTStyh2fofEf92khr9LIW1nAwJDoZ5G9u0nAmBbgmwlaE+ggQ+BoQ=
< Location: https://mybucketname9861.s3-ap-southeast-1.amazonaws.com/
< Content-Type: application/xml
< Transfer-Encoding: chunked
< Date: Fri, 02 Mar 2018 12:23:05 GMT
< Server: AmazonS3
<
* Ignoring the response-body
* Connection #0 to host mybucketname9861.s3.amazonaws.com left intact
* Issue another request to this URL: 'https://mybucketname9861.s3-ap-southeast-1.amazonaws.com/'
*   Trying 52.219.36.79...
* Connected to mybucketname9861.s3-ap-southeast-1.amazonaws.com (52.219.36.79) port 443 (#1)
* found 148 certificates in /etc/ssl/certs/ca-certificates.crt
* found 592 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256
* 	 server certificate verification OK
* 	 server certificate status verification SKIPPED
* 	 common name: *.s3-ap-southeast-1.amazonaws.com (matched)
* 	 server certificate expiration date OK
* 	 server certificate activation date OK
* 	 certificate public key: RSA
* 	 certificate version: #3
* 	 subject: C=US,ST=Washington,L=Seattle,O=Amazon.com Inc.,CN=*.s3-ap-southeast-1.amazonaws.com
* 	 start date: Fri, 22 Sep 2017 00:00:00 GMT
* 	 expire date: Thu, 03 Jan 2019 12:00:00 GMT
* 	 issuer: C=US,O=DigiCert Inc,OU=www.digicert.com,CN=DigiCert Baltimore CA-2 G2
* 	 compression: NULL
* ALPN, server did not agree to a protocol
> GET / HTTP/1.1
Host: mybucketname9861.s3-ap-southeast-1.amazonaws.com
User-Agent: s3fs/1.82 (commit hash 620f6ec; OpenSSL)
Accept: */*
x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
x-amz-date: 20180302T122304Z

< HTTP/1.1 403 Forbidden
< x-amz-bucket-region: ap-southeast-1
< x-amz-request-id: F636333B7A5DEB4E
< x-amz-id-2: LN9In3i8AAgMVql7UR/7I1rmGI5a/Nff/vJHxpEeIMltaYj4TGKVkIbKOfXIg1wSpDcXJefSuxU=
< Content-Type: application/xml
< Transfer-Encoding: chunked
< Date: Fri, 02 Mar 2018 12:23:05 GMT
< Server: AmazonS3
<
* Connection #1 to host mybucketname9861.s3-ap-southeast-1.amazonaws.com left intact
* Found bundle for host mybucketname9861.s3.amazonaws.com: 0x7feeb414cf20 [can pipeline]
* Re-using existing connection! (#0) with host mybucketname9861.s3.amazonaws.com
* Connected to mybucketname9861.s3.amazonaws.com (52.216.160.107) port 443 (#0)
> GET / HTTP/1.1
Host: mybucketname9861.s3.amazonaws.com
User-Agent: s3fs/1.82 (commit hash 620f6ec; OpenSSL)
Accept: */*
Authorization: AWS AKIAI4OQWVIZQSONJDKA:PCR2bihWUeywTTfAAo7hzzIv5NY=
Date: Fri, 02 Mar 2018 12:23:05 GMT

< HTTP/1.1 307 Temporary Redirect
< x-amz-bucket-region: ap-southeast-1
< x-amz-request-id: C79061512AB68819
< x-amz-id-2: BoAit0a8XOuUlrvtnGFH8T9A/Ky8Pc4miexjGm9nlVdoyAjx4L+RgEpXcD3rSKEUsgvsSnmF894=
< Location: https://mybucketname9861.s3-ap-southeast-1.amazonaws.com/
< Content-Type: application/xml
< Transfer-Encoding: chunked
< Date: Fri, 02 Mar 2018 12:23:05 GMT
< Server: AmazonS3
<
* Ignoring the response-body
* Connection #0 to host mybucketname9861.s3.amazonaws.com left intact
* Issue another request to this URL: 'https://mybucketname9861.s3-ap-southeast-1.amazonaws.com/'
* Found bundle for host mybucketname9861.s3-ap-southeast-1.amazonaws.com: 0x7feeb54f6c90 [can pipeline]
* Re-using existing connection! (#1) with host mybucketname9861.s3-ap-southeast-1.amazonaws.com
* Connected to mybucketname9861.s3-ap-southeast-1.amazonaws.com (52.219.36.79) port 443 (#1)
> GET / HTTP/1.1
Host: mybucketname9861.s3-ap-southeast-1.amazonaws.com
User-Agent: s3fs/1.82 (commit hash 620f6ec; OpenSSL)
Accept: */*
Date: Fri, 02 Mar 2018 12:23:05 GMT

< HTTP/1.1 403 Forbidden
< x-amz-bucket-region: ap-southeast-1
< x-amz-request-id: 7FB399A488A0631A
< x-amz-id-2: RPkt7q3egL4nXDgf8P3s74Yk1K0S/dSJfcxGB/WqCV7otH7pUwF2eP/AK6iAAcRqlOdoMKf4qQg=
< Content-Type: application/xml
< Transfer-Encoding: chunked
< Date: Fri, 02 Mar 2018 12:23:05 GMT
< Server: AmazonS3
<
* Connection #1 to host mybucketname9861.s3-ap-southeast-1.amazonaws.com left intact
[CRT] s3fs.cpp:s3fs_check_service(3799): invalid credentials(host=https://s3.amazonaws.com) - result of checking service.

The file /etc/passwd-s3fs contains the key:secret of my root account's access key.

Any ideas?

EDIT: Figured it out. You can see in the log it fails to send authorization header after redirect. Solved by adding -o url=http://s3-ap-southeast-1.amazonaws.com

<!-- gh-comment-id:369907790 --> @abrkn commented on GitHub (Mar 2, 2018): I am having the same issue on Ubuntu 16.04 in the Singapore region: ``` ubuntu@ip-172-31-15-245:~/s3fs-fuse$ sudo s3fs -o use_cache=/tmp/cache mybucketname9861 -o curldbg -f -o passwd_file=/etc/passwd-s3fs /s3/mybucket/ [CRT] s3fs.cpp:s3fs_init(3367): init v1.82(commit:620f6ec) with OpenSSL * Trying 52.216.160.107... * Connected to mybucketname9861.s3.amazonaws.com (52.216.160.107) port 443 (#0) * found 148 certificates in /etc/ssl/certs/ca-certificates.crt * found 592 certificates in /etc/ssl/certs * ALPN, offering http/1.1 * SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256 * server certificate verification OK * server certificate status verification SKIPPED * common name: *.s3.amazonaws.com (matched) * server certificate expiration date OK * server certificate activation date OK * certificate public key: RSA * certificate version: #3 * subject: C=US,ST=Washington,L=Seattle,O=Amazon.com Inc.,CN=*.s3.amazonaws.com * start date: Fri, 22 Sep 2017 00:00:00 GMT * expire date: Thu, 03 Jan 2019 12:00:00 GMT * issuer: C=US,O=DigiCert Inc,OU=www.digicert.com,CN=DigiCert Baltimore CA-2 G2 * compression: NULL * ALPN, server did not agree to a protocol > GET / HTTP/1.1 host: mybucketname9861.s3.amazonaws.com User-Agent: s3fs/1.82 (commit hash 620f6ec; OpenSSL) Accept: */* Authorization: AWS4-HMAC-SHA256 Credential=AKIAI4OQWVIZQSONJDKA/20180302/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=3c77b0b40a6b24ac8d043147b8519cbd2175117b4de389d631a9bb558d378d1d x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 x-amz-date: 20180302T122304Z < HTTP/1.1 307 Temporary Redirect < x-amz-bucket-region: ap-southeast-1 < x-amz-request-id: 8987D4C714961B71 < x-amz-id-2: YG6HX8jNnUv+KXjMRJuI0PXTStyh2fofEf92khr9LIW1nAwJDoZ5G9u0nAmBbgmwlaE+ggQ+BoQ= < Location: https://mybucketname9861.s3-ap-southeast-1.amazonaws.com/ < Content-Type: application/xml < Transfer-Encoding: chunked < Date: Fri, 02 Mar 2018 12:23:05 GMT < Server: AmazonS3 < * Ignoring the response-body * Connection #0 to host mybucketname9861.s3.amazonaws.com left intact * Issue another request to this URL: 'https://mybucketname9861.s3-ap-southeast-1.amazonaws.com/' * Trying 52.219.36.79... * Connected to mybucketname9861.s3-ap-southeast-1.amazonaws.com (52.219.36.79) port 443 (#1) * found 148 certificates in /etc/ssl/certs/ca-certificates.crt * found 592 certificates in /etc/ssl/certs * ALPN, offering http/1.1 * SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256 * server certificate verification OK * server certificate status verification SKIPPED * common name: *.s3-ap-southeast-1.amazonaws.com (matched) * server certificate expiration date OK * server certificate activation date OK * certificate public key: RSA * certificate version: #3 * subject: C=US,ST=Washington,L=Seattle,O=Amazon.com Inc.,CN=*.s3-ap-southeast-1.amazonaws.com * start date: Fri, 22 Sep 2017 00:00:00 GMT * expire date: Thu, 03 Jan 2019 12:00:00 GMT * issuer: C=US,O=DigiCert Inc,OU=www.digicert.com,CN=DigiCert Baltimore CA-2 G2 * compression: NULL * ALPN, server did not agree to a protocol > GET / HTTP/1.1 Host: mybucketname9861.s3-ap-southeast-1.amazonaws.com User-Agent: s3fs/1.82 (commit hash 620f6ec; OpenSSL) Accept: */* x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 x-amz-date: 20180302T122304Z < HTTP/1.1 403 Forbidden < x-amz-bucket-region: ap-southeast-1 < x-amz-request-id: F636333B7A5DEB4E < x-amz-id-2: LN9In3i8AAgMVql7UR/7I1rmGI5a/Nff/vJHxpEeIMltaYj4TGKVkIbKOfXIg1wSpDcXJefSuxU= < Content-Type: application/xml < Transfer-Encoding: chunked < Date: Fri, 02 Mar 2018 12:23:05 GMT < Server: AmazonS3 < * Connection #1 to host mybucketname9861.s3-ap-southeast-1.amazonaws.com left intact * Found bundle for host mybucketname9861.s3.amazonaws.com: 0x7feeb414cf20 [can pipeline] * Re-using existing connection! (#0) with host mybucketname9861.s3.amazonaws.com * Connected to mybucketname9861.s3.amazonaws.com (52.216.160.107) port 443 (#0) > GET / HTTP/1.1 Host: mybucketname9861.s3.amazonaws.com User-Agent: s3fs/1.82 (commit hash 620f6ec; OpenSSL) Accept: */* Authorization: AWS AKIAI4OQWVIZQSONJDKA:PCR2bihWUeywTTfAAo7hzzIv5NY= Date: Fri, 02 Mar 2018 12:23:05 GMT < HTTP/1.1 307 Temporary Redirect < x-amz-bucket-region: ap-southeast-1 < x-amz-request-id: C79061512AB68819 < x-amz-id-2: BoAit0a8XOuUlrvtnGFH8T9A/Ky8Pc4miexjGm9nlVdoyAjx4L+RgEpXcD3rSKEUsgvsSnmF894= < Location: https://mybucketname9861.s3-ap-southeast-1.amazonaws.com/ < Content-Type: application/xml < Transfer-Encoding: chunked < Date: Fri, 02 Mar 2018 12:23:05 GMT < Server: AmazonS3 < * Ignoring the response-body * Connection #0 to host mybucketname9861.s3.amazonaws.com left intact * Issue another request to this URL: 'https://mybucketname9861.s3-ap-southeast-1.amazonaws.com/' * Found bundle for host mybucketname9861.s3-ap-southeast-1.amazonaws.com: 0x7feeb54f6c90 [can pipeline] * Re-using existing connection! (#1) with host mybucketname9861.s3-ap-southeast-1.amazonaws.com * Connected to mybucketname9861.s3-ap-southeast-1.amazonaws.com (52.219.36.79) port 443 (#1) > GET / HTTP/1.1 Host: mybucketname9861.s3-ap-southeast-1.amazonaws.com User-Agent: s3fs/1.82 (commit hash 620f6ec; OpenSSL) Accept: */* Date: Fri, 02 Mar 2018 12:23:05 GMT < HTTP/1.1 403 Forbidden < x-amz-bucket-region: ap-southeast-1 < x-amz-request-id: 7FB399A488A0631A < x-amz-id-2: RPkt7q3egL4nXDgf8P3s74Yk1K0S/dSJfcxGB/WqCV7otH7pUwF2eP/AK6iAAcRqlOdoMKf4qQg= < Content-Type: application/xml < Transfer-Encoding: chunked < Date: Fri, 02 Mar 2018 12:23:05 GMT < Server: AmazonS3 < * Connection #1 to host mybucketname9861.s3-ap-southeast-1.amazonaws.com left intact [CRT] s3fs.cpp:s3fs_check_service(3799): invalid credentials(host=https://s3.amazonaws.com) - result of checking service. ``` The file `/etc/passwd-s3fs` contains the `key:secret` of my root account's access key. Any ideas? EDIT: Figured it out. You can see in the log it fails to send authorization header after redirect. Solved by adding `-o url=http://s3-ap-southeast-1.amazonaws.com`
kerem commented 2026-03-04 01:43:46 +03:00
Author
Owner
Copy link

@Prinzhorn commented on GitHub (May 6, 2018):

The previous comment contains the solution (for me at least) but might be missed at the bottom of it. Looks like the default url is hard coded to s3.amazonaws.com which is us-east-1 (US East (N. Virginia)). I was expecting s3fs-fuse to automatically figure out the endpoint for the given bucket. However, just specify the endpoint using the url option. In this case eu-central-1

s3fs <MY BUCKET> /mnt -o url=https://s3-eu-central-1.amazonaws.com

Here's the fill list (Endpoint column) from https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region

Region Name Region Endpoint Location Constraint Protocol Signature Version(s) Support
US East (Ohio) us-east-2 Valid endpoint names for this region: s3.us-east-2.amazonaws.com s3-us-east-2.amazonaws.com s3.dualstack.us-east-2.amazonaws.com us-east-2 HTTP and HTTPS Versions 4 only
US East (N. Virginia) us-east-1 Valid endpoint names for this region: s3.amazonaws.com s3.us-east-1.amazonaws.com s3-external-1.amazonaws.com s3.dualstack.us-east-1.amazonaws.com** (none required) HTTP and HTTPS Versions 2 and 4
US West (N. California) us-west-1 Valid endpoint names for this region: s3.us-west-1.amazonaws.com s3-us-west-1.amazonaws.com s3.dualstack.us-west-1.amazonaws.com** us-west-1 HTTP and HTTPS Versions 2 and 4
US West (Oregon) us-west-2 Valid endpoint names for this region: s3.us-west-2.amazonaws.com s3-us-west-2.amazonaws.com s3.dualstack.us-west-2.amazonaws.com** us-west-2 HTTP and HTTPS Versions 2 and 4
Canada (Central) ca-central-1 Valid endpoint names for this region: s3.ca-central-1.amazonaws.com s3-ca-central-1.amazonaws.com s3.dualstack.ca-central-1.amazonaws.com** ca-central-1 HTTP and HTTPS Version 4 only
Asia Pacific (Mumbai) ap-south-1 Valid endpoint names for this region: s3.ap-south-1.amazonaws.com s3-ap-south-1.amazonaws.com s3.dualstack.ap-south-1.amazonaws.com** ap-south-1 HTTP and HTTPS Version 4 only
Asia Pacific (Seoul) ap-northeast-2 Valid endpoint names for this region: s3.ap-northeast-2.amazonaws.com s3-ap-northeast-2.amazonaws.com s3.dualstack.ap-northeast-2.amazonaws.com** ap-northeast-2 HTTP and HTTPS Version 4 only
Asia Pacific (Osaka-Local) *** ap-northeast-3 Valid endpoint names for this region: s3.ap-northeast-3.amazonaws.com s3-ap-northeast-3.amazonaws.com s3.dualstack.ap-northeast-3.amazonaws.com** ap-northeast-3 HTTP and HTTPS Version 4 only
Asia Pacific (Singapore) ap-southeast-1 Valid endpoint names for this region: s3.ap-southeast-1.amazonaws.com s3-ap-southeast-1.amazonaws.com s3.dualstack.ap-southeast-1.amazonaws.com** ap-southeast-1 HTTP and HTTPS Versions 2 and 4
Asia Pacific (Sydney) ap-southeast-2 Valid endpoint names for this region: s3.ap-southeast-2.amazonaws.com s3-ap-southeast-2.amazonaws.com s3.dualstack.ap-southeast-2.amazonaws.com** ap-southeast-2 HTTP and HTTPS Versions 2 and 4
Asia Pacific (Tokyo) ap-northeast-1 Valid endpoint names for this region: s3.ap-northeast-1.amazonaws.com s3-ap-northeast-1.amazonaws.com s3.dualstack.ap-northeast-1.amazonaws.com** ap-northeast-1 HTTP and HTTPS Versions 2 and 4
China (Beijing) cn-north-1 Valid endpoint name for this region: s3.cn-north-1.amazonaws.com.cn cn-north-1 HTTP and HTTPS Version 4 only
China (Ningxia) cn-northwest-1 Valid endpoint name for this region: s3.cn-northwest-1.amazonaws.com.cn cn-northwest-1 HTTP and HTTPS Version 4 only
EU (Frankfurt) eu-central-1 Valid endpoint names for this region: s3.eu-central-1.amazonaws.com s3-eu-central-1.amazonaws.com s3.dualstack.eu-central-1.amazonaws.com** eu-central-1 HTTP and HTTPS Version 4 only
EU (Ireland) eu-west-1 Valid endpoint names for this region: s3.eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com s3.dualstack.eu-west-1.amazonaws.com** EU or eu-west-1 HTTP and HTTPS Versions 2 and 4
EU (London) eu-west-2 Valid endpoint names for this region: s3.eu-west-2.amazonaws.com s3-eu-west-2.amazonaws.com s3.dualstack.eu-west-2.amazonaws.com** eu-west-2 HTTP and HTTPS Version 4 only
EU (Paris) eu-west-3 Valid endpoint names for this region: s3.eu-west-3.amazonaws.com s3-eu-west-3.amazonaws.com s3.dualstack.eu-west-3.amazonaws.com eu-west-3 HTTP and HTTPS Version 4 only
South America (São Paulo) sa-east-1 Valid endpoint names for this region: s3.sa-east-1.amazonaws.com s3-sa-east-1.amazonaws.com s3.dualstack.sa-east-1.amazonaws.com** sa-east-1 HTTP and HTTPS Versions 2 and 4

As a side note, this seems to be the minimal policy you need, which I could find nowhere.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:ListBucket"
            ],
            "Resource": [
                "arn:aws:s3:::<MY BUCKET>"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "s3:PutObject",
                "s3:GetObject"
            ],
            "Resource": [
                "arn:aws:s3:::<MY BUCKET>/*"
            ]
        }
    ]
}
<!-- gh-comment-id:386884605 --> @Prinzhorn commented on GitHub (May 6, 2018): The previous comment contains **the solution** (for me at least) but might be missed at the bottom of it. Looks like the default url is hard coded to `s3.amazonaws.com` which is us-east-1 (US East (N. Virginia)). I was expecting s3fs-fuse to automatically figure out the endpoint for the given bucket. However, just specify the endpoint using the `url` option. In this case eu-central-1 ``` s3fs <MY BUCKET> /mnt -o url=https://s3-eu-central-1.amazonaws.com ``` Here's the fill list (Endpoint column) from https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region Region Name | Region | Endpoint | Location Constraint | Protocol | Signature Version(s) Support -- | -- | -- | -- | -- | -- US East (Ohio) | us-east-2 | Valid endpoint names for this region: s3.us-east-2.amazonaws.com s3-us-east-2.amazonaws.com s3.dualstack.us-east-2.amazonaws.com | us-east-2 | HTTP and HTTPS | Versions 4 only US East (N. Virginia) | us-east-1 | Valid endpoint names for this region: s3.amazonaws.com s3.us-east-1.amazonaws.com s3-external-1.amazonaws.com s3.dualstack.us-east-1.amazonaws.com** | (none required) | HTTP and HTTPS | Versions 2 and 4 US West (N. California) | us-west-1 | Valid endpoint names for this region: s3.us-west-1.amazonaws.com s3-us-west-1.amazonaws.com s3.dualstack.us-west-1.amazonaws.com** | us-west-1 | HTTP and HTTPS | Versions 2 and 4 US West (Oregon) | us-west-2 | Valid endpoint names for this region: s3.us-west-2.amazonaws.com s3-us-west-2.amazonaws.com s3.dualstack.us-west-2.amazonaws.com** | us-west-2 | HTTP and HTTPS | Versions 2 and 4 Canada (Central) | ca-central-1 | Valid endpoint names for this region: s3.ca-central-1.amazonaws.com s3-ca-central-1.amazonaws.com s3.dualstack.ca-central-1.amazonaws.com** | ca-central-1 | HTTP and HTTPS | Version 4 only Asia Pacific (Mumbai) | ap-south-1 | Valid endpoint names for this region: s3.ap-south-1.amazonaws.com s3-ap-south-1.amazonaws.com s3.dualstack.ap-south-1.amazonaws.com** | ap-south-1 | HTTP and HTTPS | Version 4 only Asia Pacific (Seoul) | ap-northeast-2 | Valid endpoint names for this region: s3.ap-northeast-2.amazonaws.com s3-ap-northeast-2.amazonaws.com s3.dualstack.ap-northeast-2.amazonaws.com** | ap-northeast-2 | HTTP and HTTPS | Version 4 only Asia Pacific (Osaka-Local) *** | ap-northeast-3 | Valid endpoint names for this region: s3.ap-northeast-3.amazonaws.com s3-ap-northeast-3.amazonaws.com s3.dualstack.ap-northeast-3.amazonaws.com** | ap-northeast-3 | HTTP and HTTPS | Version 4 only Asia Pacific (Singapore) | ap-southeast-1 | Valid endpoint names for this region: s3.ap-southeast-1.amazonaws.com s3-ap-southeast-1.amazonaws.com s3.dualstack.ap-southeast-1.amazonaws.com** | ap-southeast-1 | HTTP and HTTPS | Versions 2 and 4 Asia Pacific (Sydney) | ap-southeast-2 | Valid endpoint names for this region: s3.ap-southeast-2.amazonaws.com s3-ap-southeast-2.amazonaws.com s3.dualstack.ap-southeast-2.amazonaws.com** | ap-southeast-2 | HTTP and HTTPS | Versions 2 and 4 Asia Pacific (Tokyo) | ap-northeast-1 | Valid endpoint names for this region: s3.ap-northeast-1.amazonaws.com s3-ap-northeast-1.amazonaws.com s3.dualstack.ap-northeast-1.amazonaws.com** | ap-northeast-1 | HTTP and HTTPS | Versions 2 and 4 China (Beijing) | cn-north-1 | Valid endpoint name for this region: s3.cn-north-1.amazonaws.com.cn | cn-north-1 | HTTP and HTTPS | Version 4 only China (Ningxia) | cn-northwest-1 | Valid endpoint name for this region: s3.cn-northwest-1.amazonaws.com.cn | cn-northwest-1 | HTTP and HTTPS | Version 4 only EU (Frankfurt) | eu-central-1 | Valid endpoint names for this region: s3.eu-central-1.amazonaws.com s3-eu-central-1.amazonaws.com s3.dualstack.eu-central-1.amazonaws.com** | eu-central-1 | HTTP and HTTPS | Version 4 only EU (Ireland) | eu-west-1 | Valid endpoint names for this region: s3.eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com s3.dualstack.eu-west-1.amazonaws.com** | EU or eu-west-1 | HTTP and HTTPS | Versions 2 and 4 EU (London) | eu-west-2 | Valid endpoint names for this region: s3.eu-west-2.amazonaws.com s3-eu-west-2.amazonaws.com s3.dualstack.eu-west-2.amazonaws.com** | eu-west-2 | HTTP and HTTPS | Version 4 only EU (Paris) | eu-west-3 | Valid endpoint names for this region: s3.eu-west-3.amazonaws.com s3-eu-west-3.amazonaws.com s3.dualstack.eu-west-3.amazonaws.com | eu-west-3 | HTTP and HTTPS | Version 4 only South America (São Paulo) | sa-east-1 | Valid endpoint names for this region: s3.sa-east-1.amazonaws.com s3-sa-east-1.amazonaws.com s3.dualstack.sa-east-1.amazonaws.com** | sa-east-1 | HTTP and HTTPS | Versions 2 and 4 As a side note, this seems to be the minimal policy you need, which I could find nowhere. ```json { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:ListBucket" ], "Resource": [ "arn:aws:s3:::<MY BUCKET>" ] }, { "Effect": "Allow", "Action": [ "s3:PutObject", "s3:GetObject" ], "Resource": [ "arn:aws:s3:::<MY BUCKET>/*" ] } ] } ```
kerem commented 2026-03-04 01:43:46 +03:00
Author
Owner
Copy link

@ryanotella commented on GitHub (Dec 6, 2018):

I wonder if there is an interaction between non-default bucket locations and the 307 Temporary Redirect response you may receive for certain buckets during the 24 hour period after they are created.

Perhaps s3fs doesn't correctly recalculate V4 signatures when there is a redirect to a different URL?

These problems are still resolved for me by explicitly specifying -o url=... -o endpoint=....

<!-- gh-comment-id:444755482 --> @ryanotella commented on GitHub (Dec 6, 2018): I wonder if there is an interaction between non-default bucket locations and the [307 Temporary Redirect](https://aws.amazon.com/premiumsupport/knowledge-center/s3-http-307-response/) response you may receive for certain buckets during the 24 hour period after they are created. Perhaps s3fs doesn't correctly recalculate V4 signatures when there is a redirect to a different URL? These problems are still resolved for me by explicitly specifying `-o url=... -o endpoint=...`.
kerem commented 2026-03-04 01:43:46 +03:00
Author
Owner
Copy link

@gaul commented on GitHub (Jan 24, 2019):

Could you test again against master? It includes fixes for 301/307 response codes.

<!-- gh-comment-id:457036690 --> @gaul commented on GitHub (Jan 24, 2019): Could you test again against master? It includes fixes for 301/307 response codes.
kerem commented 2026-03-04 01:43:46 +03:00
Author
Owner
Copy link

@MisterDuval commented on GitHub (Feb 22, 2019):

Same problem here using Wasabi, and fixed using a different server, the same as my bucket:
-o s3.eu-central-1.wasabisys.com

<!-- gh-comment-id:466577051 --> @MisterDuval commented on GitHub (Feb 22, 2019): Same problem here using Wasabi, and fixed using a different server, the same as my bucket: `-o s3.eu-central-1.wasabisys.com`
kerem commented 2026-03-04 01:43:46 +03:00
Author
Owner
Copy link

@gaul commented on GitHub (Apr 9, 2019):

Closing due to inactivity. Please reopen if symptoms persist.

<!-- gh-comment-id:481187257 --> @gaul commented on GitHub (Apr 9, 2019): Closing due to inactivity. Please reopen if symptoms persist.
kerem commented 2026-03-04 01:43:46 +03:00
Author
Owner
Copy link

@davidjeddy commented on GitHub (Apr 22, 2019):

I would like to note that the symptoms persist. I will try the -o bucket URL as @MisterDuval did in order to confirm remediation.

<!-- gh-comment-id:485478731 --> @davidjeddy commented on GitHub (Apr 22, 2019): I would like to note that the symptoms persist. I will try the `-o` bucket URL as @MisterDuval did in order to confirm remediation.
kerem commented 2026-03-04 01:43:46 +03:00
Author
Owner
Copy link

@sravanthimodepu commented on GitHub (Jun 27, 2019):

Hi,

I have installed and mounted S3fs for an AWS ec2 instance, but not able to upload the files to the mounted path.

While uploading the files, it is throwing the below error:

[Thu Jun 27 08:59:10.595980 2019] [wsgi:error] [pid 4716:tid 140447467534080] [client 10.100.1.7:43314] [2019-06-27 08:59:10,595] ERROR in api: Error unable to save file: [Errno 13] Permission denied: '/var/www/src/static/uploads/1561021355983HqiBl3eY88RBIDqv-2019-06-27-08-59-10.pdf', referer: http://outreach-ubuntu.vlabs.ac.in/admin
[Thu Jun 27 08:59:10.596185 2019] [wsgi:error] [pid 4716:tid 140447467534080] [client 10.100.1.7:43314] [2019-06-27 08:59:10,596] ERROR in app: error code = 500, referer: http://outreach-ubuntu.vlabs.ac.in/admin
[Thu Jun 27 08:59:10.596316 2019] [wsgi:error] [pid 4716:tid 140447467534080] [client 10.100.1.7:43314] [2019-06-27 08:59:10,596] ERROR in app: error desc = error is [Errno 13] Permission denied: '/var/www/src/static/uploads/1561021355983HqiBl3eY88RBIDqv-2019-06-27-08-59-10.pdf', referer: http://outreach-ubuntu.vlabs.ac.in/admin
^C

Can somone help me in this

<!-- gh-comment-id:506286576 --> @sravanthimodepu commented on GitHub (Jun 27, 2019): Hi, I have installed and mounted S3fs for an AWS ec2 instance, but not able to upload the files to the mounted path. While uploading the files, it is throwing the below error: [Thu Jun 27 08:59:10.595980 2019] [wsgi:error] [pid 4716:tid 140447467534080] [client 10.100.1.7:43314] [2019-06-27 08:59:10,595] ERROR in api: Error unable to save file: [Errno 13] Permission denied: '/var/www/src/static/uploads/1561021355983HqiBl3eY88RBIDqv-2019-06-27-08-59-10.pdf', referer: http://outreach-ubuntu.vlabs.ac.in/admin [Thu Jun 27 08:59:10.596185 2019] [wsgi:error] [pid 4716:tid 140447467534080] [client 10.100.1.7:43314] [2019-06-27 08:59:10,596] ERROR in app: error code = 500, referer: http://outreach-ubuntu.vlabs.ac.in/admin [Thu Jun 27 08:59:10.596316 2019] [wsgi:error] [pid 4716:tid 140447467534080] [client 10.100.1.7:43314] [2019-06-27 08:59:10,596] ERROR in app: error desc = error is [Errno 13] Permission denied: '/var/www/src/static/uploads/1561021355983HqiBl3eY88RBIDqv-2019-06-27-08-59-10.pdf', referer: http://outreach-ubuntu.vlabs.ac.in/admin ^C Can somone help me in this
kerem commented 2026-03-04 01:43:46 +03:00
Author
Owner
Copy link

@gaul commented on GitHub (Jun 30, 2019):

@sravanthimodepu This looks like an unrelated permission symptom on your local file system. Please check these and open a new issue if your symptoms persist.

<!-- gh-comment-id:507068181 --> @gaul commented on GitHub (Jun 30, 2019): @sravanthimodepu This looks like an unrelated permission symptom on your local file system. Please check these and open a new issue if your symptoms persist.
kerem commented 2026-03-04 01:43:46 +03:00
Author
Owner
Copy link

@Jukert commented on GitHub (Mar 15, 2021):

Hello, in my case it helped to change the time to the correct one on the host.

<!-- gh-comment-id:799565700 --> @Jukert commented on GitHub (Mar 15, 2021): Hello, in my case it helped to change the time to the correct one on the host.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
v1.97
v1.96
v1.95
v1.94
v1.93
v1.92
v1.91
v1.90
v1.89
v1.88
v1.87
v1.86
v1.85
v1.84
v1.83
v1.82
v1.81
v1.80
v1.79
v1.78
Pre-v1.78
v1.77
v1.76
v1.75
v1.74
Labels
Clear labels   
bug

   
bug

   
dataloss

   
duplicate

   
enhancement

   
feature request

   
help wanted

   
invalid

   
need info

   
performance

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question

   
testing
No labels
bug
bug
dataloss
duplicate
enhancement
feature request
help wanted
invalid
need info
performance
pull-request
question
question
testing
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/s3fs-fuse#257
No description provided.