mirror of
https://github.com/s3fs-fuse/s3fs-fuse.git
synced 2026-04-25 21:35:58 +03:00
[GH-ISSUE #526] use_sse=kmsid causes HTTP response code 404 was returned, returning ENOENT #297
Labels
No labels
bug
bug
dataloss
duplicate
enhancement
feature request
help wanted
invalid
need info
performance
pull-request
question
question
testing
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
starred/s3fs-fuse#297
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @adespain on GitHub (Jan 24, 2017).
Original GitHub issue: https://github.com/s3fs-fuse/s3fs-fuse/issues/526
Additional Information
The following information is very important in order to help us to help you. Omission of the following details may delay your support request or receive no attention at all.
Version of s3fs being used (s3fs --version)
example: 1.0
s3fs --version
Amazon Simple Storage Service File System V1.79(commit:unknown) with GnuTLS(gcrypt)
Version of fuse being used (pkg-config --modversion fuse)
example: 2.9.4
I used apt-get install s3fs
System information (uname -a)
command result: uname -a
uname -a
Linux ip-172-31-35-65 4.4.0-53-generic #74-Ubuntu SMP Fri Dec 2 15:59:10 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
Distro (cat /etc/issue)
command result: result
Ubuntu 16.04.1 LTS \n \l
s3fs command line used (if applicable)
s3bucket /home/logs fuse.s3fs _netdev,-d,use_cache=/tmp,uid=deploy,gid=deploy,multireq_max=5,endpoint=us-west-2,allow_other,mp_umask=0077,use_sse=kmsid:arn:aws:kms:us-west-2:xxxxxxxxxxxx:key/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx,retries=3 0 0
if you execute s3fs with dbglevel, curldbg option, you can get detail debug messages
Details about issue
I would like to use server side encryption with my kms key that I created. However when I mount he bucket and then try to touch a file I get this:
touch: cannot touch 'hithere3': Input/output error
in the logs I see this:
Jan 24 23:27:12 ip-172-31-35-65 s3fs[10585]: [tpath=/hithere3_$folder$]
Jan 24 23:27:12 ip-172-31-35-65 s3fs[10585]: [tpath=/hithere3_$folder$][bp
ath=][save=][sseckeypos=-1]
Jan 24 23:27:12 ip-172-31-35-65 s3fs[10585]: URL is http://s3.amazonaws.co
m/s3bucket/hithere3_%24folder%24
Jan 24 23:27:12 ip-172-31-35-65 s3fs[10585]: URL changed is http://s3bucket.s3.amazonaws.com/hithere3_%24folder%24
Jan 24 23:27:12 ip-172-31-35-65 s3fs[10585]: computing signature [HEAD] [/
hithere3_$folder$] [] []
Jan 24 23:27:12 ip-172-31-35-65 s3fs[10585]: url is http://s3.amazonaws.com
Jan 24 23:27:12 ip-172-31-35-65 s3fs[10585]: HTTP response code 404 was returned, returning ENOENT
My /etc/fstab is probably wrong but I can't figure it out, any help would be greatly appreciated, thanks!
@adespain commented on GitHub (Jan 31, 2017):
I finally got it to work, and it appears you have to specify url=https://s3.amazonaws.com in order for sse_kms to work. Hopefully that helps someone else. I also had to define a policy for the bucket that would only allow encrypted objects be put there.
@pritambarhate commented on GitHub (Feb 14, 2017):
Just stumbled on this through a google Search. I think docs here should updated to reflect that "https" url is required if sse_kms is used.
@aamyrrkhan commented on GitHub (Feb 22, 2024):
@adespain - you are a life saver. Been digging around for days. This should be highlighted in documentation. Setting up https worked for me. Thanks
@ggtakec commented on GitHub (Feb 23, 2024):
@pritambarhate @aamyrrkhan
Thanks to you guys, I was able to submit the PR.
I hope this PR will be merged and it will be useful to you.
(The wiki page will be updated before being merged)