starred/s3fs-fuse
1
0
Fork 0
mirror of https://github.com/s3fs-fuse/s3fs-fuse.git synced 2026-04-25 13:26:00 +03:00
Code Issues 305 Projects Releases 5 Packages Wiki Activity

[GH-ISSUE #61] Use s3fs with a proxy - no write permission #36

New issue
Closed
opened 2026-03-04 01:41:23 +03:00 by kerem · 2 comments
kerem commented 2026-03-04 01:41:23 +03:00
Owner
Copy link

Originally created by @cjuste on GitHub (Oct 1, 2014).
Original GitHub issue: https://github.com/s3fs-fuse/s3fs-fuse/issues/61

Hello,

I'm using s3fs with a transparent proxy squid.
I'm using the allow_other option.

I can read data on s3 without any problem, s3 and my directory are synced.
But if I try for example

 mkdir /mnt/s3/test/

I always get :

 mkdir: cannot create directory ‘/mnt/s3/test/’: Operation not permitted

For this machine, I have to use a proxy. I've tried on another machine, which works fine without the proxy (it's the same accessKey/secretKey and the same bucket). If I activate the proxy on this other machine, I get the same problem (without changing anything else).

I've looked to the http data. I get the following messaging from Amazon, for the PUT method :

<Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message>

I have the same problem if I want to copy/create a file in the mounted directory.
It seems Amazon is recalculating the signature only in the case of a PUT method.

I've configured Squid with, looking to the Issue 59 :

via off
forwarded_for off
ignore_expect_100 on
Originally created by @cjuste on GitHub (Oct 1, 2014). Original GitHub issue: https://github.com/s3fs-fuse/s3fs-fuse/issues/61 Hello, I'm using s3fs with a transparent proxy squid. I'm using the allow_other option. I can read data on s3 without any problem, s3 and my directory are synced. But if I try for example ``` mkdir /mnt/s3/test/ ``` I always get : ``` mkdir: cannot create directory ‘/mnt/s3/test/’: Operation not permitted ``` For this machine, I have to use a proxy. I've tried on another machine, which works fine without the proxy (it's the same accessKey/secretKey and the same bucket). If I activate the proxy on this other machine, I get the same problem (without changing anything else). I've looked to the http data. I get the following messaging from Amazon, for the PUT method : ``` <Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message> ``` I have the same problem if I want to copy/create a file in the mounted directory. It seems Amazon is recalculating the signature only in the case of a PUT method. I've configured Squid with, looking to the <a href="https://code.google.com/p/s3fs/issues/detail?id=59">Issue 59</a> : ``` via off forwarded_for off ignore_expect_100 on ```
kerem closed this issue 2026-03-04 01:41:23 +03:00
kerem commented 2026-03-04 01:41:24 +03:00
Author
Owner
Copy link

@gaul commented on GitHub (Oct 1, 2014):

Some proxies rewrite or add some headers, probably the Date in this case. If you can dump the HTTP request before and after it hits the proxy we can debug this further. If it is rewriting date, you might be able to configure squid differently or we can change s3fs-fuse to use the x-amz-date header instead:

http://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html

<!-- gh-comment-id:57499611 --> @gaul commented on GitHub (Oct 1, 2014): Some proxies rewrite or add some headers, probably the Date in this case. If you can dump the HTTP request before and after it hits the proxy we can debug this further. If it is rewriting date, you might be able to configure squid differently or we can change s3fs-fuse to use the x-amz-date header instead: http://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html
kerem commented 2026-03-04 01:41:24 +03:00
Author
Owner
Copy link

@cjuste commented on GitHub (Oct 2, 2014):

Thanks a lot for the tip, I found the problem.
Squid wasn't rewriting the date, it was simply than some custom headers were'nt allowed in the configuration and so were cut by Squid.

Adding the squid configuration :

request_header_access All allow all

solved the problem.

<!-- gh-comment-id:57598487 --> @cjuste commented on GitHub (Oct 2, 2014): Thanks a lot for the tip, I found the problem. Squid wasn't rewriting the date, it was simply than some custom headers were'nt allowed in the configuration and so were cut by Squid. Adding the squid configuration : ``` request_header_access All allow all ``` solved the problem.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
v1.97
v1.96
v1.95
v1.94
v1.93
v1.92
v1.91
v1.90
v1.89
v1.88
v1.87
v1.86
v1.85
v1.84
v1.83
v1.82
v1.81
v1.80
v1.79
v1.78
Pre-v1.78
v1.77
v1.76
v1.75
v1.74
Labels
Clear labels   
bug

   
bug

   
dataloss

   
duplicate

   
enhancement

   
feature request

   
help wanted

   
invalid

   
need info

   
performance

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question

   
testing
No labels
bug
bug
dataloss
duplicate
enhancement
feature request
help wanted
invalid
need info
performance
pull-request
question
question
testing
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/s3fs-fuse#36
No description provided.