starred/s3fs-fuse
1
0
Fork 0
mirror of https://github.com/s3fs-fuse/s3fs-fuse.git synced 2026-04-25 21:35:58 +03:00
Code Issues 305 Projects Releases 5 Packages Wiki Activity

[GH-ISSUE #947] S3FS will not connect to USEAST2 server #534

New issue
Closed
opened 2026-03-04 01:46:26 +03:00 by kerem · 1 comment
kerem commented 2026-03-04 01:46:26 +03:00
Owner
Copy link

Originally created by @chand1012 on GitHub (Feb 1, 2019).
Original GitHub issue: https://github.com/s3fs-fuse/s3fs-fuse/issues/947

Version of s3fs being used

v 1.82

Version of fuse being used

v 2.9.7

Kernel information

4.15.0-1021-aws

GNU/Linux Distribution

Ubuntu 18.04.1 LTS

s3fs command line used, if applicable

 s3fs hentaidata ~/s3bucket -o passwd_file=${HOME}/.passwd-s3fs -o dbglevel=info -f -o curldbg

s3fs syslog messages

[CRT] s3fs.cpp:set_s3fs_log_level(257): change debug level from [CRT] to [INF]
[INF]     s3fs.cpp:set_mountpoint_attribute(4193): PROC(uid=1000, gid=1000) - MountPoint(uid=1000, gid=1000, mode=40775)
[CRT] s3fs.cpp:s3fs_init(3378): init v1.82(commit:unknown) with GnuTLS(gcrypt)
[INF] s3fs.cpp:s3fs_check_service(3754): check services.
[INF]       curl.cpp:CheckBucket(2914): check a bucket.
[INF]       curl.cpp:prepare_url(4205): URL is https://s3.amazonaws.com/hentaidata/
[INF]       curl.cpp:prepare_url(4237): URL changed is https://hentaidata.s3.amazonaws.com/
[INF]       curl.cpp:insertV4Headers(2267): computing signature [GET] [/] [] []
[INF]       curl.cpp:url_to_host(100): url is https://s3.amazonaws.com
*   Trying 52.216.85.147...
* TCP_NODELAY set
* Connected to hentaidata.s3.amazonaws.com (52.216.85.147) port 443 (#0)
* found 133 certificates in /etc/ssl/certs/ca-certificates.crt
* found 399 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256
*        server certificate verification OK
*        server certificate status verification SKIPPED
*        common name: *.s3.amazonaws.com (matched)
*        server certificate expiration date OK
*        server certificate activation date OK
*        certificate public key: RSA
*        certificate version: #3
*        subject: C=US,ST=Washington,L=Seattle,O=Amazon.com Inc.,CN=*.s3.amazonaws.com
*        start date: Wed, 07 Nov 2018 00:00:00 GMT
*        expire date: Fri, 07 Feb 2020 12:00:00 GMT
*        issuer: C=US,O=DigiCert Inc,OU=www.digicert.com,CN=DigiCert Baltimore CA-2 G2
*        compression: NULL
* ALPN, server did not agree to a protocol
> GET / HTTP/1.1
host: hentaidata.s3.amazonaws.com
User-Agent: s3fs/1.82 (commit hash unknown; GnuTLS(gcrypt))
Accept: */*
Authorization: AWS4-HMAC-SHA256 Credential=AKIAISS32S2J4V7AM4AA/20190201/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=d5194d54ce1977b7bdd65502de3e60caeb15868127c4f7de61e77d6c43cf9d7c
x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
x-amz-date: 20190201T204324Z

< HTTP/1.1 307 Temporary Redirect
< x-amz-bucket-region: us-east-2
< x-amz-request-id: 90634B274B965EBD
< x-amz-id-2: 1uriHSGYVS6LhwZyz/y44DgZNjJcjgrFSSkKJHYyzYbSfbmVnWHiRSGQCcr//A2Fwba8E2Rr028=
< Location: https://hentaidata.s3.us-east-2.amazonaws.com/
< Content-Type: application/xml
< Transfer-Encoding: chunked
< Date: Fri, 01 Feb 2019 20:43:23 GMT
< Server: AmazonS3
<
* Ignoring the response-body
* Connection #0 to host hentaidata.s3.amazonaws.com left intact
* Issue another request to this URL: 'https://hentaidata.s3.us-east-2.amazonaws.com/'
*   Trying 52.219.104.192...
* TCP_NODELAY set
* Connected to hentaidata.s3.us-east-2.amazonaws.com (52.219.104.192) port 443 (#1)
* found 133 certificates in /etc/ssl/certs/ca-certificates.crt
* found 399 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256
*        server certificate verification OK
*        server certificate status verification SKIPPED
*        common name: *.s3.us-east-2.amazonaws.com (matched)
*        server certificate expiration date OK
*        server certificate activation date OK
*        certificate public key: RSA
*        certificate version: #3
*        subject: C=US,ST=Washington,L=Seattle,O=Amazon.com Inc.,CN=*.s3.us-east-2.amazonaws.com
*        start date: Thu, 08 Nov 2018 00:00:00 GMT
*        expire date: Mon, 01 Apr 2019 12:00:00 GMT
*        issuer: C=US,O=DigiCert Inc,OU=www.digicert.com,CN=DigiCert Baltimore CA-2 G2
*        compression: NULL
* ALPN, server did not agree to a protocol
> GET / HTTP/1.1
Host: hentaidata.s3.us-east-2.amazonaws.com
User-Agent: s3fs/1.82 (commit hash unknown; GnuTLS(gcrypt))
Accept: */*
x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
x-amz-date: 20190201T204324Z

< HTTP/1.1 403 Forbidden
< x-amz-bucket-region: us-east-2
< x-amz-request-id: 8642AA012D6A4009
< x-amz-id-2: 5V8Q9bT5rbdtf94c8v28B9GoPBksyNDT1waqm/X15SdmTBx8/js47g0G/BhdScS8n0hrGdwkk38=
< Content-Type: application/xml
< Transfer-Encoding: chunked
< Date: Fri, 01 Feb 2019 20:43:24 GMT
< Server: AmazonS3
<
* Connection #1 to host hentaidata.s3.us-east-2.amazonaws.com left intact
[INF]       curl.cpp:RequestPerform(1957): HTTP response code 403 was returned, returning EPERM
[ERR] curl.cpp:CheckBucket(2953): Check bucket failed, S3 response: <?xml version="1.0" encoding="UTF-8"?>
<Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>8642AA012D6A4009</RequestId><HostId>5V8Q9bT5rbdtf94c8v28B9GoPBksyNDT1waqm/X15SdmTBx8/js47g0G/BhdScS8n0hrGdwkk38=</HostId></Error>
[WAN] s3fs.cpp:s3fs_check_service(3795): Could not connect, so retry to connect by signature version 2.
[INF]       curl.cpp:CheckBucket(2914): check a bucket.
[INF]       curl.cpp:prepare_url(4205): URL is https://s3.amazonaws.com/hentaidata/
[INF]       curl.cpp:prepare_url(4237): URL changed is https://hentaidata.s3.amazonaws.com/
* Found bundle for host hentaidata.s3.amazonaws.com: 0x7f121014a0b0 [can pipeline]
* Re-using existing connection! (#0) with host hentaidata.s3.amazonaws.com
* Connected to hentaidata.s3.amazonaws.com (52.216.85.147) port 443 (#0)
> GET / HTTP/1.1
Host: hentaidata.s3.amazonaws.com
User-Agent: s3fs/1.82 (commit hash unknown; GnuTLS(gcrypt))
Accept: */*
Authorization: AWS AKIAISS32S2J4V7AM4AA:oMKGtEYc449i3MPgh2scgTT+6Dk=
Date: Fri, 01 Feb 2019 20:43:24 GMT

< HTTP/1.1 307 Temporary Redirect
< x-amz-bucket-region: us-east-2
< x-amz-request-id: 0D479C2F0D199C87
< x-amz-id-2: +h/DcfrT8da6fX4iA2ch0PLnKIM2y9lwDKCJfqN6guNLlx49KrqSM4OGYi4ZxU1HmVC6B966Fxs=
< Location: https://hentaidata.s3.us-east-2.amazonaws.com/
< Content-Type: application/xml
< Transfer-Encoding: chunked
< Date: Fri, 01 Feb 2019 20:43:24 GMT
< Server: AmazonS3
<
* Ignoring the response-body
* Connection #0 to host hentaidata.s3.amazonaws.com left intact
* Issue another request to this URL: 'https://hentaidata.s3.us-east-2.amazonaws.com/'
* Found bundle for host hentaidata.s3.us-east-2.amazonaws.com: 0x7f1210e42440 [can pipeline]
* Re-using existing connection! (#1) with host hentaidata.s3.us-east-2.amazonaws.com
* Connected to hentaidata.s3.us-east-2.amazonaws.com (52.219.104.192) port 443 (#1)
> GET / HTTP/1.1
Host: hentaidata.s3.us-east-2.amazonaws.com
User-Agent: s3fs/1.82 (commit hash unknown; GnuTLS(gcrypt))
Accept: */*
Date: Fri, 01 Feb 2019 20:43:24 GMT

< HTTP/1.1 403 Forbidden
< x-amz-bucket-region: us-east-2
< x-amz-request-id: E14BBC17B304BA56
< x-amz-id-2: rzBldhCYpOxLjWY5t7gxrFbdCTJo8gj/YyUb1KM4yo9tit/IpWYIqbdHzbwso+BgcDv9LOdnERU=
< Content-Type: application/xml
< Transfer-Encoding: chunked
< Date: Fri, 01 Feb 2019 20:43:24 GMT
< Server: AmazonS3
<
* Connection #1 to host hentaidata.s3.us-east-2.amazonaws.com left intact
[INF]       curl.cpp:RequestPerform(1957): HTTP response code 403 was returned, returning EPERM
[ERR] curl.cpp:CheckBucket(2953): Check bucket failed, S3 response: <?xml version="1.0" encoding="UTF-8"?>
<Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>E14BBC17B304BA56</RequestId><HostId>rzBldhCYpOxLjWY5t7gxrFbdCTJo8gj/YyUb1KM4yo9tit/IpWYIqbdHzbwso+BgcDv9LOdnERU=</HostId></Error>
[CRT] s3fs.cpp:s3fs_check_service(3810): invalid credentials(host=https://s3.amazonaws.com) - result of checking service.
[ERR] s3fs.cpp:s3fs_exit_fuseloop(3368): Exiting FUSE event loop due to errors

[INF] s3fs.cpp:s3fs_destroy(3441): destroy
[WAN] s3fs.cpp:s3fs_destroy(3445): Could not release curl library.

Details about issue

Basically, I added a new IAM user with full access to all of my S3 instances, but no matter how many times I change the command line options or how much permissions I give the user it will not allow my EC2 instance to connect to my bucket. I am new at this so its probably me but I cannot find any help in the documentation.

Originally created by @chand1012 on GitHub (Feb 1, 2019). Original GitHub issue: https://github.com/s3fs-fuse/s3fs-fuse/issues/947 #### Version of s3fs being used v 1.82 #### Version of fuse being used v 2.9.7 #### Kernel information 4.15.0-1021-aws #### GNU/Linux Distribution Ubuntu 18.04.1 LTS #### s3fs command line used, if applicable ``` s3fs hentaidata ~/s3bucket -o passwd_file=${HOME}/.passwd-s3fs -o dbglevel=info -f -o curldbg ``` #### s3fs syslog messages ``` [CRT] s3fs.cpp:set_s3fs_log_level(257): change debug level from [CRT] to [INF] [INF] s3fs.cpp:set_mountpoint_attribute(4193): PROC(uid=1000, gid=1000) - MountPoint(uid=1000, gid=1000, mode=40775) [CRT] s3fs.cpp:s3fs_init(3378): init v1.82(commit:unknown) with GnuTLS(gcrypt) [INF] s3fs.cpp:s3fs_check_service(3754): check services. [INF] curl.cpp:CheckBucket(2914): check a bucket. [INF] curl.cpp:prepare_url(4205): URL is https://s3.amazonaws.com/hentaidata/ [INF] curl.cpp:prepare_url(4237): URL changed is https://hentaidata.s3.amazonaws.com/ [INF] curl.cpp:insertV4Headers(2267): computing signature [GET] [/] [] [] [INF] curl.cpp:url_to_host(100): url is https://s3.amazonaws.com * Trying 52.216.85.147... * TCP_NODELAY set * Connected to hentaidata.s3.amazonaws.com (52.216.85.147) port 443 (#0) * found 133 certificates in /etc/ssl/certs/ca-certificates.crt * found 399 certificates in /etc/ssl/certs * ALPN, offering http/1.1 * SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256 * server certificate verification OK * server certificate status verification SKIPPED * common name: *.s3.amazonaws.com (matched) * server certificate expiration date OK * server certificate activation date OK * certificate public key: RSA * certificate version: #3 * subject: C=US,ST=Washington,L=Seattle,O=Amazon.com Inc.,CN=*.s3.amazonaws.com * start date: Wed, 07 Nov 2018 00:00:00 GMT * expire date: Fri, 07 Feb 2020 12:00:00 GMT * issuer: C=US,O=DigiCert Inc,OU=www.digicert.com,CN=DigiCert Baltimore CA-2 G2 * compression: NULL * ALPN, server did not agree to a protocol > GET / HTTP/1.1 host: hentaidata.s3.amazonaws.com User-Agent: s3fs/1.82 (commit hash unknown; GnuTLS(gcrypt)) Accept: */* Authorization: AWS4-HMAC-SHA256 Credential=AKIAISS32S2J4V7AM4AA/20190201/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=d5194d54ce1977b7bdd65502de3e60caeb15868127c4f7de61e77d6c43cf9d7c x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 x-amz-date: 20190201T204324Z < HTTP/1.1 307 Temporary Redirect < x-amz-bucket-region: us-east-2 < x-amz-request-id: 90634B274B965EBD < x-amz-id-2: 1uriHSGYVS6LhwZyz/y44DgZNjJcjgrFSSkKJHYyzYbSfbmVnWHiRSGQCcr//A2Fwba8E2Rr028= < Location: https://hentaidata.s3.us-east-2.amazonaws.com/ < Content-Type: application/xml < Transfer-Encoding: chunked < Date: Fri, 01 Feb 2019 20:43:23 GMT < Server: AmazonS3 < * Ignoring the response-body * Connection #0 to host hentaidata.s3.amazonaws.com left intact * Issue another request to this URL: 'https://hentaidata.s3.us-east-2.amazonaws.com/' * Trying 52.219.104.192... * TCP_NODELAY set * Connected to hentaidata.s3.us-east-2.amazonaws.com (52.219.104.192) port 443 (#1) * found 133 certificates in /etc/ssl/certs/ca-certificates.crt * found 399 certificates in /etc/ssl/certs * ALPN, offering http/1.1 * SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256 * server certificate verification OK * server certificate status verification SKIPPED * common name: *.s3.us-east-2.amazonaws.com (matched) * server certificate expiration date OK * server certificate activation date OK * certificate public key: RSA * certificate version: #3 * subject: C=US,ST=Washington,L=Seattle,O=Amazon.com Inc.,CN=*.s3.us-east-2.amazonaws.com * start date: Thu, 08 Nov 2018 00:00:00 GMT * expire date: Mon, 01 Apr 2019 12:00:00 GMT * issuer: C=US,O=DigiCert Inc,OU=www.digicert.com,CN=DigiCert Baltimore CA-2 G2 * compression: NULL * ALPN, server did not agree to a protocol > GET / HTTP/1.1 Host: hentaidata.s3.us-east-2.amazonaws.com User-Agent: s3fs/1.82 (commit hash unknown; GnuTLS(gcrypt)) Accept: */* x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 x-amz-date: 20190201T204324Z < HTTP/1.1 403 Forbidden < x-amz-bucket-region: us-east-2 < x-amz-request-id: 8642AA012D6A4009 < x-amz-id-2: 5V8Q9bT5rbdtf94c8v28B9GoPBksyNDT1waqm/X15SdmTBx8/js47g0G/BhdScS8n0hrGdwkk38= < Content-Type: application/xml < Transfer-Encoding: chunked < Date: Fri, 01 Feb 2019 20:43:24 GMT < Server: AmazonS3 < * Connection #1 to host hentaidata.s3.us-east-2.amazonaws.com left intact [INF] curl.cpp:RequestPerform(1957): HTTP response code 403 was returned, returning EPERM [ERR] curl.cpp:CheckBucket(2953): Check bucket failed, S3 response: <?xml version="1.0" encoding="UTF-8"?> <Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>8642AA012D6A4009</RequestId><HostId>5V8Q9bT5rbdtf94c8v28B9GoPBksyNDT1waqm/X15SdmTBx8/js47g0G/BhdScS8n0hrGdwkk38=</HostId></Error> [WAN] s3fs.cpp:s3fs_check_service(3795): Could not connect, so retry to connect by signature version 2. [INF] curl.cpp:CheckBucket(2914): check a bucket. [INF] curl.cpp:prepare_url(4205): URL is https://s3.amazonaws.com/hentaidata/ [INF] curl.cpp:prepare_url(4237): URL changed is https://hentaidata.s3.amazonaws.com/ * Found bundle for host hentaidata.s3.amazonaws.com: 0x7f121014a0b0 [can pipeline] * Re-using existing connection! (#0) with host hentaidata.s3.amazonaws.com * Connected to hentaidata.s3.amazonaws.com (52.216.85.147) port 443 (#0) > GET / HTTP/1.1 Host: hentaidata.s3.amazonaws.com User-Agent: s3fs/1.82 (commit hash unknown; GnuTLS(gcrypt)) Accept: */* Authorization: AWS AKIAISS32S2J4V7AM4AA:oMKGtEYc449i3MPgh2scgTT+6Dk= Date: Fri, 01 Feb 2019 20:43:24 GMT < HTTP/1.1 307 Temporary Redirect < x-amz-bucket-region: us-east-2 < x-amz-request-id: 0D479C2F0D199C87 < x-amz-id-2: +h/DcfrT8da6fX4iA2ch0PLnKIM2y9lwDKCJfqN6guNLlx49KrqSM4OGYi4ZxU1HmVC6B966Fxs= < Location: https://hentaidata.s3.us-east-2.amazonaws.com/ < Content-Type: application/xml < Transfer-Encoding: chunked < Date: Fri, 01 Feb 2019 20:43:24 GMT < Server: AmazonS3 < * Ignoring the response-body * Connection #0 to host hentaidata.s3.amazonaws.com left intact * Issue another request to this URL: 'https://hentaidata.s3.us-east-2.amazonaws.com/' * Found bundle for host hentaidata.s3.us-east-2.amazonaws.com: 0x7f1210e42440 [can pipeline] * Re-using existing connection! (#1) with host hentaidata.s3.us-east-2.amazonaws.com * Connected to hentaidata.s3.us-east-2.amazonaws.com (52.219.104.192) port 443 (#1) > GET / HTTP/1.1 Host: hentaidata.s3.us-east-2.amazonaws.com User-Agent: s3fs/1.82 (commit hash unknown; GnuTLS(gcrypt)) Accept: */* Date: Fri, 01 Feb 2019 20:43:24 GMT < HTTP/1.1 403 Forbidden < x-amz-bucket-region: us-east-2 < x-amz-request-id: E14BBC17B304BA56 < x-amz-id-2: rzBldhCYpOxLjWY5t7gxrFbdCTJo8gj/YyUb1KM4yo9tit/IpWYIqbdHzbwso+BgcDv9LOdnERU= < Content-Type: application/xml < Transfer-Encoding: chunked < Date: Fri, 01 Feb 2019 20:43:24 GMT < Server: AmazonS3 < * Connection #1 to host hentaidata.s3.us-east-2.amazonaws.com left intact [INF] curl.cpp:RequestPerform(1957): HTTP response code 403 was returned, returning EPERM [ERR] curl.cpp:CheckBucket(2953): Check bucket failed, S3 response: <?xml version="1.0" encoding="UTF-8"?> <Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>E14BBC17B304BA56</RequestId><HostId>rzBldhCYpOxLjWY5t7gxrFbdCTJo8gj/YyUb1KM4yo9tit/IpWYIqbdHzbwso+BgcDv9LOdnERU=</HostId></Error> [CRT] s3fs.cpp:s3fs_check_service(3810): invalid credentials(host=https://s3.amazonaws.com) - result of checking service. [ERR] s3fs.cpp:s3fs_exit_fuseloop(3368): Exiting FUSE event loop due to errors [INF] s3fs.cpp:s3fs_destroy(3441): destroy [WAN] s3fs.cpp:s3fs_destroy(3445): Could not release curl library. ``` ### Details about issue Basically, I added a new IAM user with full access to all of my S3 instances, but no matter how many times I change the command line options or how much permissions I give the user it will not allow my EC2 instance to connect to my bucket. I am new at this so its probably me but I cannot find any help in the documentation.
kerem closed this issue 2026-03-04 01:46:27 +03:00
kerem commented 2026-03-04 01:46:27 +03:00
Author
Owner
Copy link

@gaul commented on GitHub (Feb 2, 2019):

Can you try adding -o endpoint us-east-2 to your flags? If you compile from master you might find better region detection via #911.

<!-- gh-comment-id:459919586 --> @gaul commented on GitHub (Feb 2, 2019): Can you try adding `-o endpoint us-east-2` to your flags? If you compile from master you might find better region detection via #911.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
v1.97
v1.96
v1.95
v1.94
v1.93
v1.92
v1.91
v1.90
v1.89
v1.88
v1.87
v1.86
v1.85
v1.84
v1.83
v1.82
v1.81
v1.80
v1.79
v1.78
Pre-v1.78
v1.77
v1.76
v1.75
v1.74
Labels
Clear labels   
bug

   
bug

   
dataloss

   
duplicate

   
enhancement

   
feature request

   
help wanted

   
invalid

   
need info

   
performance

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question

   
testing
No labels
bug
bug
dataloss
duplicate
enhancement
feature request
help wanted
invalid
need info
performance
pull-request
question
question
testing
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/s3fs-fuse#534
No description provided.