[GH-ISSUE #1196] Mounting S3 Bucket using IAM Role #634

New issue

Closed

opened 2026-03-04 01:47:24 +03:00 by kerem · 3 comments

kerem commented 2026-03-04 01:47:24 +03:00

Owner

Copy link

Originally created by @aric49 on GitHub (Nov 12, 2019).
Original GitHub issue: https://github.com/s3fs-fuse/s3fs-fuse/issues/1196

Additional Information

In our AWS account, we have two EC2 instances configured with an IAM role which allows read and write access to our S3 bucket. One of our instances is able to successfully mount this instance using the IAM role while the other instance cannot. Both instances were working successfully until we took one of the instances down for a reboot earlier today.

Version of s3fs being used (s3fs --version)

On both instances:
Amazon Simple Storage Service File System V1.85 (commit:cc4a307) with OpenSSL

Version of fuse being used (pkg-config --modversion fuse, rpm -qi fuse, dpkg -s fuse)

On both instances:

rpm -qi fuse
Name        : fuse
Version     : 2.9.4
Release     : 1.18.amzn1
Architecture: x86_64
Install Date: Mon 26 Aug 2019 12:22:57 AM UTC
Group       : System Environment/Base
Size        : 213917
License     : GPL+
Signature   : RSA/SHA256, Thu 18 Apr 2019 06:20:01 PM UTC, Key ID bcb4a85b21c0f39f
Source RPM  : fuse-2.9.4-1.18.amzn1.src.rpm
Build Date  : Fri 12 Apr 2019 05:49:04 PM UTC
Build Host  : build-64001.build
Relocations : (not relocatable)
Packager    : Amazon.com, Inc. <http://aws.amazon.com>
Vendor      : Amazon.com
URL         : http://fuse.sf.net
Summary     : File System in Userspace (FUSE) utilities
Description :
With FUSE it is possible to implement a fully functional filesystem in a
userspace program. This package contains the FUSE userspace tools to
mount a FUSE filesystem.

Kernel information (uname -r)

4.14.146-93.123.amzn1.x86_64

GNU/Linux Distribution, if applicable (cat /etc/os-release)

NAME="Amazon Linux AMI"
VERSION="2018.03"
ID="amzn"
ID_LIKE="rhel fedora"
VERSION_ID="2018.03"
PRETTY_NAME="Amazon Linux AMI 2018.03"
ANSI_COLOR="0;33"
CPE_NAME="cpe:/o:amazon:linux:2018.03:ga"
HOME_URL="http://aws.amazon.com/amazon-linux-ami/"

s3fs command line used, if applicable

sudo /usr/local/sbin/s3fs -o iam_role="ecsInstanceRole" -o url="https://s3.us-east-1.amazonaws.com" -o endpoint=us-east-1 -o dbglevel=info -o curldbg -o allow_other -o use_cache=/tmp myBucket:/artifactory /s3artifactory

/etc/fstab entry, if applicable

myBucket:/artifactory /s3artifactory fuse.s3fs _netdev,iam_role=ecsInstanceRole,allow_other 0 0

s3fs syslog messages (grep s3fs /var/log/syslog, journalctl | grep s3fs, or s3fs outputs)

if you execute s3fs with dbglevel, curldbg option, you can get detail debug messages
Attempting to run directly from Bash:

[ec2-user@ip-172-16-79-188 ~]$ sudo /usr/local/sbin/s3fs -o iam_role="ecsInstanceRole" -o url="https://s3.us-east-1.amazonaws.com" -o endpoint=us-east-1 -o dbglevel=info -o curldbg -o allow_other -o use_cache=/tmp myBucket:/artifactory /s3artifactory
[ec2-user@ip-172-16-79-188 ~]$ $? #Returns zero exit code!
-bash: 0: command not found
[ec2-user@ip-172-16-79-188 ~]$ sudo ls -la /s3artifactory 
ls: cannot access /s3artifactory: Transport endpoint is not connected

Trying to mount from /etc/fstab:

[ec2-user@ip-172-16-79-188 ~]$ sudo mount -a
[ec2-user@ip-172-16-79-188 ~]$ sudo ls -la /s3artifactory 
ls: cannot access /s3artifactory: Transport endpoint is not connected

Details about issue

Mounting the S3 bucket using the IAM role does not appear to work, only one one instance. The other instance seems to be working fine. I have checked that both instances have the ecsInstanceRole IAM role, and I can see it from the EC2 metadata from inside the instance:
NonWorking Instance:

[ec2-user@ip-172-16-79-188 ~]$  curl http://169.254.169.254/latest/meta-data/iam/info
{
  "Code" : "Success",
  "LastUpdated" : "2019-11-12T21:06:09Z",
  "InstanceProfileArn" : "arn:aws:iam::XXXXXXXXXXXXX:instance-profile/ecsInstanceRole",
  "InstanceProfileId" : "AIPAJPQPCF2PWAMX2C3J

Working Instance:

[root@ip-172-16-28-124 ~]# curl http://169.254.169.254/latest/meta-data/iam/info
{
  "Code" : "Success",
  "LastUpdated" : "2019-11-12T20:32:29Z",
  "InstanceProfileArn" : "arn:aws:iam::XXXXXXXXXXX:instance-profile/ecsInstanceRole",
  "InstanceProfileId" : "AIPAJPQPCF2PWAMX2C3JA"

I thought maybe something was up with networking on the non-working instance, but I can mount the S3 bucket if I specify a credential file:

[ec2-user@ip-172-16-79-188 ~]$ sudo /usr/local/sbin/s3fs -o passwd_file=/home/ec2-user/.passwd -o url="https://s3.us-east-1.amazonaws.com" -o endpoint=us-east-1 -o dbglevel=info -o curldbg -o allow_other -o use_cache=/tmp myBucket:/artifactory /s3artifactory
[ec2-user@ip-172-16-79-188 ~]$ $?
-bash: 0: command not found
[ec2-user@ip-172-16-79-188 ~]$ sudo ls -la /s3artifactory
total 5
drwxrwxrwx  1 root root    0 Jan  1  1970 .
dr-xr-xr-x 30 root root 4096 Nov 12 20:09 ..
drwxr-x---  1 root root    0 Jan  1  1970 backup-weekly

To me, the issue seems isolated to using IAM role to mount the bucket, which was previously working. Any help is super appreciated!

Originally created by @aric49 on GitHub (Nov 12, 2019). Original GitHub issue: https://github.com/s3fs-fuse/s3fs-fuse/issues/1196 ### Additional Information In our AWS account, we have two EC2 instances configured with an IAM role which allows read and write access to our S3 bucket. One of our instances is able to successfully mount this instance using the IAM role while the other instance cannot. Both instances were working successfully until we took one of the instances down for a reboot earlier today. #### Version of s3fs being used (s3fs --version) On both instances: Amazon Simple Storage Service File System V1.85 (commit:cc4a307) with OpenSSL #### Version of fuse being used (pkg-config --modversion fuse, rpm -qi fuse, dpkg -s fuse) On both instances: ``` rpm -qi fuse Name : fuse Version : 2.9.4 Release : 1.18.amzn1 Architecture: x86_64 Install Date: Mon 26 Aug 2019 12:22:57 AM UTC Group : System Environment/Base Size : 213917 License : GPL+ Signature : RSA/SHA256, Thu 18 Apr 2019 06:20:01 PM UTC, Key ID bcb4a85b21c0f39f Source RPM : fuse-2.9.4-1.18.amzn1.src.rpm Build Date : Fri 12 Apr 2019 05:49:04 PM UTC Build Host : build-64001.build Relocations : (not relocatable) Packager : Amazon.com, Inc. <http://aws.amazon.com> Vendor : Amazon.com URL : http://fuse.sf.net Summary : File System in Userspace (FUSE) utilities Description : With FUSE it is possible to implement a fully functional filesystem in a userspace program. This package contains the FUSE userspace tools to mount a FUSE filesystem. ``` #### Kernel information (uname -r) ``` 4.14.146-93.123.amzn1.x86_64 ``` #### GNU/Linux Distribution, if applicable (cat /etc/os-release) ``` NAME="Amazon Linux AMI" VERSION="2018.03" ID="amzn" ID_LIKE="rhel fedora" VERSION_ID="2018.03" PRETTY_NAME="Amazon Linux AMI 2018.03" ANSI_COLOR="0;33" CPE_NAME="cpe:/o:amazon:linux:2018.03:ga" HOME_URL="http://aws.amazon.com/amazon-linux-ami/" ``` #### s3fs command line used, if applicable ``` sudo /usr/local/sbin/s3fs -o iam_role="ecsInstanceRole" -o url="https://s3.us-east-1.amazonaws.com" -o endpoint=us-east-1 -o dbglevel=info -o curldbg -o allow_other -o use_cache=/tmp myBucket:/artifactory /s3artifactory ``` #### /etc/fstab entry, if applicable ``` myBucket:/artifactory /s3artifactory fuse.s3fs _netdev,iam_role=ecsInstanceRole,allow_other 0 0 ``` #### s3fs syslog messages (grep s3fs /var/log/syslog, journalctl | grep s3fs, or s3fs outputs) _if you execute s3fs with dbglevel, curldbg option, you can get detail debug messages_ Attempting to run directly from Bash: ``` [ec2-user@ip-172-16-79-188 ~]$ sudo /usr/local/sbin/s3fs -o iam_role="ecsInstanceRole" -o url="https://s3.us-east-1.amazonaws.com" -o endpoint=us-east-1 -o dbglevel=info -o curldbg -o allow_other -o use_cache=/tmp myBucket:/artifactory /s3artifactory [ec2-user@ip-172-16-79-188 ~]$ $? #Returns zero exit code! -bash: 0: command not found [ec2-user@ip-172-16-79-188 ~]$ sudo ls -la /s3artifactory ls: cannot access /s3artifactory: Transport endpoint is not connected ``` Trying to mount from /etc/fstab: ``` [ec2-user@ip-172-16-79-188 ~]$ sudo mount -a [ec2-user@ip-172-16-79-188 ~]$ sudo ls -la /s3artifactory ls: cannot access /s3artifactory: Transport endpoint is not connected ``` ### Details about issue Mounting the S3 bucket using the IAM role does not appear to work, only one one instance. The other instance seems to be working fine. I have checked that both instances have the `ecsInstanceRole` IAM role, and I can see it from the EC2 metadata from inside the instance: **NonWorking Instance:** ``` [ec2-user@ip-172-16-79-188 ~]$ curl http://169.254.169.254/latest/meta-data/iam/info { "Code" : "Success", "LastUpdated" : "2019-11-12T21:06:09Z", "InstanceProfileArn" : "arn:aws:iam::XXXXXXXXXXXXX:instance-profile/ecsInstanceRole", "InstanceProfileId" : "AIPAJPQPCF2PWAMX2C3J ``` **Working Instance:** ``` [root@ip-172-16-28-124 ~]# curl http://169.254.169.254/latest/meta-data/iam/info { "Code" : "Success", "LastUpdated" : "2019-11-12T20:32:29Z", "InstanceProfileArn" : "arn:aws:iam::XXXXXXXXXXX:instance-profile/ecsInstanceRole", "InstanceProfileId" : "AIPAJPQPCF2PWAMX2C3JA" ``` I thought maybe something was up with networking on the non-working instance, but I can mount the S3 bucket if I specify a credential file: ``` [ec2-user@ip-172-16-79-188 ~]$ sudo /usr/local/sbin/s3fs -o passwd_file=/home/ec2-user/.passwd -o url="https://s3.us-east-1.amazonaws.com" -o endpoint=us-east-1 -o dbglevel=info -o curldbg -o allow_other -o use_cache=/tmp myBucket:/artifactory /s3artifactory [ec2-user@ip-172-16-79-188 ~]$ $? -bash: 0: command not found [ec2-user@ip-172-16-79-188 ~]$ sudo ls -la /s3artifactory total 5 drwxrwxrwx 1 root root 0 Jan 1 1970 . dr-xr-xr-x 30 root root 4096 Nov 12 20:09 .. drwxr-x--- 1 root root 0 Jan 1 1970 backup-weekly ``` To me, the issue seems isolated to using IAM role to mount the bucket, which was previously working. Any help is super appreciated!

kerem closed this issue 2026-03-04 01:47:25 +03:00

kerem commented 2026-03-04 01:47:26 +03:00

Author

Owner

Copy link

@aric49 commented on GitHub (Nov 13, 2019):

On further investigation, setting the log level to Debug, I am seeing the following messages:

[INF]       curl.cpp:GetIAMCredentials(2850): [IAM role=ecsInstanceRole]                                                                                                                                                             [60/1840]
[INF] curl.cpp:GetHandler(296): Pool empty: force to create new handler                                                                                                                                                                       
[DBG] curl.cpp:RequestPerform(2379): connecting to URL http://169.254.169.254/latest/meta-data/iam/security-credentials/ecsInstanceRole                                                                                                       
[INF]       curl.cpp:GetIAMCredentials(2850): [IAM role=ecsInstanceRole]                                                                                                                                                                      
[INF] curl.cpp:GetHandler(296): Pool empty: force to create new handler                                                                                                                                                                       
[DBG] curl.cpp:RequestPerform(2379): connecting to URL http://169.254.169.254/latest/meta-data/iam/security-credentials/ecsInstanceRole                                                                                                       
[INF]       curl.cpp:GetIAMCredentials(2850): [IAM role=ecsInstanceRole]                                                                                                                                                                      
[INF] curl.cpp:GetHandler(296): Pool empty: force to create new handler                                                                                                                                                                       
[DBG] curl.cpp:RequestPerform(2379): connecting to URL http://169.254.169.254/latest/meta-data/iam/security-credentials/ecsInstanceRole                                                                                                       
[INF]       curl.cpp:GetIAMCredentials(2850): [IAM role=ecsInstanceRole]                                                                                                                                                                      
[INF] curl.cpp:GetHandler(296): Pool empty: force to create new handler                                                                                                                                                                       
[DBG] curl.cpp:RequestPerform(2379): connecting to URL http://169.254.169.254/latest/meta-data/iam/security-credentials/ecsInstanceRole                                                                                                       
[INF]       curl.cpp:GetIAMCredentials(2850): [IAM role=ecsInstanceRole]                                                                                                                                                                      
[INF] curl.cpp:GetHandler(296): Pool empty: force to create new handler                                                                                                                                                                       
[DBG] curl.cpp:RequestPerform(2379): connecting to URL http://169.254.169.254/latest/meta-data/iam/security-credentials/ecsInstanceRole                                                                                                       
[INF]       curl.cpp:GetIAMCredentials(2850): [IAM role=ecsInstanceRole]                                                                                                                                                                      
[INF] curl.cpp:GetHandler(296): Pool empty: force to create new handler                                                                                                                                                                       
[DBG] curl.cpp:RequestPerform(2379): connecting to URL http://169.254.169.254/latest/meta-data/iam/security-credentials/ecsInstanceRole                                                                                                       
[INF]       curl.cpp:GetIAMCredentials(2850): [IAM role=ecsInstanceRole]                                                                                                                                                                      
[INF] curl.cpp:GetHandler(296): Pool empty: force to create new handler                                                                                                                                                                       
[DBG] curl.cpp:RequestPerform(2379): connecting to URL http://169.254.169.254/latest/meta-data/iam/security-credentials/ecsInstanceRole                                                                                                       
[INF]       curl.cpp:GetIAMCredentials(2850): [IAM role=ecsInstanceRole]                                                                                                                                                                      
[INF] curl.cpp:GetHandler(296): Pool empty: force to create new handler                                                                                                                                                                       
[DBG] curl.cpp:RequestPerform(2379): connecting to URL http://169.254.169.254/latest/meta-data/iam/security-credentials/ecsInstanceRole                                                                                                       
[INF]       curl.cpp:GetIAMCredentials(2850): [IAM role=ecsInstanceRole]                                                                                                                                                                      
[INF] curl.cpp:GetHandler(296): Pool empty: force to create new handler                                                                                                                                                                       
[DBG] curl.cpp:RequestPerform(2379): connecting to URL http://169.254.169.254/latest/meta-data/iam/security-credentials/ecsInstanceRole                                                                                                       
[INF]       curl.cpp:GetIAMCredentials(2850): [IAM role=ecsInstanceRole]                                                                                                                                                                      
[INF] curl.cpp:GetHandler(296): Pool empty: force to create new handler                                                                                                                                                                       
[DBG] curl.cpp:RequestPerform(2379): connecting to URL http://169.254.169.254/latest/meta-data/iam/security-credentials/ecsInstanceRole

Hitting the meta data URL manually using CURL, I am able to generate credentials from this box:

$ curl -v http://169.254.169.254/latest/meta-data/iam/security-credentials/ecsInstanceRole
*   Trying 169.254.169.254...
* TCP_NODELAY set
* Connected to 169.254.169.254 (169.254.169.254) port 80 (#0)
> GET /latest/meta-data/iam/security-credentials/ecsInstanceRole HTTP/1.1
> Host: 169.254.169.254
> User-Agent: curl/7.61.1
> Accept: */*
> 
< HTTP/1.1 200 OK
< Content-Type: text/plain
< Accept-Ranges: none
< Last-Modified: Wed, 13 Nov 2019 18:38:57 GMT
< Content-Length: 1298
< Date: Wed, 13 Nov 2019 19:07:00 GMT
< Server: EC2ws
< Connection: close
< 
{
  "Code" : "Success",
  "LastUpdated" : "2019-11-13T18:39:54Z",
  "Type" : "AWS-HMAC",
  "AccessKeyId" : "XXXXXXXXXXXXXXXXXXXXXXXXXXXX",
  "SecretAccessKey" : "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
  "Token" : "CENSORED",
  "Expiration" : "2019-11-14T01:13:56Z"
* Closing connection 0

So it looks like the credentials are created properly... Any idea what I might be missing?

<!-- gh-comment-id:553553789 --> @aric49 commented on GitHub (Nov 13, 2019): On further investigation, setting the log level to Debug, I am seeing the following messages: ``` [INF] curl.cpp:GetIAMCredentials(2850): [IAM role=ecsInstanceRole] [60/1840] [INF] curl.cpp:GetHandler(296): Pool empty: force to create new handler [DBG] curl.cpp:RequestPerform(2379): connecting to URL http://169.254.169.254/latest/meta-data/iam/security-credentials/ecsInstanceRole [INF] curl.cpp:GetIAMCredentials(2850): [IAM role=ecsInstanceRole] [INF] curl.cpp:GetHandler(296): Pool empty: force to create new handler [DBG] curl.cpp:RequestPerform(2379): connecting to URL http://169.254.169.254/latest/meta-data/iam/security-credentials/ecsInstanceRole [INF] curl.cpp:GetIAMCredentials(2850): [IAM role=ecsInstanceRole] [INF] curl.cpp:GetHandler(296): Pool empty: force to create new handler [DBG] curl.cpp:RequestPerform(2379): connecting to URL http://169.254.169.254/latest/meta-data/iam/security-credentials/ecsInstanceRole [INF] curl.cpp:GetIAMCredentials(2850): [IAM role=ecsInstanceRole] [INF] curl.cpp:GetHandler(296): Pool empty: force to create new handler [DBG] curl.cpp:RequestPerform(2379): connecting to URL http://169.254.169.254/latest/meta-data/iam/security-credentials/ecsInstanceRole [INF] curl.cpp:GetIAMCredentials(2850): [IAM role=ecsInstanceRole] [INF] curl.cpp:GetHandler(296): Pool empty: force to create new handler [DBG] curl.cpp:RequestPerform(2379): connecting to URL http://169.254.169.254/latest/meta-data/iam/security-credentials/ecsInstanceRole [INF] curl.cpp:GetIAMCredentials(2850): [IAM role=ecsInstanceRole] [INF] curl.cpp:GetHandler(296): Pool empty: force to create new handler [DBG] curl.cpp:RequestPerform(2379): connecting to URL http://169.254.169.254/latest/meta-data/iam/security-credentials/ecsInstanceRole [INF] curl.cpp:GetIAMCredentials(2850): [IAM role=ecsInstanceRole] [INF] curl.cpp:GetHandler(296): Pool empty: force to create new handler [DBG] curl.cpp:RequestPerform(2379): connecting to URL http://169.254.169.254/latest/meta-data/iam/security-credentials/ecsInstanceRole [INF] curl.cpp:GetIAMCredentials(2850): [IAM role=ecsInstanceRole] [INF] curl.cpp:GetHandler(296): Pool empty: force to create new handler [DBG] curl.cpp:RequestPerform(2379): connecting to URL http://169.254.169.254/latest/meta-data/iam/security-credentials/ecsInstanceRole [INF] curl.cpp:GetIAMCredentials(2850): [IAM role=ecsInstanceRole] [INF] curl.cpp:GetHandler(296): Pool empty: force to create new handler [DBG] curl.cpp:RequestPerform(2379): connecting to URL http://169.254.169.254/latest/meta-data/iam/security-credentials/ecsInstanceRole [INF] curl.cpp:GetIAMCredentials(2850): [IAM role=ecsInstanceRole] [INF] curl.cpp:GetHandler(296): Pool empty: force to create new handler [DBG] curl.cpp:RequestPerform(2379): connecting to URL http://169.254.169.254/latest/meta-data/iam/security-credentials/ecsInstanceRole ``` Hitting the meta data URL manually using CURL, I am able to generate credentials from this box: ``` $ curl -v http://169.254.169.254/latest/meta-data/iam/security-credentials/ecsInstanceRole * Trying 169.254.169.254... * TCP_NODELAY set * Connected to 169.254.169.254 (169.254.169.254) port 80 (#0) > GET /latest/meta-data/iam/security-credentials/ecsInstanceRole HTTP/1.1 > Host: 169.254.169.254 > User-Agent: curl/7.61.1 > Accept: */* > < HTTP/1.1 200 OK < Content-Type: text/plain < Accept-Ranges: none < Last-Modified: Wed, 13 Nov 2019 18:38:57 GMT < Content-Length: 1298 < Date: Wed, 13 Nov 2019 19:07:00 GMT < Server: EC2ws < Connection: close < { "Code" : "Success", "LastUpdated" : "2019-11-13T18:39:54Z", "Type" : "AWS-HMAC", "AccessKeyId" : "XXXXXXXXXXXXXXXXXXXXXXXXXXXX", "SecretAccessKey" : "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", "Token" : "CENSORED", "Expiration" : "2019-11-14T01:13:56Z" * Closing connection 0 ``` So it looks like the credentials are created properly... Any idea what I might be missing?

kerem commented 2026-03-04 01:47:26 +03:00

Author

Owner

Copy link

@aric49 commented on GitHub (Nov 13, 2019):

So it looks like checking out the exact v1.8.5 revision solves the issue for me, from this post: https://github.com/s3fs-fuse/s3fs-fuse/issues/1162#issuecomment-536864032

The autoscaling group we were using was just cloning master and building it. Perhaps there is some new code in master that's breaking mounting using IAM roles?

<!-- gh-comment-id:553561187 --> @aric49 commented on GitHub (Nov 13, 2019): So it looks like checking out the exact v1.8.5 revision solves the issue for me, from this post: https://github.com/s3fs-fuse/s3fs-fuse/issues/1162#issuecomment-536864032 The autoscaling group we were using was just cloning master and building it. Perhaps there is some new code in master that's breaking mounting using IAM roles?

kerem commented 2026-03-04 01:47:26 +03:00

Author

Owner

Copy link

@rallister commented on GitHub (Jan 18, 2020):

there's recursion happening, if it's running as daemon it segfaults and leaves the folder mounted with fuse. transport error is just a symptom.

CheckIAMCredentialUpdate() -> 
   GetIAMCredentials() -> 
       RequestPerform() ->
          insertAuthHeaders() ----> back to CheckIAMCredentialUpdate()

(gdb) backtrace
#0  S3fsCurl::GetIAMCredentials (this=0x7fffeee8f710) at curl.cpp:2855
#1  0x0000555555590da7 in S3fsCurl::CheckIAMCredentialUpdate () at curl.cpp:1901
#2  0x0000555555590de9 in S3fsCurl::insertAuthHeaders (this=0x7fffeee8fac0) at curl.cpp:2805
#3  0x0000555555590f06 in S3fsCurl::RequestPerform (this=0x7fffeee8fac0) at curl.cpp:2387
#4  0x0000555555590952 in S3fsCurl::GetIAMCredentials (this=0x7fffeee8fac0) at curl.cpp:2910
#5  0x0000555555590da7 in S3fsCurl::CheckIAMCredentialUpdate () at curl.cpp:1901
#6  0x0000555555590de9 in S3fsCurl::insertAuthHeaders (this=0x7fffeee8fe70) at curl.cpp:2805
#7  0x0000555555590f06 in S3fsCurl::RequestPerform (this=0x7fffeee8fe70) at curl.cpp:2387
#8  0x0000555555590952 in S3fsCurl::GetIAMCredentials (this=0x7fffeee8fe70) at curl.cpp:2910
#9  0x0000555555590da7 in S3fsCurl::CheckIAMCredentialUpdate () at curl.cpp:1901
#10 0x0000555555590de9 in S3fsCurl::insertAuthHeaders (this=0x7fffeee90220) at curl.cpp:2805
#11 0x0000555555590f06 in S3fsCurl::RequestPerform (this=0x7fffeee90220) at curl.cpp:2387
#12 0x0000555555590952 in S3fsCurl::GetIAMCredentials (this=0x7fffeee90220) at curl.cpp:2910
#13 0x0000555555590da7 in S3fsCurl::CheckIAMCredentialUpdate () at curl.cpp:1901
#14 0x0000555555590de9 in S3fsCurl::insertAuthHeaders (this=0x7fffeee905d0) at curl.cpp:2805
#15 0x0000555555590f06 in S3fsCurl::RequestPerform (this=0x7fffeee905d0) at curl.cpp:2387
#16 0x0000555555590952 in S3fsCurl::GetIAMCredentials (this=0x7fffeee905d0) at curl.cpp:2910
#17 0x0000555555590da7 in S3fsCurl::CheckIAMCredentialUpdate () at curl.cpp:1901
#18 0x000055555556a558 in s3fs_check_service () at s3fs.cpp:3832
#19 s3fs_init (conn=0x55555596ddf4) at s3fs.cpp:3525

<!-- gh-comment-id:575862508 --> @rallister commented on GitHub (Jan 18, 2020): there's recursion happening, if it's running as daemon it segfaults and leaves the folder mounted with fuse. transport error is just a symptom. ``` CheckIAMCredentialUpdate() -> GetIAMCredentials() -> RequestPerform() -> insertAuthHeaders() ----> back to CheckIAMCredentialUpdate() ``` ``` (gdb) backtrace #0 S3fsCurl::GetIAMCredentials (this=0x7fffeee8f710) at curl.cpp:2855 #1 0x0000555555590da7 in S3fsCurl::CheckIAMCredentialUpdate () at curl.cpp:1901 #2 0x0000555555590de9 in S3fsCurl::insertAuthHeaders (this=0x7fffeee8fac0) at curl.cpp:2805 #3 0x0000555555590f06 in S3fsCurl::RequestPerform (this=0x7fffeee8fac0) at curl.cpp:2387 #4 0x0000555555590952 in S3fsCurl::GetIAMCredentials (this=0x7fffeee8fac0) at curl.cpp:2910 #5 0x0000555555590da7 in S3fsCurl::CheckIAMCredentialUpdate () at curl.cpp:1901 #6 0x0000555555590de9 in S3fsCurl::insertAuthHeaders (this=0x7fffeee8fe70) at curl.cpp:2805 #7 0x0000555555590f06 in S3fsCurl::RequestPerform (this=0x7fffeee8fe70) at curl.cpp:2387 #8 0x0000555555590952 in S3fsCurl::GetIAMCredentials (this=0x7fffeee8fe70) at curl.cpp:2910 #9 0x0000555555590da7 in S3fsCurl::CheckIAMCredentialUpdate () at curl.cpp:1901 #10 0x0000555555590de9 in S3fsCurl::insertAuthHeaders (this=0x7fffeee90220) at curl.cpp:2805 #11 0x0000555555590f06 in S3fsCurl::RequestPerform (this=0x7fffeee90220) at curl.cpp:2387 #12 0x0000555555590952 in S3fsCurl::GetIAMCredentials (this=0x7fffeee90220) at curl.cpp:2910 #13 0x0000555555590da7 in S3fsCurl::CheckIAMCredentialUpdate () at curl.cpp:1901 #14 0x0000555555590de9 in S3fsCurl::insertAuthHeaders (this=0x7fffeee905d0) at curl.cpp:2805 #15 0x0000555555590f06 in S3fsCurl::RequestPerform (this=0x7fffeee905d0) at curl.cpp:2387 #16 0x0000555555590952 in S3fsCurl::GetIAMCredentials (this=0x7fffeee905d0) at curl.cpp:2910 #17 0x0000555555590da7 in S3fsCurl::CheckIAMCredentialUpdate () at curl.cpp:1901 #18 0x000055555556a558 in s3fs_check_service () at s3fs.cpp:3832 #19 s3fs_init (conn=0x55555596ddf4) at s3fs.cpp:3525 ```

kerem referenced this issue 2026-03-04 02:01:08 +03:00

[PR #636] [MERGED] Fix intermittent upload failures on macOS #1578

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

v1.97

v1.96

v1.95

v1.94

v1.93

v1.92

v1.91

v1.90

v1.89

v1.88

v1.87

v1.86

v1.85

v1.84

v1.83

v1.82

v1.81

v1.80

v1.79

v1.78

Pre-v1.78

v1.77

v1.76

v1.75

v1.74

Labels

Clear labels   

bug

  

bug

  

dataloss

  

duplicate

  

enhancement

  

feature request

  

help wanted

  

invalid

  

need info

  

performance

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

question

  

testing

No labels

bug

bug

dataloss

duplicate

enhancement

feature request

help wanted

invalid

need info

performance

pull-request

question

question

testing

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/s3fs-fuse#634

No description provided.