starred/s3fs-fuse
1
0
Fork 0
mirror of https://github.com/s3fs-fuse/s3fs-fuse.git synced 2026-04-25 21:35:58 +03:00
Code Issues 305 Projects Releases 5 Packages Wiki Activity

[GH-ISSUE #1518] [RequestPerform] hangs with successful response on docker/alpine #797

New issue
Open
opened 2026-03-04 01:48:52 +03:00 by kerem · 2 comments
kerem commented 2026-03-04 01:48:52 +03:00
Owner
Copy link

Originally created by @aamorozov on GitHub (Jan 14, 2021).
Original GitHub issue: https://github.com/s3fs-fuse/s3fs-fuse/issues/1518

Additional Information

The issue occurs with my setup on multiple versions of s3fs.

I tried using the password file option instead with the following command:

    s3fs -f -o curldbg -o nonempty -o allow_other -o dbglevel="dbg" -o passwd_file=${HOME}/.passwd-s3fs -o url="https://s3.us-east-1.amazonaws.com" -o endpoint="us-east-1" bucket-name ./mount-path

,but the credentials generated from converting with assume-role-with-web-identity did not seem to work with s3fs with the following error:

[CRT] s3fs_logger.cpp:LowSetLogLevel(201): change debug level from [CRT] to [DBG]
[INF]     s3fs.cpp:set_mountpoint_attribute(3988): PROC(uid=0, gid=0) - MountPoint(uid=0, gid=0, mode=40755)
[INF] s3fs_util.cpp:compare_sysname(358): system name is Linux
[WAN] curl.cpp:InitMimeType(406): Could not find mime.types files, you have to create file(/etc/mime.types) or specify mime option for existing mime.types file.
[WAN] s3fs.cpp:main(4882): Missing MIME types prevents setting Content-Type on uploaded objects.
[INF] fdcache_stat.cpp:CheckCacheFileStatTopDir(79): The path to cache top dir is empty, thus not need to check permission.
[INF] s3fs.cpp:s3fs_init(3300): init v1.88(commit:a656321) with OpenSSL
[INF] s3fs.cpp:s3fs_check_service(3416): check services.
[INF]       curl.cpp:CheckBucket(3318): check a bucket.
[DBG] curl_handlerpool.cpp:GetHandler(81): Get handler from pool: rest = 31
[INF]       curl_util.cpp:prepare_url(250): URL is https://s3.us-east-1.amazonaws.com/hidden/
[INF]       curl_util.cpp:prepare_url(283): URL changed is https://hidden.s3.us-east-1.amazonaws.com/
[DBG] curl.cpp:RequestPerform(2234): connecting to URL https://hidden.s3.us-east-1.amazonaws.com/
[INF]       curl.cpp:insertV4Headers(2598): computing signature [GET] [/] [] []
[INF]       curl_util.cpp:url_to_host(327): url is https://s3.us-east-1.amazonaws.com
[CURL DBG] *   Trying 52.217.16.224:443...
[CURL DBG] * Connected to hidden.s3.us-east-1.amazonaws.com (52.217.16.224) port 443 (#0)
[CURL DBG] * successfully set certificate verify locations:
[CURL DBG] *   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: none
[CURL DBG] * TLSv1.3 (OUT), TLS handshake, Client hello (1):
[CURL DBG] * TLSv1.3 (IN), TLS handshake, Server hello (2):
[CURL DBG] * TLSv1.2 (IN), TLS handshake, Certificate (11):
[CURL DBG] * TLSv1.2 (IN), TLS handshake, Server key exchange (12):
[CURL DBG] * TLSv1.2 (IN), TLS handshake, Server finished (14):
[CURL DBG] * TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
[CURL DBG] * TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
[CURL DBG] * TLSv1.2 (OUT), TLS handshake, Finished (20):
[CURL DBG] * TLSv1.2 (IN), TLS handshake, Finished (20):
[CURL DBG] * SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
[CURL DBG] * Server certificate:
[CURL DBG] *  subject: C=US; ST=Washington; L=Seattle; O=Amazon.com, Inc.; CN=s3.amazonaws.com
[CURL DBG] *  start date: Aug  4 00:00:00 2020 GMT
[CURL DBG] *  expire date: Aug  9 12:00:00 2021 GMT
[CURL DBG] *  subjectAltName: host "hidden.s3.us-east-1.amazonaws.com" matched cert's "*.s3.us-east-1.amazonaws.com"
[CURL DBG] *  issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=DigiCert Baltimore CA-2 G2
[CURL DBG] *  SSL certificate verify ok.
[CURL DBG] > GET / HTTP/1.1
[CURL DBG] > Host: hidden.s3.us-east-1.amazonaws.com
[CURL DBG] > User-Agent: s3fs/1.88 (commit hash a656321; OpenSSL)
[CURL DBG] > Accept: */*
[CURL DBG] > Authorization: AWS4-HMAC-SHA256 Credential=hidden/20210114/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=hidden
[CURL DBG] > x-amz-content-sha256: hidden
[CURL DBG] > x-amz-date: 20210114T213952Z
[CURL DBG] >
[CURL DBG] * Mark bundle as not supporting multiuse
[CURL DBG] < HTTP/1.1 403 Forbidden
[CURL DBG] < x-amz-bucket-region: us-east-1
[CURL DBG] < x-amz-request-id: hidden
[CURL DBG] < x-amz-id-2: hidden
[CURL DBG] < Content-Type: application/xml
[CURL DBG] < Transfer-Encoding: chunked
[CURL DBG] < Date: Thu, 14 Jan 2021 21:39:51 GMT
[CURL DBG] < Server: AmazonS3
[CURL DBG] <
[CURL DBG] * Connection #0 to host hidden.us-east-1.amazonaws.com left intact
[ERR] curl.cpp:RequestPerform(2287): HTTP response code 403, returning EPERM. Body Text: <?xml version="1.0" encoding="UTF-8"?>
<Error><Code>InvalidAccessKeyId</Code><Message>The AWS Access Key Id you provided does not exist in our records.</Message><AWSAccessKeyId>hidden</AWSAccessKeyId><RequestId>hidden</RequestId><HostId>hidden=</HostId></Error>
[ERR] curl.cpp:CheckBucket(3344): Check bucket failed, S3 response: <?xml version="1.0" encoding="UTF-8"?>
<Error><Code>InvalidAccessKeyId</Code><Message>The AWS Access Key Id you provided does not exist in our records.</Message><AWSAccessKeyId>hidden</AWSAccessKeyId><RequestId>hidden</RequestId><HostId>hidden</HostId></Error>
[CRT] s3fs.cpp:s3fs_check_service(3471): Failed to connect by sigv4, so retry to connect by signature version 2.
[DBG] curl_handlerpool.cpp:ReturnHandler(103): Return handler to pool
[INF] curl_handlerpool.cpp:ReturnHandler(110): Pool full: destroy the oldest handler
[INF]       curl.cpp:CheckBucket(3318): check a bucket.
[DBG] curl_handlerpool.cpp:GetHandler(81): Get handler from pool: rest = 30
[INF]       curl_util.cpp:prepare_url(250): URL is https://s3.us-east-1.amazonaws.com/hidden/
[INF]       curl_util.cpp:prepare_url(283): URL changed is https://hidden.s3.us-east-1.amazonaws.com/
[DBG] curl.cpp:RequestPerform(2234): connecting to URL https://hidden.s3.us-east-1.amazonaws.com/
[CURL DBG] * Found bundle for host hidden.s3.us-east-1.amazonaws.com: 0x55c7a8646100 [serially]
[CURL DBG] * Can not multiplex, even if we wanted to!
[CURL DBG] * Re-using existing connection! (#0) with host hidden.s3.us-east-1.amazonaws.com
[CURL DBG] * Connected to hidden.s3.us-east-1.amazonaws.com (52.217.16.224) port 443 (#0)
[CURL DBG] > GET / HTTP/1.1
[CURL DBG] > Host: hidden.s3.us-east-1.amazonaws.com
[CURL DBG] > User-Agent: s3fs/1.88 (commit hash a656321; OpenSSL)
[CURL DBG] > Accept: */*
[CURL DBG] > Authorization: AWS hidden
[CURL DBG] > Date: Thu, 14 Jan 2021 21:39:52 GMT
[CURL DBG] >
[CURL DBG] * Mark bundle as not supporting multiuse
[CURL DBG] < HTTP/1.1 403 Forbidden
[CURL DBG] < x-amz-bucket-region: us-east-1
[CURL DBG] < x-amz-request-id: hidden
[CURL DBG] < x-amz-id-2: hidden
[CURL DBG] < Content-Type: application/xml
[CURL DBG] < Transfer-Encoding: chunked
[CURL DBG] < Date: Thu, 14 Jan 2021 21:39:51 GMT
[CURL DBG] < Server: AmazonS3
[CURL DBG] <
[CURL DBG] * Connection #0 to host hidden.s3.us-east-1.amazonaws.com left intact
[ERR] curl.cpp:RequestPerform(2287): HTTP response code 403, returning EPERM. Body Text: <?xml version="1.0" encoding="UTF-8"?>
<Error><Code>InvalidAccessKeyId</Code><Message>The AWS Access Key Id you provided does not exist in our records.</Message><AWSAccessKeyId>hidden</AWSAccessKeyId><RequestId>hidden</RequestId><HostId>hidden</HostId></Error>
[ERR] curl.cpp:CheckBucket(3344): Check bucket failed, S3 response: <?xml version="1.0" encoding="UTF-8"?>
<Error><Code>InvalidAccessKeyId</Code><Message>The AWS Access Key Id you provided does not exist in our records.</Message><AWSAccessKeyId>hidden</AWSAccessKeyId><RequestId>hidden</RequestId><HostId>hidden</HostId></Error>
[CRT] s3fs.cpp:s3fs_check_service(3486): invalid credentials(host=https://s3.us-east-1.amazonaws.com) - result of checking service.
[DBG] curl_handlerpool.cpp:ReturnHandler(103): Return handler to pool
[ERR] s3fs.cpp:s3fs_exit_fuseloop(3290): Exiting FUSE event loop due to errors

[INF] s3fs.cpp:s3fs_destroy(3358): destroy

I then switched to using the iam_role option, and it does seem to work but hangs midway and the entrypoint script never finishes executing.

Version of s3fs being used (s3fs --version)

Tested with 1.88, 1.87 and 1.86.

Version of fuse being used (pkg-config --modversion fuse, rpm -qi fuse, dpkg -s fuse)

2.9.9-r1

GNU/Linux Distribution, if applicable (cat /etc/os-release)

Docker image: node:14.14.0-alpine3.12

Packages installed to support s3fs in alpine

ARG S3FS_VERSION=v1.88
RUN apk --update --no-cache add fuse alpine-sdk automake autoconf libxml2-dev fuse-dev curl-dev git bash jq \   
    && git clone https://github.com/s3fs-fuse/s3fs-fuse.git \
    && cd s3fs-fuse \    
    && git checkout master \
    && ./autogen.sh \
    && ./configure --prefix=/usr \
    && make \
    && make install \
    && make clean \
    && rm -rf /var/cache/apk/* \
    && apk del git automake autoconf

s3fs command line used, if applicable

s3fs -f -o curldbg -o nonempty -o allow_other -o dbglevel="dbg" -o iam_role -o url="https://s3.us-east-1.amazonaws.com" -o endpoint="us-east-1" bucket-name ./mount-path

s3fs syslog messages (grep s3fs /var/log/syslog, journalctl | grep s3fs, or s3fs outputs)

if you execute s3fs with dbglevel, curldbg option, you can get detail debug messages

[CRT] s3fs_logger.cpp:LowSetLogLevel(201): change debug level from [CRT] to [DBG]
[INF]     s3fs.cpp:set_mountpoint_attribute(3988): PROC(uid=0, gid=0) - MountPoint(uid=0, gid=0, mode=40755)
[INF] s3fs_util.cpp:compare_sysname(358): system name is Linux
[WAN] curl.cpp:InitMimeType(406): Could not find mime.types files, you have to create file(/etc/mime.types) or specify mime option for existing mime.types file.
[WAN] s3fs.cpp:main(4882): Missing MIME types prevents setting Content-Type on uploaded objects.
[INF] fdcache_stat.cpp:CheckCacheFileStatTopDir(79): The path to cache top dir is empty, thus not need to check permission.
[INF] s3fs.cpp:s3fs_init(3300): init v1.88(commit:a656321) with OpenSSL
[INF]       curl.cpp:LoadIAMRoleFromMetaData(2839): Get IAM Role name
[DBG] curl_handlerpool.cpp:GetHandler(81): Get handler from pool: rest = 31
[DBG] curl.cpp:RequestPerform(2234): connecting to URL http://169.254.169.254/latest/meta-data/iam/security-credentials/
[CURL DBG] *   Trying 169.254.169.254:80...
[CURL DBG] * Connected to 169.254.169.254 (169.254.169.254) port 80 (#0)
[CURL DBG] > GET /latest/meta-data/iam/security-credentials/ HTTP/1.1
[CURL DBG] > Host: 169.254.169.254
[CURL DBG] > User-Agent: s3fs/1.88 (commit hash a656321; OpenSSL)
[CURL DBG] > Accept: */*
[CURL DBG] >
[CURL DBG] * Mark bundle as not supporting multiuse
[CURL DBG] < HTTP/1.1 200 OK
[CURL DBG] < Content-Type: text/plain
[CURL DBG] < Accept-Ranges: none
[CURL DBG] < Last-Modified: Thu, 14 Jan 2021 21:27:13 GMT
[CURL DBG] < Content-Length: 22
[CURL DBG] < Date: Thu, 14 Jan 2021 21:29:01 GMT
[CURL DBG] < Server: EC2ws
[CURL DBG] < Connection: close
[CURL DBG] <
[CURL DBG] * Closing connection 0
[INF]       curl.cpp:RequestPerform(2267): HTTP response code 200
[INF]       curl.cpp:SetIAMRoleFromMetaData(1753): IAM role name response = "hidden"
[INF] s3fs.cpp:s3fs_init(3317): loaded IAM role name = hidden
[DBG] curl_handlerpool.cpp:ReturnHandler(103): Return handler to pool
[INF] curl_handlerpool.cpp:ReturnHandler(110): Pool full: destroy the oldest handler
[INF] s3fs.cpp:s3fs_check_service(3416): check services.
[INF] curl.cpp:CheckIAMCredentialUpdate(1721): IAM Access Token refreshing...
[INF]       curl.cpp:GetIAMCredentials(2742): [IAM role=hidden]
[DBG] curl_handlerpool.cpp:GetHandler(81): Get handler from pool: rest = 30
[DBG] curl.cpp:RequestPerform(2234): connecting to URL http://169.254.169.254/latest/api/token
[CURL DBG] * Hostname 169.254.169.254 was found in DNS cache
[CURL DBG] *   Trying 169.254.169.254:80...
[CURL DBG] * Connected to 169.254.169.254 (169.254.169.254) port 80 (#1)
[CURL DBG] > PUT /latest/api/token HTTP/1.1
[CURL DBG] > Host: 169.254.169.254
[CURL DBG] > User-Agent: s3fs/1.88 (commit hash a656321; OpenSSL)
[CURL DBG] > Accept: */*
[CURL DBG] > Transfer-Encoding: chunked
[CURL DBG] > X-aws-ec2-metadata-token-ttl-seconds: 21600
[CURL DBG] > Expect: 100-continue
[CURL DBG] >
[CURL DBG] * Mark bundle as not supporting multiuse
[CURL DBG] < HTTP/1.1 100 Continue
[CURL DBG] * Signaling end of chunked upload via terminating chunk.
[CURL DBG] * Mark bundle as not supporting multiuse
[CURL DBG] < HTTP/1.1 200 OK
[CURL DBG] < X-Aws-Ec2-Metadata-Token-Ttl-Seconds: 21600
[CURL DBG] < Content-Length: 56
[CURL DBG] < Date: Thu, 14 Jan 2021 21:29:01 GMT
[CURL DBG] < Server: EC2ws
[CURL DBG] < Connection: close
[CURL DBG] < Content-Type: text/plain
[CURL DBG] <
[CURL DBG] * Closing connection 1
[INF]       curl.cpp:RequestPerform(2267): HTTP response code 200
[INF]       curl.cpp:SetIAMv2APIToken(1678): Setting AWS IMDSv2 API token to hidden
[DBG] curl.cpp:RequestPerform(2234): connecting to URL http://169.254.169.254/latest/meta-data/iam/security-credentials/hidden
[CURL DBG] * Hostname 169.254.169.254 was found in DNS cache
[CURL DBG] *   Trying 169.254.169.254:80...
[CURL DBG] * Connected to 169.254.169.254 (169.254.169.254) port 80 (#2)
[CURL DBG] > GET /latest/meta-data/iam/security-credentials/hidden HTTP/1.1
[CURL DBG] > Host: 169.254.169.254
[CURL DBG] > User-Agent: s3fs/1.88 (commit hash a656321; OpenSSL)
[CURL DBG] > Accept: */*
[CURL DBG] > X-aws-ec2-metadata-token: AQAEAPOSVbmdlDafuV4DEQqPJ9kFE_O_bcjdLOFEUNvrO0FkFmy0tA==
[CURL DBG] >
[CURL DBG] * Mark bundle as not supporting multiuse
[CURL DBG] < HTTP/1.1 200 OK
[CURL DBG] < X-Aws-Ec2-Metadata-Token-Ttl-Seconds: 21600
[CURL DBG] < Content-Type: text/plain
[CURL DBG] < Accept-Ranges: none
[CURL DBG] < Last-Modified: Thu, 14 Jan 2021 21:27:13 GMT
[CURL DBG] < Content-Length: 1310
[CURL DBG] < Date: Thu, 14 Jan 2021 21:29:01 GMT
[CURL DBG] < Server: EC2ws
[CURL DBG] < Connection: close
[CURL DBG] <
[CURL DBG] * Closing connection 2
[INF]       curl.cpp:RequestPerform(2267): HTTP response code 200
[INF]       curl.cpp:SetIAMCredentials(1685): IAM credential response = "{
  "Code" : "Success",
  "LastUpdated" : "2021-01-14T21:27:37Z",
  "Type" : "AWS-HMAC",
  "AccessKeyId" : "hidden",
  "SecretAccessKey" : "hidden",
  "Token" : "hidden",
  "Expiration" : "2021-01-15T03:29:44Z"
}"
[INF] curl.cpp:CheckIAMCredentialUpdate(1728): IAM Access Token refreshed
[DBG] curl_handlerpool.cpp:ReturnHandler(103): Return handler to pool
[INF]       curl.cpp:CheckBucket(3318): check a bucket.
[DBG] curl_handlerpool.cpp:GetHandler(81): Get handler from pool: rest = 30
[INF]       curl_util.cpp:prepare_url(250): URL is https://s3.us-east-1.amazonaws.com/hidden/
[INF]       curl_util.cpp:prepare_url(283): URL changed is https://hidden.s3.us-east-1.amazonaws.com/
[DBG] curl.cpp:RequestPerform(2234): connecting to URL https://hidden.s3.us-east-1.amazonaws.com/
[INF]       curl.cpp:insertV4Headers(2598): computing signature [GET] [/] [] []
[INF]       curl_util.cpp:url_to_host(327): url is https://s3.us-east-1.amazonaws.com
[CURL DBG] *   Trying 52.217.89.56:443...
[CURL DBG] * Connected to hidden.s3.us-east-1.amazonaws.com (52.217.89.56) port 443 (#3)
[CURL DBG] * successfully set certificate verify locations:
[CURL DBG] *   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: none
[CURL DBG] * TLSv1.3 (OUT), TLS handshake, Client hello (1):
[CURL DBG] * TLSv1.3 (IN), TLS handshake, Server hello (2):
[CURL DBG] * TLSv1.2 (IN), TLS handshake, Certificate (11):
[CURL DBG] * TLSv1.2 (IN), TLS handshake, Server key exchange (12):
[CURL DBG] * TLSv1.2 (IN), TLS handshake, Server finished (14):
[CURL DBG] * TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
[CURL DBG] * TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
[CURL DBG] * TLSv1.2 (OUT), TLS handshake, Finished (20):
[CURL DBG] * TLSv1.2 (IN), TLS handshake, Finished (20):
[CURL DBG] * SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
[CURL DBG] * Server certificate:
[CURL DBG] *  subject: C=US; ST=Washington; L=Seattle; O=Amazon.com, Inc.; CN=s3.amazonaws.com
[CURL DBG] *  start date: Aug  4 00:00:00 2020 GMT
[CURL DBG] *  expire date: Aug  9 12:00:00 2021 GMT
[CURL DBG] *  subjectAltName: host "hidden.s3.us-east-1.amazonaws.com" matched cert's "*.s3.us-east-1.amazonaws.com"
[CURL DBG] *  issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=DigiCert Baltimore CA-2 G2
[CURL DBG] *  SSL certificate verify ok.
[CURL DBG] > GET / HTTP/1.1
[CURL DBG] > Host: hidden.s3.us-east-1.amazonaws.com
[CURL DBG] > User-Agent: s3fs/1.88 (commit hash a656321; OpenSSL)
[CURL DBG] > Accept: */*
[CURL DBG] > Authorization: AWS4-HMAC-SHA256 Credential=hidden/20210114/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-security-token, Signature=hidden
[CURL DBG] > x-amz-content-sha256: hidden
[CURL DBG] > x-amz-date: 20210114T212901Z```
Originally created by @aamorozov on GitHub (Jan 14, 2021). Original GitHub issue: https://github.com/s3fs-fuse/s3fs-fuse/issues/1518 ### Additional Information The issue occurs with my setup on multiple versions of s3fs. I tried using the password file option instead with the following command: ``` s3fs -f -o curldbg -o nonempty -o allow_other -o dbglevel="dbg" -o passwd_file=${HOME}/.passwd-s3fs -o url="https://s3.us-east-1.amazonaws.com" -o endpoint="us-east-1" bucket-name ./mount-path ``` ,but the credentials generated from converting with `assume-role-with-web-identity` did not seem to work with s3fs with the following error: ``` [CRT] s3fs_logger.cpp:LowSetLogLevel(201): change debug level from [CRT] to [DBG] [INF] s3fs.cpp:set_mountpoint_attribute(3988): PROC(uid=0, gid=0) - MountPoint(uid=0, gid=0, mode=40755) [INF] s3fs_util.cpp:compare_sysname(358): system name is Linux [WAN] curl.cpp:InitMimeType(406): Could not find mime.types files, you have to create file(/etc/mime.types) or specify mime option for existing mime.types file. [WAN] s3fs.cpp:main(4882): Missing MIME types prevents setting Content-Type on uploaded objects. [INF] fdcache_stat.cpp:CheckCacheFileStatTopDir(79): The path to cache top dir is empty, thus not need to check permission. [INF] s3fs.cpp:s3fs_init(3300): init v1.88(commit:a656321) with OpenSSL [INF] s3fs.cpp:s3fs_check_service(3416): check services. [INF] curl.cpp:CheckBucket(3318): check a bucket. [DBG] curl_handlerpool.cpp:GetHandler(81): Get handler from pool: rest = 31 [INF] curl_util.cpp:prepare_url(250): URL is https://s3.us-east-1.amazonaws.com/hidden/ [INF] curl_util.cpp:prepare_url(283): URL changed is https://hidden.s3.us-east-1.amazonaws.com/ [DBG] curl.cpp:RequestPerform(2234): connecting to URL https://hidden.s3.us-east-1.amazonaws.com/ [INF] curl.cpp:insertV4Headers(2598): computing signature [GET] [/] [] [] [INF] curl_util.cpp:url_to_host(327): url is https://s3.us-east-1.amazonaws.com [CURL DBG] * Trying 52.217.16.224:443... [CURL DBG] * Connected to hidden.s3.us-east-1.amazonaws.com (52.217.16.224) port 443 (#0) [CURL DBG] * successfully set certificate verify locations: [CURL DBG] * CAfile: /etc/ssl/certs/ca-certificates.crt CApath: none [CURL DBG] * TLSv1.3 (OUT), TLS handshake, Client hello (1): [CURL DBG] * TLSv1.3 (IN), TLS handshake, Server hello (2): [CURL DBG] * TLSv1.2 (IN), TLS handshake, Certificate (11): [CURL DBG] * TLSv1.2 (IN), TLS handshake, Server key exchange (12): [CURL DBG] * TLSv1.2 (IN), TLS handshake, Server finished (14): [CURL DBG] * TLSv1.2 (OUT), TLS handshake, Client key exchange (16): [CURL DBG] * TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1): [CURL DBG] * TLSv1.2 (OUT), TLS handshake, Finished (20): [CURL DBG] * TLSv1.2 (IN), TLS handshake, Finished (20): [CURL DBG] * SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256 [CURL DBG] * Server certificate: [CURL DBG] * subject: C=US; ST=Washington; L=Seattle; O=Amazon.com, Inc.; CN=s3.amazonaws.com [CURL DBG] * start date: Aug 4 00:00:00 2020 GMT [CURL DBG] * expire date: Aug 9 12:00:00 2021 GMT [CURL DBG] * subjectAltName: host "hidden.s3.us-east-1.amazonaws.com" matched cert's "*.s3.us-east-1.amazonaws.com" [CURL DBG] * issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=DigiCert Baltimore CA-2 G2 [CURL DBG] * SSL certificate verify ok. [CURL DBG] > GET / HTTP/1.1 [CURL DBG] > Host: hidden.s3.us-east-1.amazonaws.com [CURL DBG] > User-Agent: s3fs/1.88 (commit hash a656321; OpenSSL) [CURL DBG] > Accept: */* [CURL DBG] > Authorization: AWS4-HMAC-SHA256 Credential=hidden/20210114/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=hidden [CURL DBG] > x-amz-content-sha256: hidden [CURL DBG] > x-amz-date: 20210114T213952Z [CURL DBG] > [CURL DBG] * Mark bundle as not supporting multiuse [CURL DBG] < HTTP/1.1 403 Forbidden [CURL DBG] < x-amz-bucket-region: us-east-1 [CURL DBG] < x-amz-request-id: hidden [CURL DBG] < x-amz-id-2: hidden [CURL DBG] < Content-Type: application/xml [CURL DBG] < Transfer-Encoding: chunked [CURL DBG] < Date: Thu, 14 Jan 2021 21:39:51 GMT [CURL DBG] < Server: AmazonS3 [CURL DBG] < [CURL DBG] * Connection #0 to host hidden.us-east-1.amazonaws.com left intact [ERR] curl.cpp:RequestPerform(2287): HTTP response code 403, returning EPERM. Body Text: <?xml version="1.0" encoding="UTF-8"?> <Error><Code>InvalidAccessKeyId</Code><Message>The AWS Access Key Id you provided does not exist in our records.</Message><AWSAccessKeyId>hidden</AWSAccessKeyId><RequestId>hidden</RequestId><HostId>hidden=</HostId></Error> [ERR] curl.cpp:CheckBucket(3344): Check bucket failed, S3 response: <?xml version="1.0" encoding="UTF-8"?> <Error><Code>InvalidAccessKeyId</Code><Message>The AWS Access Key Id you provided does not exist in our records.</Message><AWSAccessKeyId>hidden</AWSAccessKeyId><RequestId>hidden</RequestId><HostId>hidden</HostId></Error> [CRT] s3fs.cpp:s3fs_check_service(3471): Failed to connect by sigv4, so retry to connect by signature version 2. [DBG] curl_handlerpool.cpp:ReturnHandler(103): Return handler to pool [INF] curl_handlerpool.cpp:ReturnHandler(110): Pool full: destroy the oldest handler [INF] curl.cpp:CheckBucket(3318): check a bucket. [DBG] curl_handlerpool.cpp:GetHandler(81): Get handler from pool: rest = 30 [INF] curl_util.cpp:prepare_url(250): URL is https://s3.us-east-1.amazonaws.com/hidden/ [INF] curl_util.cpp:prepare_url(283): URL changed is https://hidden.s3.us-east-1.amazonaws.com/ [DBG] curl.cpp:RequestPerform(2234): connecting to URL https://hidden.s3.us-east-1.amazonaws.com/ [CURL DBG] * Found bundle for host hidden.s3.us-east-1.amazonaws.com: 0x55c7a8646100 [serially] [CURL DBG] * Can not multiplex, even if we wanted to! [CURL DBG] * Re-using existing connection! (#0) with host hidden.s3.us-east-1.amazonaws.com [CURL DBG] * Connected to hidden.s3.us-east-1.amazonaws.com (52.217.16.224) port 443 (#0) [CURL DBG] > GET / HTTP/1.1 [CURL DBG] > Host: hidden.s3.us-east-1.amazonaws.com [CURL DBG] > User-Agent: s3fs/1.88 (commit hash a656321; OpenSSL) [CURL DBG] > Accept: */* [CURL DBG] > Authorization: AWS hidden [CURL DBG] > Date: Thu, 14 Jan 2021 21:39:52 GMT [CURL DBG] > [CURL DBG] * Mark bundle as not supporting multiuse [CURL DBG] < HTTP/1.1 403 Forbidden [CURL DBG] < x-amz-bucket-region: us-east-1 [CURL DBG] < x-amz-request-id: hidden [CURL DBG] < x-amz-id-2: hidden [CURL DBG] < Content-Type: application/xml [CURL DBG] < Transfer-Encoding: chunked [CURL DBG] < Date: Thu, 14 Jan 2021 21:39:51 GMT [CURL DBG] < Server: AmazonS3 [CURL DBG] < [CURL DBG] * Connection #0 to host hidden.s3.us-east-1.amazonaws.com left intact [ERR] curl.cpp:RequestPerform(2287): HTTP response code 403, returning EPERM. Body Text: <?xml version="1.0" encoding="UTF-8"?> <Error><Code>InvalidAccessKeyId</Code><Message>The AWS Access Key Id you provided does not exist in our records.</Message><AWSAccessKeyId>hidden</AWSAccessKeyId><RequestId>hidden</RequestId><HostId>hidden</HostId></Error> [ERR] curl.cpp:CheckBucket(3344): Check bucket failed, S3 response: <?xml version="1.0" encoding="UTF-8"?> <Error><Code>InvalidAccessKeyId</Code><Message>The AWS Access Key Id you provided does not exist in our records.</Message><AWSAccessKeyId>hidden</AWSAccessKeyId><RequestId>hidden</RequestId><HostId>hidden</HostId></Error> [CRT] s3fs.cpp:s3fs_check_service(3486): invalid credentials(host=https://s3.us-east-1.amazonaws.com) - result of checking service. [DBG] curl_handlerpool.cpp:ReturnHandler(103): Return handler to pool [ERR] s3fs.cpp:s3fs_exit_fuseloop(3290): Exiting FUSE event loop due to errors [INF] s3fs.cpp:s3fs_destroy(3358): destroy ``` I then switched to using the `iam_role` option, and it does seem to work but hangs midway and the entrypoint script never finishes executing. #### Version of s3fs being used (s3fs --version) Tested with `1.88`, `1.87` and `1.86`. #### Version of fuse being used (pkg-config --modversion fuse, rpm -qi fuse, dpkg -s fuse) 2.9.9-r1 #### GNU/Linux Distribution, if applicable (cat /etc/os-release) Docker image: `node:14.14.0-alpine3.12` #### Packages installed to support s3fs in alpine ``` ARG S3FS_VERSION=v1.88 RUN apk --update --no-cache add fuse alpine-sdk automake autoconf libxml2-dev fuse-dev curl-dev git bash jq \ && git clone https://github.com/s3fs-fuse/s3fs-fuse.git \ && cd s3fs-fuse \ && git checkout master \ && ./autogen.sh \ && ./configure --prefix=/usr \ && make \ && make install \ && make clean \ && rm -rf /var/cache/apk/* \ && apk del git automake autoconf ``` #### s3fs command line used, if applicable ``` s3fs -f -o curldbg -o nonempty -o allow_other -o dbglevel="dbg" -o iam_role -o url="https://s3.us-east-1.amazonaws.com" -o endpoint="us-east-1" bucket-name ./mount-path ``` #### s3fs syslog messages (grep s3fs /var/log/syslog, journalctl | grep s3fs, or s3fs outputs) _if you execute s3fs with dbglevel, curldbg option, you can get detail debug messages_ ``` [CRT] s3fs_logger.cpp:LowSetLogLevel(201): change debug level from [CRT] to [DBG] [INF] s3fs.cpp:set_mountpoint_attribute(3988): PROC(uid=0, gid=0) - MountPoint(uid=0, gid=0, mode=40755) [INF] s3fs_util.cpp:compare_sysname(358): system name is Linux [WAN] curl.cpp:InitMimeType(406): Could not find mime.types files, you have to create file(/etc/mime.types) or specify mime option for existing mime.types file. [WAN] s3fs.cpp:main(4882): Missing MIME types prevents setting Content-Type on uploaded objects. [INF] fdcache_stat.cpp:CheckCacheFileStatTopDir(79): The path to cache top dir is empty, thus not need to check permission. [INF] s3fs.cpp:s3fs_init(3300): init v1.88(commit:a656321) with OpenSSL [INF] curl.cpp:LoadIAMRoleFromMetaData(2839): Get IAM Role name [DBG] curl_handlerpool.cpp:GetHandler(81): Get handler from pool: rest = 31 [DBG] curl.cpp:RequestPerform(2234): connecting to URL http://169.254.169.254/latest/meta-data/iam/security-credentials/ [CURL DBG] * Trying 169.254.169.254:80... [CURL DBG] * Connected to 169.254.169.254 (169.254.169.254) port 80 (#0) [CURL DBG] > GET /latest/meta-data/iam/security-credentials/ HTTP/1.1 [CURL DBG] > Host: 169.254.169.254 [CURL DBG] > User-Agent: s3fs/1.88 (commit hash a656321; OpenSSL) [CURL DBG] > Accept: */* [CURL DBG] > [CURL DBG] * Mark bundle as not supporting multiuse [CURL DBG] < HTTP/1.1 200 OK [CURL DBG] < Content-Type: text/plain [CURL DBG] < Accept-Ranges: none [CURL DBG] < Last-Modified: Thu, 14 Jan 2021 21:27:13 GMT [CURL DBG] < Content-Length: 22 [CURL DBG] < Date: Thu, 14 Jan 2021 21:29:01 GMT [CURL DBG] < Server: EC2ws [CURL DBG] < Connection: close [CURL DBG] < [CURL DBG] * Closing connection 0 [INF] curl.cpp:RequestPerform(2267): HTTP response code 200 [INF] curl.cpp:SetIAMRoleFromMetaData(1753): IAM role name response = "hidden" [INF] s3fs.cpp:s3fs_init(3317): loaded IAM role name = hidden [DBG] curl_handlerpool.cpp:ReturnHandler(103): Return handler to pool [INF] curl_handlerpool.cpp:ReturnHandler(110): Pool full: destroy the oldest handler [INF] s3fs.cpp:s3fs_check_service(3416): check services. [INF] curl.cpp:CheckIAMCredentialUpdate(1721): IAM Access Token refreshing... [INF] curl.cpp:GetIAMCredentials(2742): [IAM role=hidden] [DBG] curl_handlerpool.cpp:GetHandler(81): Get handler from pool: rest = 30 [DBG] curl.cpp:RequestPerform(2234): connecting to URL http://169.254.169.254/latest/api/token [CURL DBG] * Hostname 169.254.169.254 was found in DNS cache [CURL DBG] * Trying 169.254.169.254:80... [CURL DBG] * Connected to 169.254.169.254 (169.254.169.254) port 80 (#1) [CURL DBG] > PUT /latest/api/token HTTP/1.1 [CURL DBG] > Host: 169.254.169.254 [CURL DBG] > User-Agent: s3fs/1.88 (commit hash a656321; OpenSSL) [CURL DBG] > Accept: */* [CURL DBG] > Transfer-Encoding: chunked [CURL DBG] > X-aws-ec2-metadata-token-ttl-seconds: 21600 [CURL DBG] > Expect: 100-continue [CURL DBG] > [CURL DBG] * Mark bundle as not supporting multiuse [CURL DBG] < HTTP/1.1 100 Continue [CURL DBG] * Signaling end of chunked upload via terminating chunk. [CURL DBG] * Mark bundle as not supporting multiuse [CURL DBG] < HTTP/1.1 200 OK [CURL DBG] < X-Aws-Ec2-Metadata-Token-Ttl-Seconds: 21600 [CURL DBG] < Content-Length: 56 [CURL DBG] < Date: Thu, 14 Jan 2021 21:29:01 GMT [CURL DBG] < Server: EC2ws [CURL DBG] < Connection: close [CURL DBG] < Content-Type: text/plain [CURL DBG] < [CURL DBG] * Closing connection 1 [INF] curl.cpp:RequestPerform(2267): HTTP response code 200 [INF] curl.cpp:SetIAMv2APIToken(1678): Setting AWS IMDSv2 API token to hidden [DBG] curl.cpp:RequestPerform(2234): connecting to URL http://169.254.169.254/latest/meta-data/iam/security-credentials/hidden [CURL DBG] * Hostname 169.254.169.254 was found in DNS cache [CURL DBG] * Trying 169.254.169.254:80... [CURL DBG] * Connected to 169.254.169.254 (169.254.169.254) port 80 (#2) [CURL DBG] > GET /latest/meta-data/iam/security-credentials/hidden HTTP/1.1 [CURL DBG] > Host: 169.254.169.254 [CURL DBG] > User-Agent: s3fs/1.88 (commit hash a656321; OpenSSL) [CURL DBG] > Accept: */* [CURL DBG] > X-aws-ec2-metadata-token: AQAEAPOSVbmdlDafuV4DEQqPJ9kFE_O_bcjdLOFEUNvrO0FkFmy0tA== [CURL DBG] > [CURL DBG] * Mark bundle as not supporting multiuse [CURL DBG] < HTTP/1.1 200 OK [CURL DBG] < X-Aws-Ec2-Metadata-Token-Ttl-Seconds: 21600 [CURL DBG] < Content-Type: text/plain [CURL DBG] < Accept-Ranges: none [CURL DBG] < Last-Modified: Thu, 14 Jan 2021 21:27:13 GMT [CURL DBG] < Content-Length: 1310 [CURL DBG] < Date: Thu, 14 Jan 2021 21:29:01 GMT [CURL DBG] < Server: EC2ws [CURL DBG] < Connection: close [CURL DBG] < [CURL DBG] * Closing connection 2 [INF] curl.cpp:RequestPerform(2267): HTTP response code 200 [INF] curl.cpp:SetIAMCredentials(1685): IAM credential response = "{ "Code" : "Success", "LastUpdated" : "2021-01-14T21:27:37Z", "Type" : "AWS-HMAC", "AccessKeyId" : "hidden", "SecretAccessKey" : "hidden", "Token" : "hidden", "Expiration" : "2021-01-15T03:29:44Z" }" [INF] curl.cpp:CheckIAMCredentialUpdate(1728): IAM Access Token refreshed [DBG] curl_handlerpool.cpp:ReturnHandler(103): Return handler to pool [INF] curl.cpp:CheckBucket(3318): check a bucket. [DBG] curl_handlerpool.cpp:GetHandler(81): Get handler from pool: rest = 30 [INF] curl_util.cpp:prepare_url(250): URL is https://s3.us-east-1.amazonaws.com/hidden/ [INF] curl_util.cpp:prepare_url(283): URL changed is https://hidden.s3.us-east-1.amazonaws.com/ [DBG] curl.cpp:RequestPerform(2234): connecting to URL https://hidden.s3.us-east-1.amazonaws.com/ [INF] curl.cpp:insertV4Headers(2598): computing signature [GET] [/] [] [] [INF] curl_util.cpp:url_to_host(327): url is https://s3.us-east-1.amazonaws.com [CURL DBG] * Trying 52.217.89.56:443... [CURL DBG] * Connected to hidden.s3.us-east-1.amazonaws.com (52.217.89.56) port 443 (#3) [CURL DBG] * successfully set certificate verify locations: [CURL DBG] * CAfile: /etc/ssl/certs/ca-certificates.crt CApath: none [CURL DBG] * TLSv1.3 (OUT), TLS handshake, Client hello (1): [CURL DBG] * TLSv1.3 (IN), TLS handshake, Server hello (2): [CURL DBG] * TLSv1.2 (IN), TLS handshake, Certificate (11): [CURL DBG] * TLSv1.2 (IN), TLS handshake, Server key exchange (12): [CURL DBG] * TLSv1.2 (IN), TLS handshake, Server finished (14): [CURL DBG] * TLSv1.2 (OUT), TLS handshake, Client key exchange (16): [CURL DBG] * TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1): [CURL DBG] * TLSv1.2 (OUT), TLS handshake, Finished (20): [CURL DBG] * TLSv1.2 (IN), TLS handshake, Finished (20): [CURL DBG] * SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256 [CURL DBG] * Server certificate: [CURL DBG] * subject: C=US; ST=Washington; L=Seattle; O=Amazon.com, Inc.; CN=s3.amazonaws.com [CURL DBG] * start date: Aug 4 00:00:00 2020 GMT [CURL DBG] * expire date: Aug 9 12:00:00 2021 GMT [CURL DBG] * subjectAltName: host "hidden.s3.us-east-1.amazonaws.com" matched cert's "*.s3.us-east-1.amazonaws.com" [CURL DBG] * issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=DigiCert Baltimore CA-2 G2 [CURL DBG] * SSL certificate verify ok. [CURL DBG] > GET / HTTP/1.1 [CURL DBG] > Host: hidden.s3.us-east-1.amazonaws.com [CURL DBG] > User-Agent: s3fs/1.88 (commit hash a656321; OpenSSL) [CURL DBG] > Accept: */* [CURL DBG] > Authorization: AWS4-HMAC-SHA256 Credential=hidden/20210114/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-security-token, Signature=hidden [CURL DBG] > x-amz-content-sha256: hidden [CURL DBG] > x-amz-date: 20210114T212901Z```
kerem commented 2026-03-04 01:48:53 +03:00
Author
Owner
Copy link

@aamorozov commented on GitHub (Jan 15, 2021):

For context, this runs in a docker container within k8s.
The service has a service role with permissions to access that bucket assigned to it.
I'm converting the AWS_ROLE_ARN to regular credentials, AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY and writing them to .passwd-s3fs, which I use as an option arg to s3fs script.
It gives me a 403 error if used with the passwd_file option, and hangs if I use it with the role

<!-- gh-comment-id:760630460 --> @aamorozov commented on GitHub (Jan 15, 2021): For context, this runs in a docker container within k8s. The service has a service role with permissions to access that bucket assigned to it. I'm converting the `AWS_ROLE_ARN` to regular credentials, `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` and writing them to `.passwd-s3fs`, which I use as an option arg to `s3fs` script. It gives me a 403 error if used with the `passwd_file` option, and hangs if I use it with the role
kerem commented 2026-03-04 01:48:53 +03:00
Author
Owner
Copy link

@aamorozov commented on GitHub (Jan 15, 2021):

Update:
I've tried with the approach described here https://github.com/s3fs-fuse/s3fs-fuse/pull/1008#issuecomment-483724082 using s3fs friendly aws credentials, but it still hangs midway. The credentials are valid and do work with aws s3 cli's commands.

[CRT] s3fs_logger.cpp:LowSetLogLevel(201): change debug level from [CRT] to [DBG]
[INF]     s3fs.cpp:set_mountpoint_attribute(3988): PROC(uid=0, gid=0) - MountPoint(uid=0, gid=0, mode=40755)
[INF] s3fs_util.cpp:compare_sysname(358): system name is Linux
[WAN] curl.cpp:InitMimeType(406): Could not find mime.types files, you have to create file(/etc/mime.types) or specify mime option for existing mime.types file.
[WAN] s3fs.cpp:main(4882): Missing MIME types prevents setting Content-Type on uploaded objects.
[INF]     s3fs.cpp:get_access_keys(3899): access key from env variables
[INF]     s3fs.cpp:get_access_keys(3901): session token is available
[INF] fdcache_stat.cpp:CheckCacheFileStatTopDir(79): The path to cache top dir is empty, thus not need to check permission.
[INF] s3fs.cpp:s3fs_init(3300): init v1.88(commit:a656321) with OpenSSL
[INF] s3fs.cpp:s3fs_check_service(3416): check services.
[INF]       curl.cpp:CheckBucket(3318): check a bucket.
[DBG] curl_handlerpool.cpp:GetHandler(81): Get handler from pool: rest = 31
[INF]       curl_util.cpp:prepare_url(250): URL is https://s3.us-east-1.amazonaws.com/hidden
[INF]       curl_util.cpp:prepare_url(283): URL changed is https://s3.us-east-1.amazonaws.com/hidden
[DBG] curl.cpp:RequestPerform(2234): connecting to URL https://s3.us-east-1.amazonaws.com/hidden
[INF]       curl.cpp:insertV4Headers(2598): computing signature [GET] [/] [] []
[INF]       curl_util.cpp:url_to_host(327): url is https://s3.us-east-1.amazonaws.com
[CURL DBG] *   Trying 52.216.88.61:443...
[CURL DBG] * Connected to s3.us-east-1.amazonaws.com (52.216.88.61) port 443 (#0)
[CURL DBG] * successfully set certificate verify locations:
[CURL DBG] *   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: none
[CURL DBG] * TLSv1.3 (OUT), TLS handshake, Client hello (1):
[CURL DBG] * TLSv1.3 (IN), TLS handshake, Server hello (2):
[CURL DBG] * TLSv1.2 (IN), TLS handshake, Certificate (11):
[CURL DBG] * TLSv1.2 (IN), TLS handshake, Server key exchange (12):
[CURL DBG] * TLSv1.2 (IN), TLS handshake, Server finished (14):
[CURL DBG] * TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
[CURL DBG] * TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
[CURL DBG] * TLSv1.2 (OUT), TLS handshake, Finished (20):
[CURL DBG] * TLSv1.2 (IN), TLS handshake, Finished (20):
[CURL DBG] * SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
[CURL DBG] * Server certificate:
[CURL DBG] *  subject: C=US; ST=Washington; L=Seattle; O=Amazon.com, Inc.; CN=s3.amazonaws.com
[CURL DBG] *  start date: Aug  4 00:00:00 2020 GMT
[CURL DBG] *  expire date: Aug  9 12:00:00 2021 GMT
[CURL DBG] *  subjectAltName: host "s3.us-east-1.amazonaws.com" matched cert's "s3.us-east-1.amazonaws.com"
[CURL DBG] *  issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=DigiCert Baltimore CA-2 G2
[CURL DBG] *  SSL certificate verify ok.
[CURL DBG] > GET /hidden/ HTTP/1.1
[CURL DBG] > Host: s3.us-east-1.amazonaws.com
[CURL DBG] > User-Agent: s3fs/1.88 (commit hash a656321; OpenSSL)
[CURL DBG] > Accept: */*
[CURL DBG] > Authorization: AWS4-HMAC-SHA256 Credential=hidden/20210115/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-security-token, Signature=hidden
[CURL DBG] > x-amz-content-sha256: hidden
[CURL DBG] > x-amz-date: hidden
<!-- gh-comment-id:761111427 --> @aamorozov commented on GitHub (Jan 15, 2021): Update: I've tried with the approach described here https://github.com/s3fs-fuse/s3fs-fuse/pull/1008#issuecomment-483724082 using s3fs friendly aws credentials, but it still hangs midway. The credentials are valid and do work with aws s3 cli's commands. ``` [CRT] s3fs_logger.cpp:LowSetLogLevel(201): change debug level from [CRT] to [DBG] [INF] s3fs.cpp:set_mountpoint_attribute(3988): PROC(uid=0, gid=0) - MountPoint(uid=0, gid=0, mode=40755) [INF] s3fs_util.cpp:compare_sysname(358): system name is Linux [WAN] curl.cpp:InitMimeType(406): Could not find mime.types files, you have to create file(/etc/mime.types) or specify mime option for existing mime.types file. [WAN] s3fs.cpp:main(4882): Missing MIME types prevents setting Content-Type on uploaded objects. [INF] s3fs.cpp:get_access_keys(3899): access key from env variables [INF] s3fs.cpp:get_access_keys(3901): session token is available [INF] fdcache_stat.cpp:CheckCacheFileStatTopDir(79): The path to cache top dir is empty, thus not need to check permission. [INF] s3fs.cpp:s3fs_init(3300): init v1.88(commit:a656321) with OpenSSL [INF] s3fs.cpp:s3fs_check_service(3416): check services. [INF] curl.cpp:CheckBucket(3318): check a bucket. [DBG] curl_handlerpool.cpp:GetHandler(81): Get handler from pool: rest = 31 [INF] curl_util.cpp:prepare_url(250): URL is https://s3.us-east-1.amazonaws.com/hidden [INF] curl_util.cpp:prepare_url(283): URL changed is https://s3.us-east-1.amazonaws.com/hidden [DBG] curl.cpp:RequestPerform(2234): connecting to URL https://s3.us-east-1.amazonaws.com/hidden [INF] curl.cpp:insertV4Headers(2598): computing signature [GET] [/] [] [] [INF] curl_util.cpp:url_to_host(327): url is https://s3.us-east-1.amazonaws.com [CURL DBG] * Trying 52.216.88.61:443... [CURL DBG] * Connected to s3.us-east-1.amazonaws.com (52.216.88.61) port 443 (#0) [CURL DBG] * successfully set certificate verify locations: [CURL DBG] * CAfile: /etc/ssl/certs/ca-certificates.crt CApath: none [CURL DBG] * TLSv1.3 (OUT), TLS handshake, Client hello (1): [CURL DBG] * TLSv1.3 (IN), TLS handshake, Server hello (2): [CURL DBG] * TLSv1.2 (IN), TLS handshake, Certificate (11): [CURL DBG] * TLSv1.2 (IN), TLS handshake, Server key exchange (12): [CURL DBG] * TLSv1.2 (IN), TLS handshake, Server finished (14): [CURL DBG] * TLSv1.2 (OUT), TLS handshake, Client key exchange (16): [CURL DBG] * TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1): [CURL DBG] * TLSv1.2 (OUT), TLS handshake, Finished (20): [CURL DBG] * TLSv1.2 (IN), TLS handshake, Finished (20): [CURL DBG] * SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256 [CURL DBG] * Server certificate: [CURL DBG] * subject: C=US; ST=Washington; L=Seattle; O=Amazon.com, Inc.; CN=s3.amazonaws.com [CURL DBG] * start date: Aug 4 00:00:00 2020 GMT [CURL DBG] * expire date: Aug 9 12:00:00 2021 GMT [CURL DBG] * subjectAltName: host "s3.us-east-1.amazonaws.com" matched cert's "s3.us-east-1.amazonaws.com" [CURL DBG] * issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=DigiCert Baltimore CA-2 G2 [CURL DBG] * SSL certificate verify ok. [CURL DBG] > GET /hidden/ HTTP/1.1 [CURL DBG] > Host: s3.us-east-1.amazonaws.com [CURL DBG] > User-Agent: s3fs/1.88 (commit hash a656321; OpenSSL) [CURL DBG] > Accept: */* [CURL DBG] > Authorization: AWS4-HMAC-SHA256 Credential=hidden/20210115/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-security-token, Signature=hidden [CURL DBG] > x-amz-content-sha256: hidden [CURL DBG] > x-amz-date: hidden ```
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
v1.97
v1.96
v1.95
v1.94
v1.93
v1.92
v1.91
v1.90
v1.89
v1.88
v1.87
v1.86
v1.85
v1.84
v1.83
v1.82
v1.81
v1.80
v1.79
v1.78
Pre-v1.78
v1.77
v1.76
v1.75
v1.74
Labels
Clear labels   
bug

   
bug

   
dataloss

   
duplicate

   
enhancement

   
feature request

   
help wanted

   
invalid

   
need info

   
performance

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question

   
testing
No labels
bug
bug
dataloss
duplicate
enhancement
feature request
help wanted
invalid
need info
performance
pull-request
question
question
testing
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/s3fs-fuse#797
No description provided.