starred/s3fs-fuse

Fork 0

mirror of https://github.com/s3fs-fuse/s3fs-fuse.git synced 2026-04-26 05:45:57 +03:00

[GH-ISSUE #1894] s3fs: specifying both passwd_file and the access keys options is invalid. - ec2_instance - IAM Role #961

New issue

Closed

opened 2026-03-04 01:50:15 +03:00 by kerem · 4 comments

kerem commented

2026-03-04 01:50:15 +03:00

Owner

Originally created by @OliverBailey on GitHub (Feb 17, 2022).
Original GitHub issue: https://github.com/s3fs-fuse/s3fs-fuse/issues/1894

Version of s3fs being used

V1.9

Version of fuse being used

2.9.7

Kernel information

5.4.0-1065-aws

GNU/Linux Distribution, if applicable (cat /etc/os-release)

NAME="Ubuntu"
VERSION="18.04.3 LTS (Bionic Beaver)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 18.04.3 LTS"
VERSION_ID="18.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=bionic
UBUNTU_CODENAME=bionic

/etc/fstab entry, if applicable

echo "bucket-name-here:/uploads /var/www/"$SERVER_TYPE"/public_html/uploads/ fuse.s3fs _netdev,url=https://s3.eu-west-2.amazonaws.com,endpoint=eu-west-2,use_cache=/home/ubuntu/s3fs_cache/,iam_role=website_role,umask=000,uid=ubuntu,gid=ubuntu,user,allow_other 0 0" | sudo tee -a /etc/fstab

s3fs syslog messages (grep s3fs /var/log/syslog, journalctl | grep s3fs, or s3fs outputs)

if you execute s3fs with dbglevel, curldbg option, you can get detail debug messages

Feb 17 14:56:52 ip-10-1-6-220 s3fs[2060]: s3fs version 1.90(839a33d) : s3fs -o rw,noexec,nosuid,nodev,url=https://s3.eu-west-2.amazonaws.com,endpoint=eu-west-2,use_cache=/home/ubuntu/s3fs_cache/,iam_role=website_role,umask=000,uid=1000,gid=1000,allow_other bucket-name-here:/uploads /var/www/Site/public_html/uploads
Feb 17 14:56:52 ip-10-1-6-220 s3fs[2060]: Loaded mime information from /etc/mime.types
Feb 17 14:56:52 ip-10-1-6-220 s3fs[2060]: s3fs: specifying both passwd_file and the access keys options is invalid.

Details about issue

Appears occasionally, we run into an issue with an auto-mount via the fstab for our ec2-instances. 95% of the time, we have no issues, but on rare occasions we get an issue like the below.

We auto-mount the instance via fstab, as we use codebuild and packer to build our instances and save as AMI images. These are then utilised via terraform to spin up new instances, and switch across in a blue-green deployment.

We utilise iam_roles which are attached to the ec2 instances (Can verify that the role is assigned correctly, and on a problem instance where the mount won't work, we can still use the aws-cli to access appropriately.

I can verify also, that there are no aws_credentials lying around on the instance, other than from the aws_role.

Rarely (as per the above) we have it where the bucket hasn't been mounted properly, which causes issues with content being delivered.

Error message we get is

s3fs: specifying both passwd_file and the access keys options is invalid.

when running sudo mount -a when we notice that the mount hasn't occured.

Normally a re-build of the instance, and the issue goes away, however ideally I'd like to try ensure this doesn't happen again in the future.

Testing today, things were fine yesterday, but now today, appear to be broken, even with a new build process.

Does anybody have any recommendations on this, or come across anything similar? I've had a browse through threads, but didn't really come across anything similar.

Thanks

Originally created by @OliverBailey on GitHub (Feb 17, 2022). Original GitHub issue: https://github.com/s3fs-fuse/s3fs-fuse/issues/1894 #### Version of s3fs being used `V1.9` ### Version of fuse being used `2.9.7` #### Kernel information `5.4.0-1065-aws` #### GNU/Linux Distribution, if applicable (cat /etc/os-release) ``` NAME="Ubuntu" VERSION="18.04.3 LTS (Bionic Beaver)" ID=ubuntu ID_LIKE=debian PRETTY_NAME="Ubuntu 18.04.3 LTS" VERSION_ID="18.04" HOME_URL="https://www.ubuntu.com/" SUPPORT_URL="https://help.ubuntu.com/" BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/" PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy" VERSION_CODENAME=bionic UBUNTU_CODENAME=bionic ``` #### /etc/fstab entry, if applicable ``` echo "bucket-name-here:/uploads /var/www/"$SERVER_TYPE"/public_html/uploads/ fuse.s3fs _netdev,url=https://s3.eu-west-2.amazonaws.com,endpoint=eu-west-2,use_cache=/home/ubuntu/s3fs_cache/,iam_role=website_role,umask=000,uid=ubuntu,gid=ubuntu,user,allow_other 0 0" | sudo tee -a /etc/fstab ``` #### s3fs syslog messages (grep s3fs /var/log/syslog, journalctl | grep s3fs, or s3fs outputs) _if you execute s3fs with dbglevel, curldbg option, you can get detail debug messages_ ``` Feb 17 14:56:52 ip-10-1-6-220 s3fs[2060]: s3fs version 1.90(839a33d) : s3fs -o rw,noexec,nosuid,nodev,url=https://s3.eu-west-2.amazonaws.com,endpoint=eu-west-2,use_cache=/home/ubuntu/s3fs_cache/,iam_role=website_role,umask=000,uid=1000,gid=1000,allow_other bucket-name-here:/uploads /var/www/Site/public_html/uploads Feb 17 14:56:52 ip-10-1-6-220 s3fs[2060]: Loaded mime information from /etc/mime.types Feb 17 14:56:52 ip-10-1-6-220 s3fs[2060]: s3fs: specifying both passwd_file and the access keys options is invalid. ``` ### Details about issue Appears occasionally, we run into an issue with an auto-mount via the fstab for our ec2-instances. 95% of the time, we have no issues, but on rare occasions we get an issue like the below. We auto-mount the instance via fstab, as we use codebuild and packer to build our instances and save as AMI images. These are then utilised via terraform to spin up new instances, and switch across in a blue-green deployment. We utilise iam_roles which are attached to the ec2 instances (Can verify that the role is assigned correctly, and on a problem instance where the mount won't work, we can still use the aws-cli to access appropriately. ![image](https://user-images.githubusercontent.com/8653158/154509461-8e0b8b00-91c7-497f-983c-2364729e577c.png) I can verify also, that there are no aws_credentials lying around on the instance, other than from the aws_role. Rarely (as per the above) we have it where the bucket hasn't been mounted properly, which causes issues with content being delivered. Error message we get is `s3fs: specifying both passwd_file and the access keys options is invalid.` when running `sudo mount -a` when we notice that the mount hasn't occured. Normally a re-build of the instance, and the issue goes away, however ideally I'd like to try ensure this doesn't happen again in the future. Testing today, things were fine yesterday, but now today, appear to be broken, even with a new build process. Does anybody have any recommendations on this, or come across anything similar? I've had a browse through threads, but didn't really come across anything similar. Thanks

kerem closed this issue

2026-03-04 01:50:16 +03:00

kerem commented

2026-03-04 01:50:16 +03:00

Author

Owner

@OliverBailey commented on GitHub (Feb 17, 2022):

Upon further investigation, the last build was on 10/02/2022 - The next latest, was today, which is where the issues began to stem from.

I took a look over a few commits - github.com/s3fs-fuse/s3fs-fuse@1678803566 (diff-2a7c1dbdf7)

I can see that there was a change to how credentials were managed, which falls in line with the error message that I'm getting above.

I don't personally know C++ very well. Is it possible these are related?

@OliverBailey commented on GitHub (Feb 17, 2022): Upon further investigation, the last build was on 10/02/2022 - The next latest, was today, which is where the issues began to stem from. I took a look over a few commits - https://github.com/s3fs-fuse/s3fs-fuse/commit/167880356642e3ad2098742e91a081fcb564c3ab#diff-2a7c1dbdf7e81fb369de5d85538f4dac46a0ae5bf0f7d4d93d2ae005fd51dc29L281 I can see that there was a change to how credentials were managed, which falls in line with the error message that I'm getting above. I don't personally know C++ very well. Is it possible these are related?

kerem commented

2026-03-04 01:50:17 +03:00

Author

Owner

@ggtakec commented on GitHub (Feb 19, 2022):

@OliverBailey One bug has been fixed in #1896.
~~If you can build the latest master code available, is it possible to try it?~~
There seems to be other problems.
I will investigate again, so please be patient.

@ggtakec commented on GitHub (Feb 19, 2022): @OliverBailey One bug has been fixed in #1896. ~~If you can build the latest master code available, is it possible to try it?~~ There seems to be other problems. I will investigate again, so please be patient.

kerem commented

2026-03-04 01:50:17 +03:00

Author

Owner

@ggtakec commented on GitHub (Feb 20, 2022):

@OliverBailey
The modified code (# 1897) has been merged.
Please try it with the code in the master branch.
Thanks in advance for your assistance.

@ggtakec commented on GitHub (Feb 20, 2022): @OliverBailey The modified code (# 1897) has been merged. Please try it with the code in the master branch. Thanks in advance for your assistance.

kerem commented

2026-03-04 01:50:17 +03:00

Author

Owner

@ggtakec commented on GitHub (Feb 12, 2023):

I think this bug has been fixed in master, so I will close this issue.
If you still have problems with the master code, please reopen it.

@ggtakec commented on GitHub (Feb 12, 2023): I think this bug has been fixed in master, so I will close this issue. If you still have problems with the master code, please reopen it.

kerem referenced this issue

2026-03-04 02:01:53 +03:00

[PR #961] [MERGED] Work around cppcheck warnings #1731