Score:0

Cannot mount AWS S3 bucket/path using s3fs on CentOS 7

cn flag

From a CentOS 7 virtual machine running on Azure, I am unable to mount an AWS S3 bucket using s3fs. The path part of the bucket location is removed before s3fs checks for bucket's existence:

s3fs version 1.90(unknown) : s3fs -f -o dbglevel=debug,endpoint=eu-west-1,profile=customer,bucket=company-sftp:/Customer/dev /srv/test_s3/
s3fs_logger.cpp:LowSetLogLevel(240): change debug level from [CRT] to [DBG]
    s3fs.cpp:set_mountpoint_attribute(4094): PROC(uid=1000, gid=1000) - MountPoint(uid=1000, gid=0, mode=40755)
s3fs.cpp:s3fs_init(3382): init v1.90(commit:unknown) with OpenSSL
s3fs.cpp:s3fs_check_service(3516): check services.
      curl.cpp:CheckBucket(3388): check a bucket.
curl_handlerpool.cpp:GetHandler(81): Get handler from pool: rest = 31
curl.cpp:ResetHandle(1945): The CURLOPT_SSL_ENABLE_ALPN option could not be unset. S3 server does not support ALPN, then this option should be disabled to maximize performance. you need to use libcurl 7.36.0 or later.
curl.cpp:ResetHandle(1948): The S3FS_CURLOPT_KEEP_SENDING_ON_ERROR option could not be set. For maximize performance you need to enable this option and you should use libcurl 7.51.0 or later.
      curl_util.cpp:prepare_url(254): URL is https://s3.amazonaws.com/company-sftp/
      curl_util.cpp:prepare_url(287): URL changed is https://company-sftp.s3.amazonaws.com/
curl.cpp:RequestPerform(2283): connecting to URL https://company-sftp.s3.amazonaws.com/
      curl.cpp:insertV4Headers(2680): computing signature [GET] [/] [] []
      curl_util.cpp:url_to_host(331): url is https://s3.amazonaws.com
curl.cpp:RequestPerform(2363): HTTP response code 403, returning EPERM. Body Text: <?xml version="1.0" encoding="UTF-8"?>
<Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>[...]</RequestId><HostId>[...]</HostId></Error>

The "customer" profile contains credentials for an IAM user that can access only the /Customer/dev part of the bucket.

Using the same S3 bucket and credentials, I don't get the same behavior using sshfs 1.86-1 (and libcurl 7.68.0-1ubuntu2.7) on Ubuntu 20.04.3 :

s3fs -f /home/dleborgne/s3 -o dbglevel=debug,endpoint=eu-west-1,profile=customer,bucket=company-sftp:/Customer/dev
[CRT] s3fs.cpp:set_s3fs_log_level(297): change debug level from [CRT] to [DBG]
[INF]     s3fs.cpp:set_mountpoint_attribute(4400): PROC(uid=1000, gid=1000) - MountPoint(uid=1000, gid=1000, mode=40755)
[INF] s3fs.cpp:s3fs_init(3493): init v1.86(commit:unknown) with GnuTLS(gcrypt)
[INF] s3fs.cpp:s3fs_check_service(3828): check services.
[INF]       curl.cpp:CheckBucket(3413): check a bucket.
[DBG] curl.cpp:GetHandler(289): Get handler from pool: rest = 31
[INF]       curl.cpp:prepare_url(4703): URL is https://s3.amazonaws.com/company-sftp/Customer/dev/
[INF]       curl.cpp:prepare_url(4736): URL changed is https://company-sftp.s3.amazonaws.com/Customer/dev/
[DBG] curl.cpp:RequestPerform(2384): connecting to URL https://company-sftp.s3.amazonaws.com/Customer/dev/
[INF]       curl.cpp:insertV4Headers(2753): computing signature [GET] [/Customer/dev/] [] []
[INF]       curl.cpp:url_to_host(99): url is https://s3.amazonaws.com
[INF]       curl.cpp:RequestPerform(2416): HTTP response code 200

In one case (s3fs 1.86 on Ubuntu), s3fs checks for credentials using https://company-sftp.s3.amazonaws.com/Customer/dev/ while on the other (s3fs 1.90 on CentOS), it uses a trimmed url https://company-sftp.s3.amazonaws.com/ and fails.

I'm puzzled about this difference and welcome any idea.

David Le Borgne avatar
cn flag
Finally ended up using [Goofys](https://github.com/kahing/goofys)
Score:0
cn flag
UnA

Same problem on my side.

I guess, there is a problem with URL handling, you can look at the logging lines:

RHEL / CentOS not working

URL is https://s3.amazonaws.com/company-sftp/
URL changed is https://company-sftp.s3.amazonaws.com/
computing signature [GET] [/] [] []

Ubuntu, working

URL is https://s3.amazonaws.com/company-sftp/Customer/dev/
URL changed is https://company-sftp.s3.amazonaws.com/Customer/dev/
computing signature [GET] [/Customer/dev/] [] []
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.