Harshavardhana
cd7d5b59e5
Add DeleteUser() to generate events in etcd ( #7804 )
...
Fixes a regression introduced in 6d89435356
Fixes #7797
6 years ago
poornas
299ef9b188
Trace: Replace function name with API prefix ( #7794 )
...
This change is required for `Admin Trace`
6 years ago
Harshavardhana
b30c436715
[notify] Make sure to return when quorum is missing ( #7799 )
...
Fixes a regression introduced in 510ec153b9
6 years ago
Nitish Tiwari
7001fe407f
Check local address in healthcheck script to ensure correct MinIO port ( #7787 )
...
Fixes #7780
6 years ago
Minio Trusted
59f7266081
Update yaml files to latest version RELEASE.2019-06-15T23-07-18Z
6 years ago
Harshavardhana
99bf4d0c42
[sec] Match ${aws:username} exactly instead of prefix match ( #7791 )
...
This PR fixes a security issue where an IAM user based
on his policy is granted more privileges than restricted
by the users IAM policy.
This is due to an issue of prefix based Matcher() function
which was incorrectly matching prefix based on resource
prefixes instead of exact match.
6 years ago
Cody Maloney
7b8beecc81
Move lock to not surround pieces which don't use any internal members. ( #7779 )
...
Previously the read/write lock applied both for gateway use cases as
well the object store use case. Nothing from sys is touched or looked
at in the gateway usecase though, so we don't need to lock. Don't lock
to make the gateway policy getting a little more efficient, particularly
as where this is called from (checkRequestAuthType) is quite common.
6 years ago
Praveen raj Mani
510ec153b9
Refreshing notification system should not erase the rules-map of other buckets ( #7758 )
...
Fixes #7707
6 years ago
dependabot[bot]
e29a37e95c
Bump macaddress from 0.2.8 to 0.2.9 in /browser ( #7781 )
...
Bumps [macaddress](https://github.com/scravy/node-macaddress ) from 0.2.8 to 0.2.9.
- [Release notes](https://github.com/scravy/node-macaddress/releases )
- [Commits](https://github.com/scravy/node-macaddress/compare/0.2.8...0.2.9 )
Signed-off-by: dependabot[bot] <support@github.com>
6 years ago
Harshavardhana
4a4048fe27
Migrate minio etcd config to backend config ( #7751 )
...
etcd when used in federated setups, currently
mandates that all clusters should have same
config.json, which is too restrictive and makes
federation a restrictive environment.
This change makes it apparent that each cluster
needs to be independently managed if necessary
from `mc admin info` command line.
Each cluster with in federation can have their
own root credentials and as well as separate
regions. This way buckets get further restrictions
and allows for root creds to be not common
across clusters/data centers.
Existing data in etcd gets migrated to backend
on each clusters, upon start. Once done
users can change their config entries
independently.
6 years ago
Minio Trusted
da2887f914
Update yaml files to latest version RELEASE.2019-06-13T01-41-13Z
6 years ago
Harshavardhana
c22439c82e
Update minio-go v6.0.29 ( #7778 )
...
Bring improved retry logic
6 years ago
Harshavardhana
38224a4c1a
Ignore errors reading fs.json ( #7777 )
6 years ago
Harshavardhana
b4ab778cb2
Fix user IAM policy regression, reload policy appropriately ( #7770 )
...
Introduce in commit 7e4c9a9e1e
Fixes #7769
6 years ago
Harshavardhana
22f6756ce6
Allow su-exec to fail when users explicity use --user ( #7776 )
...
This allows MinIO containers to run properly without
expecting higher privileges in situations where following
restrictions on containers are used
- docker run --user uid:gid
- docker-compose up (with docker-compose.yml with user)
```yml
...
user: "1001:1001"
command: minio server /data
...
```
- All openshift containers
Fixes #7773
6 years ago
Krishna Srinivas
0394a8f013
Send Content-Length in the response headers ( #7771 )
...
curl using http1.0 would hang sometimes when Content-Length is missing in response headers
fixes #7661
6 years ago
Harshavardhana
1039311184
Update UI assets ( #7764 )
6 years ago
Harshavardhana
a075015293
doc: Merge large bucket with distributed docs ( #7761 )
6 years ago
Nitish Tiwari
d90d4841b8
Add su-exec download for changing to non-root user ( #7768 )
...
Fixes #7767
6 years ago
Minio Trusted
d3a2efbf91
Update yaml files to latest version RELEASE.2019-06-11T00-44-33Z
6 years ago
Harshavardhana
002a205c9c
Fix OPA result response handling ( #7763 )
...
Also update the document with updated rego policy
and updated OPA agent REST API.
This PR is to fix a regression caused by PR #7637
6 years ago
Harshavardhana
91ceae23d0
Add support for customizable user ( #7569 )
6 years ago
kannappanr
1008c2c069
Do not display error logs if user does not have listbuckets privilege ( #7370 )
...
Fixes #7367
6 years ago
Anis Elleuch
7abadfccc2
Add self-healing feature ( #7604 )
...
- Background Heal routine receives heal requests from a channel, either to
heal format, buckets or objects
- Daily sweeper lists all objects in all buckets, these objects
don't necessarly have read quorum so they can be removed if
these objects are unhealable
- Heal daily ops receives objects from the daily sweeper
and send them to the heal routine.
6 years ago
poornas
97090aa16c
Add admin API to send trace notifications to registered ( #7128 )
...
Remove current functionality to log trace to file
using MINIO_HTTP_TRACE env, and replace it with
mc admin trace command on mc client.
6 years ago
dependabot[bot]
fb531235de
Bump nwmatcher from 1.4.3 to 1.4.4 in /browser ( #7760 )
...
Bumps [nwmatcher](https://github.com/dperini/nwmatcher ) from 1.4.3 to 1.4.4.
- [Release notes](https://github.com/dperini/nwmatcher/releases )
- [Commits](https://github.com/dperini/nwmatcher/commits )
Signed-off-by: dependabot[bot] <support@github.com>
6 years ago
Harshavardhana
cb1566c6e6
S3 Gateway: Handle restricted access credentials ( #7757 )
6 years ago
Harshavardhana
6d89435356
Reload a specific user or policy on peers ( #7705 )
...
Fixes #7587
6 years ago
Andreas Auernhammer
975237cbf8
Create SECURITY.md ( #7692 )
6 years ago
dependabot[bot]
501af06001
Bump handlebars from 4.0.11 to 4.1.2 in /browser ( #7755 )
...
Bumps [handlebars](https://github.com/wycats/handlebars.js ) from 4.0.11 to 4.1.2.
- [Release notes](https://github.com/wycats/handlebars.js/releases )
- [Changelog](https://github.com/wycats/handlebars.js/blob/master/release-notes.md )
- [Commits](https://github.com/wycats/handlebars.js/compare/v4.0.11...v4.1.2 )
Signed-off-by: dependabot[bot] <support@github.com>
6 years ago
Harshavardhana
a69f74533c
Add region as part of error XML ( #7752 )
6 years ago
Joe Stevens
a19cf063b5
Fixes for multiplatform dev and testing from forks ( #7734 )
...
Add support for correct dependency URLs on all platforms
only build mountinfo.go on linux
make testfile path relative to support fork work
6 years ago
Waldemar Quevedo
8b0c86298d
Update import for NATS clients ( #7743 )
...
Signed-off-by: Waldemar Quevedo <wally@synadia.com>
6 years ago
Minio Trusted
df19546cc8
Update yaml files to latest version RELEASE.2019-06-04T01-15-58Z
6 years ago
Harshavardhana
ff7799452b
Fix build failure due to nats project migration
6 years ago
Harshavardhana
97be455f63
Fix build failure in web-handlers.go
6 years ago
Harshavardhana
d16a409943
Ignore srvRecords from domain level entries ( #7742 )
...
Fixes #7741
6 years ago
Krishnan Parthasarathi
74efbb4153
Add deploymentID to web handler logs ( #7712 )
6 years ago
Harshavardhana
0cfd5a21ba
[gateway] Remove policy reload, instead read policy from backend ( #7727 )
...
Inconsistencies can arise after applying bucket policies in
gateway mode, since all gateway instances do not share a
common shared state. This is by design to keep gateway as
shared nothing architecture.
This PR fixes such inconsistencies by reloading policy
if any from the backend.
Fixes #7723
6 years ago
dependabot[bot]
1ce2d29bbb
Bump fstream from 1.0.11 to 1.0.12 in /browser ( #7730 )
...
Bumps [fstream](https://github.com/npm/fstream ) from 1.0.11 to 1.0.12.
- [Release notes](https://github.com/npm/fstream/releases )
- [Commits](https://github.com/npm/fstream/compare/v1.0.11...v1.0.12 )
6 years ago
Minio Trusted
48ffb7731a
Update yaml files to latest version RELEASE.2019-06-01T03-46-14Z
6 years ago
Harshavardhana
1cfd4a48d9
Add specific headers in CORS, along with wildcard ( #7726 )
...
Fixes #7492
6 years ago
Harshavardhana
993a79d9c6
Disable http2 until we have upstream bugs fixed ( #7711 )
...
We should revert this PR in future once we
have upstream bugs fixed regarding http2 behavior
6 years ago
Harshavardhana
0c16b1c9a7
Fix docs.min.io linking issues ( #7710 )
6 years ago
Kanagaraj M
900cc27b51
validate keys before updating for IAM user ( #7720 )
...
New secretkey should be validated before updating
it on the config.
Fixes #7715
6 years ago
Kanagaraj M
8528017ad3
add min length validation to access key and secret key ( #7721 )
...
While changing the credentials through MinIO browser,
Update button will be disabled if keys are lesser than
minimum length.
Fixes #7713
6 years ago
Praveen raj Mani
a73da7755e
Remove senstive encryption entries from event data ( #7719 )
...
Fixes #7716
6 years ago
Harshavardhana
2c0b3cadfc
Update go mod with sem versions of our libraries ( #7687 )
6 years ago
Praveen raj Mani
763fce909b
Enable event persistence in kafka ( #7633 )
6 years ago
Kanagaraj M
da8214845a
allow users to change password through browser ( #7683 )
...
Allow IAM users to change the password using
browser UI.
6 years ago