[PATCH v2 3/4] erofs-utils: mkfs: introduce `--s3=...` option

Gao Xiang hsiangkao at linux.alibaba.com
Fri Aug 1 19:22:35 AEST 2025



On 2025/8/1 17:10, Hongbo Li wrote:
> 
> 
> On 2025/8/1 16:37, Gao Xiang wrote:
>> Hi Hongbo,
>>
>> On 2025/8/1 16:31, Hongbo Li wrote:
>>
>> ...
>>
>>>>> +#ifdef HAVE_S3
>>>>
>>>> HAVE_S3 is a bit odd, how about using
>>>> S3_ENABLED (like LZ4_ENABLED?)
>>>>
>>>>
>>>>> +        " --s3=X                generate an index-only image from s3-compatible object store backend\n"
>>>>> +        "   [,passwd_file=Y]    X=endpoint, Y=s3 credentials file\n"
>>>>
>>>> What's s3 credentials file? Is it documented
>>>> somewhere? Why is it named as passwd_file?
>>>>
>>>> Can we have an option to pass in accesskey
>>>> too?
>>>
>>> This follows the format of s3fs-fuse. Storing the ak/sk in a file is for security purposes. The file permission is set to 600 to prevent non-root users from accessing the ak/sk.
>>
>> Understood, I wonder if the format is documented in
>> the AWS website or somewhere?
> 
> AFAIK, the user should download the file which records ak/sk at the first time when access the target console page. The ak/sk may be saved in the csv format file. And the AWS website only shows the way to help user to obtain the ak/sk, such as [1]?
> 
> [1] https://docs.aws.amazon.com/IAM/latest/UserGuide/access-key-self-managed.html

I found this:
https://github.com/s3fs-fuse/s3fs-fuse/blob/master/doc/man/s3fs.1.in#L25

Ok, anyway, let's considering document the s3 mode later
in mkfs.erofs.

Thanks,
Gao Xiang


> 
> Thanks,
> Hongbo


More information about the Linux-erofs mailing list